Organizations are often blind to cyber-vulnerabilities third-party business practices, such as product and service offerings, internal operations, and public-facing infrastructures. This joint whitepaper between LookingGlass Cyber Solutions and Farsight examines how continuous monitoring, specifically using Farsight passive DNS data, can help identify infrastructure vulnerabilities in third-party vendors--from simple misconfiguration issues to larger risks with supply-chain vendors and partners systems.

Highlights of the report include:

• A framework to help organizations prioritize resources in determining how to assess third party risk.
• Review of the four critical quadrants in assessing partner impact to company systems and data.
  • Periodic assessment, collaborative active defense, continuous monitoring, third party active defense
• The benefits of continuous monitoring vs. weekly or monthly snapshots of third party risk.
• Understanding the intelligence driven attack surface.
• A demonstration of power of combining passive DNS with continuous monitoring for third party breaches.