BRS™ – Business Risk Score

BRS™ – Business Risk Score

Version: 1.0

Last Updated: July 19, 2025
Audience: Sales & Marketing, Risk Management, SMB Owners, Lead Generation Teams

1. Introduction

This document provides a complete reference for BRS (Business Risk Score) — Pinak Infosec’s standalone lead-generation and risk-assessment tool. It covers architecture, setup, core workflows, integrations, administration, troubleshooting, best practices, and FAQs to help you deploy, configure, and operate BRS end-to-end.

1.1 Purpose

  • Explain system components and data flow.
  • Detail core features, configuration, and user workflows.
  • Describe integration options (Mailchimp, CRM, webhooks).
  • Provide troubleshooting guidance and security best practices.

1.2 Document Organization

  1. Overview & Benefits
  2. Architecture & Data Flow
  3. Core Features & Workflows
  4. User Interface & Reporting
  5. API Reference
  6. Deployment & Integrations
  7. Security & Compliance
  8. Administration & RBAC
  9. Best Practices
  10. Troubleshooting & Support
  11. FAQs & Glossary

2. BRS Overview & Benefits

BRS generates an instant risk score for any company domain by aggregating public data sources — corporate registries, DNS records, SSL certificates, news and dark-web mentions. It is designed for effortless lead capture and rapid risk assessment.

2.1 Key Benefits

  • Instant Risk Insights: Get a numerical risk score in under 10 seconds.
  • Lead Generation: Embed a simple “Check Your Risk” widget on your site to capture prospect details.
  • Tiered Reporting: Free plan for basic score; Paid plan unlocks full PDF report download.
  • Seamless Nurturing: Automatic lead handoff to Mailchimp or your CRM.
  • Data-Driven Outreach: Prioritize high-risk leads for targeted sales campaigns.

3. Architecture & Data Flow

3.1 System Components

  • Data Ingestion: Public network crawlers, WHOIS/DNS APIs, SSL certificate feeds, news/Dark-web scanners.
  • Analysis Engine: Scoring algorithms combine static rules and ML models to compute risk factors.
  • Report Generator: Dynamic PDF builder for detailed risk breakdowns (Paid plan).
  • Lead Capture Service: Widget backend to collect user contact details.
  • API & UI: React portal for manual lookups; RESTful API for integrations.

3.2 Data Flow Diagram

(Insert diagram: Widget/API → Ingestion → Analysis Engine → Scoring Service → UI/API → Lead Capture → CRM/Mailchimp)

4. Core Features & Workflows

4.1 Domain Lookup & Scoring

  • User enters a domain in the BRS portal or embedded widget.
  • Ingestion pulls WHOIS, DNS, SSL, public-reputation and breach data.
  • Analysis Engine computes a composite Risk Score (0–100) across factors: ownership, certificate health, public mentions, breach history.
  • Score returned via API or displayed in UI.

4.2 Report Generation (Paid Plan)

  • On-demand PDF report with detailed risk factor breakdown, historical trends, and remediation recommendations.
  • Secure download link valid for 24 hours.
  • Option to email report directly to end user.

4.3 Lead Capture & Handoff

  • Embedded JavaScript widget collects user name, email, and domain.
  • Leads pushed automatically to Mailchimp list or via webhook to CRM.
  • Tagging of leads by risk tier (Low/Medium/High/Critical) for segmentation.

4.4 Batch Domain Scoring

  • Upload CSV of up to 1,000 domains.
  • Asynchronous processing with email notification on completion.
  • CSV export of domains with scores and key metrics.

5. User Interface & Reporting

5.1 Dashboard

  • Lookup history with timestamps and scores.
  • Lead list view with contact details and risk tier.
  • Quick links to download paid reports.

5.2 Risk Trend Charts

  • Line graph of scores over time for repeat lookups.
  • Bar charts showing distribution of leads by risk tier.
  • Exportable to PNG or CSV.

