The Challenge: Enforcing Third Party Risk Policies and Maintaining Continuous Digital Trust on Your Network

Vendor ecosystems are evolving at a dynamic rate. And as the sheer number of industry partners increases, it is paramount that businesses adopt effective methods to monitor, manage, and secure the corresponding digital assets and supply chain associated with an enterprise network.  That said, each supplier granted network access is, in effect, a trusted partner; one that your business will rely on to strengthen your cyber defense posture. As such, the manner in which your industry partners vet solutions, staff and service providers is critically important. In short, effective cyber vendor relationship management (VRM) requires a commitment to reinforcing cybersecurity capabilities that establish digital trust among all participants in the digital partner ecosystem. 

Compliance with Federal mandates is of equal importance. Many government and industry regulations stipulate that risk management policies extend to third-party vendors, outsourcers, contractors and consultants.  Examples of regulatory and legislative decree include but are not limited to the Health Information Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI DSS), and the Sarbanes-Oxley Act (SOX). 

Ad-hoc, Point-In-Time Assessments and General Vendor Risk Scoring Mechanisms are Not Enough

The common practice of ad hoc, point-in-time monitoring is insufficient.  The value of point-in-time data diminishes quickly and negates your ability to act in the most responsive manner.  Vendor Risk Scoring mechanisms are also insufficient.  These scores only estimate the relative and comparative external security posture of your vendor, not how your vendors are interacting with and behaving on your network at this very moment.  The absence of an on-demand understanding of your partners behavior on, and at the edge of, your network can result in a third-party service disruption or data breach.  A practical and cost-effective means to continuously diagnose and monitor the interaction between a company and third-party networks is essential.  

Traditional cybersecurity technologies can be difficult to configure and manage for most enterprises, due primarily to today’s Internet of Things (IoT) landscape.  Moreover, these tools are subject to limited capabilities to vary network access and ensure trusted internet connections.  This is especially true when the VRM policy is complex, highly customized by company or country, and/or globally-distributed.  

PacketViper: Continuous Vendor Connection & Traffic Monitoring with Automated Actions Against Anomalies 

PacketViper allows enterprises to easily establish network access and connectivity rules with ‘point and click’ simplicity.  If your business enlists a new vendor, access to common services via ports 80 and/or 443 can be granted based upon network ranges and specific IP addresses.   You can also develop rules for each vendor individually through custom outcomes designed to address assigned or perceived vendor risk.  IP traffic activity occurring outside of normal, pre-approved operating ranges represent anomalies that can be automatically reported on and acted upon.  This is unlike a firewall where similar rules can be set up, albeit through a more complex process, but activity outside of the normal operating ranges would simply be dropped.   

PacketViper allows vendor and information security stakeholders to continuously monitor vendor traffic on the network and be alerted when a vendor’s activity outside of the pre-approved access rights is detected.  Any attempt to reach a non-sanctioned, network component via a connection request, scan or flood is recorded. Furthermore, this real-time reporting can be conveyed and acted upon either manually or autonomously.   For example, actions can include rate limiting the traffic, blocking the traffic sending a response, and/or alerting key team members via text or email. This also works on the inside of the network.  If post network address translation (NAT) traffic patterns arise, similar actions can be automatically enacted.  

This all results in continuous, efficient and effective VRM compliance management and established, reliable digital trust. 

Getting Started Is Easy

It starts with real-time, continuous vendor transparency on YOUR network.  Set up PacketViper in passive monitor mode to see how your vendor ecosystem is behaving on your network.  When connections stray outside of normal, expected or contractually stipulated operating ranges, a variety of automated notifications and actions can be taken.  These include but are not limited to opening tickets, logging events and alerting team members.

Depending on the severity of the violation and the priority of the vendor more assertive responses can also be taken.  Options are available to either slow down connections or outright block the connection in active mode.

How It Works

PacketViper delivers real-time, connection-based vendor risk monitoring through a patented set of features.  Once configured PacketViper continuously analyzes vendor traffic as it interacts with you network in real time.  This process is depicted in the diagram below:

About PacketViper

PacketViper provides integrated cybersecurity defense, deception and intelligence solutions that help customers do more with existing resources while reducing cybersecurity related risks and costs. PacketViper clients value proactive cybersecurity and can achieve up to 70% reduction in logs and alerts while obscuring networks from attackers. New threat intelligence is applied in real-time to strengthen network defense without a costly rip and replace. To learn more please visit our website at www.packetviper.com.