Free TPRM Resources
Your source for primary cybersecurity research from the Black Kite Research Group, thought leadership content on topics that matter today, and more resources to sharpen your TPRM program.
Focus Friday: Third-party Risks in Samba Server, Atlassian Jira, Tp-link Omada, Minio, Squid Proxy, and Sauter Ey-modulo Vulnerabilities
This Focus Friday examines third party risks across Samba, Jira, TP Link Omada, MinIO, Squid Proxy, and other platforms affecting enterprise environments.
Oct 24, 2025
Cybersecurity Metrics Boards Actually Care About
Your board is ignoring your cyber report. Learn 3 metrics execs actually care about: loss exposure, concentration risk, and financial impact.
Oct 22, 2025
How to Avoid Ransomware: a Ciso’s Guide to Outsmarting Attackers
Ransomware attacks through vendor supply chains are rising. Learn 6 agile, attacker-focused tactics CISOs must use to prioritize risk and outsmart threats.
Oct 20, 2025
Focus Friday: TPRM Insights on F5 Big-ip Apt Risk, Exchange Server, Sharepoint, Gladinet, and Flowise Vulnerabilities
Discover how F5 BIG-IP APT Risk Microsoft Exchange Server SharePoint Gladinet CentreStack TrioFox and Flowise Vulnerabilities.
Oct 17, 2025Nightmare on F5 Street: Deconstructing the F5 Breach and Its Systemic Supply Chain Risk
The F5 source code breach is a massive supply chain risk. See the full TPRM analysis and immediate steps to protect your vendor ecosystem.
Oct 16, 2025Focus Friday: TPRM Insights on Oracle Ebs, Jenkins, Redis, Draytek Vigor, Zimbra, Elastic, Django, Grafana, Sillytavern, and WP Yoast SEO
Discover how ORACLE EBS JENKINS REDIS DRAYTEK VIGOR ZIMBRA ELASTIC DJANGO GRAFANA SILLYTAVERN and WP YOAST SEO Vulnerabilities: TPRM Insights vulnerabilities im...
Oct 10, 2025Dawn Foods - a Black Kite Story
We noticed a company that we worked with pretty closely on a regular basis - They had a critical vulnerability that was exposed to the internet.
Oct 10, 2025
Focus Friday: TPRM Insights on Cisco Asa, Ftd & Ios, Vmware Vcenter, Wd My Cloud, and Formbricks Vulnerabilities
Welcome to the October 3rd edition of Focus Friday, where we explore recent high-profile vulnerabilities through the lens of Third-Party Risk Management (TPRM)....
Oct 3, 2025The Third-party Cyber Risk Problem No One Talks About
Arbitrary scores and compliance over risk reduction give a false sense of security. Learn how to improve your TPRM program now.
Oct 1, 2025
When the Shai-hulud Worm Awakens: Tinycolor’s Fall and the New Era of Supply Chain Risk
In September 2025, the popular npm package @ctrl/tinycolor became the epicenter of a self-propagating supply chain attack, now known as the Shai-Hulud campaign.
Sep 30, 2025
Focus Friday: TPRM Insights on Goanywhere Mft, Solarwinds Web Help Desk, Cisco Snmp, and Dnn Software Vulnerabilities
Focus Friday highlights third party risks linked to GoAnywhere MFT, SolarWinds Web Help Desk, Cisco SNMP, and DNN software vulnerabilities.
Sep 26, 2025
Third Party Cyber Risk Management Knowledge Center
Learn how third party cyber risk management strengthens TPRM, reduces vendor exposure, and elevates cyber risk to a board-level business priority.
Sep 25, 2025