A subsidiary's risk profile helps you instantly understand their security posture by providing an overview of their security rating over the last month, quarter, or year. You can also drill down into individual risks across their infrastructure.

You can dive deeper by clicking on Domains & IPs, Vulnerabilities, and Subsidiaries (if applicable) in the sidebar and you can request remediation by clicking on Remediation.

In addition to this, you can also toggle the inclusion of the subsidiary's subsidiaries on the risk profile by clicking on Company and subsidiaries. This will open up a view that is similar to Portfolio Risk Profile but focused solely on the subsidiary and its subsidiaries. Note: You can also view your entire organization and its subsidiaries from your Risk Profile under Executive Summary.

This view summarizes all identified risks found across the subsidiary and its subsidiaries. Each identified risk includes a severity, name, risk type, category, and the number of companies impacted.

By default, findings are sorted by severity, with critical items at the top. This is great if you want to understand the shared risks across your organization and its subsidiaries. For example, if you wanted to find all the organizations who were didn't have SSL available, you could click on Apply filters in the top right corner of your screen and then filter by SSL not available in Filter by finding.

From here you can click on the risk to see the companies that are triggering the risk. This view shows the companies that trigger the risk, their security rating, and their individual domains that have the risk.

To view the individual domains that trigger the risk, click on the organization you wish to view the domains for. In this example, I have clicked on Example Holdings.

Did this answer your question?