Bitsight for Security Performance Management
This Integration is part of the Bitsight Pack.#
Supported versions
Supported Cortex XSOAR versions: 6.0.0 and later.
Use the "Bitsight for Security Performance Management" Integration to get company guid, details, and findings. This integration also allows to fetch the findings by using the fetch incidents capability. This integration was integrated and tested with version 01 of Bitsight for Security Performance Management
Configure Bitsight for Security Performance Management in Cortex#
| Parameter | Description | Required |
|---|---|---|
| API Key | True | |
| Company's GUID | Use "bitsight-companies-guid-get" command to retrieve the company's GUID. | False |
| First fetch time in days | Enter the number in days. When the fetch incident runs for first time, incidents will be fetched for a given number of days. | False |
| Mirroring Direction | The mirroring direction in which to mirror the findings. You can mirror "Incoming" (from Bitsight to XSOAR), "Outgoing" (from XSOAR to Bitsight), or in both directions. | False |
| Mirror Tag for Notes | The tag value should be used to mirror XSOAR incident notes to Bitsight finding comments by adding the same tag in the notes. Note: This parameter is required when the mirroring direction is set to 'Outgoing' or 'Incoming And Outgoing'. | False |
| Bitsight User Email Address | Provide the Bitsight user email address to be used for sending XSOAR incident notes as Bitsight finding comments. Note: This parameter is required when the mirroring direction is set to 'Outgoing' or 'Incoming And Outgoing'. | False |
| Bitsight Remediation Status for Incident Opening | Remediation status to set in Bitsight when opening incidents in XSOAR. Default value is 'Open'. Note: This parameter is only used when the mirroring direction is set to 'Outgoing' or 'Incoming And Outgoing'. | False |
| Reopen incident based on Bitsight Remediation Status | If selected, closed incidents will be reopened in XSOAR when finding remediation status on Bitsight platform matches the configured 'Remediation Status for Incident Opening'. Note: This parameter is only used when the mirroring direction is set to 'Incoming' or 'Incoming And Outgoing'. | False |
| Bitsight Remediation Status for Incident Closure | Remediation status to set in Bitsight when closing incidents in XSOAR. Default value is 'Resolved'. Note: This parameter is only used when the mirroring direction is set to 'Outgoing' or 'Incoming And Outgoing'. | False |
| Close incident based on Bitsight Remediation Status | If selected, active incidents will be closed in XSOAR when finding remediation status on Bitsight platform matches the configured 'Remediation Status for Incident Closure'. Note: This parameter is only used when the mirroring direction is set to 'Incoming' or 'Incoming And Outgoing'. | False |
| Max Fetch | Maximum number of incidents to fetch. The maximum value is 200. | False |
| Findings Affect Rating Reason | Filter by the affect rating reason of the findings to fetch. | False |
| Findings Minimum Severity | Minimum severity of the findings to fetch. | False |
| Findings Minimum Asset Category | Filter by the asset category (critical, high, medium, low). | False |
| Findings Grade | Filter the result by the value of grade. | False |
| Risk Vector ('All' has been selected by default) | This parameter supports comma separated list of values. By default 'All' will be selected, if you need only particular values you can unselect 'All' and select the required values. | False |
| Trust any certificate (not secure) | False | |
| Use system proxy settings | False | |
| Fetch incidents | False | |
| Incident type | False | |
| Incidents Fetch Interval | False |
Notes for mirroring#
- This feature is compliant with XSOAR version 6.1.0 and above.
- When mirroring incidents, you can make changes in Bitsight that will be reflected in Cortex XSOAR, or vice versa.
- The mirroring direction can be set to "Incoming" (from Bitsight to XSOAR), "Outgoing" (from XSOAR to Bitsight), or "Incoming And Outgoing" for bidirectional synchronization.
- New notes from the Cortex XSOAR incident will be created as comments in the Bitsight findings. Updates to existing notes in the Cortex XSOAR incident will not be reflected in the Bitsight findings.
