---
title: Bitsight Reviews
meta_title: 'Bitsight Reviews 2026: Details, Pricing, & Features | G2'
meta_description: Filter 76 reviews by the users' company size, role or industry to
  find out how Bitsight works for a business like yours.
aggregate_rating:
  rating_value: 4.5
  review_count: 76
  scale: '5'
date_modified: '2026-07-13'
parent_category:
  name: Governance, Risk & Compliance
  url: https://www.g2.com/categories/governance-risk-compliance
---

# Bitsight Reviews
**Vendor:** Bitsight  
**Category:** [Third Party &amp; Supplier Risk Management Software](https://www.g2.com/categories/third-party-supplier-risk-management)  
**Average Rating:** 4.5/5.0  
**Total Reviews:** 76
## About Bitsight
Bitsight is the global leader in cyber risk intelligence, leveraging advanced AI to empower organizations with precise insights derived from the industry’s most extensive external cybersecurity dataset. With more than 3,500 customers and over 68,000 organizations active on its platform, Bitsight delivers real-time visibility into cyber risk and threat exposure, enabling teams to rapidly identify vulnerabilities, detect emerging threats, prioritize remediation, and mitigate risks across their extended attack surface. Bitsight proactively uncovers security gaps across infrastructure, cloud environments, digital identities, and third- and fourth-party ecosystems. From security operations and governance teams to executive boardrooms, Bitsight provides the unified intelligence backbone required to confidently manage cyber risk and address exposures before they impact performance.



## Bitsight Pros & Cons
**What users like:**

- Users value the **easy-to-understand BitSight Rating** for quickly assessing security postures and benchmarks. (15 reviews)
- Users find Bitsight excellent for **third-party risk management** , providing detailed insights and helpful support for evaluations. (14 reviews)
- Users appreciate the **ease of use** of BitSight, enjoying its intuitive interface and seamless integration into workflows. (13 reviews)
- Users value the **comprehensive insights** provided by Bitsight across domains, enhancing risk management and vendor collaboration. (11 reviews)
- Users commend the **responsive customer support** from Bitsight, enhancing their overall experience and satisfaction with the tool. (10 reviews)
- Users find Bitsight to be **extremely helpful** for vulnerability detection and organization, enhancing security and knowledge. (9 reviews)
- Security Management (7 reviews)
- Vendor Management (7 reviews)
- Users value the **efficient assessment process** of Bitsight, enhancing their security posture and providing valuable insights. (5 reviews)
- Intuitive (5 reviews)

**What users dislike:**

- Users experience a **lack of clarity** regarding scoring mechanisms and sometimes receive inaccurate domain findings from Bitsight. (5 reviews)
- Users are frustrated by the **missing features** in Bitsight, particularly the inability to send questionnaires without support tickets. (5 reviews)
- Users express frustration with **poor customer support** , noting inadequate documentation and unhelpful responses for a premium product. (4 reviews)
- Users face **poor notifications** from Bitsight, finding alert configurations limited and delays in critical breach alerts frustrating. (4 reviews)
- Users experience **slow loading** and lagging issues with Bitsight, affecting their overall efficiency and satisfaction. (4 reviews)
- Users have noted that the **slow performance** of Bitsight in reflecting score improvements can be frustrating after implementing security fixes. (4 reviews)
- Users experience **delay issues** with Bitsight, particularly in response times and updates on vulnerabilities. (3 reviews)
- Users feel that Bitsight is **expensive** compared to other vendors, wishing it could be more affordable. (3 reviews)
- False Positives (3 reviews)
- Users highlight the need for **improvement in thoroughness and support response times** in Bitsight&#39;s services. (3 reviews)

## Bitsight Reviews
  ### 1. Effortless Cyber Risk Scoring for Proactive Security

**Rating:** 4.0/5.0 stars

**Reviewed by:** Matthew P. | Optimization engineer, Enterprise (> 1000 emp.)

**Reviewed Date:** January 06, 2026

**What do you like best about Bitsight?**

What I like best about BitSight is that it gives companies a simple daily "security score" like a credit score for cyber risk.
It watches your own systems and your vendors from the outside without bothering anyone, spotting problems early.
This makes it super easy to fix the biggest risks first and keep everyone safer.  It is easy to use.

