BitSight Security Ratings
  • 08 Mar 2022
  • 2 Minutes to read
  • Dark
    Light
  • PDF

BitSight Security Ratings

  • Dark
    Light
  • PDF

Article Summary

BitSight Security Ratings are a data-driven and dynamic measurement of an organization’s cybersecurity performance.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. BitSight Domain (required, default: https://api.bitsighttech.com) - The hostname or IP address of the Bitsight server.
  2. API Key (required) - An API Key associated with a user account that has the Required Permissions to fetch assets.
  3. Company Name (leave empty to fetch data from parent company) *(optional, default: empty) - Specify a company name form data will be fetched.
    • If supplied, only data associated with the specified company name will be fetched.
    • If not supplied, data associated with the parent company and all its 'child' companies will be fetched.
  4. Verify SSL (required, default: False) - Verify the SSL certificate offered by the value supplied in BitSight Domain. For more details, see SSL Trust & CA Settings.
    • If enabled, the SSL certificate offered by the value supplied in BitSight Domain will be verified against the CA database inside of Axonius. If the SSL certificate can not be validated against the CA database inside of Axonius, the connection will fail with an error.
    • If disabled, the SSL certificate offered by the value supplied in BitSight Domain will not be verified against the CA database inside of Axonius.
  5. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in BitSight Domain.
    • If supplied, Axonius will utilize the proxy when connecting to the value supplied in BitSight Domain.
    • If not supplied, Axonius will connect directly to the value supplied in BitSight Domain.
  6. HTTPS Proxy User Name (optional, default: empty) - The user name to use when connecting to the value supplied in BitSight Domain via the value supplied in HTTPS Proxy.
    • If supplied, Axonius will authenticate with this value when connecting to the value supplied in HTTPS Proxy.
    • If not supplied, Axonius will not perform authentication when connecting to the value supplied in HTTPS Proxy.
  7. HTTPS Proxy Password (optional, default: empty) - The password to use when connecting to the value supplied in BitSight Domain via the value supplied in HTTPS Proxy.
    • If supplied, Axonius will authenticate with this value when connecting to the value supplied in HTTPS Proxy.
    • If not supplied, Axonius will not perform authentication when connecting to the value supplied in HTTPS Proxy.
  8. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.

image.png

Required Permissions

The value supplied in API Key must be associated with a user account that has read access to devices.

Creating a User in BitSight

  1. Log in to the BitSight admin panel as Administrator.

  2. Click Settings -> Manage Users.
    image.png

  3. Create a new user. Axonius requires the least-privileged type of user, which is the 'User' role.
    image.png

  4. Once added, you should receive an approval email from BitSight to the specified mail address. Click the attached link to set a new password. Then, log in to the panel and click settings > account.

  5. Scroll down to 'API Token' and click 'Generate New Token'.
    image.png

  6. Use the generated token in the credentials screen.


Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.