BitSight
Security Rating Services- Overview
- Setup
- Data & mappings
- Operations & API
- Changelog
Data retrieved from BitSight
| Connector Object | Required | Maps to Data Model |
|---|---|---|
| Company | Yes | Company |
| Ip Asset | Yes | Host |
| Domain Asset | Yes | Site |
| Finding | Yes | Violation |
| Finding Definition | Yes | Violation Definition |
Model relationships
note
For detailed steps on how to view the data retrieved from BitSight in the Brinqa Platform, see How to view your data.
Connection settings
When setting up a data integration, select BitSight from the Connector dropdown and provide the following:
| Setting | Required | Default | Description |
|---|---|---|---|
| API URL | Yes | https://api.bitsighttech.com/ | BitSight API URL |
| API token | Yes | — | BitSight api token |
| Page size | No | 100 | Maximum number of records to get per API request |
| Parallel requests | No | min(processors, 4) | Maximum number of parallel API requests |
| Maximum retries | No | 5 | Maximum number of API request retries |
| Finding UID fields | No | empty (→ temporary_id) | Comma-separated list of fields to use for finding UID. temporary_id will be used if not specified. |
| Request timeout (seconds) | No | 600 | The maximum seconds allotted before a request will time out. Min: 60 seconds (1 minute), Max: 3600 seconds (1 hour). |
| SSL / TLS | No | false | Skip certificate verification |
How to obtain BitSight credentials
[Add connector-specific credential steps. Templated placeholder — review before publish.]
Attribute mappings
Expand the sections below to view the mappings between the source and the Brinqa data model attributes:
Company
| Source Field Name | SDM Attribute |
|---|---|
| Generated (sync timestamp) | LAST_CAPTURED |
Portfolio.added_date | SOURCE_CREATED_DATE |
Portfolio.guid | UID |
Portfolio.industry.name | INDUSTRY |
Portfolio.life_cycle.name | LIFECYCLE |
Portfolio.name | NAME |
Portfolio.network_size_v4 | NETWORK_SIZE |
Portfolio.primary_domain | PRIMARY_DOMAIN |
Portfolio.rating | RATING |
Portfolio.rating_date | LAST_ASSESSED |
Portfolio.relationship.name | RELATIONSHIP |
Portfolio.shortname | SHORT_NAME |
Portfolio.sub_industry.name | SUB_INDUSTRY |
Ip Asset
| Source Field Name | SDM Attribute |
|---|---|
AssetResource.app_grade | APP_GRADE |
AssetResource.asset | UID |
AssetResource.asset | NAME |
AssetResource.asset_type | TYPE |
AssetResource.country | COUNTRY |
AssetResource.country_code | COUNTRY_CODE |
AssetResource.hosted_by.guid | HOSTED_BY_ID |
AssetResource.hosted_by.name | HOSTED_BY_NAME |
AssetResource.identifier | IDENTIFIER |
AssetResource.importance | SOURCE_SEVERITY_SCORE |
AssetResource.importance_category | SEVERITY |
AssetResource.importance_category | SOURCE_SEVERITY |
AssetResource.importance_category | SEVERITY_SCORE |
AssetResource.ip_addresses | IP_ADDRESSES |
AssetResource.ip_addresses | PUBLIC_IP_ADDRESSES |
AssetResource.ip_addresses | PRIVATE_IP_ADDRESSES |
AssetResource.is_ip | IS_IP |
AssetResource.latitude | LATITUDE |
AssetResource.longitude | LONGITUDE |
AssetResource.origin_subsidiary.guid | ORIGIN_SUBSIDIARY_ID |
AssetResource.origin_subsidiary.name | ORIGIN_SUBSIDIARY_NAME |
AssetResource.services | SERVICES |
AssetResource.tags | TAGS |
AttributeValues.ASSET_CATEGORY_HOST + AssetResource.asset_type | CATEGORIES |
| Generated (sync timestamp) | LAST_CAPTURED |
Portfolio.guid | COMPANY |
Domain Asset
| Source Field Name | SDM Attribute |
|---|---|
AssetResource.app_grade | APP_GRADE |
AssetResource.asset | UID |
AssetResource.asset | NAME |
AssetResource.asset_type | TYPE |
AssetResource.country | COUNTRY |
AssetResource.country_code | COUNTRY_CODE |
AssetResource.hosted_by.guid | HOSTED_BY_ID |
AssetResource.hosted_by.name | HOSTED_BY_NAME |
AssetResource.identifier | IDENTIFIER |
