Black Kite Blog
Mythos Is Hardening Enterprise Security. It's Also Softening Your Supply Chain.
Mythos is a leap in vulnerability discovery. It's also widening the gap between enterprise security and mid-market supplier risk. Here's the data.
May 26, 2026Focus Friday: TPRM Insights on Critical Vulnerabilities in Exchange Server, Nginx-poolslip, Openclaw, Flowise, Postgresql, Mongodb, Pgadmin, Freepbx, and N8n
TPRM analysis of critical CVEs in Exchange Server, nginx, OpenClaw, Flowise, PostgreSQL, MongoDB, PgAdmin, FreePBX, and n8n. See which vendors are exposed and h...
May 22, 2026Focus Friday: TPRM Insights on Critical Dead.letter (exim), Microsoft Sharepoint, and Mssql Vulnerabilities
TPRM analysis of critical CVEs in Dead.Letter (Exim), Microsoft SharePoint, and MSSQL. See which vendors are exposed and how to prioritize remediation.
May 15, 2026What Ccpa Means for Your Tpcrm Program
For CISOs and GRC teams: here's what CCPA's "reasonable and appropriate steps" standard looks like in practice for your vendor oversight program and where enfor...
May 14, 2026The Canvas Breach Was More Than an Edtech Problem. It Was a Concentration Risk Problem.
The Canvas breach exposed how concentration risk in vendor ecosystems can turn a single breach into an industry-wide crisis. Here's what every industry can lear...
May 13, 2026Automating Third-party Cyber Risk Management with Black Kite & Torq
Automating third-party cyber risk management with Black Kite & Torq: how the integration turns FocusTag® alerts into automated remediation workflows.
May 12, 2026Focus Friday: TPRM Insights on Critical Vulnerabilities in Cpanel & Whm, Redis, and Ivanti Epmm
TPRM analysis of critical CVEs in cPanel & WHM, Redis, and Ivanti EPMM. See which vendors are exposed and how to prioritize remediation now.
May 8, 2026Two Crq Experts Walked Into a Webinar. Nobody's Heat Map Survived.
Jack Jones and Black Kite CSO Bob Maley on why color-coded risk reporting fails — and how CRQ gives boards language they actually trust.
May 5, 2026Focus Friday: TPRM Insights on Critical Vulnerabilities in Ollama, Langflow, Sonicwall Sonicos, and N8n
TPRM analysis of critical CVEs in Ollama, Langflow, SonicWall SonicOS, and n8n. See which vendors are exposed and how to prioritize the April surge.
May 1, 2026The Breach Already Happened. Your Vendor Just Hasn't Told You Yet.
The breach already happened. Your vendor just hasn't told you yet. Black Kite CSO Bob Maley on three moves CISOs should make to close the disclosure gap now.
Apr 28, 2026Focus Friday: TPRM Insights on Critical Vulnerabilities in Activemq, Zimbra, Exchange Server, Sharepoint, Mssql, Lodash, and Dolibarr
Expert analysis on critical vulnerabilities: April Supply Chain Surge, ActiveMQ, Zimbra, Exchange Server, SharePoint, MSSQL, Lodash, Dolibarr
Apr 24, 2026After Mythos: Are You Ready for the Vulnerability Deluge?
A perspective on Mythos from Dr. Ferhat Dikbiyik, Chief Research & Intelligence Officer at Black Kite
Apr 22, 2026