BlackKite: Home
Menu
Risk Management Methodology

Speak in a common, shared language

Black Kite is the world’s only fully transparent, standards-based cyber ratings platform, ensuring all users know exactly how their findings are calculated. That’s why Forrester says we tackle the industry’s ratings integrity problem head-on.

Black‑Box Ratings Leave You in the Dark

You can't trust what you can't see. If you don't know why a vendor got a certain risk score, it's impossible to understand the root cause, let alone explain it to fix the issue effectively.
Black Kite does things differently. Data quality and transparency is our core differentiator. Our platform is backed by purpose-built infrastructure that continuously sources and verifies the most accurate open source intelligence (OSINT). The result: clear and trustworthy insights that drive confident security decisions.
cyber rating screenshot.png

You deserve more than a vague letter grade. You deserve clarity on risk calculation.

A Successful TPRM Program Depends on 
Dependable Data

Black Kite is the only vendor risk intelligence provider using industry standards like MITRE, NIST, and Open ­FAIR™ to translate raw data in a language that everyone in the industry can understand.

97%
data accuracy from cross-validation
3%
false positives rate
5%
false negative rate
40M+
suppliers
1B+
IP adresses
1,000+
data sources

How Black Kite's Data is Different

accuracy: data validated by 2+ sources

Our platform only shows you data confirmed across multiple sources. Our intelligence is based on industry-standard models like MITRE CTSA and Open FAIR™ to eliminate false positives and deliver precise, trustworthy data.

transparency: know where your data comes from

Data is analyzed and compiled into a simple, readable report with easy-to-consume intelligence to identify and mitigate potential security risks as well as convert technical data into business concepts.

Speed: data provided at the speed of risk

Our data is always on and updated continuously, giving you immediate intelligence to act on emerging threats quickly. This speed is what turns a potential crisis into a proactive response.

collaboration: data that’s easy to understand and share

Risk isn't a solo sport. Our platform is built for partnership, allowing you to easily share and discuss transparent, easy-to-understand reports with vendors.

Frame 1.png

How to Discover Vendor Assets for Comprehensive Cyber Risk Management

c2a2d3811cca970ba8559b809663bc91ac8b580f.png

Understanding Black Kite’s Easy-to-Understand Cyber Risk Scores

At Black Kite, we believe in complete transparency when it comes to your cyber risk. Our cyber risk grades aren’t arbitrary. They are meticulously calculated by weighting scores across multiple critical risk categories. This comprehensive methodology ensures the final grade accurately reflects your risk, aligning directly with industry best practices.

e75e336149336f3f313e4a81da5fbfb979dc41e3.png

Our Category Weights: Powerful Performance Behind 20 Categories

The total score is a weighted average of 20 category components, providing unmatched breadth and insight into detected vulnerabilities.

6089e1667584b6b0ca565146de8ce425330b36e9.png

How Black Kite Applies MITRE CSTA

Black Kite’s Strategy Report

Now That I Have the Data – What Do I Do With It?

Black Kite’s Strategy Report shares feedback to help executives to understand their cyber risk posture and scale return on cybersecurity investments. The report provides simple, technical steps to help remediate issues and mitigate cyber risks with suppliers and partners.

  • Receive simple, outlined steps
  • Multiple formats available for download (PDF, Excel, etc.)
  • Prioritize tasks based on critically
Frame 1686566643.png

“Black Kite’s usability, information, and clarity of source in their findings outperforms the others in their space.”

- Director of IT, <50M Healthcare OrganizationREAD MORE
c70e7bfe52df57418033a7278841521b620bfc3b.png
Think Like a Hacker for Successful Third-Party Risk Management (TPRM)
READ NOW about

Make Decisions You Can Defend With Data You Can Depend On

Tired of guessing? See how our standards-based, fully transparent data eliminates uncertainty and powers a truly defensible risk program.