New 2022 U.S. Federal Government Report Free download →

Third Party Risk Intelligence

Built from a Hacker’s Perspective

It only takes 1 top-level domain (URL) to get started. Request Demo

Multidimensional Attack Surface Monitoring

Black Kite provides the only standards-based cyber risk assessments that analyze your supply chain’s cybersecurity posture from three critical dimensions: technical, financial and compliance.

Technical Financial Compliance

Reduce Assessment Results from Weeks to Minutes

Take control of third party risk with a quality platform that does the work for you. Know which vendors pose the highest risk to your organization on a continuous and automated basis.

We’re Happy We Switched to Black Kite! We recognized Black Kite was cheaper, better quality, and came with higher rating transparency.

— Security & Risk Management, $30B+ Financial Organization

How is Black Kite different? Black Kite vs. Competitors

Easy-to-Understand Letter Grades Calculated by Defensible Data

Black Kite follows and applies commonly-used frameworks developed by the MITRE Corporation to calculate ratings in a consistent, flexible, and transparent manner, converting highly technical terms into simple letter grades with +/- ranges. Black Kite is the only cyber rating platform that views risk from a technical, financial, and compliance perspective.

1X A
3X B
5X C
7X D
8X F
8X more likely to be breached

The Full Picture tells the Full Story with Financial Impact & Compliance Correlation

Cyber Risk in Financial Terms

Based on Open FAIR™

Open FAIR™ is the only international standard Value at Risk (VaR) model for cybersecurity and operational risk.

BlackKite uses the Open FAIR™ model to calculate the probable financial impact if a third-party vendor, partner, or supplier experiences a breach. See the full FAIR Methodology →

Want to quantify the financial risk to your organization?

Free FAIR Report
NIST 800-53 Compliance GDPR Compliance PCI-DSS Compliance

Questionnaire & Compliance Correlation


Black Kite correlates cyber risk findings to industry standards and best practices. The classification allows you to measure the compliance level of any company for different regulations and standards, including NIST 800-53, ISO27001, PCI-DSS, HIPAA, GDPR, Shared Assessments, and others.

Interested in learning more about Black Kite’s AI-powered compliance mapping?

Measure Your Compliance

Exclusive Industry Insight

10% of global pharmaceutical manufacturers are at a high risk of suffering a ransomware attack.

Download Report

Powerful Performance behind 20 Categories

The total score is a weighted average of 20 category components, providing unmatched breadth and insight into detected vulnerabilities.

Tap on items to learn more.

Risk Scores in Grades

Each vendor in your ecosystem is assigned a grade based on their cyber risk posture, giving you the tools to make better risk-based business decisions.

Non-Intrusive Scans

The platform uses Open-Source Intelligence (OSINT) and non-intrusive cyber scans to identify potential security risks, without ever touching the target customer.

20 Categories with 400+ Controls

Vulnerabilities and attack patterns identified using 20 categories and 400+ controls, making the Black Kite platform 3x more comprehensive than competitors’.

Every Organization in your Ecosystem

in One Easy-to-Understand Dashboard

Curious about our methodology?

See it for yourself


Black Kite’s new tagging feature that automatically flags vendors who have experienced a data breach, ransomware attack or other significant cyber incident.

Within hours of an event, new tags are created for:

  • Data breaches
  • Ransomware attacks
  • Geopolitical incidents, like the ongoing Russia-Ukraine conflict
  • Software vulnerabilities

Black Kite vs. Competitors

Key players in the Security Rating Services (SRS) market (Black Kite, BitSight, SecurityScorecard, RiskRecon, and UpGuard) focus on publicly accessible, external data sources when performing vendor assessments. Although each player has a different approach, all providers in the SRS market use similar resources and techniques to collect data.

However, not all SRS providers are equal in terms of usability, analytics, compliance, technical depth, and threat intelligence capabilities. Compare Black Kite’s Cyber Risk Score with other SRS products in the market to help you make a better-informed decision.


  • Limited and Accurate

    Limited and Accurate
  • Limited

  • Partial

  • Complete/Available

  • Extensive

  • Not Available

    Not Available





Technical Depth

Threat Intelligence



Exclusive Industry Insight

Nearly half of the top 100 automotive manufacturers are highly susceptible to a ransomware attack.

Download Report


What is our Methodology?

What is Third-Party Risk Management?

How Does Black Kite Score Vendors?

Why is Continuous Monitoring Important?

Why Black Kite?

What is a Passive Scan?

Do I Need Permission to Scan a Vendor?

What Is the Cost?

Looks Great, How Do I Test Drive?

What is OSINT?

What is OPEN FAIR?

What Regulations and Frameworks Are Covered in the Compliance Module?

How Do You Validate Findings?

What Information Do You Provide to Improve My Vendor’s Score?

Ready to get started?