Companies like Security Scorecard, Bitsight and other port-scanning technologies aggregate publicly available data to provide a rating—passively and non-intrusively. This information can provide valuable data points for externally evaluating a third-party vendor. We believe this kind of information is essential, and complementary to our internal approach.
With this in mind, we have partnered with BitSight to bring this complimentary and holistic approach to our customers. Integrating BitSight’s objective, quantitative measurements of companies’ security performance into the CyberGRX Exchange provides a unique 360-degree view of third-party cyber risk. The combination of BitSight’s Security Ratings, generated through externally observable data, with CyberGRX’s validated third-party cyber risk assessments, allows customers to make more informed decisions and scale their third-party risk programs.