Exposure to critical vulnerabilities in third-party systems is rapidly pinpointed and triaged.
Rapid triage of third-party exposure to critical vulnerabilities reduces likelihood of harm.
This capability is facilitated through implementation of the continuous surface risk assessment capability.
Maintain current knowledge of the software operating on third-party systems. When a critical vulnerability emerges, query the third-party software inventory for systems running the vulnerable software. Prioritize triage efforts towards third parties known to be exposed to the critical vulnerability.
|Provide third-parties risk advisories regarding critical vulnerabilities.||Emerging||40%|
|Survey vendors to understand their exposure to critical vulnerabilities and understand their related mitigation action plans.||Emerging||36%|
|Maintain awareness of the software operating in the surface systems of third parties through the continuous surface security assessment capability.||Emerging||27%|
|Prioritize triage efforts towards third parties known to be exposed to the critical vulnerability.||Pioneering||17%|
|Share system vulnerability data with your third parties to assist them in remediation.||Pioneering||10%|
|Monitor third-party remediation of critical vulnerabilities through the continuous surface security assessment capability.||Pioneering||17%|