Addressing Third-Party Vendor Vulnerabilities

Addressing Third-Party Vendor Vulnerabilities

Recently, our team has discovered that critical vulnerabilities are being detected within third-party vendor systems at an alarming rate. We advise our partners to carefully review their vulnerability scan reports each month to determine if a third-party vendor is creating additional risk. If so, please contact the vendor immediately and notify them of the detected vulnerability so that they may begin taking remediation steps as soon as possible. Once the vendor has updated the affected systems, the following month’s vulnerability scans can confirm if the patch has been successfully implemented.

Occasionally, third-party vendors will refuse to patch a system with critical vulnerabilities. When this occurs, we advise our clients to research alternative providers. If a vendor demonstrates a lack of interest or care in responding to potential vulnerabilities, they are not taking the security of your organization seriously. You’re paying for a service, and you should be provided with support that doesn’t endanger your network security.

Share this post

MOre POSTs

Microsoft Building
Vulnerability Report
‘Zero-Day’ Vulnerabilities for Microsoft Exchange

Recently, our team has discovered two new vulnerabilities to Microsoft Exchange. Both of these “zero-day” threats have, until recently, flown under the radar of most

lower-premiums-banner
Cybersecurity
5 Ways to Reduce Your Cyber Insurance Premiums

As cyberattacks become increasingly common and complex, the associated rate of financial loss has risen proportionally. No matter the size, any organization with a digital