Ransomware Risk: Pharmaceutical Manufacturing Supply Chains Read more →

Get to Know the Black Kite Platform

Built from a Hacker’s Perspective

Black Kite is the only cyber risk rating platform focused on alerting your business to third party risks. Black Kite provides the only standards-based cyber risk assessments that analyze your supply chain’s cybersecurity posture from three critical dimensions: technical, financial and compliance.

It only takes 1 top-level domain (URL) to get started.Request Demo

Cyber Rating Architecture

Take control of third party risk with a quality platform that does the work for you. Know which vendors pose the highest risk to your organization on a continuous and automated basis.

Third Party Risk Made Easy! Black Kite is at the center of our third party risk management strategy. Our third party risk program would be much more difficult to manage without them.

— CISO, $50M-$250M Services Organization

How is Black Kite different?Black Kite vs. Competitors

Easy-to-Understand Letter Grades Calculated by Defensible Data

Black Kite follows and applies commonly-used frameworks developed by the MITRE Corporation to calculate ratings in a consistent, flexible, and transparent manner, converting highly technical terms into simple letter grades with +/- ranges. Black Kite is the only cyber rating platform that views risk from a technical, financial, and compliance perspective.

1X A
3X B
5X C
7X D
8X F
8X more likely to be breached

The Full Picture tells the Full Story with Financial Impact & Compliance Correlation

Cyber Risk in Financial Terms

Based on Open FAIR™

Open FAIR™ is the only international standard Value at Risk (VaR) model for cybersecurity and operational risk.

BlackKite uses the Open FAIR™ model to calculate the probable financial impact if a third-party vendor, partner, or supplier experiences a breach. See the full FAIR Methodology →

Want to quantify the financial risk to your organization?

Free FAIR Report

Questionnaire & Compliance Correlation

BASED ON INDUSTRY STANDARDS

Black Kite correlates cyber risk findings to industry standards and best practices. The classification allows you to measure the compliance level of any company for different regulations and standards, including NIST 800-53, ISO27001, PCI-DSS, HIPAA, GDPR, Shared Assessments, and others.

Interested in learning more about Black Kite’s AI-powered compliance mapping?

Measure Your Compliance

Exclusive Industry Insight

10% of global pharmaceutical manufacturers are at a high risk of suffering a ransomware attack.

Download Report

Powerful Performance behind 20 Categories

The total score is a weighted average of 20 category components, providing unmatched breadth and insight into detected vulnerabilities.

Tap on items to learn more.

Risk Scores in Grades

Each vendor in your ecosystem is assigned a grade based on their cyber risk posture, giving you the tools to make better risk-based business decisions.

Non-Intrusive Scans

The platform uses Open-Source Intelligence (OSINT) and non-intrusive cyber scans to identify potential security risks, without ever touching the target customer.

20 Categories with 400+ Controls

Vulnerabilities and attack patterns identified using 20 categories and 400+ controls, making the Black Kite platform 3x more comprehensive than competitors’.

Every Organization in your Ecosystem

in One Easy-to-Understand Dashboard

Curious about our methodology?

See it for yourself

Black Kite vs. Competitors

Key players in the Security Rating Services (SRS) market (Black Kite, BitSight, SecurityScorecard, RiskRecon, and UpGuard) focus on publicly accessible, external data sources when performing vendor assessments. Although each player has a different approach, all providers in the SRS market use similar resources and techniques to collect data.

However, not all SRS providers are equal in terms of usability, analytics, compliance, technical depth, and threat intelligence capabilities. Compare Black Kite’s Cyber Risk Rating with other SRS products in the market to help you make a better-informed decision.

Legend

  • Limited and Accurate

    Limited and Accurate
  • Limited

    Limited
  • Partial

    Partial
  • Complete/Available

    Complete/Available
  • Extensive

    Extensive
  • Not Available

    Not Available

Usability

Speed

Methodology

Compliance

Technical Depth

Threat Intelligence

ANALYTICS

Other

FREQUENTLY ASKED QUESTIONS

What is our Methodology?

What is Third-Party Risk Management?

How Does Black Kite Score Vendors?

Why is Continuous Monitoring Important?

Why Black Kite?

What is a Passive Scan?

Do I Need Permission to Scan a Vendor?

What Is the Cost?

Looks Great, How Do I Test Drive?

What is OSINT?

What is OPEN FAIR?

What Regulations and Frameworks Are Covered in the Compliance Module?

How Do You Validate Findings?

What Information Do You Provide to Improve My Vendor’s Score?

Ready to get started?