- New comments from the Bitsight findings will be created as notes in the Cortex XSOAR incident. Updates to existing comments in the Bitsight findings will create new notes in the Cortex XSOAR incident.
- When outgoing mirroring is enabled, the remediation status in Bitsight will be updated based on the Remediation status parameter in XSOAR:
- Opening incidents in XSOAR will set the remediation status in Bitsight according to the "Bitsight Remediation Status for Incident Opening" parameter (default: "Open").
- Closing incidents in XSOAR will set the remediation status in Bitsight according to the "Bitsight Remediation Status for Incident Closure" parameter (default: "Resolved").
- If an active Cortex XSOAR incident is tied to a specific BitSight finding, and the finding's remediation status matches the "Bitsight Remediation Status for Incident Closure" parameter:
- If the "Reopen incident based on BitSight Remediation Status" parameter is selected and "Incoming Mirroring" is enabled, the incident will be closed in XSOAR.
- If a closed Cortex XSOAR incident is tied to a specific BitSight finding, and the finding's remediation status matches the "Bitsight Remediation Status for Incident Opening" parameter:
- If the "Reopen incident based on BitSight Remediation Status" parameter is selected and "Incoming Mirroring" is enabled, the incident will be reopened in XSOAR.
- The mirroring settings apply only for incidents that are fetched after applying the settings.
- The mirroring is strictly tied to Incident type "BitSight Findings" & Incoming mapper "BitSight - Incoming Mapper". If you want to change or use your custom incident type/mapper then make sure changes related to these are present.
- If you want to use the mirror mechanism and you're using custom mappers, then the incoming mapper must contain the following fields: dbotMirrorDirection, dbotMirrorId, dbotMirrorInstance, and dbotMirrorTags.
- Following new fields are introduced in the response of the incident to enable the mirroring:
- mirror_direction: This field determines the mirroring direction for the incident. It is a required field for XSOAR to enable mirroring support.
- mirror_tags: This field determines what would be the tag needed to mirror the Cortex XSOAR entry out to Bitsight. It is a required field for XSOAR to enable mirroring support.
- mirror_instance: This field determines from which instance the XSOAR incident was created. It is a required field for XSOAR to enable mirroring support.
Troubleshooting#
The following are tips for handling issues with mirroring incidents between Bitsight and Cortex XSOAR.
| Issue | Recommendation |
|---|---|
| Mirroring is not working. | Open Context Data and search for dbot. Confirm the dbot fields are configured correctly either through the mapper for that specific incident type or using setIncident. Specifically, make sure the integration instance is configured correctly for the mirroring direction (incoming, outgoing, both) - dbotMirrorId, dbotMirrorDirection, dbotMirrorInstance, dbotMirrorTags. |
| Required fields are not getting sent or not visible in UI. | This may be a mapping issue, specifically if you have used a custom mapper make sure you've covered all the out of box mapper fields. |
| Notes from Cortex XSOAR have not been mirrored in Bitsight | Tag is required for mirroring notes from Cortex XSOAR to Bitsight. There might be a reason the note is not tagged as the tag needs to be added manually in Cortex XSOAR. Click Actions > Tags and add the "note" tag (OR the specific tag name which was set up in the Instance Configuration). |
| Server experiencing high load due to mirroring. | Consider increasing the mirroring interval to reduce server load. The default mirroring interval is 1 minute, which can be adjusted by updating the sync.mirror.job.delay field in the Integration Server Configuration to a higher value based on your server capacity and requirements. For more information, see Integration Server Configurations (XSOAR 6.x) or Server Configurations (XSOAR 8.x). |
| No new findings are being fetched after updating filter parameters (e.g., Findings Minimum Severity, Findings Minimum Asset Category, Findings Grade, Findings Affect Rating Reason). | When you modify filter parameters in the integration configuration, the existing instance continues using the previous first fetch time and offset. This may not retrieve findings based on the new filters. To resolve this: Option 1: Reset the instance's last run. This will restart fetching from the beginning with the new filter settings. Option 2: Create a new integration instance with the updated filter parameters. This ensures a fresh start without affecting the existing instance's fetch history. |
Commands#
You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
bitsight-company-details-get#
Bitsight command to get company details based on the provided GUID. The details include rating details, rating history, and grades for individual risk vectors.
