New: Black Kite Global Adaptive AI Assessment Framework (BK-GA³™), a truly global framework for assessing AI riskGet It Now
gradient ecosystem
Black Kite ThreatTrace™

Analyze internet traffic flows for broader IOC detection and deeper insights into third-party risk.

BOOK A DEMO
Black Kite ThreatTrace™ visualization

Bringing SecOps Visibility to TPRM Teams

NetFlow and DNS telemetry have long been valuable data sources in the SecOps world to detect suspicious activity and support cyber investigations. But that level of visibility hasn’t historically been accessible or operationalized for third-party risk teams assessing vendor exposure. 

That’s why Black Kite built ThreatTrace™: to translate internet-traffic signals into third-party cyber risk intelligence, revealing hidden risk across your ecosystem.

An Expanded Data Foundation for Deeper Third-Party Risk Insights

By analyzing 1T+ internet traffic flows, ThreatTrace™ surfaces indicators of compromise (IOCs), suspicious behavior, and anomalies, enabling earlier detection of third-party risk, stronger cyber ratings, and more targeted vendor outreach.

ThreatTrace™ Delivers:

Stronger Cyber Intelligence

Adds new controls informed by NetFlow and DNS telemetry to the IP Reputation risk category, which are factored into cyber ratings.

Broader IOC & Anomaly Detection

Detects botnet infection and activity, suspicious outbound traffic, active threat actor targeting, traffic baseline deviations, and geopolitical and service risk.

Greater Supply Chain Visibility

Enhances digital footprinting by uncovering new subdomains and connected third-party service providers.

Detect IOCs and anomalies across your third-party ecosystem.

Botnet Infection

Identifies IP addresses blacklisted by multiple threat intelligence sources as malicious or compromised, potentially associated with botnet activity including spam campaigns, DDoS attacks, or C2 operations.

Suspicious Outbound Activity

Correlates DNS queries to high-risk domains, such as Tor sites, hacker forums, or known C2 servers, with outbound network traffic from company IPs.

Active Threat Actor Targeting

Detects known malicious IPs actively interacting with an organization’s digital assets, signaling live reconnaissance or attack activity.

Traffic Baseline Deviations

Flags abnormal traffic patterns including unusual data volume spikes, connections to previously unseen high-risk IPs, or abnormal port usage – common indicators of data exfiltration.

Geopolitical & Service Risk

Identifies unauthorized services and suspicious data flows to high-risk or sanctioned regions, helping uncover compliance violations and potential data leakage.

Black Kite Solution Brief: Product Analysis

Solution Brief: Black Kite ThreatTrace™

Unlock broader IOC detection.

READ MORE

See Risks in Third-Party Software

Give us 25 minutes and we’ll show you Product Analysis in action.