Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/16/2016
03:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Optiv Security Launches Technology-Enabled Third-Party Risk Managed Service

Enables Companies to Better Manage Entire Vendor, Supplier and Business Associate Risk Management Lifecycles, Improving Compliance and Risk Management

Denver – September 13, 2016 – Optiv Security, a market-leading provider of end-to-end cyber security solutions, today announced the general availability of its technology-enabled third-party risk managed service. Leveraging Optiv’s proven Software-as-a-Service based third-party risk management platform, Evantix, this service enables companies to better manage the complete third-party risk management lifecycle, resulting in improved compliance and risk management. The addition of this offering to Optiv’s suite of services makes Optiv the first and only company to offer a holistic solution that can help organizations better plan, develop and manage all aspects of their third-party risk management programs, including vendors, suppliers and business associates.

Optiv’s third-party risk managed service handles the process and reporting required for clients to determine the inherent risk, assess the controls and drive remediation with their vendors and partners. Optiv delivers this service through consultants with extensive expertise in building third-party risk programs and performing third-party risk assessments combined with the Evantix SaaS platform, currently in its fourth generation. This powerful technology solution includes standardized, on-demand risk score reports and customizable scoring technology to provide corporate risk managers and IT security professionals with quick, accurate and cost-effective visibility into the potential risk associated with outside service providers. Optiv’s innovative approach leveraging people, process and technology to deliver its third-party risk managed service helps companies better manage the entire third-party risk management lifecycle, which includes due diligence, assessment, validation and remediation.

“Organizations are increasingly turning to third parties to perform key business functions. That brings an increased risk of exposure to businesses as most companies lack visibility into where their data is stored or how it is handled by a third party,” said Tim Hoffman, executive vice president of client solutions for Optiv. “Today’s businesses require strong third-party risk plans that extend beyond traditional IT, yet most lack the necessary resources to create and execute on those plans. Optiv has the capabilities to help clients address and manage their vendor and partner risk through a comprehensive approach that includes people, process and technology.”

“The Optiv third-party risk managed service provides clients with a method to automate processes and reduce their staff’s major workload related to tracking and assessing the organization’s vendors and partners,” said James Christiansen, vice president of information risk management for Optiv. “Also, our Evantix platform’s advanced analytics provides third-party risk intelligence information to help clients make informed and consistent risk decisions related to vendor, supplier and business associate relationships.”

Optiv’s comprehensive suite of third-party risk management offerings help organizations understand the breadth of third parties in their environment, categorize relationships by risk to the organization, conduct risk assessments aligned to specific industry standards and develop the compliance criteria vendors must meet to do business with the organization.

About Optiv Security
Optiv is a market-leading provider of end-to-end cyber security solutions. We help clients plan, build and run successful cyber security programs that achieve business objectives through our depth and breadth of cyber security offerings, extensive capabilities and proven expertise in cyber security strategy, managed security services, incident response, risk and compliance, security consulting, training and support, integration and architecture services, and security technology. A Blackstone (NYSE: BX) portfolio company, Optiv maintains premium partnerships with more than 300 of the leading security technology manufacturers. For more information, visit www.optiv.com or follow us at www.twitter.com/optiv,www.facebook.com/optivinc and www.linkedin.com/company/optiv-inc

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21427
PUBLISHED: 2021-04-21
Magento-lts is a long-term support alternative to Magento Community Edition (CE). A vulnerability in magento-lts versions before 19.4.13 and 20.0.9 potentially allows an administrator unauthorized access to restricted resources. This is a backport of CVE-2021-21024. The vulnerability is patched in v...
CVE-2021-21426
PUBLISHED: 2021-04-21
Magento-lts is a long-term support alternative to Magento Community Edition (CE). In magento-lts versions 19.4.12 and prior and 20.0.8 and prior, there is a vulnerability caused by the unsecured deserialization of an object. A patch in versions 19.4.13 and 20.0.9 was back ported from Zend Framework ...
CVE-2020-36324
PUBLISHED: 2021-04-21
Wikimedia Quarry analytics-quarry-web before 2020-12-15 allows Reflected XSS because app.py does not explicitly set the application/json content type.
CVE-2020-28973
PUBLISHED: 2021-04-21
The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to properly authenticate some requests to its built-in HTTPS interface. Someone can use this vulnerability to obtain sensitive information from the system, such as usernames and passwords. This information can then be used to reconfig...
CVE-2021-29456
PUBLISHED: 2021-04-21
Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. In versions 4.27.4 and earlier, utilizing a HTTP query parameter an attacker is able to redirect users from the web application to any...