CyberGRX Leverages MITRE Techniques to Uncover Security Gaps in Third Parties


[ This article was originally published here ]

DENVER–()–, provider of the world’s first and largest global risk exchange, today announced the availability of a Predictive Data tool to the Exchange platform’s Attack Scenario Analytics feature. Customers can leverage CyberGRX’s predictive risk intelligence capabilities, which has up to 91% accuracy, to evaluate levels of risk posed by a third party against 13 key security categories established by the MITRE ATT&CK™ framework. This allows organizations to pinpoint outliers that will require further assessments to ensure they meet their security standards.

The MITRE ATT&CK framework is perhaps the largest, most in-depth, organized and strongly supported base of adversarial behavior. By using this framework, an organization can review its security controls to gain visibility into gaps in its defenses. While evaluates a third party’s attested data against categories established by the MITRE framework, Predictive Data uses CyberGRX’s predictive data to provide a similar level of visibility on any third party in your portfolio without an assessment. As a result, customers can access the necessary information to help them focus budgets and resources on those third parties who potentially have a more severe impact on your day-to-day operations.

“Our assessment database continues to grow every day, because we have developed a standardized assessment that has been used by over 12,000 companies. Currently, we have extensive third-party cyber risk data available on over 225,000 companies, allowing CyberGRX to serve as a one-stop-shop for threat and risk analytics. We want to continue to give customers the tools to be efficient and secure, without the extra work, which is what makes the Predictive Data revolutionary,” said Fred Kneip, CEO of CyberGRX. “With Predictive Data, we are able to uncover areas of risk that may have gone unreported and provide a path forward with remediation.”

CyberGRX’s Attack Scenario Analytics provides the following benefits:

  • Map to the widely adopted framework for threat hunting analysis in the cybersecurity industry.
  • Uncover gaps that might have gone unreported otherwise by leveraging MITRE techniques to create kill chains/use cases
  • Integrate CyberGRX results with an organizations’ internal risk and threat management programs
  • Enhance third-party relationships through credible risk findings and suggested defense mechanisms and mitigation strategies
  • Improve third-party detection, monitoring and response to attacks

This advancement to the Attack Scenario Analytics feature now provides, for the first time, a single platform that enables stakeholders, cyber defenders, and vendors to easily view and clearly communicate on the exact nature of a threat and the objective assessment of the cyber defense plan that can defeat it.

For more information about Attack Scenario Analytics, please visit:

About CyberGRX

CyberGRX standardizes third-party cyber risk management, making it possible to achieve insights, prioritize risks and make smarter decisions across your entire vendor ecosystem. Driven by sophisticated data analytics and automation, real-world attack scenarios, and real-time threat intelligence, CyberGRX provides customers comprehensive and ongoing analysis of their vendor portfolio. Organizations can now effectively manage their cyber risk reputation by proactively utilizing the CyberGRX Exchange to complete and share a single assessment with multiple upstream partners. For more information:

Ad





Source link