Free TPRM Resources

The University of Kansas Health System for Black Kite

Microsoft Sharepoint Under Siege: CVE-2025-53770 Exploited Via Toolshell Rce Chain

Protect your data now from the critical SharePoint RCE vulnerability CVE-2025-53770 (ToolShell) exploitation.

AI Won’t Fix Your TPRM Mess (but Here’s What Might)

AI enhances Third-Party Risk Management, but it's not the full solution. Discover how to build a robust TPRM program with strong foundations.

Focus Friday: TPRM Perspectives on Mssql, Redis, and Zimbra Vulnerabilities with Black Kite’s Focustags™

How MSSQL, Redis, and Zimbra vulnerabilities impact third-party risk. Black Kite’s FocusTags™ help prioritize exposure and streamline TPRM response.

Black Kite Releases 2025 State of Financial Services: Hidden Dangers in the Vendor Ecosystem, Uncovering Critical Weaknesses That Pose Considerable Risks to Financial Institutions

Explore Black Kites 2025 report on hidden vendor risks in financial services, uncover critical weaknesses threatening financial institutions’ security

Focus Friday: TPRM Insights on Critical Citrix Bleed 2 and Wing Ftp Server Vulnerabilities

Explore the Citrix Bleed 2 RCE and Wing FTP Server vulnerabilities from a TPRM perspective—guiding vendor assessments and targeted remediation.

Focus Friday: TPRM Insights Into Mattermost Arbitrary File Write and Mongodb Denial-of-service Vulnerabilities

Dig into a critical arbitrary file write vulnerability in Mattermost and two DoS vulnerabilities in MongoDB Server from a TPRM perspective.

The Bedrock of Effective TPRM? Quality Data

What distinguishes quality data in risk management, how to implement data quality control, and why Black Kite provides the most trustworthy data.

AI in Ransomware: How Threat Actors Are (and Aren’t) Using AI

How ransomware groups are leveraging AI to carry out attacks today, what to expect next, and how to prepare your cyber ecosystem for these threats.

2025 Ransomware Report

Get the latest ransomware data. The 2025 Ransomware Report analyzes a 24% surge in attacks, SMB targets, and the growing risk to third-party vendor ecosystems.

2025 Supply Chain Vulnerability Report

Learn to analyze vulnerabilities in third parties, understand attacker tactics, and prioritize critical threats for TPRM remediation in this in-depth report.

Large Language Model Use Cases in Cyber Threat Intelligence

Learn how LLMs streamline CTI in TPRM in this detailed report: Automate OSINT data, cut analysis time, enhance supply chain visibility, and prioritize risks.