Threat intelligence emerged as the collective response of the security industry to the fast-evolving security landscape. When bad actors started sharing tactics and mounting coordinated malicious campaigns, the security industry responded by looking beyond their internal networks by ingesting threat intelligence ingestion in pursuit of creating shared learnings. While threat intelligence operations have matured over the years with enterprises moving beyond just the ingestion of threat intel feeds, there is still a lot of ground that needs to be covered. One of the major challenges that enterprises face is their inability to gain high-level visibility into the threats lurking in their vicinity and gauge the potential impact on their larger business ecosystem involving their own vendors or third party suppliers.
Cyware has solved this challenge by introducing a new capability in the Cyware Situational Awareness Platform (CSAP) - a strategic threat intelligence sharing and alerting platform used by several large enterprises for information sharing and sending early-warning threat alerts based on role, location, and several other attributes. The latest version of CSAP now comes enabled with the “Vendor Threat Assessment” feature that allows enterprises to quickly assess the impact of security threats on their external ecosystem involving high and medium risk vendors.
Enterprises can leverage the Vendor Threat Assessment feature to quickly get a pulse of how many vendors are impacted by a vulnerability, malware, or a threat activity. This can be achieved by creating an integrated response-based questionnaire within a threat alert before sending it to vendors. The feature can also be used to proactively learn if vendors have sighted a known malware or threat activity in their operational environment and the actions they have taken or about to take to mitigate the risk - e.g. have they already patched the vulnerability or have a plan to patch within the next 30 or 60 days; or if they have seen the virus signature shared by their client, in their environment.
The Threat Assessment feature creates opportunities for enterprises to understand the behavioral aspects of their security strategies pursued by their vendors. While Cyware encourages the driving force behind the implementation of the mitigation measures by vendors to be the “shared understanding of the common threats”, enterprises can go a step further to enforce such actions through their respective vendor contracts.
The Vendor Threat Assessment feature is a step-further in the direction of action-driven threat intelligence sharing paradigm. It not only helps gauge the impact of the threat at the macro and micro levels but also enables enterprises to move away from the disjointed, frugal, and primitive means like emails and spreadsheets towards a more streamlined, centralized, and quantifiable threat assessment process.
Click here to get a free demo.