A supply chain attack is an emerging kind of cyber attack, wherein a trusted vendor is targeted with the ulterior motive of gaining unauthorized access to the parent company. A supply chain attack can happen via a vendor company, a third party software or even a dependency.
Supply chain attacks are growing. A software supply chain typically includes companies, the software they use, plugins for those software and other dependencies. Vendors associated with these companies form another link in the supply chain. As any company grows, so do the vendors associated with them and thus the supply chain.
In order to protect our customers from supply chain attacks, CloudSEK has taken the initiative to passively look at every global supply chain threat, and responsibly report these incidents to the affected organizations, the respective CERTs of that country and, in some cases, our own customers. We will monitor our customers’ vendors globally to identify the security risks to narrow down the possibilities of supply chain attack. Companies in a chain of supply are interconnected to many additional vendors, linking them together. By responsible disclosure of an identified threat to a company, CloudSEK Platform will be able to prevent a major security incident involving all entities in that supply chain.
How does CloudSEK Identify Security Threats?
CloudSEK uses open source data and our Machine Intelligence platform to identify cyber threats. While identification of security threats are completely automated, reporting of these incidents is a manual task. CloudSEK will prioritize reporting to critical vendors who service multiple customers of ours.
How do we identify details of vendors?
We have various data sets to identify vendor details. For example, Bevigil.com is a search engine of CloudSEK that has information about all mobile apps in the world. From this source, we know every third party dependency and cloud service used by a particular app or company.
Does CloudSEK exploit security issues?
No. We only passively monitor incidents and report them. We do not put any effort into exploiting them. Our mission is to make the internet a safer and more secure place for individuals and organizations.
Why should we trust CloudSEK? What does CloudSEK do?CloudSEK
is a contextual AI company that predicts Cyber Threats even before they occur. We combine the power of Cyber Crime Monitoring, Brand Monitoring, Attack Surface Monitoring, and Supply Chain Intelligence to provide context to our customers’ digital risks. Our unified dashboard allows customers to triage and visualize all digital threats in one place. We also offer workflows and integrations to manage and remediate the identified threats.
To learn more about CloudSEK, visit https://cloudsek.com/.