Base Command#
bitsight-company-details-get
Input#
| Argument Name | Description | Required |
|---|---|---|
| guid | GUID of the company to fetch its details. Note: Users can get the list of the GUID by executing the "bitsight-companies-guid-get" command. | Required |
Context Output#
| Path | Type | Description |
|---|---|---|
| BitSight.Company.guid | string | The unique identifier of this company. |
| BitSight.Company.customId | string | The customizable ID assigned to this company. |
| BitSight.Company.name | string | The name of this company. |
| BitSight.Company.description | string | Details about this company, which typically includes its industry and location. |
| BitSight.Company.ipv4Count | number | The number of IP addresses attributed to this company. |
| BitSight.Company.peopleCount | number | The number of employees in this company. |
| BitSight.Company.shortname | string | The abbreviated name of this company. |
| BitSight.Company.industry | string | The industry of this company. |
| BitSight.Company.industrySlug | string | The industry slug name of this company. |
| BitSight.Company.subIndustry | string | The sub-industry of this company. |
| BitSight.Company.subIndustrySlug | string | The sub-industry slug name of this company. |
| BitSight.Company.homePage | string | The URL of this company's primary external website. |
| BitSight.Company.primaryDomain | string | The name of this company's primary domain. |
| BitSight.Company.type | string | The type of rating. |
| BitSight.Company.displayURL | string | The URL to this company's overview page in the Bitsight platform. |
| BitSight.Company.ratingDetails.name | string | The name of this risk vector. |
| BitSight.Company.ratingDetails.rating | number | Internal rating of this risk vector. |
| BitSight.Company.ratingDetails.grade | string | The letter grade of this risk vector. |
| BitSight.Company.ratingDetails.percentile | number | This company's performance on this risk vector against their peers. |
| BitSight.Company.ratingDetails.gradeColor | string | The hex code to display letter grade colors in HTML applications. |
| BitSight.Company.ratingDetails.category | string | The risk category of this risk vector. |
| BitSight.Company.ratingDetails.categoryOrder | number | Used to visually sort this risk category in the Bitsight platform. |
| BitSight.Company.ratingDetails.beta | boolean | A true value indicates this risk vector is in beta and does not affect this company's security rating. |
| BitSight.Company.ratingDetails.order | number | Used to visually sort this risk vector in the Bitsight platform. |
| BitSight.Company.ratingDetails.displayUrl | string | The URL in the Bitsight platform that contains the details of this risk vector. |
| BitSight.Company.ratings.ratingDate | date | The date when this Bitsight Security Rating Report was generated. |
| BitSight.Company.ratings.rating | number | The Bitsight Security Rating of this company on this day. |
| BitSight.Company.ratings.range | string | The rating category of this company on this day. |
| BitSight.Company.ratings.ratingColor | string | The hex code to display rating category colors in HTML applications. |
| BitSight.Company.searchCount | number | The number of times this company has been listed in search results. |
| BitSight.Company.subscriptionType | string | The type of subscription used to monitor this company. |
| BitSight.Company.sparkline | string | The URL path to the security rating trend line of this company during the past one year. |
| BitSight.Company.subscriptionTypeKey | string | The slug name of the subscription used to monitor this company. |
| BitSight.Company.subscriptionEndDate | date | The date when the subscription to this company expires. |
| BitSight.Company.bulkEmailSenderStatus | string | A FULL value indicates this company provides bulk email sending services, which excludes this company from the Spam Propagation risk vector. |
| BitSight.Company.serviceProvider | boolean | A true value indicates this company is a service provider. |
| BitSight.Company.customerMonitoringCount | number | The number of companies that are monitoring this company. |
| BitSight.Company.availableUpgradeTypes | string | For internal Bitsight use. |
