Likelihood to Recommend If you are considering BitSight Security Ratings as a portion or bulk of a larger vendor management project you will be well served in letting the risk scores be an indication of how closely you need to examine a vendor. However, you should not base your assessment solely on the risk score provided. The risk score is based on publicly available data and can be inaccurate.
Read full review For example, Cloudflare is a very good solution for ZTNA implementation. Cloudflare has Warp for propagating Gateway rules and checking device posture. Browser Isolation gives you more abilities to use internet resources without any restrictions and at the same time not put the company at risk. For example, if there is no DLP solution in place blocking the printing function can partly protect the company's sensitive data from intentional or intentional leakage through the online forms. A similar approach protects the end-user device from Zero-day threats and malicious software code. Moreover, Remote Browser Isolation technology protects not only the user's device but also the user himself from possible phishing attacks - for example, even if the user enters his username and password on the phishing website, bank card issuers, or other personal or confidential data, data will not go beyond the isolated cloud environment. Cloudflare Access gives company administrators a great opportunity to implement role-based access policies and make effect segmentation and diversification of company network groups.
Read full review Pros Security hygiene tracking over time Understandable risk score based on observations Predictability model of potential cyber security issues based on security habits. Read full review Block access to known bad, risky, or unwanted destinations at the DNS or HTTP level. Excellent protection for remote users. Best in class browser isolation techniques. Read full review Cons Since data is based on public registration IP and domain data can be stale depending on ISP/Domain registration update delays. Correcting a false detection is a month-long endeavor and requires the company with the impacted score to clean up BitSight's data. Customer service for incorrect data is convoluted and requires a deep understanding of domain registration to correct the data. The responsibility for correcting data is placed solely on the customer's shoulders. Read full review Very API [oriented] which is fine, but the GUI is sometimes inconsistent Read full review Support Rating Good chat support from the portal for basic questions and minor issues. The enterprise support line is provided as well.
Read full review Alternatives Considered BitSight Security Ratings ranks evenly with
SecurityScorecard and both below
OneTrust for our use case. We needed a platform that would let us define risk for our organization and weight scores differently based on data sensitivity. BitSight and
SecurityScorecard are aggregate data that can provide insight into the security habits of a potential vendor and should be considered as an addition to most vendor management projects. However, they both provide metrics based on hygiene and not on data-defined risk. In concert with a platform to evaluate risk based on data and to inform the overall evaluation of a vendor, BitSight Security Ratings can be made to shine. Just understand that you may have to validate some data.
Read full review As long as all Cloudflare products and services rely on anycast technology, in a complex approach Cloudflare is faster and more relevant for cloud applications. The balance between security and performance is fully established. Also, Cloudflare has quite a good stack for API connection protection, like the API Shield example, which makes it more effective compared to F5 for example. Warp as a ZTNA agent gives better visibility and device posture information than
FortiClient does.
Read full review Return on Investment Wasted resource hours cleaning up data to correct erroneous risk score. Extra time spent addressing calls from clients about erroneous risk score data. Extra time validating risk score provided by BitSight Security Ratings for potential vendors to ensure valid data. Read full review Complete solution in case of using with Cloudflare Access. No need of maintenance. No skilled staff and trainings required. Read full review ScreenShots