IT Brief Australia - Technology news for CIOs & IT decision-makers
Australia
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
Ransomware
#
Supply Chain & Logistics
#
Breach Prevention

Black Kite launches tool for third-party vulnerability insight

Today
Author image
By Shannon Williams, Journalist

Black Kite has introduced Vulnerability Intelligence Briefs (VIB), designed to provide organisations with visibility into vulnerabilities within their third-party cyber ecosystems.

The introduction of VIB comes as security teams grapple with the increasing complexities of managing cyber risks linked to third-party vendors, open-source components, and cloud services. Traditional vulnerability management solutions largely focus on internal systems, leaving a gap in understanding and addressing vulnerabilities within external partners and suppliers. This gap has been identified as a significant risk for organisations, as a single vulnerability in a third-party system can have a cascading effect across entire organisations.

Chuck Schauber, Chief Product Officer at Black Kite, highlighted the need for a change in approach to managing third-party cyber risks. Schauber stated: "As more organisations turn to third-party vendors, open-source components, and cloud services, in today's environment, they cannot afford to rely on a traditional vulnerability management mindset. Third-party risks are increasing, with vulnerabilities fast becoming a third-party risk management issue. With the release of Black Kite VIB, we are providing a solution that has the actionable intelligence and tools needed so that organisations can move from reactive patching to a strategic ecosystem defence. Without doubt, this launch represents a new era where managing vulnerability risks in third-parties is not only possible but now is a critical part of third-party cyber risk management."

Black Kite recently released its 2025 Supply Chain Vulnerability Report, which found that 2024 saw a sharp increase in published vulnerabilities. More than 40,000 Common Vulnerabilities and Exposures (CVEs) were disclosed during the year, marking a 38% year-over-year rise. The report noted that many of these vulnerabilities were exploited in third-party software widely used across industries, rather than being limited to applications developed internally.

High-profile vulnerabilities in products such as MOVEit, Fortra GoAnywhere, and Ivanti have underscored the ways in which supply chain risks can quickly propagate, reinforcing the need for broader vulnerability management strategies that extend beyond internal patching and remediation efforts. These findings demonstrate why cyber risk management professionals are emphasising the importance of monitoring and addressing third-party vulnerabilities.

The VIB solution aims to provide several key benefits and features to organisations. Among these is the ability to "take control of third-party risks: detect, assess, and drive vendor response at the speed of real-world threats by bridging the gap between risk intelligence and action to make third-party risk management truly effective."

VIB is positioned to offer insights that go beyond the traditional cataloguing of CVEs, with Black Kite stating that it enables organisations to "gain insights beyond just cataloguing CVEs by discovering how relevant, discoverable, and actionable those vulnerabilities are when it comes to third-party cyber risk."

The platform also leverages open-source intelligence (OSINT) to enable organisations to focus on exploitable vulnerabilities. Black Kite promoted the product's capabilities by highlighting "actionable risk intelligence to move from reactive patching to proactive ecosystem defence through Auto-Scanning for measuring patch management risk, and FocusTagsTM, Black Kite's new tagging feature that automatically flags vendors who have experienced a data breach, ransomware attack, or other significant cyber incident for rapid response to high-priority threats."

With VIB, Black Kite aims to give organisations the ability to assess risks and the potential impact of third-party vulnerabilities, engage more effectively with their vendors, and strengthen their overall supply chain security.

The company reported that its VIB solution is now available to both new and existing customers.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Cyberattacks highlight urgent need for Zero Trust security
Weak passwords expose gaps in digital security, experts warn
Cloud Security Alliance report urges new defences for cloud
Kaspersky study: 71% in Asia Pacific back Cyber Immunity
Experts urge businesses to move beyond passwords for security
Top stories
Super fund cyberattacks highlight risks to Australian savings
Radware secures record cloud security deal with US financial giant
Social media & influencers reshape narrative ahead of election
Genetec plugin boosts vehicle investigation speed & insight
Amperity launches AI agent to unify fragmented customer data