Organizations are often blind to cyber-vulnerabilities third-party business practices, such as product and service offerings, internal operations, and public-facing infrastructures. This joint whitepaper between LookingGlass Cyber Solutions and Farsight examines how continuous monitoring, specifically using Farsight passive DNS data, can help identify infrastructure vulnerabilities in third-party vendors--from simple misconfiguration issues to larger risks with supply-chain vendors and partners systems.
Highlights of the report include:
- A framework to help organizations prioritize resources in determining how to assess third party risk.
- Review of the four critical quadrants in assessing partner impact to company systems and data.
- Periodic assessment, collaborative active defense, continuous monitoring, third party active defense
- The benefits of continuous monitoring vs. weekly or monthly snapshots of third party risk.
- Understanding the intelligence driven attack surface.
- A demonstration of power of combining passive DNS with continuous monitoring for third party breaches.