**What do you dislike about Bitsight?**

Bitsight can be laggy sometimes, also the scoring mechanism is not transparent

**What problems is Bitsight solving and how is that benefiting you?**

I think the biggest problem is security at the company

  ### 2. High Cost, Low Signal: More Noise Than Intelligence

**Rating:** 1.0/5.0 stars

**Reviewed by:** Verified User in Transportation/Trucking/Railroad | Mid-Market (51-1000 emp.)

**Reviewed Date:** February 09, 2026

**What do you like best about Bitsight?**

The marketing and positioning are polished. On the surface, Bitsight Threat Intelligence (formerly Cybersixgill) appears to offer broad dark web coverage and an impressive volume of data sources. The promise of automated threat discovery across forums, marketplaces, and paste sites is appealing, especially for teams that lack in-house collection capabilities.

Unfortunately, that promise rarely translates into day-to-day value.

**What do you dislike about Bitsight?**

The biggest issue is signal-to-noise ratio. The platform generates a high volume of alerts and findings, but a significant portion are low-quality, redundant, or irrelevant. Analysts spend far too much time filtering noise instead of responding to actionable threats.

Performance is another major drawback. Searches and dashboards are often slow, which is frustrating for a tool that claims near real-time intelligence. The UI feels dated and clunky, and workflows are not intuitive.

Support and documentation also fall short of expectations for a product at this price point. Documentation is thin, and support responses are not too helpful.

**What problems is Bitsight solving and how is that benefiting you?**

In theory, it is meant to solve early detection of credential leaks, brand abuse, and underground chatter before issues escalate. In practice, the benefit is limited because the data requires extensive manual triage to determine what actually matters.

Instead of accelerating response, it often adds operational overhead. The tool identifies “things that exist on the internet,” but stops short of consistently answering the more important question: what requires action right now?

  ### 3. Finds Public-Facing Security Flaws and Clearly Shows How to Fix Them

**Rating:** 4.5/5.0 stars

**Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.)

**Reviewed Date:** May 06, 2026

**What do you like best about Bitsight?**

It finds our public facing security flaws, gives as much info as it has on each finding, and exactly how to fix it.

**What do you dislike about Bitsight?**

Almost nothing to dislike.  The free offering is more than fair but to really use it, it'll cost you.

**What problems is Bitsight solving and how is that benefiting you?**

Improves our cybersecurity position, helps our public image regarding the integrity of the company, and help the company prepare for security auditing required for certified compliance.

  ### 4. Great tool for managing external sourced vulnerabilities

**Rating:** 5.0/5.0 stars

**Reviewed by:** Steve W. | Lead Information Security Engineer, Enterprise (> 1000 emp.)

**Reviewed Date:** August 11, 2025

**What do you like best about Bitsight?**

The organization of vulnerability findings by severity, risk vector, type of vulnerability makes it helpful to organize and report on your vulnerabilities.    Many findings have been from areas we either didnt know about, or never knew were vulnerable.    While the GUI interface is extremely well organized and easy to use, I found it quite helpful using the Bitsight API structure to pull finding totals by Risk Vector, Grade, etc into a spreadsheet that gets regularly updated every few hours.    Bitsight has not only helped our company's security posture, but also helped in my knowledge of website construction on a deeper level than I previously had, and Ive been in this field as a developer and a security analyst for over 30 years.    Of all the security tools we employ here, Bitsight is probably my preferred tool to use.  I find it challenging and easy at the same time.  
I find the customer support team an excellent resource.   In my 4 years of working with them now, Im sure Ive aggrivated them to no degree with my relentless questions and requests.   But they are always there and willing to help me.
I use Bitsight everyday.  Its part of my job.  I consider it to be my 3rd arm.   The loss of this tool would be a significant change in my career.

**What do you dislike about Bitsight?**

As helpful as it can be, at times there are areas that can be improved as well.   Bitsight isnt as always as thorough as it could be.   While it does in depth scanning of many of our external resources. there are several with the same vulnerabilities that seemingly get overlooked.   Or its like one group of findings gets found one month.. two months later, another group is found with the same vulnerabilities.   Also Id love to see a bit more transparency about the formulas used in calculating grades, and RV scores.
Lately, my use of customer support has been not as frequent as their response time has dropped off a bit.  Where I used to get responses to questions within a few hours to a day..  now it seems many questions go several days before they get a first response.

**What problems is Bitsight solving and how is that benefiting you?**

BItsight helps our company in improving its security posture.     In the years that I have been administering Bitsight for us, we have improved our security view and the way we look at ourselves immeasurably.   Not only myself, my security team, but other peripheral teams in our IT department take stock of what we do here too.

