<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=26304&amp;fmt=gif">
Security Ratings

BitSight Releases ROBOT Vulnerability Identification Feature

David Soohoo | December 20, 2017

Within the BitSight Security Ratings platform, we prioritize features specifically chosen to help organizations identify and manage risks across their own networks and the networks of their third parties. BitSight now enables users to identify organizations who are potentially vulnerable to ROBOT — short for "Return Of Bleichenbacher's Oracle Threat"— attacks. The vulnerability behind the ROBOT attack was originally discovered in 1998 and has resurfaced through a number of proprietary TLS/SSL implementations, affecting some of the most popular websites — including Facebook and PayPal. The vulnerability ultimately provides a method by which an attacker can decrypt TLS/SSL traffic and obtain sensitive information.

This new functionality to identify where ROBOT exists across your supply chain is very similar to the feature within the platform that allows organizations are potentially vulnerable to Struts attacks. BitSight users can navigate to the Portfolio page and use the Vulnerabilities filter to find organizations potentially vulnerable to ROBOT attacks. They can then go to a company’s Diligence page and search for “ROBOT” to find the potentially vulnerable hosts.

ROBOT_vulnerability_filter_mock_companies.gif

This new feature provides valuable insight into the security posture of an organization (and its vendors). With global cyber attacks that exploit internal vulnerabilities, companies must keep track of the endpoints on their network and ensure that patching is enabled and up-to-date. BitSight is leading the way in the Security Rating Services industry to provide insights like this to better equip security and risk professionals to reduce the cyber risk associated with their third parties and within their organizations.

Want to learn more about BitSight Security Ratings?

Take A Tour

Suggested Posts

BitSight Research Highlights Financial Services Security Ratings in the United Kingdom

Over the last several years, cybersecurity regulations (like NYDFS and GDPR) have placed pressure on the financial services industry to build and enforce some of the strongest risk management programs across any industry. These programs...

READ MORE »

BitSight Releases New VPNFilter & Oracle Weblogic Vulnerability Identification Filters

Within the BitSight Security Ratings platform, we prioritize features that help organizations both identify and manage risks across their own networks and the networks of their third parties. BitSight now enables users to identify...

READ MORE »

BitSight Raises $60 Million in Series D Funding To Further Cement Status as Security Ratings Leader

Last Thursday, BitSight announced the closing of our Series D Round of funding. Not only is this important for our company, it is also extremely significant for the security and risk market as a whole.  

READ MORE »

Subscribe to get security news and updates in your inbox.