Learn from your peers and ensure the most effective cyber risk management approach towards your suppliers.
Subscribe to our newsletter for the latest Summit news and get a discount
At S&P Global KY3P®, we understand the importance of reliable, deep, and insightful information. Our team of experts delivers unrivaled insights and leading data and technology solutions, partnering with customers to expand their perspective, operate with confidence, and make decisions with conviction. Through our integrated suite of leading solutions for managing end-to-end third party and vendor risk, KY3P enables customers to streamline due diligence, standardize workflow, and drive organizational transparency. Our powerful solutions endow customers with the tools, insights, and level of support to be able to devote their attention to making high-quality risk management decisions. From onboarding and oversight to due diligence and monitoring, KY3P allows customers to enforce compliance by codifying vendor risk policies and oversight procedures.
S&P Global Market Intelligence is a division of S&P Global (NYSE: SPGI). S&P Global is the world’s foremost provider of credit ratings, benchmarks, analytics and workflow solutions in the global capital, commodity, and automotive markets. With every one of our offerings, we help many of the world’s leading organizations navigate the economic landscape so they can plan for tomorrow, today.
Immersive Labs, the leader in people-centric cyber resilience, empowers your entire organization to effectively prevent, and respond to cyber threats. Our tailored approach continuously assesses, builds, and proves your cyber capabilities, relevant to individual roles, while keeping your team ahead of an ever-evolving threat landscape, including the impact of AI as both a threat and opportunity. We have a relentless focus on evidence, giving you unparalleled visibility into your organization’s cyber resilience.
With a single enterprise platform for individuals, teams, and your entire workforce, Immersive Labs helps you take a unified approach to cyber resilience. Join the world’s largest organizations and experience complete confidence to manage cyber threats.
Endor Labs is a software supply chain security (SSCS) platform for organizations that value developer experience. We help DevSecOps teams build credibility with developer-centric tools that make it safer and faster to use OSS code, easier to detect CI/CD risks, and simpler to comply with SSCS regulations. Existing Software Composition Analysis (SCA) and Application Security Posture Management (ASPM) tools bury teams in uncontextualized data and tens of thousands of false positive alerts. Endor Labs’s new approach cuts 80% of the noise while providing actionable fix information that actually makes developers faster.
The Endor Labs Supply Chain addresses three key pain points and outcomes:
Censys is the leading Internet Intelligence Platform for Threat Hunting and Exposure Management. We provide governments, enterprises, and researchers with the most comprehensive, accurate, and up-to-date map of the internet to defend attack surfaces and hunt for threats. Censys scans 45x more services than the nearest competitor across the world’s largest certificate database (>10B), reducing the likelihood of a breach by 50%. To learn more, visit censys.com
ProcessUnity is the Third-Party Risk Management (TPRM) company. Our software platforms and data services protect customers from cybersecurity threats, breaches, and outages that originate from their evergrowing ecosystem of business partners. By combining the world’s largest third-party risk data exchange, the leading TPRM workflow platform, and powerful artificial intelligence, ProcessUnity extends third-party risk, procurement, and cybersecurity teams so they can cover their entire vendor portfolio. With ProcessUnity, organizations of all sizes reduce assessment work while improving quality, securing intellectual property and customer data so business operations continue to operate uninterrupted. See how at www.processunity.com
At OX, we believe that security should be an integral part of the software development process, not an afterthought. Founded by Neatsun Ziv and Lior Arzi, who previously led Check Point’s Security Group, OX provides DevSecOps teams with the automation, visibility, and risk insights they need to bring security and integrity to every step of the software development lifecycle, from the earliest planning stages until deployment to production.
Synopsys builds trust in software by enabling organizations to manage application security, quality, and compliance risks at the speed their business demands.
Our market-leading solutions help developers to secure code as fast as they write it; development and DevSecOps teams to automate testing within development pipelines without compromising velocity; and security teams to proactively manage risk and focus remediation efforts on what matters most.
With Synopsys, organizations can transform the way they build and deliver software, aligning people, processes, and technology to intelligently address software risks across their portfolio and at all stages of the application lifecycle.