  ### 5. Strategic insights that go beyond scores

**Rating:** 5.0/5.0 stars

**Reviewed by:** CELSO L. | Account Executive | Cybersecurity Advisor, Mid-Market (51-1000 emp.)

**Reviewed Date:** July 17, 2025

**What do you like best about Bitsight?**

BitSight delivers strategic insights that go far beyond traditional scoring. As consultants, we leverage its continuous monitoring, benchmarking, and cyber intelligence capabilities to build truly risk-informed roadmaps. The addition of Identity Intelligence and dark web monitoring has significantly raised the bar in threat visibility — helping our clients act faster and smarter.

**What do you dislike about Bitsight?**

While the platform is powerful, there’s room for improvement in real-time customization and GRC-native integrations. Advanced users may also wish for more granular control when correlating findings with internal telemetry. That said, the platform continues to evolve fast — and the partnership and roadmap discussions with BitSight have been outstanding.

**What problems is Bitsight solving and how is that benefiting you?**

BitSight helps us turn cyber risk into business risk language. It solves a critical challenge in Third-Party Risk Management: visibility. Traditional assessments often rely on static data and self-attestations. BitSight adds external, continuous and evidence-based intelligence — enabling better decisions, quicker prioritization, and strategic communication with clients and their boards. It’s not just about scoring — it’s about actionable intelligence and trust.

  ### 6. Great Security Benchmarking Tool

**Rating:** 5.0/5.0 stars

**Reviewed by:** Rodrigo C. | SOC Services Manager, Mid-Market (51-1000 emp.)

**Reviewed Date:** July 15, 2025

**What do you like best about Bitsight?**

Have been using it for around 5 years and it's a must have tool for us since its used on more than a weekly basis. Has been a great tool since the start and has been growing with bigger and better features in this time keeping up to date with current needs. 

The interface is very user friendly and intuitive, with implementation being fast for most use cases and integration to our workflow has been great as well. I have a great response time from support team.

**What do you dislike about Bitsight?**

As is usual with these types of platforms, false positives are always something negative that's not really all BitSight's fault at times, but it could be better, specifically with risk vectors related to web app and web headers security settings.

**What problems is Bitsight solving and how is that benefiting you?**

Its a must have tool for multiple services we provide, it helps us and our customers with the offerings it provides.

**Official Response from Asha May:**

> Hello Rodrigo - Thank you for taking the time to share your experience in working with Bitsight for 5 years! We appreciate and strive to support all our customers. And, it is especially exciting to know those who continue to see value in our partnership for multiple years. Please continue to engage with your account team and share feedback.

  ### 7. Great for Risk Monitoring, But Alert Email Config Needs Improvement

**Rating:** 3.5/5.0 stars

**Reviewed by:** Verified User in Insurance | Enterprise (> 1000 emp.)

**Reviewed Date:** November 04, 2025

**What do you like best about Bitsight?**

There are two main features that assist us. The first to be able to monitor our risk posture from an external perspective and compare ourselves with other like businesses. The other which is currently very important is the ability to monitor our Thirds Parties and be able to make risk based decisions on whether we do business with them. This is important due to APRA 230 requirements

**What do you dislike about Bitsight?**

At the moment there are some limitations in how we can configure alert emails.

**What problems is Bitsight solving and how is that benefiting you?**

It is allowing us to achieve compliance with APRA 230 in terms of meeting TPRM obligations. It also allows our GRC team to do risk assessment of Third Parties as well as assisting in assessing compliance to ISO 27001 or SOC standards

  ### 8. Easy to use. Actionable data and pinpoints where to focus efforts. Immediate ROI.

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.)

**Reviewed Date:** September 05, 2025

**What do you like best about Bitsight?**

BitSight provides our team an outside-in view of our security posture. The daily security ratings are easy to track and give clear insight into areas like potential compromised systems, risky behavior, and probable past incidents. As part of our multi-layered security strategy, BitSight adds a unique layer of visibility that complements our internal tools, helping us with potential blind spots and external risks that we might otherwise miss. I especially like the Ratings Tree as it breaks down risk across different business units so we can quickly pinpoint where to focus our efforts. It doesn’t replace our internal monitoring or detection tools, but its part of our multi-layered defense where BitSight provides an essential external perspective that strengthens our overall defense and helps us communicate and prioritize cybersecurity with leadership. Further Luisa from the CS team is an amazing contact and so is Ciaran; with both of them we're confident we're getting the services that we need without waiting days for a reply. Its also easy to implement and integrate.

**What do you dislike about Bitsight?**

It's good for us. So nothing I can think of at the moment.

