Security news aggregator

Latest coverage for Vendor

Vendor security covers risks introduced by suppliers, including software flaws, exposed systems, and weak access to customer data.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Vendor is an external organization that supplies an IT product or service, such as software, hardware, cloud hosting, or managed security. In security reporting, the term usually concerns a third party whose technology, personnel, or connectivity forms part of an organization’s environment or handles its data.

Vendor risk depends on the access and dependency involved. A compromised or poorly secured vendor can expose customer information, introduce vulnerabilities through software updates or components, or provide attackers with a route into connected systems. Practical controls include risk-based due diligence, contractual security and notification requirements, least-privilege access, vulnerability and software-supply-chain review, monitoring, and prompt removal of access when a relationship ends. Assessments should also address privacy obligations and how the vendor will support investigation and recovery if a security incident occurs.

Showing 4 most recent headlines Filtered view

High-Assurance Security Tech Boosts Everfox's Government and Infrastructure ToolsEverfox's purchase of Garrison Technology is set to fortify its cybersecurity offerings, especially for government and critical infrastructure. The deal leverages Garrison's advanced hardware security technology to complement Everfox's existing capabilities in threat protection and insider risk.

The Hacker News 2 years, 1 month ago

How Cynet Makes MSPs Rich & Their Clients Secure

Managed service providers (MSPs) are on the front lines of soaring demand for cybersecurity services as cyberattacks increase in volume and sophistication. Cynet has emerged as the security vendor of choice for MSPs to capitalize on existing relationships with SMB clients and profitably expand their client base. By unifying a full suite of cybersecurity capabilities in a simple, cost-effective

Urgent Appeal Issued for O Type Blood; Attack Disrupts Patient Blood Type MatchingThe ransomware attack on a U.K. pathology services vendor has disrupted multiple London hospitals' ability to match patients' blood with available stocks. Lacking an IT system-level plan B, officials are resorting to a biologics backup by urging O type blood donors to come forward.