BitSight for Third Party Risk Management


BitSight is a non-intrusive SaaS platform with data-driven security performance ratings based on data gathered outside of organizations. The cyber risk approach is automated at scale, with statistical rigor, some human validation and crowd-sourced collaboration. It brings efficiency and automation to the cyber risk evaluation process, with ratings evaluated across 23 different vectors, graded A to F. The company aims to service all use-cases outside its focused markets to increase market efficiency, fostering broader and more substantive participation in the rating system.

The company has cultivated a very engaged community that collaborates regularly on the platform. This customer-centric solution is heavily invested in creating innovative capabilities that provide risk context and prioritization through better visibility to help solve security risk management challenges.

BitSight is the only SRS provider with third-party validation to publicly disclosed breaches and has unmatched breadth. It has the greatest amount of proprietary data, partnering with leading data providers to gain insight into mobile applications, IoT, file sharing and other attack vectors not currently offered by its competitors.

Built to support any third-party risk management program, BitSight for Third Party Risk Management gives organizations the confidence to make strategic cyber risk management decisions with the resources they have. You can search any type of vulnerability and see which companies are affected, then generate a quick report based on your selection (exported to PDF, PNG, CSV and or Excel).

The solution comes with a free Customer Success Manager for 14 days, included in any TPRM subscription. After 14 days, organizations can continue using it on a case-by-case basis, if needed, which accelerates time-to-value with proactive engagement from onboarding to operationalizing and beyond. Guidance and advice are offered for developing strategic and tactical roadmaps by understanding long- and short-term needs. This is highly beneficial, and a huge differentiator, since the average time for properly onboarding an organization is 90 days. BitSight goes above and beyond, offering nearly project management levels of assistance, including a half-day, consultative third-party risk management workshop to assist less mature customers. An additional resource, BitSight Advisor, can be used onsite or remotely, acting on behalf of a team for large-scale and custom projects.

The entire layout of the platform is incredibly organized and thorough. This is a very comprehensive product with a lot of moving parts and customizations, but ample support is offered for anyone that needs assistance. Note, however, it does not map to GDPR.

Tested by Matthew Hreben

Product title
BitSight for Third Party Risk Management
Product info
Vendor: BitSight Price: Starting at $20,000 for an annual subscription. Contact:
A variety of additional services are offered at a price, although a dedicated customer success manager is provided for the first 14 days.
We would have liked to have seen GDPR support.
BitSight’s intuitive platform with data providers’ exclusive relationships offers a powerful level of depth into data, making this tool a powerful offering to place at the top of your list.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.