New: Black Kite Global Adaptive AI Assessment Framework (BK-GA³™), a truly global framework for assessing AI riskGet It Now

Free TPRM Resources

Your source for primary cybersecurity research from the Black Kite Research Group, thought leadership content on topics that matter today, and more resources to sharpen your TPRM program.

Keyword Search
Filter

RESOURCE TYPE

blog

Focus Friday: TPRM Insights on Ivanti Epmm and Sap Netweaver Vulnerabilities – Ongoing Threat Actor/ransomware Groups Activity

Explore critical vulnerabilities Ivanti EPMM & SAP NetWeaver through a TPRM lens. Learn how to identify and manage vendor risks.

May 16, 2025
FOCUS FRIDAY: TPRM INSIGHTS ON IVANTI EPMM AND SAP NETWEAVER VULNERABILITIES – ONGOING THREAT ACTOR/RANSOMWARE GROUPS ACTIVITY
blog

Why Counting CVEs Misses the Real Third-party Risk

Counting CVEs for vendor risk is misleading. Why relevance, discoverability, and actionability are key to third-party vulnerability management.

May 15, 2025
WHY COUNTING CVES MISSES THE REAL THIRD-PARTY RISK
report

2025 Ransomware Report

Get the latest ransomware data. The 2025 Ransomware Report analyzes a 24% surge in attacks, SMB targets, and the growing risk to third-party vendor ecosystems.

May 13, 2025
2025 Ransomware Report
blog

Black Kite Releases 2025 Ransomware Report, Revealing 123% Increase in Ransomware Attacks Over Two Years

Explore Black Kite’s 2025 ransomware report showing a 123% rise in attacks, growing supply-chain threats, and proactive defense insights.

May 13, 2025
BLACK KITE RELEASES 2025 RANSOMWARE REPORT, REVEALING 123% INCREASE IN RANSOMWARE ATTACKS OVER TWO YEARS
blog

Focus Friday: TPRM Insights Into Sysaid, Activemq, Webmin, and Couchbase Server Vulnerabilities

Explore critical vulnerabilities in SysAid, ActiveMQ, Webmin, and Couchbase Server through a TPRM lens. Learn how to identify and manage vendor risks.

May 9, 2025
Focus Friday: TPRM Insights Into SysAid, ActiveMQ, Webmin, and Couchbase Server Vulnerabilities
blog

Your Friendly Neighborhood Ransomware Syndicate Will See You Now

Discover how LockBit ran ransomware like a business before getting hacked themselves. Understand the implications for TPRM.

May 8, 2025
Your Friendly Neighborhood Ransomware Syndicate Will See You Now
blog

Focus Friday: TPRM Approach to Sap Netweaver Vcframework Rce and Apache Tomcat Http/2 Dos and Rewrite-rule Bypass

Learn TPRM implications of SAP NetWeaver RCE (CVE-2025-31324) and Apache Tomcat DoS/bypass (CVE-2025-31650/51) along with remediation guidance.

May 2, 2025
Focus Friday: TPRM Approach to SAP NetWeaver VCFRAMEWORK RCE and Apache Tomcat HTTP/2 DoS and Rewrite-Rule Bypass
blog

Black Kite Unveils Vulnerability Intelligence Briefs to Provide Visibility Into Third-party Vulnerability Risks

Discover how Black Kite’s Vulnerability Intelligence Briefs offer visibility into third-party vulnerability risks and enhance security decision-making

Apr 29, 2025
BLACK KITE UNVEILS VULNERABILITY INTELLIGENCE BRIEFS TO PROVIDE VISIBILITY INTO THIRD-PARTY VULNERABILITY RISKS
blog

Focus Friday: TPRM Insights Into Fortinet Backdoors, Sonicwall Sslvpn, and Redis Dos Vulnerabilities

Understand the TPRM impact of the Fortinet backdoor, SonicWall SSLVPN DoS, and Redis DoS vulnerabilities. Actionable insights from a TPRM perspective.

Apr 25, 2025
Focus Friday: TPRM Insights Into Fortinet Backdoors, SonicWall SSLVPN, and Redis DoS Vulnerabilities
blog

How to Prioritize Vulnerabilities in Your Supply Chain: a Proven Approach to Cut Through the Noise

Overwhelmed by CVEs? Learn a proven 3D approach to prioritize supply chain vulnerabilities beyond severity. Watch our video and read the report.