| BitSight.Company.hasCompanyTree | boolean | A true value indicates this company has a Ratings Tree. |
| BitSight.Company.hasPreferredContact | boolean | For internal Bitsight use. |
| BitSight.Company.isBundle | boolean | A true value indicates this company is part of a ratings bundle. |
| BitSight.Company.ratingIndustryMedian | string | Indicates this company's position in the peer group distribution chart. |
| BitSight.Company.primaryCompany.guid | string | The unique identifier of this organization's primary company. |
| BitSight.Company.primaryCompany.name | string | The name of this organization's primary company. |
| BitSight.Company.permissions.canDownloadCompanyReport | boolean | A true value indicates you can view and download Bitsight Security Rating Reports (PDF). |
| BitSight.Company.permissions.canViewForensics | boolean | A true value indicates you have the Event Forensics add-on package. |
| BitSight.Company.permissions.canViewServiceProviders | boolean | A true value indicates you can access Bitsight for Fourth Party Risk Management. |
| BitSight.Company.permissions.canRequestSelfPublishedEntity | boolean | A true value indicates you can request the creation of a self-published rating. |
| BitSight.Company.permissions.canViewInfrastructure | boolean | A true value indicates you can view your infrastructure attribution. |
| BitSight.Company.permissions.canAnnotate | boolean | A true value indicates you can identify assets and segment your network with infrastructure tags. |
| BitSight.Company.permissions.canViewCompanyReports | boolean | A true value indicates you can view Bitsight Security Rating Reports. |
| BitSight.Company.permissions.canManagePrimaryCompany | boolean | A true value indicates you can highlight a primary for your organization. |
| BitSight.Company.permissions.hasControl | boolean | For internal Bitsight use. |
| BitSight.Company.permissions.canEnableVendorAccess | boolean | A true value indicates you can modify vendor access. |
| BitSight.Company.isPrimary | boolean | A true value indicates your company is the primary for your organization. |
| BitSight.Company.securityGrade | string | For internal Bitsight use. |
| BitSight.Company.inSpmPortfolio | boolean | A true value indicates this company is in your Security Performance Management portfolio (My Company, SPM Subsidiary, etc.). |
| BitSight.Company.isMycompMysubsBundle | string | For internal Bitsight use. |
| BitSight.Company.companyFeatures | string | For internal Bitsight use. |
Command example#
!bitsight-company-details-get guid=00000000-0000-0000-0000-000000000001
Context Example#
Human Readable Output#
Company Details#
Company Info Ratings Rating Details guid: 00000000-0000-0000-0000-000000000001
customId: null
name: Saperix, Inc.
description: Saperix Technologies LLC develops risk analysis software solutions.
ipv4Count: 4169
peopleCount: 400
shortName: Saperix
industry: Technology
industrySlug: technology
subIndustry: Computer & Network Security
subIndustrySlug: computer_network_security
homePage: http://www.saperix.com
primaryDomain: saperix.com
type: CURATED
displayURL: https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/overview/{'rating': 600, 'rating_date': '2021-03-10', 'range': 'Basic'},
{'rating': 600, 'rating_date': '2021-03-09', 'range': 'Basic'},
{'rating': 600, 'rating_date': '2021-03-08', 'range': 'Basic'},
{'rating': 600, 'rating_date': '2021-03-07', 'range': 'Basic'},
{'rating': 600, 'rating_date': '2021-03-06', 'range': 'Basic'},
{'rating': 600, 'rating_date': '2021-03-05', 'range': 'Basic'},
{'rating': 600, 'rating_date': '2021-03-04', 'range': 'Basic'},
{'rating': 600, 'rating_date': '2021-03-03', 'range': 'Basic'},
{'rating': 600, 'rating_date': '2021-03-02', 'range': 'Basic'},
{'rating': 600, 'rating_date': '2021-03-01', 'range': 'Basic'}{'name': 'Botnet Infections', 'rating': 820, 'percentile': 100, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/compromised-systems/?filter=Botnet%20Infections'},
{'name': 'Spam Propagation', 'rating': 820, 'percentile': 100, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/compromised-systems/?filter=Spam%20Propagation'},
