Monthly Archives: December 2020

Solarwinds hack – and what can you do today

I have been contacted many times in the last few days to comment on the latest worldwide supply chain breaches – and evidently, the massive Solarwinds hack sending shock waves across industries.
 

Supply-chain risk and vendor’s cybersecurity attacks are historically prevalent in recent years it became one of the cardinal attack vectors and we are observing more breaches which affect every company.
 
The common mistake we observe almost universally, companies are neglecting the vendors long-tail.
 
Due to cost and time required in assessing and defining risk reduction plans for individual vendors – enterprises tend to audit their top 10%  of the supply chain (typically largest size, annual budget, perceived risk, etc.)
 
This leaves you exposed to the long-tail; hundreds and thousands of SaaS companies, remotely connected service providers, API integrations, maintenance services, and many others. Companies that their processes, risk exposures and infrastructure expose you to a higher risk gap that no one is talking about, the one that provides an uncompetitive advantage to adversaries – which counting on your inability to effectively address the long-tail, specifically target these.
 
Recent  customer assessment campaigns we conducted for long-tail vendors indicate:
 

    • 75% of cloud vendors lack sufficient security measures
    • 63% of AWS based vendors did not apply 2FA or other strong authentication practices
    • 90% of SME vendors did not establish security awareness, policies, and procedures
    • ALL  SME vendor exhibited  2 or more showstopper gaps (as defined by customers)

All this indicates thousands of exposed vendors targeted, waiting to be breached!
 
We designed an extensive audit for long-tail vendors, enabling you to rapidly assess and aggregate a dedicated risk reduction plan for any number of vendors – with minimal resources and quickly.

Do not be the next news headline, Consult with us today!

Supply Chain Risk Monitoring as a Service
Join us today
Supply Chain Risk Monitoring as a Service
Join us today
Waitlist signup

Welcome to Findings

Let's go over some details to setup your tailor-made account


Please fill your details below and click "Next" to create your account:

Payment

Feature
Startup
Business
Enterprise
Price
$10 / Month
$10 / Month
$25 / Month
VDPaaS
Alerts
Assessments
Integrated Apps
API
Join today and scan ALL YOUR VENDORS for FREE*
* FREE VENDOR SCAN for all of your vendors during your first month.
Feature
Startup
Business
Enterprise
Price
$25 / Month
$200 / Month*
Contact Us
Free vendors scan for 1 month
Findings search engine
Rapid security and compliance profile
Profile/showcase engagements per year
5
40
Unlimited
Multi/unlimited showcase use cases
Showcase compliance badge for your website
Best practice self-assessment
1 Findings or 1 BYOC
Assessment response automation
Personalizable, branded security & compliance showcase page
File/evidence repository
OKTA
DKIM
Out-of-the-box TPRM
20 vendors +
20 rating scans
50 vendors +
50 rating scans
Support
Email
Priority via Phone / Email
Internal Workflows (SO/BO)
Onboarding and customization account setup
*Price for every 40 engagements
Automate assessment response and showcase your cybersecurity posture
Supply Chain Risk Monitoring as a Service
Join us today
.
.
.
.

Thank you for signing up!

Supply Chain Risk Monitoring as a Service
Join us today
.
.
.
.

Thank you for signing up!