AssetResource.importance | SOURCE_SEVERITY_SCORE |
AssetResource.importance_category | SEVERITY |
AssetResource.importance_category | SOURCE_SEVERITY |
AssetResource.importance_category | SEVERITY_SCORE |
AssetResource.ip_addresses | IP_ADDRESSES |
AssetResource.ip_addresses | PUBLIC_IP_ADDRESSES |
AssetResource.ip_addresses | PRIVATE_IP_ADDRESSES |
AssetResource.is_ip | IS_IP |
AssetResource.latitude | LATITUDE |
AssetResource.longitude | LONGITUDE |
AssetResource.origin_subsidiary.guid | ORIGIN_SUBSIDIARY_ID |
AssetResource.origin_subsidiary.name | ORIGIN_SUBSIDIARY_NAME |
AssetResource.services | SERVICES |
AssetResource.tags | TAGS |
AttributeValues.ASSET_CATEGORY_DOMAIN + AssetResource.asset_type | CATEGORIES |
| Generated (sync timestamp) | LAST_CAPTURED |
Portfolio.guid | COMPANY |
Finding
| Source Field Name | SDM Attribute |
|---|---|
FindingDetail.check_pass | CHECK_PASS |
FindingDetail.country | COUNTRY |
FindingDetail.cvss.base | CVSS_BASE_SCORES |
FindingDetail.cvss.base (max) | CVSS_BASE_SCORE_MAX |
FindingDetail.dest_port | PORT |
FindingDetail.diligence_annotations | DILIGENCE_ANNOTATIONS |
FindingDetail.diligence_annotations | RESULTS |
FindingDetail.final_location | FINAL_LOCATION |
FindingDetail.geo_ip_location | GEO_IP_LOCATION |
FindingDetail.grade | GRADE |
FindingDetail.observed_ips / attributed_observed_ips + ips_to_be_remediated (for ssl_certificates) | IP_ADDRESSES |
FindingDetail.rollup_end_date | ROLLUP_END_DATE |
FindingDetail.rollup_start_date | ROLLUP_START_DATE |
FindingDetail.sample_timestamp | SAMPLE_TIMESTAMP |
FindingDetail.searchable_details | SEARCHABLE_DETAILS |
FindingResource.affects_rating | AFFECTS_RATING |
FindingResource.assets[].asset + FindingResource.evidence_key | TARGETS |
FindingResource.attributed_companies[].guid | ATTRIBUTED_COMPANIES_ID |
FindingResource.attributed_companies[].name | ATTRIBUTED_COMPANIES_NAME |
FindingResource.evidence_key | EVIDENCE_KEY |
FindingResource.first_seen | FIRST_SEEN |
FindingResource.last_seen | LAST_SEEN |
FindingResource.risk_vector | RISK_VECTOR |
FindingResource.risk_vector_label | RISK_VECTOR_LABEL |
FindingResource.rolledup_observation_id | ROLLEDUP_ID |
FindingResource.severity | SOURCE_SEVERITY_SCORE |
FindingResource.severity_category | SOURCE_SEVERITY |
FindingResource.severity_category | SEVERITY |
FindingResource.severity_category | SEVERITY_SCORE |
FindingResource.temporary_id or MD5 of configured findingUidFields | UID |
| Generated (category derived from normalized status) | STATUS_CATEGORY |
Generated (normalized from statusvalues.active (connector always sets active)) | STATUS |
| Generated (private ips) | PRIVATE_IP_ADDRESSES |
| Generated (public ips) | PUBLIC_IP_ADDRESSES |
| Generated (sync timestamp) | LAST_CAPTURED |
MD5(FindingResource.risk_vector + severity) | TYPE |
Portfolio.guid | COMPANY |
Finding Definition
| Source Field Name | SDM Attribute |
|---|---|
FindingDetail.diligence_annotations["message"] | DESCRIPTION |
FindingDetail.remediations[] | RECOMMENDATION |
FindingResource.risk_category | CATEGORIES |
FindingResource.risk_category | RISK_CATEGORY |
FindingResource.risk_vector_label | NAME |
FindingResource.severity | SOURCE_SEVERITY_SCORE |
FindingResource.severity_category | SEVERITY |
FindingResource.severity_category | SOURCE_SEVERITY |
FindingResource.severity_category | SEVERITY_CATEGORY |
FindingResource.severity_category | SEVERITY_SCORE |
FindingResource.tags | TAGS |
| Generated (sync timestamp) | LAST_CAPTURED |
MD5(FindingResource.risk_vector + severity) | UID |
Operations & API
Expand each connector object to see its operation options, delta-sync behavior, and the API it uses. See connector operation options for how to apply operation options (keys and values are case-sensitive).