{'name': 'Malware Servers', 'rating': 820, 'percentile': 100, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/compromised-systems/?filter=Malware%20Servers'},
{'name': 'Unsolicited Communications', 'rating': 820, 'percentile': 100, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/compromised-systems/?filter=Unsolicited%20Communications'},
{'name': 'Potentially Exploited', 'rating': 760, 'percentile': 77, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/compromised-systems/?filter=Potentially%20Exploited'},
{'name': 'SPF', 'rating': 780, 'percentile': 87, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/diligence-details/?filter=spf'},
{'name': 'DKIM', 'rating': 700, 'percentile': 54, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/diligence-details/?filter=dkim'},
{'name': 'SSL Certificates', 'rating': 780, 'percentile': 86, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/diligence-details/?filter=certificate'},
{'name': 'SSL Configurations', 'rating': 700, 'percentile': 55, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/diligence-details/?filter=ssl'},
{'name': 'Open Ports', 'rating': 790, 'percentile': 90, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/diligence-details/?filter=open_port'},
{'name': 'Web Application Headers', 'rating': 490, 'percentile': 8, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/diligence-details/?filter=http_headers'},
{'name': 'Patching Cadence', 'rating': 720, 'percentile': 62, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/diligence-details/?filter=pc'},
{'name': 'Insecure Systems', 'rating': 700, 'percentile': 61, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/diligence-details/?filter=insecure_sys'},
{'name': 'Server Software', 'rating': 810, 'percentile': 99, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/diligence-details/?filter=server_software'},
{'name': 'Desktop Software', 'rating': 400, 'percentile': 1, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/diligence-details/?filter=endpoint_pc'},
{'name': 'Mobile Software', 'rating': 500, 'percentile': 9, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/diligence-details/?filter=endpoint_mobile'},
{'name': 'DNSSEC', 'rating': 300, 'percentile': 0, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/diligence-details/?filter=dnssec'},
{'name': 'Mobile Application Security', 'rating': 'N/A', 'percentile': 'N/A', 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/diligence-details/?filter=mobile_appsec'},
{'name': 'File Sharing', 'rating': 750, 'percentile': 79, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/user-behavior'},
{'name': 'Security Incidents', 'rating': 790, 'percentile': 47, 'display_url': 'https://service.bitsighttech.com/app/company/00000000-0000-0000-0000-000000000001/rating-details/?vector=news'}
bitsight-company-findings-get#
Bitsight command to get company findings.
Base Command#
bitsight-company-findings-get
Input#
| Argument Name | Description | Required |
|---|---|---|
| guid | GUID of the company. Note: Users can get the list of the GUID by executing the "bitsight-companies-guid-get" command. | Required |
| first_seen | Filter the findings that were seen on and after this date. Format accepted: YYYY-MM-DD, Example: 2021-01-01. | Required |
| last_seen | Filter the findings that were seen on and prior to this date. Format accepted: YYYY-MM-DD, Example: 2021-01-01. | Required |
| severity | Minimum Severity of the findings. Possible values are: minor, moderate, material, severe. | Optional |
| grade | Filter by the grade of the findings. Supports comma separated values. Select the values from the list of predefined values: good, fair, warn, bad and, neutral. | Optional |
| asset_category | Minimum Asset Category of the findings. Example: If low is selected from the options then low, medium, high, and critical will be considered in retrieving results. Possible values are: low, medium, high, critical. | Optional |
| risk_vector_label | Risk category of the findings. Supports comma separated values. Select the values from the list of predefined values: Web Application Headers, Botnet Infections, Breaches, Desktop Software, DKIM, DNSSEC, File Sharing, Insecure Systems, Malware Servers, Mobile App Publications, Mobile Application Security, Mobile Software, Open Ports, Patching Cadence, Potentially Exploited, Server Software, Spam Propagation, SPF, SSL Certificates, SSL Configurations, Unsolicited Communications, Web Application Security, DMARC. | Optional |
