Black Kite is a finalist in the 2026 SC Awards for continued innovation and leadership in third-party cyber risk intelligence.Learn more

Black Kite Blog

Keyword Search
blog

Focus Friday: TPRM Insights on Critical Dead.letter (exim), Microsoft Sharepoint, and Mssql Vulnerabilities

TPRM Expert analysis and insights on critical vulnerabilities in Exim, Microsoft SharePoint, and MSSQL Vulnerabilities

May 15, 2026
blog

What Ccpa Means for Your Tpcrm Program

For CISOs and GRC teams: here's what CCPA's "reasonable and appropriate steps" standard looks like in practice for your vendor oversight program and where enfor...

May 14, 2026
blog

The Canvas Breach Was More Than an Edtech Problem. It Was a Concentration Risk Problem.

The Canvas breach exposed how concentration risk in vendor ecosystems can turn a single breach into an industry-wide crisis. Here's what every industry can lear...

May 13, 2026
blog

Automating Third-party Cyber Risk Management with Black Kite & Torq

Black Kite + Torq Integration Automating Third-Party Cyber Risk Management with Black Kite & Torq

May 12, 2026
blog

Focus Friday: TPRM Insights on Critical Vulnerabilities in Cpanel & Whm, Redis, and Ivanti Epmm

TPRM Expert analysis and insights on critical vulnerabilities in cPanel & WHM, Redis, and Ivanti EPMM

May 8, 2026
blog

Two Crq Experts Walked Into a Webinar. Nobody's Heat Map Survived.

Jack Jones and Black Kite CSO Bob Maley on why color-coded risk reporting fails — and how CRQ gives boards language they actually trust.

May 5, 2026
blog

Focus Friday: TPRM Insights on Critical Vulnerabilities in Ollama, Langflow, Sonicwall Sonicos, and N8n

Expert analysis on critical vulnerabilities: April Supply Chain Surge, Ollama, Langflow, Sonicwall SonicOS, n8n

May 1, 2026
blog

The Breach Already Happened. Your Vendor Just Hasn't Told You Yet.

Black Kite CSO Bob Maley breaks down three moves CISOs should make now to close the disclosure gap and map concentration risk.

Apr 28, 2026
blog

Focus Friday: TPRM Insights on Critical Vulnerabilities in Activemq, Zimbra, Exchange Server, Sharepoint, Mssql, Lodash, and Dolibarr

Expert analysis on critical vulnerabilities: April Supply Chain Surge, ActiveMQ, Zimbra, Exchange Server, SharePoint, MSSQL, Lodash, Dolibarr

Apr 24, 2026
blog

After Mythos: Are You Ready for the Vulnerability Deluge?

A perspective on Mythos from Dr. Ferhat Dikbiyik, Chief Research & Intelligence Officer at Black Kite

Apr 22, 2026
blog

Your Vendors' Problems Are Now Your Board's Problems: What the 2026 Third-party Breach Report Changes

2026 Third-Party Breach Report reveals a blast radius that doubled YoY, and new hidden threats. Here's how CISOs can translate into executive action.

Apr 21, 2026
blog

What Project Glasswing Means for Your Third-party Cyber Risk Program

Anthropic's Project Glasswing changed the TPCRM equation. Here's what autonomous AI vulnerability discovery means for TPCRM programs & how to handle

Apr 16, 2026

Ready to connect cyber risk intelligence to your entire risk program?

Integrate risk intelligence into every part of your workflow so you can make more informed decisions with confidence.