Third-Party Cyber Risk Intelligence

Black Kite

Continuous, financial-grade monitoring of the cyber posture across your entire supplier base, recognised by Gartner Peer Insights as a leader in IT VRM.

Most third-party risk programmes rely on annual questionnaires and static assessments that are out of date the day they arrive. Black Kite replaces that with continuous external monitoring across 400+ signals, generates a technical cyber rating (A to F), a Ransomware Susceptibility Index, and a dollar-value Financial Impact Rating aligned to Open FAIR. The result: a supplier risk programme that holds up under auditor, regulator, and board scrutiny.

Why This Partnership Matters

What Black Kite gives our clients

Continuous, not point-in-time, supplier risk posture updates as the world changes, not once a year.

Financial quantification (Open FAIR) translates technical risk into the language boards and insurers actually use.

Ransomware Susceptibility Index predicts which suppliers are most likely to be hit, before they are.

Compliance Correlation automatically maps supplier findings to NIST 800-53, ISO 27001, PCI-DSS, GDPR, HIPAA, and POPIA.

Fourth-party visibility extends the analysis to your suppliers' suppliers, the blind spot that drives most supply-chain breaches.

Product Lines We Deliver

Black Kite products we implement and manage

Technical Cyber Rating

A to F letter grade summarising a supplier's external attack surface across 400+ non-intrusive signals. The rating every security and procurement leader can act on.

Ransomware Susceptibility Index™ (RSI™)

Probabilistic scoring of how likely a supplier is to experience a ransomware incident, modelled against actual attacker TTPs and historical breach data.

Financial Impact Rating

Open FAIR-aligned dollar-value quantification of the loss exposure each supplier represents. Translates cyber risk into the language of the balance sheet.

Compliance Correlation

Automatic mapping of findings to NIST 800-53, ISO 27001, PCI-DSS, GDPR, HIPAA, POPIA, and more, audit-grade supplier compliance evidence at click-depth one.

Continuous Monitoring

Your supplier portfolio monitored continuously, with alerts on material posture changes. No more "once a year, cross our fingers".

FocusTags™

Zero-day, CVE, and named-incident alerting across your supplier base. When a new attack drops, you see within hours which suppliers are exposed.

BridgeLegacy

Questionnaire replacement, retire manual assessments in favour of evidence-backed continuous monitoring that auditors accept.

Fourth-Party Risk

Discover and monitor your suppliers' suppliers, the concentration risk and cascade exposure regulators increasingly ask about.

Differentiators

What sets Black Kite apart

1Only TPRM platform combining Technical Rating, RSI™, and Financial Impact in a single pane.

2Non-intrusive collection, no credentials, no questionnaires required to generate findings.

3Open FAIR alignment makes outputs auditable, insurable, and board-ready.

4Strong Gartner Peer Insights reviews and market recognition as an IT VRM leader.

Watch

Black Kite in 2 minutes

Resources

Deeper reading on Black Kite

Black Kite Key Differentiators

Deep-dive into what makes the Black Kite approach different from legacy VRM tools and questionnaire platforms.

Download PDF

Making the Case for Black Kite

Business case, ROI framing, and board-level talking points for launching a continuous third-party cyber risk programme.

Download PDF

Gartner Peer Insights: Black Kite Reviews

Independent enterprise reviews of Black Kite on the Gartner Peer Insights IT VRM marketplace.

Open link

Talk to us about Black Kite

Book a 30-minute briefing with our security team. We'll frame Black Kite against your specific environment, threat model, and compliance obligations.

Book a Briefing