| limit | Set the maximum number of results to be retrieved. The maximum value is 1000. Note: If a negative value is provided then the default value of 100 will be used. Default is 100. | Optional |
| offset | Set the starting point of the results to be returned. A 0 (zero) value starts the results from the first record in the result set. Default is 0. | Optional |
Context Output#
| Path | Type | Description |
|---|---|---|
| BitSight.Company.guid | string | The unique identifier of this company. |
| BitSight.Company.CompanyFinding.temporaryId | string | A temporary identifier for this finding. |
| BitSight.Company.CompanyFinding.affectsRating | boolean | Indicates if this finding has an impact on the letter grade. |
| BitSight.Company.CompanyFinding.assets.asset | string | The asset (IP address or domain) associated with this finding. |
| BitSight.Company.CompanyFinding.assets.identifier | string | Identifier associated with the asset. |
| BitSight.Company.CompanyFinding.assets.category | string | The Bitsight-calculated asset importance. |
| BitSight.Company.CompanyFinding.assets.importance | number | For internal Bitsight use. |
| BitSight.Company.CompanyFinding.assets.isIp | boolean | A true value indicates this asset is an IP address. |
| BitSight.Company.CompanyFinding.details | string | Details of this finding. The included keys vary, depending on the following risk types Compromised Systems, Diligence, File Sharing. |
| BitSight.Company.CompanyFinding.evidenceKey | string | The company's asset (domain or IP address) that's attributed to the finding. |
| BitSight.Company.CompanyFinding.firstSeen | date | The date of the first observation. |
| BitSight.Company.CompanyFinding.lastSeen | date | The date of the most recent observation. |
| BitSight.Company.CompanyFinding.relatedFindings | string | Details of related findings. |
| BitSight.Company.CompanyFinding.riskCategory | string | The risk category associated with this finding. |
| BitSight.Company.CompanyFinding.riskVector | string | The slug name of the risk vector associated with this finding. |
| BitSight.Company.CompanyFinding.riskVectorLabel | string | The name of the risk vector associated with this finding. |
| BitSight.Company.CompanyFinding.rolledupObservationId | string | A unique identifier for this observation. |
| BitSight.Company.CompanyFinding.severity | number | The severity of the finding, which is the measured risk that this finding introduces. |
| BitSight.Company.CompanyFinding.severityCategory | string | The slug name of the finding severity. |
| BitSight.Company.CompanyFinding.tags | string | Infrastructure tags that help identify this asset. |
| BitSight.Company.CompanyFinding.duration | string | For internal Bitsight use. |
| BitSight.Company.CompanyFinding.comments | string | A thread of finding comments. |
| BitSight.Company.CompanyFinding.remainingDecay | number | For internal Bitsight use. |
| BitSight.Company.CompanyFinding.remediationHistory.lastRequestedRefreshDate | date | The date when a record refresh that included this finding was last requested. |
| BitSight.Company.CompanyFinding.remediationHistory.lastRefreshStatusDate | date | The date when a refresh of the remediation status of this finding was last requested. |
| BitSight.Company.CompanyFinding.remediationHistory.lastRefreshStatusLabel | string | The current record refresh status of this finding. |
| BitSight.Company.CompanyFinding.remediationHistory.lastRefreshReasonCode | string | The reason code of the last refresh of this finding. |
| BitSight.Company.CompanyFinding.remediationHistory.lastRemediationStatusLabel | string | The current remediation status of this finding. |
| BitSight.Company.CompanyFinding.remediationHistory.lastRemediationStatusDate | date | The date when the remediation status of this finding was last changed. |
| BitSight.Company.CompanyFinding.remediationHistory.remediationAssignments | unknown | The users who are assigned to remediate this finding. |
