Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

What to Expect from Bitsight's 2025 Ratings Algorithm Update

In anticipation of Bitsight’s upcoming 2025 Ratings Algorithm Update (RAU), many organizations are eager to learn more about what to expect from the changes. We are excited to share that the update will be ready for preview on April 8th in the Bitsight applications so that everyone can proactively prepare for the RAU.

Uncovering Cyber Risks in the Global Supply Chain

No organization can achieve its goals on its own. To truly get ahead in the rapidly transitioning digital society, any organization will need a diverse group of partners who specialize in the products and services they do not. Commonly referred to as a “supply chain” this web of connections ensures the world operates smoothly, but navigating its many connections is challenging. Luckily, Bitsight TRACE doesn’t shy away from a challenge.

Massive DDoS on X: Dark Storm or Cyber Fog?

Earlier this week, users of the X (formerly Twitter) social network were either unable to access the platform or experienced service degradation somehow. On March 10, 2025, reports emerged of users worldwide being unable to log in, post, or view content. This incident was later attributed to a large-scale distributed denial-of-service (DDoS) attack targeting X's infrastructure.

The Top 7 Cybersecurity Frameworks

In today’s ever evolving threat landscape, protecting an organization's digital assets is no longer optional—it's a critical business imperative. Security ratings can provide a snapshot of your organization's cyber health, but to demonstrate a robust, long-term commitment to cybersecurity, it’s essential to align with recognized industry and regulatory best practices. This is where cybersecurity frameworks come into play.

Prioritizing Critical Third-Party Assets to Protect Your Extended Attack Surface

The enterprise attack surface now extends well beyond the network firewall. As a result, Third Party Risk Management Teams are increasingly becoming an extension of Security Operations Centers, responding in times of crisis to questions of who, what, and more urgently, how and when. The line between ‘their exposure’ and ‘our risk’ is almost non-existent. But bridging the gap between data and platforms can be challenging.

DNS Servers & Cybersecurity: How They Work and How to Secure Them

The Domain Name System (DNS) is a fundamental component of the Internet, translating human-friendly domain names into IP addresses that computers use to communicate. While its primary function is straightforward, DNS servers play a crucial role in both the performance and security of online activities.

Data Gathering in Cybersecurity: Techniques, Best Practices, and Key Questions

In cybersecurity, the ability to gather, analyze, and act on data determines how well an organization can anticipate threats, detect vulnerabilities, and respond to attacks. But not all intelligence is created equal. Knowing what data to collect, where to find it, and how to interpret it is what separates reactive security teams from proactive ones.

OSINT Framework: How Open Source Intelligence Powers Cybersecurity

Open Source Intelligence (OSINT) is the backbone of modern cybersecurity investigations, helping analysts and law enforcement uncover threats, assess risks, and gather intelligence from publicly available sources. In this guide, we break down everything you need to know about OSINT, from key frameworks and tools to how it's used in cybersecurity.

7 Questions Tech Buyers Should Ask About How Their Vendors Use AI

As AI becomes an increasingly critical component in the digital supply chain, tech buyers are struggling to appropriately measure and manage their AI risk. Keeping tabs on emerging risk from the AI technology they use is hard enough. But often the most crucial AI business functions that organizations depend upon aren’t directly under their control or care, but instead are governed by the tech vendors that embed them into their underlying software.