CyberGRX Predictive Data uncovers security gaps in third parties

CyberGRX has released a Predictive Data tool to the Exchange platform’s Attack Scenario Analytics feature.

Customers can leverage CyberGRX’s predictive risk intelligence capabilities, which has up to 91% accuracy, to evaluate levels of risk posed by a third party against 13 key security categories established by the MITRE ATT&CK framework.

This allows organizations to pinpoint outliers that will require further assessments to ensure they meet their security standards.

The MITRE ATT&CK framework is perhaps the largest, most in-depth, organized and strongly supported base of adversarial behavior. By using this framework, an organization can review its security controls to gain visibility into gaps in its defenses.

While Attack Scenario Analytics evaluates a third party’s attested data against categories established by the MITRE framework, Predictive Data uses CyberGRX’s predictive data to provide a similar level of visibility on any third party in your portfolio without an assessment.

As a result, customers can access the necessary information to help them focus budgets and resources on those third parties who potentially have a more severe impact on your day-to-day operations.

“Our assessment database continues to grow every day, because we have developed a standardized assessment that has been used by over 12,000 companies. Currently, we have extensive third-party cyber risk data available on over 225,000 companies, allowing CyberGRX to serve as a one-stop-shop for threat and risk analytics. We want to continue to give customers the tools to be efficient and secure, without the extra work, which is what makes the Predictive Data revolutionary,” said Fred Kneip, CEO of CyberGRX.

“With Predictive Data, we are able to uncover areas of risk that may have gone unreported and provide a path forward with remediation,” Kneip added.

CyberGRX’s Attack Scenario Analytics provides the following benefits:

• Map to the widely adopted framework for threat hunting analysis in the cybersecurity industry.
• Uncover gaps that might have gone unreported otherwise by leveraging MITRE techniques to create kill chains/use cases
• Integrate CyberGRX results with an organizations’ internal risk and threat management programs
• Enhance third-party relationships through credible risk findings and suggested defense mechanisms and mitigation strategies
• Improve third-party detection, monitoring and response to attacks

This advancement to the Attack Scenario Analytics feature now provides, for the first time, a single platform that enables stakeholders, cyber defenders, and vendors to view and communicate on the exact nature of a threat and the objective assessment of the cyber defense plan that can defeat it.