Company
Operation options
This object does not support any operation options.
Delta sync
Not supported. The connector performs a full sync of Company on every run and applies no incremental date filter.
API
- Type: GraphQL query · Endpoint:
POST /api/graphql
Ip Asset
Operation options
| Option | Type | Default | Description |
|---|---|---|---|
portfolioIds | Comma-separated list of portfolio GUIDs to scope the sync to specific companies. Matching is case-insensitive. When unset, all portfolios are fetched. | — | |
TRANSACTION_ID | Identifier used to scope the per-sync SimpleKVStore<AssetResource> that dedupes assets across portfolios. Defaults to the connector framework's null-transaction id when absent. | — |
Delta sync
Not supported. The connector performs a full sync of Ip Asset on every run and applies no incremental date filter.
API
- Type: GraphQL query · Endpoint:
POST /api/graphql
Domain Asset
Operation options
| Option | Type | Default | Description |
|---|---|---|---|
portfolioIds | Comma-separated list of portfolio GUIDs to scope the sync to specific companies. Matching is case-insensitive. When unset, all portfolios are fetched. | — | |
TRANSACTION_ID | Identifier used to scope the per-sync SimpleKVStore<AssetResource> that dedupes assets across portfolios. Defaults to the connector framework's null-transaction id when absent. | — |
Delta sync
Not supported. The connector performs a full sync of Domain Asset on every run and applies no incremental date filter.
API
- Type: GraphQL query · Endpoint:
POST /api/graphql
Finding
Operation options
| Option | Type | Default | Description |
|---|---|---|---|
portfolioIds | Comma-separated list of portfolio GUIDs to scope the sync to specific companies. Matching is case-insensitive. When unset, all portfolios are fetched. | — | |
TRANSACTION_ID | Identifier used to scope the PersistentArray<StoredCompanyFinding> that caches the paginated findings payload so Finding and FindingDefinition syncs within the same transaction share one fetch. Defaults to the connector framework's null-transaction id when absent. | — |
Delta sync
Not supported. The connector performs a full sync of Finding on every run and applies no incremental date filter.
API
- Type: GraphQL query · Endpoint:
POST /api/graphql
Finding Definition
Operation options
| Option | Type | Default | Description |
|---|---|---|---|
portfolioIds | Comma-separated list of portfolio GUIDs to scope the sync to specific companies. Matching is case-insensitive. When unset, all portfolios are fetched. | — | |
TRANSACTION_ID | Identifier used to scope the PersistentArray<StoredCompanyFinding> that caches the paginated findings payload (shared with the Finding sync). Defaults to the connector framework's null-transaction id when absent. | — |
Delta sync
Not supported. The connector performs a full sync of Finding Definition on every run and applies no incremental date filter.
API
- Type: GraphQL query · Endpoint:
POST /api/graphql
Changelog
The BitSight connector has undergone the following changes:
| Version | Description | Migration Steps |
|---|---|---|
| 3.0.8 | Improvements - Dependency upgrades — Updated platform SDK and parent build dependencies to the latest releases for stability and security fixes. | N/A |
| 3.0.7 | Bug Fixes (CON-4382) - Finding — RESULTS attribute: Fixed malformed JSON rendering in the UI. Removed <b> HTML tags from the label that caused garbled {{ "{" }}...{{ "}" }} display. Added a second serialization pass using writerWithDefaultPrettyPrinter() to produce human-readable, indented JSON (diligence markdown). - Finding — DILIGENCE_ANNOTATIONS attribute: Retained as compact raw JSON string (diligence raw) — no changes to this attribute. Improvements (CON-4382) - InstantDeserializer: Removed custom InstantDeserializer class and replaced with the platform SDK's OptionalInstantDeserializer. | N/A |
| 3.0.6 | Improvements - Asset sync deduplication — During asset synchronization, assets are tracked in a per-transaction key-value store so the same asset appearing across multiple portfolios is processed and handed to the handler only once per run. This eliminates duplicate connector objects and reduces redundant downstream processing when portfolios share assets. | N/A |