Free TPRM Resources
Your source for primary cybersecurity research from the Black Kite Research Group, thought leadership content on topics that matter today, and more resources to sharpen your TPRM program.
Focus Friday: TPRM Insights on Sharepoint, Mssql, Kibana, Django, and Open Webui
TPRM Insights on SharePoint, MSSQL, Kibana, Django, and Open WebUI Vulnerabilities from the Week of November 14, 2025.
Nov 14, 2025
Is Your Vendors’ AI Putting You at Risk?
Your vendors are using AI, creating new risks faster than traditional TPRM can manage. Learn to adapt your vendor oversight with a new framework.
Nov 13, 2025
The Dark Side of Cyber Report Cards
Report cards give a false sense of security. Learn why single scores fail TPRM and how to use context and transparency to drive better decisions.
Nov 12, 2025
Why Ransomware Groups Are Zeroing in on SMBs
Ransomware attacks now target SMBs for maximum supply chain disruption. Learn new tactics and how to secure your organization from third-party risks.
Nov 11, 2025
Focus Friday: TPRM Insights on Moveit, Redis, Control Web Panel, Dnn Software, and Xwiki Vulnerabilities
TPRM Insights on MOVEit, Redis, Control Web Panel, DNN Software, and XWiki vulnerabilities from the week of November 3, 2025.
Nov 7, 2025Your Ransomware Fatigue Is Leaving the Back Door Open
Ransomware fatigue is real – but risky. Discover how third-party risks are leaving your organization exposed and what CISOs can do now.
Nov 6, 2025Black Kite AI Solution Brief
Transform your TPCRM program with Black Kite AI. The solution overview shows how AI accelerates analysis, improves accuracy, and automates manual tasks.
Nov 5, 2025
Adversary Susceptibility Index Spotlight
Adversary Susceptibility Index Spotlight: Turn Threat Actor Intelligence Into Third-Party Risk Action
Nov 5, 2025
Cyber Assessments Spotlight
AI-Powered TPRM at Scale: Immediate Cyber Assessments, Massive Time Savings
Nov 5, 2025
AI’s Seismic Impact on Cybersecurity
Discover how AI is reshaping vendor risk and TPRM teams. Learn what to automate, what to question, and how to stay ahead. Watch the full episode now.
Nov 4, 2025
Focus Friday: Critical Third-party Risks in Mikrotik Routeros, Apache Tomcat, Hashicorp Vault, and LiteSpeed Plugin
Discover how Mikrotik RouterOS, Apache Tomcat, HashiCorp Vault, and LiteSpeed Plugin vulnerabilities impact third-party risk.
Oct 31, 2025Resource Roundup: Stop Drowning in CVEs & Prioritize Your Supply Chain Vulnerabilities
Discover the ultimate roundup of free resources on prioritizing third-party vulnerabilities. Stop drowning in CVEs and learn where to focus.
Oct 27, 2025Focus Friday: Third-party Risks in Samba Server, Atlassian Jira, Tp-link Omada, Minio, Squid Proxy, and Sauter Ey-modulo Vulnerabilities
Discover how F5 BIG-IP APT Risk Microsoft Exchange Server SharePoint Gladinet CentreStack TrioFox and Flowise Vulnerabilities: TPRM Insights vulnerabilities imp...
Oct 24, 2025Cybersecurity Metrics Boards Actually Care About
Your board is ignoring your cyber report. Learn 3 metrics execs actually care about: loss exposure, concentration risk, and financial impact.
Oct 22, 2025
How to Avoid Ransomware: a Ciso’s Guide to Outsmarting Attackers
Ransomware attacks through vendor supply chains are rising. Learn 6 agile, attacker-focused tactics CISOs must use to prioritize risk and outsmart threats.
Oct 20, 2025Focus Friday: TPRM Insights on F5 Big-ip Apt Risk, Exchange Server, Sharepoint, Gladinet, and Flowise Vulnerabilities
Discover how F5 BIG-IP APT Risk Microsoft Exchange Server SharePoint Gladinet CentreStack TrioFox and Flowise Vulnerabilities.
Oct 17, 2025Nightmare on F5 Street: Deconstructing the F5 Breach and Its Systemic Supply Chain Risk
The F5 source code breach is a massive supply chain risk. See the full TPRM analysis and immediate steps to protect your vendor ecosystem.
Oct 16, 2025Focus Friday: TPRM Insights on Oracle Ebs, Jenkins, Redis, Draytek Vigor, Zimbra, Elastic, Django, Grafana, Sillytavern, and WP Yoast SEO
Discover how ORACLE EBS JENKINS REDIS DRAYTEK VIGOR ZIMBRA ELASTIC DJANGO GRAFANA SILLYTAVERN and WP YOAST SEO Vulnerabilities: TPRM Insights vulnerabilities im...
Oct 10, 2025Dawn Foods - a Black Kite Story
We noticed a company that we worked with pretty closely on a regular basis - They had a critical vulnerability that was exposed to the internet.
Oct 10, 2025
Focus Friday: TPRM Insights on Cisco Asa, Ftd & Ios, Vmware Vcenter, Wd My Cloud, and Formbricks Vulnerabilities
Welcome to the October 3rd edition of Focus Friday, where we explore recent high-profile vulnerabilities through the lens of Third-Party Risk Management (TPRM)....
Oct 3, 2025