Organizations are often blind to cyber-vulnerabilities third-party business practices, such as product and service offerings, internal operations, and public-facing infrastructures. This joint whitepaper between LookingGlass Cyber Solutions and Farsight examines how continuous monitoring, specifically using Farsight passive DNS data, can help identify infrastructure vulnerabilities in third-party vendors--from simple misconfiguration issues to larger risks with supply-chain vendors and partners systems.


Highlights of the report include:

  • A framework to help organizations prioritize resources in determining how to assess third party risk.
  • Review of the four critical quadrants in assessing partner impact to company systems and data.
    • Periodic assessment, collaborative active defense, continuous monitoring, third party active defense
  • The benefits of continuous monitoring vs. weekly or monthly snapshots of third party risk.
  • Understanding the intelligence driven attack surface.
  • A demonstration of power of combining passive DNS with continuous monitoring for third party breaches.