**What problems is Bitsight solving and how is that benefiting you?**

BitSight provides our team an outside-in view of our security posture. The daily security ratings are easy to track and give clear insight into areas like potential compromised systems, risky behavior, and probable past incidents. As part of our multi-layered security strategy, BitSight adds a unique layer of visibility that complements our internal tools, helping us with potential blind spots and external risks that we might otherwise miss. I especially like the Ratings Tree as it breaks down risk across different business units so we can quickly pinpoint where to focus our efforts. It doesn’t replace our internal monitoring or detection tools, but its part of our multi-layered defense where BitSight provides an essential external perspective that strengthens our overall defense and helps us communicate and prioritize cybersecurity with leadership. Further Luisa from the CS team is an amazing contact and so is Ciaran; with both of them we're confident we're getting the services that we need without waiting days for a reply. Its also easy to implement and integrate.

  ### 9. Enhancing Security Posture Through BitSight’s Detailed Analysis

**Rating:** 4.5/5.0 stars

**Reviewed by:** Verified User in Computer & Network Security | Enterprise (> 1000 emp.)

**Reviewed Date:** December 16, 2025

**What do you like best about Bitsight?**

What I appreciate most about BitSight is its ability to provide findings across all domains based on WHOIS records. It also delivers detailed insights on web application headers, DMARC, DKIM, SSL configurations, and SSL certificates.

**What do you dislike about Bitsight?**

Occasionally, BitSight reports incorrect findings for domains that do not have DNS records.

**What problems is Bitsight solving and how is that benefiting you?**

BitSight addresses numerous domain and IP-based findings, making it highly beneficial for us. By providing detailed insights such as web application headers, DMARC configurations, and more, it simplifies the process of mitigating issues for the identified domains.

  ### 10. My overall BitSight experience has been positive.

**Rating:** 4.0/5.0 stars

**Reviewed by:** Brian M. | It Security Architect / Manager of Attack Surface Mgmt, Enterprise (> 1000 emp.)

**Reviewed Date:** July 28, 2025

**What do you like best about Bitsight?**

I have found the most value in two things :
1) The findings table which combines asset discovery with EASM to provide a solid list of issues to be reviewed and addressed
2) The 3rd Party cyber risk module which allows me to compare my overall security posture with similar companies in my vertical.

**What do you dislike about Bitsight?**

I understand why it is this way, but sometimes it takes a long time to change the security "score" after I've made positive improvements to my company's security posture.  Alot of work goes in to implementing the fixes and it can take a long time to see the benefit.

**What problems is Bitsight solving and how is that benefiting you?**

Primarily the EASM Discovery function as well as benchmarking against competitors in our vertical.


## Bitsight Discussions
  - [What does Bitsight Security Ratings do?](https://www.g2.com/discussions/what-does-bitsight-security-ratings-do)
  - [How is BitSight calculated?](https://www.g2.com/discussions/how-is-bitsight-calculated)
  - [What is a BitSight security rating?](https://www.g2.com/discussions/what-is-a-bitsight-security-rating)

- [View Bitsight pricing details and edition comparison](https://www.g2.com/products/bitsight/reviews/bitsight-review-11442974?section=pricing&secure%5Bexpires_at%5D=2026-07-13+15%3A15%3A12+-0500&secure%5Bsession_id%5D=7e64e354-2ca8-4e51-b77d-7db434e87ef6&secure%5Btoken%5D=0bb859a33b537045c2c29ef5b38ea2c436b89319f36c60fc9d9775ff378c0855&format=llm_user)
## Bitsight Integrations
  - [Aravo](https://www.g2.com/products/aravo/reviews)
  - [Archer](https://www.g2.com/products/archer-technologies-archer/reviews)
  - [Coupa](https://www.g2.com/products/coupa-software-coupa/reviews)
  - [Diligent](https://www.g2.com/products/diligent/reviews)
  - [Graphite Connect](https://www.g2.com/products/graphiteconnect-graphite-connect/reviews)
  - [Interos](https://www.g2.com/products/interos/reviews)
  - [Jira](https://www.g2.com/products/jira/reviews)
  - [Microsoft Power BI](https://www.g2.com/products/microsoft-microsoft-power-bi/reviews)
  - [Microsoft Sentinel](https://www.g2.com/products/microsoft-sentinel/reviews)
  - [Netskope](https://www.g2.com/products/netskope-activity-feeds-for-microsoft-onedrive-netskope/reviews)
  - [Okta](https://www.g2.com/products/okta/reviews)
  - [OneTrust Third-Party Management](https://www.g2.com/products/onetrust-third-party-management/reviews)
  - [Onspring](https://www.g2.com/products/onspring/reviews)
  - [Palo Alto Cortex XSIAM](https://www.g2.com/products/palo-alto-cortex-xsiam/reviews)
  - [ProcessUnity TPRM Platform](https://www.g2.com/products/processunity-tprm-platform/reviews)
  - [SAP Ariba](https://www.g2.com/products/sap-ariba/reviews)
  - [ServiceNow IT Service Management](https://www.g2.com/products/servicenow-it-service-management/reviews)
  - [Splunk](https://www.g2.com/products/splunk-2025-01-30/reviews)
  - [ThreatQ](https://www.g2.com/products/threatq/reviews)
  - [Venminder](https://www.g2.com/products/venminder/reviews)
  - [Whistic](https://www.g2.com/products/whistic/reviews)