Apr 23, 2025
How to Prioritize Vulnerabilities in Your Supply Chain: A Proven Approach to Cut Through the Noise
blog

Ey Us Unveils Paul Paget of Black Kite as an Entrepreneur of the Year® 2025 New England Award Finalist

Paul Paget, CEO of Black Kite, is named a finalist for EY US’s prestigious Entrepreneur of the Year 2025 New England award.

Apr 21, 2025
EY US UNVEILS PAUL PAGET OF BLACK KITE AS AN ENTREPRENEUR OF THE YEAR® 2025 NEW ENGLAND AWARD FINALIST
blog

Focus Friday: Third-party Risks From Adobe Coldfusion and Beego Xss Vulnerabilities

Understand the TPRM implications of Adobe ColdFusion and Beego XSS vulnerabilities. Get vendor questions and remediation steps. Read our analysis now!

Apr 18, 2025
FOCUS FRIDAY: THIRD-PARTY RISKS FROM ADOBE COLDFUSION AND BEEGO XSS VULNERABILITIES
blog

Focus Friday: TPRM Perspectives on Ivanti Connect Secure, Fortiswitch, and Minio Vulnerabilities

Understand the TPRM implications of Ivanti, FortiSwitch, and MinIO vulnerabilities. Get vendor questions and remediation steps. Read our analysis now!

Apr 11, 2025
Focus Friday: TPRM Perspectives On Ivanti Connect Secure, FortiSwitch, and MinIO Vulnerabilities
blog

Why You Want Human Experts Behind Your TPRM Data: Black Kite Research & Intelligence Team (brite)

Human experts unlock the true value of your TPRM data, turning it into actionable intelligence. How expert analysis improves cyber risk management.

Apr 10, 2025
WHY YOU WANT HUMAN EXPERTS BEHIND YOUR TPRM DATA: BLACK KITE RESEARCH & INTELLIGENCE TEAM (BRITE)
blog

Black Kite Honored as Finalist of the 2025 Sc Awards

Black Kite is honored as a finalist in the 2025 SC Awards for risk and policy management, highlighting excellence in cybersecurity solutions.

Apr 9, 2025
Black Kite Honored as Finalist of the 2025 SC Awards
blog

Black Kite Research Reveals Traditional Approaches to Vulnerability Management Fall Short in Third-party Risk Management (TPRM)

New research from Black Kite shows traditional vulnerability management falls short for third-party risk — and what to do next.

Apr 8, 2025
BLACK KITE RESEARCH REVEALS TRADITIONAL APPROACHES TO VULNERABILITY MANAGEMENT FALL SHORT IN THIRD-PARTY RISK MANAGEMENT (TPRM)
report

2025 Supply Chain Vulnerability Report

Learn to analyze vulnerabilities in third parties, understand attacker tactics, and prioritize critical threats for TPRM remediation in this in-depth report.

Apr 4, 2025
2025 Supply Chain Vulnerability Report
report

Large Language Model Use Cases in Cyber Threat Intelligence

Learn how LLMs streamline CTI in TPRM in this detailed report: Automate OSINT data, cut analysis time, enhance supply chain visibility, and prioritize risks.

Apr 3, 2025
Large Language Model Use Cases in Cyber Threat Intelligence
blog

Black Kite Hires Chief Marketing Officer and Vice President of Strategic Partnership & Alliances to Enhance Leadership Team

Black Kite expands leadership with new Chief Marketing Officer and VP of Strategic Partnerships to drive growth and strategic alliances.

Apr 3, 2025
BLACK KITE HIRES CHIEF MARKETING OFFICER AND VICE PRESIDENT OF STRATEGIC PARTNERSHIP & ALLIANCES TO ENHANCE LEADERSHIP TEAM
blog

Infographic: Takeaways From the 8 Most Noteworthy Cyber Incidents of 2024

Discover 2024’s biggest cyber incidents and how they disrupted third-party cyber ecosystems.

Apr 2, 2025
Infographic: Takeaways from the 8 Most Noteworthy Cyber Incidents of 2024