Evaluation guides
      Back to home
      1. UpGuard Knowledge Base
      2. The UpGuard Platform
      3. Evaluation guides

      BreachSight Evaluation Guide

      Written by David Cook
       

      UpGuard BreachSight identifies the cyber-related risks that your company is directly exposed to.


      Follow these steps in UpGuard BreachSight for a robust security posture and risk mitigation.

      Step 1 Gain an overview of your security posture

      • Click on the Executive Summary to understand the security score of your organization. Filter the score based on the past 3, 6, or 12 months.

      • Monitor competitors by clicking "Add competitor" and entering their name or URL.

      • Customize the data according to your requirements using the “Customize page“ option.

      Step 2 Review your risks

      • Navigate to your Risk Profile

      • Investigate the risks that have been identified across your external attack surface

      • Learn how these risks are affecting your score and take corrective action against them

      Step 3 Review your Domains and IPs

      • Click on Domains and IP Addresses to view your Domains and IPs.

      • Use labels to tag and segregate your critical assets.

      • Investigate the individual scores and risks of each domain and IP.

      • Add any missing domains using the "Add domain" or "Add IP" option

        ⭐️ Tip: Reach out to our Support team for bulk uploads of domains

      Step 4 Use Detected Products to identify shadow IT

      • Build out your technology inventory through Detected Products.

      • Identify products running on your domains and IPs.

      • Choose "View By Vendor" to understand your technology dependency on specific vendors

      Step 5 Create a Remediation ticket

      • Determine risks that need to be remediated using the Remediation feature.

      • Click on “Request Remediation” and select risks to remediate

      • Use the remediation planner to create an improvement plan.

      Step 6 Review your Vulnerabilities

      Step 7 Review your Identity Breaches

      Step 8 Monitor Typosquatting domains

      • Identify typosquatting risks by exploring permutations of your domains.

        ⭐️ Tip: Proactively block suspicious domains in your web and email filtering

      Step 9 Publish your Trust Page

      • Navigate to the "Trust Page".

      • Add your security-related information such as security ratings, security contracts, completed security questionnaires, and supporting documents.

        ⭐️ Tip: Proactively share this information with your customers through the “Share” button in the top-right corner.

      Step 10 Export and share reports

      • Head to the Reporting Hub to view a range of generatable reports

      • Alternatively, download each section in Excel or PDF format by clicking the "Export" option at the top right corner of each page.

      • Aggregate data from various sections and obtain a comprehensive overview report of your attack surface.

      • Use filters to identify specific trends across various labels, tiers, portfolios, and other attributes.

      Step 11 Additional: Monitor your Subsidiaries

      • Monitor the attack surface of your subsidiaries individually for risk identification and mitigation.

      • Reach out to our Support team to add any additional subsidiaries.