BitSight Security Performance Management

What is BitSight Security Performance Management? #

BitSight Security Performance Management provides a dynamic Security Rating for the cybersecurity in your organization. To derive a Security Rating, BitSight Security Performance Management continuously assesses security controls and the remediation of gaps to help organizations meet internal standards and external regulations.

Why Should You Use the BitSight Security Performance Management Connector? #

The BitSight Security Performance Management connector provides visibility into the assets in your environment. You can use this visibility to:

• ensure assets are managed per your security policies
• derive relationships between assets, users, applications, and data

How Does This Connector Work? #

Meridian executes read-only requests to the BitSight REST API and ingests only meta-data about BitSight devices. Meridian does not retrieve any data stored on your assets.

Configuring the Connector in Meridian #

Source Documentation #

Creating Credentials #

To create an API Token:

1. Create a user account for the Meridian connector to use. For details, see https://help.bitsighttech.com/hc/en-us/articles/21490971050903-How-to-Add-a-User
2. Assign the User role to the new account. This is a read-only role.
3. For the Meridian user, generate an API token. For details, see: https://support.kandji.io/kb/kandji-api#generate-an-api-token the section on Generating a User API Token.

Required Permissions #

The BitSight token must have read access to Device data and User data.  The User role provides this access.

API Documentation #

https://help.bitsighttech.com/hc/en-us/categories/360005934253-Bitsight-API