6. Deployment & Integrations

6.1 SaaS Deployment

  • Cloud-native in AWS with auto-scaling & geo-redundancy.
  • Data encrypted at rest (AES-256) & in transit (TLS 1.3).

6.2 Embedded Widget

  • Copy-paste JavaScript snippet to your website.
  • Customizable styling and form fields.
  • Configurable callback URLs for lead data.

6.3 Third-Party Integrations

  • Mailchimp: Auto-subscribe leads to lists and campaigns.
  • CRM: Webhooks for Zoho CRM, Dynamics 365, Salesforce.
  • Marketing Automation: Zapier connector for custom workflows.

7. Security & Compliance

  • Data Privacy: GDPR, CCPA, India DPDP 2023 compliance.
  • Access Control: API-Key management and rate limiting.
  • Audit Logging: Immutable logs of lookups, report generation, and lead events.
  • Penetration Testing: Annual third-party security assessments.

8. Administration & RBAC

  • Roles: Administrator, Analyst, Viewer.
  • Permissions: Widget config, API-Key issuance, lead management, report access.
  • User Provisioning: Manual or SCIM-based directory sync.

9. Best Practices

  1. Embed the widget prominently on landing pages with clear call-to-action.
  2. Use risk-tier tags in Mailchimp to automate targeted nurture sequences.
  3. Schedule periodic bulk rescans for high-value prospects.
  4. Review lead score distributions weekly to refine outreach strategies.
  5. Ensure your privacy policy covers data collection disclosures for compliance.

10. Troubleshooting & Support

10.1 Common Issues

  • Widget Not Loading: Verify correct script URL and cross-origin settings.
  • API 401 Unauthorized: Check that API-Key is valid and not expired.
  • Report Delays: Ensure your plan includes the Paid reporting feature and email quotas are available.

10.2 Log Locations

  • API Gateway Logs: /var/log/brs/api.log
  • Report Service Logs: /var/log/brs/report.log
  • Widget Backend Logs: /var/log/brs/widget.log

10.3 Contact Support

Email: ping@pinakinfosec.cpm
Phone: +1-800-BRS-321
Portal: brs.c9lab.com

11. FAQs & Glossary

11.1 FAQs

Q: What distinguishes the Free vs. Paid plan?
A: Free plan provides a summary risk_score; Paid plan includes full PDF report download and email delivery.
Q: Can I customize the widget fields?
A: Yes — add/remove form fields and apply your CSS styles.
Q: How frequently should I rescan domains?
A: For active leads, we recommend rescanning every 30 days to capture changes.

11.2 Glossary

Risk Score
Numeric rating (0–100) summarizing domain risk based on multiple public data sources.
Lead Capture Widget
Embeddable form snippet for collecting user contact details and domain inputs.
Batch Scoring
Process of evaluating multiple domains via CSV upload with asynchronous results.

Category: Product Documentation / BRS

Tags: BRS, Business Risk Score, Lead Generation, Risk Assessment, Mailchimp Integration, API

    • Related Articles

    • C9Phish™ – Phishing Simulation & Risk Profiling Platform

      Version: 1.0 Last Updated: July 19, 2025 Audience: Security Operations, IT Administrators, HR & Compliance Teams 1. Introduction This document serves as the comprehensive reference for C9Phish, Pinak Infosec’s phishing simulation and risk-profiling ...

    • QSafe™ Support & Takedown Services – SLA Overview

      QSafe™ offers specialized support for Brand Protection and Digital Risk Mitigation. Our services help organizations defend against brand impersonation, phishing, copyright infringement, and intellectual property misuse across various digital ...

    • QSafe™ External Threat & Brand-Protection Platform

      Version: 1.0 Last Updated: July 19, 2025 Audience: Security Operations, IT Administrators, DevOps, Incident Response Teams 1. Introduction This document provides a comprehensive reference for QSafe, covering architecture, setup, core modules, ...