BitSight Security Ratings vs. OneTrust GRC & Security Assurance Cloud

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
BitSight Security Ratings
Score 8.1 out of 10
N/A
BitSight in Cambridge, Massachusetts offers an Internet security platform.N/A
OneTrust GRC & Security Assurance Cloud
Score 8.6 out of 10
Small Businesses (1-50 employees)
Based on technology acquired from Tugboat Logic and Shared Assesments by OneTrust, the OneTrust GRC and Security Assurance Cloud brings resiliency to organization and supply chain amidst continuous cyber threats, and global crises.
$500
per year
Pricing
BitSight Security RatingsOneTrust GRC & Security Assurance Cloud
Editions & Modules
No answers on this topic
Essentials
$500
per year
Startup
$3,000
per year
Growth
$10,000
per year
Midsize
$17,500
per year
Enterprise
Custom
Offerings
Pricing Offerings
BitSight Security RatingsOneTrust GRC & Security Assurance Cloud
Free Trial
NoYes
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details—Monthly plans available. During the onboarding process, you can easily transfer your existing set of policies into Tugboat Logic. This also gives you the opportunity to update or supplement your existing policies with current industry standards. If you need a little more than the normal support we provide, additional services are available from Tugboat Logic. Contact us for more details. Visit our pricing page on our website for more details.
More Pricing Information
Best Alternatives
BitSight Security RatingsOneTrust GRC & Security Assurance Cloud
Small Businesses

No answers on this topic

Rencore Code (SPCAF)
Rencore Code (SPCAF)
Score 8.8 out of 10
Medium-sized Companies

No answers on this topic

Forcepoint DLP
Forcepoint DLP
Score 7.9 out of 10
Enterprises
SAP Ariba
SAP Ariba
Score 7.9 out of 10
Forcepoint DLP
Forcepoint DLP
Score 7.9 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
BitSight Security RatingsOneTrust GRC & Security Assurance Cloud
Likelihood to Recommend
5.0
(1 ratings)
7.4
(2 ratings)
User Testimonials
BitSight Security RatingsOneTrust GRC & Security Assurance Cloud
Likelihood to Recommend
Bitsight Technologies
If you are considering BitSight Security Ratings as a portion or bulk of a larger vendor management project you will be well served in letting the risk scores be an indication of how closely you need to examine a vendor. However, you should not base your assessment solely on the risk score provided. The risk score is based on publicly available data and can be inaccurate.
Read full review
OneTrust
OneTrust provides a repeatable and defined process for vendor assessments but should be adapted to your organization. OneTrust functions well for a centralized document repository. The pricing of modules and what modules are required for workflows to function fully should be better defined. Automated assessments can wind up in spam filters and should be communicated outside of the platform prior to sending to the vendor.
Read full review
Pros
Bitsight Technologies
  • Security hygiene tracking over time
  • Understandable risk score based on observations
  • Predictability model of potential cyber security issues based on security habits.
Read full review
OneTrust
  • Module wise implementation.
  • Very reasonable price structure.
  • Easy and speedy to implement.
  • Product roadmap.
Read full review
Cons
Bitsight Technologies
  • Since data is based on public registration IP and domain data can be stale depending on ISP/Domain registration update delays.
  • Correcting a false detection is a month-long endeavor and requires the company with the impacted score to clean up BitSight's data.
  • Customer service for incorrect data is convoluted and requires a deep understanding of domain registration to correct the data. The responsibility for correcting data is placed solely on the customer's shoulders.
Read full review
OneTrust
  • Documentation chasing for assessments is not as automated or hands-off as demos made it seem.
  • Getting custom risk matrix set up required professional onboarding.
  • Platform is less than intuitive.
  • Pricing is module dependent and demos do not highlight which module is included in which workflow.
Read full review
Alternatives Considered
Bitsight Technologies
BitSight Security Ratings ranks evenly with SecurityScorecard and both below OneTrust for our use case. We needed a platform that would let us define risk for our organization and weight scores differently based on data sensitivity. BitSight and SecurityScorecard are aggregate data that can provide insight into the security habits of a potential vendor and should be considered as an addition to most vendor management projects. However, they both provide metrics based on hygiene and not on data-defined risk. In concert with a platform to evaluate risk based on data and to inform the overall evaluation of a vendor, BitSight Security Ratings can be made to shine. Just understand that you may have to validate some data.
Read full review
OneTrust
During the assessment, we found that OneTrust is easier to use, set up, and administer. it has a quick ROI and value for business. The OneTrust product support and roadmap are far more competitive in comparison to TrustArc. OneTrust is specialized in GRC including Data Privacy and Cookie compliance, where Archer is good in Enterprise Risk management.
Read full review
Return on Investment
Bitsight Technologies
  • Wasted resource hours cleaning up data to correct erroneous risk score.
  • Extra time spent addressing calls from clients about erroneous risk score data.
  • Extra time validating risk score provided by BitSight Security Ratings for potential vendors to ensure valid data.
Read full review
OneTrust
  • More uniform vendor assessments.
  • Defensible numeric metrics reflecting risk.
  • Centralized document repository for audit proofs.
Read full review
ScreenShots