| BitSight.Company.CompanyFinding.remediationHistory.lastRemediationStatusUpdatedBy | string | The name of the user who updated the remediation status of this finding. |
| BitSight.Company.CompanyFinding.assetOverrides.asset | string | The domain or IP address of the overridden asset. |
| BitSight.Company.CompanyFinding.assetOverrides.importance | string | The user-assigned asset importance. |
| BitSight.Company.CompanyFinding.assetOverrides.overrideImportance | unknown | For internal Bitsight use. |
| BitSight.Company.CompanyFinding.attributedCompanies.guid | string | The unique identifier of the company attributed to the finding. |
| BitSight.Company.CompanyFinding.attributedCompanies.name | string | The name of the company that is attributed to the finding. |
| BitSight.Page.name | String | Name of the command. |
| BitSight.Page.next | String | The URL to navigate to the next page of results. |
| BitSight.Page.previous | String | The URL to navigate to the previous page of results. |
| BitSight.Page.count | Number | The number of findings. |
Command example#
!bitsight-company-findings-get guid=00000000-0000-0000-0000-000000000001 first_seen=2021-01-01 last_seen=2022-03-01 limit=2
Context Example#
Human Readable Output#
Company findings#
Total Findings: 2441
Evidence Key Risk Vector Label First Seen Last Seen ID Risk Category Severity Asset Category Finding Grade X.X.X.1:22 Open Ports 2022-01-28 2022-01-28 A9Jq Diligence minor X.X.X.1: Low Good X.X.X.2:143 SSL Configurations 2021-01-04 2022-03-01 A9yq Diligence minor X.X.X.2: Critical Good
bitsight-companies-guid-get#
Bitsight command to get list of companies and GUID.
Base Command#
bitsight-companies-guid-get
Input#
There are no input arguments for this command.
Context Output#
| Path | Type | Description |
|---|---|---|
| BitSight.Company.name | String | Name of this company. |
| BitSight.Company.shortname | String | The abbreviated name of this company. |
| BitSight.Company.guid | String | The unique identifier of this company. |
| BitSight.Company.customId | String | The customizable ID assigned to this company. |
| BitSight.Company.networkSizeV4 | Number | The number of IPv4 addresses attributed to this company. |
| BitSight.Company.rating | Number | The most recent security rating of this company. |
| BitSight.Company.ratingDate | Date | The date when the rating report for this company was generated. |
| BitSight.Company.dateAdded | Date | The date when this company was added to your portfolio. |
| BitSight.Company.industry | String | The industry of this company. |
| BitSight.Company.industrySlug | String | The slug name of this company's industry. |
| BitSight.Company.subIndustry | String | The sub-industry of this company. |
| BitSight.Company.subIndustrySlug | String | The slug name of this company's sub-industry. |
| BitSight.Company.type | String | The rating type. |
| BitSight.Company.logo | String | The URL in the Bitsight platform to this company's logo image. |
| BitSight.Company.sparkline | String | The URL in the Bitsight platform to this company's historical ratings trend line. |
| BitSight.Company.externalId | Number | The external ID assigned to this company. |
| BitSight.Company.subscriptionType | String | The subscription type used to monitor this company. |
| BitSight.Company.subscriptionTypeKey | String | The slug name of the subscription type used to monitor this company. |
| BitSight.Company.primaryDomain | String | The primary domain of this company. |
| BitSight.Company.securityGrade | String | For internal Bitsight use. |
| BitSight.Company.gradeDate | Date | For internal Bitsight use. |
| BitSight.Company.displayURL | String | The URL in the Bitsight platform to this company's overview page. |
| BitSight.Company.href | String | The URL in the Bitsight platform to this company's page. |
| BitSight.MyCompany.guid | String | The unique identifier of my company. |
Command example#
!bitsight-companies-guid-get
Context Example#
Human Readable Output#
Companies#
My Company: 00000000-0000-0000-0000-000000000001
Company Name Company Short Name GUID Rating Saperix, Inc. Saperix 00000000-0000-0000-0000-000000000001 640 Saperix Corporate Saperix Corporate 00000000-0000-0000-0000-000000000002 730