There is nothing standard about Trudexia. Everything about Trudexia is tailored to your company’s requirements. Trudexia is a software-as-a-service (SaaS) provider that offers a range of solutions to help organizations manage third-party supplier risks. Cut costs save time and streamline your supplier risk management with our AI-driven platform that offers real-time monitoring and customizable risk scoring. Our platform combines surface scan technology with risk questionnaires to enhance third-party risk management providing an all-in-one solution.
S&P Global (NYSE: SPGI) provides essential intelligence. We enable governments, businesses and individuals with the right data, expertise and connected technology so that they can make decisions with conviction. From helping our customers assess new investments to guiding them through ESG and energy transition across supply chains, we unlock new opportunities, solve challenges and accelerate progress for the world. We are widely sought after by many of the world’s leading organizations to provide credit ratings, benchmarks, analytics and workflow solutions in the global capital, commodity and automotive markets. With every one of our offerings, we help the world’s leading organizations plan for tomorrow, today. For more information, visit www.spglobal.com.
Sonatype is a software supply chain management company. We empower developers and security professionals with intelligent tools to innovate more securely at scale. Our platform addresses every element of an organization’s entire software development life cycle, including third-party open-source code, first-party source code, & containerized code. Sonatype identifies critical security vulnerabilities and this helps organizations develop high-quality, secure software which meets their business needs and those of their end customers and partners. More than 2,000 organizations, including 70% of the Fortune 100, and 15 million software developers rely on our tools and guidance to help them deliver and maintain exceptional and secure software.
Firedome is a cybersecurity pioneer specializing in endpoint protection for IoT devices deployed in enterprise networks, which account for 30% of all endpoints on corporate networks and are the easiest penetration point to the enterprise network . The Firedome EPP™ allows organizations to prevent advanced attack types such as supply chain and insider threat attacks on IoT endpoints that would otherwise be undetectable by existing security controls.Firedome is democratizing EPP for IoT and enables enterprise security teams to protect IoT endpoints the same way they protect IT endpoints, with pre-installed, agent-based EPP for IoT.Providing Defense in Depth protection along the attack chain, Firedome combines prevention, detection, response, and forensic data into a unified solution which integrates into existing SIEM platforms. Firedome works with enterprise IoT device vendors to enable Firedome EPP™ to be deployed on IoT devices in all the stages of their lifecycle: pre-installed, deployed and end of support.The company was founded by top security veterans, with a global team of cyber, embedded, research and analysis experts.
SecurityScorecard provides teams with a complete understanding of their attack surface and business ecosystem risk—including partners, contractors, third- and fourth-party vendors, and supply chain. As the industry leader in security ratings, SecurityScorecard is uniquely trusted to quantify risk, quickly respond to cyber-risks, and strengthen cyber defenses.
Bitsight is the global leader in cyber risk intelligence, helping teams make informed risk decisions with the industry’s most extensive external security data and analytics. With 3,300 customers and 65,000 organizations active on its platform, Bitsight delivers real-time visibility into cyber risk and threat exposure—enabling teams to quickly identify vulnerabilities, detect threats, prioritize actions, and mitigate risk across their extended attack surface.
Built on over a decade of market-leading innovation, an unparalleled cyber dataset, and intelligence-driven workflows, Bitsight uncovers security gaps across infrastructure, cloud environments, identities, and third- and fourth-party ecosystems. From security operations and GRC teams to the boardroom, Bitsight provides the unified intelligence backbone organizations need to proactively address exposures before they impact performance.
For more information, visit bitsight.com, read our blog, or connect with us on LinkedIn.
Shared Assessments is a global membership organization dedicated to developing the best practices, education and tools to drive third party risk assurance. We are creators of the industry standard third party risk toolkit, used by over 15,000 organizations worldwide.
CyberVadis provides enterprises with a cost-effective and scalable solution for third-party cybersecurity risk assessments. Our methodology maps to all major international compliance standards including NIST, ISO 27001, GDPR, and many other privacy and security laws. CyberVadis’ solution combines the speed of automation with the accuracy and effectiveness of a team of experts. We directly engage vendors from all over the world with assessments, validate results with an in-house team of security analysts, and issue companies a standardized cybersecurity rating that they can share with others, along with a detailed improvement plan for increasing their score and the ability to collaborate with clients on implementing better practices.
This website uses cookies to ensure you get the best experience. Learn more or accept individual cookies