## Bitsight Features
**Performance**
- Issue Tracking
- Detection Rate
- False Positives
- Automated Scans

**Risk Analysis**
- Risk Scoring
- Reporting
- Risk-Prioritization

**Functionality**
- Customized Vendor Pages
- Centralized Vendor Catalog
- Questionnaire Templates
- User Access Control

**Asset Management**
- Asset Discovery
- Shadow IT Detection
- Change Management

**Data management**
- Data repository
- Natural Language Processing (NLP)
- Data quality
- Automation
- Data structuring

**Risk Assessment**
- Scoring
- AI

**Vulnerability Management - Digital Risk Protection (DRP) Platforms**
- Vulnerability Assessment
- Digital Footprint Mapping
- Fraud Detection
- Data Leak Detection
- Anti-Counterfeiting
- Brand Protection

**Generative AI - Exposure Management Platforms**
- Predictive Analytics
- Automated Threat Detection

**Orchestration**
- Asset Management
- Security Workflow Automation
- Deployment
- Sandboxing

**Network**
- Compliance Testing
- Perimeter Scanning
- Configuration Monitoring

**Vulnerability Assesment**
- Vulnerability Scanning
- Vulnerability Intelligence
- Contextual Data
- Dashboards

**Risk assessment**
- Risk Scoring
- 4th Party Assessments
- Monitoring And Alerts
- AI Monitoring

**Monitoring**
- Gap Analysis
- Vulnerability Intelligence
- Compliance Monitoring
- Continuous Monitoring

**Functionality**
- Customized Datasets
- Customer support
- Real-time data
- Complete datasets
- Compliance
- Plug-ins

**Risk Control**
- Reviews
- Policies
- Workflows

**Incident Response Digital Risk Protection (DRP) Platforms**
- Threat Remediation
- Automated Reponses
- Incident Response Capabilities

**Risk Identification and Assessment - Exposure Management Platforms**
- Comprehensive Risk Assessment
- Advanced Analytics and Reporting

**Information**
- Proactive Alerts
- Malware Detection
- Intelligence Reports

**Application**
- Manual Application Testing
- Static Code Analysis
- Black Box Testing

**Automation**
- Automated Remediation
- Workflow Automation
- Security Testing
- Test Automation

**Risk Management**
- Risk-Prioritization
- Reconnaissance
- At-Risk Analysis
- Threat Intelligence

**Monitoring**
- Vendor Performance
- Notifications
- Oversight

**Reporting and Analytics - Digital Risk Protection (DRP) Platforms**
- Threat Trends Analysis
- Risk Assessment Reports
- Customizable Dashboards

**Monitoring and Integration - Exposure Management Platforms**
- Integration and Data Consolidation
- Real-time Monitoring and Alerts

**Generative AI - Vendor Security and Privacy Assessment**
- Text Summarization
- Text Generation

**Personalization**
- Endpoint Intelligence
- Security Validation
- Dynamic/Code Analysis

**Reporting**
- Templates
- Centralized Data
- 360 View

**Generative AI**
- AI Text Summarization

**Agentic AI - Vulnerability Scanner**
- Autonomous Task Execution
- Proactive Assistance

**Generative AI**
- AI Text Summarization
- Generate Attack Scenarios
- Generate Threat Detection Rules
- Generate Threat Summaries

**Agentic AI - Third Party & Supplier Risk Management**
- Adaptive Learning
- Decision Making

**Agentic AI - Threat Intelligence**
- Autonomous Task Execution
- Multi-step Planning
- Proactive Assistance
- Decision Making

## Top Bitsight Alternatives
  - [UpGuard Vendor Risk](https://www.g2.com/products/upguard-vendor-risk/reviews) - 4.5/5.0 (721 reviews)
  - [Vanta](https://www.g2.com/products/vanta/reviews) - 4.6/5.0 (2,593 reviews)
  - [Recorded Future](https://www.g2.com/products/recorded-future/reviews) - 4.6/5.0 (225 reviews)

