Through CyberGRX and ServiceNow integration, ServiceNow Vendor Risk Management customers will have access to CyberGRX’s extensive third-party risk data, enabling them to prioritize risk actions and maintain constant visibility on emerging third-party threats.
Organizations work with multiple vendors, partners and suppliers, creating an expanding threat landscape. It has become critical for organizations to not only have the tools to better visualize and manage cyber risk, but also access timely insights on the emerging threats and control gaps most critical to the business.
This is why customers will benefit from the ability to push findings from CyberGRX assessments to a remediation workflow within ServiceNow Vendor Risk Management.
The CyberGRX ServiceNow integration leverages the CyberGRX API to enable customers to:
- Create or link vendors to over 200,000 companies in the CyberGRX Exchange
- Complete impact questions and view inherent risk scores on vendors
- Request assessments on vendors and view assessment status
- Review attested results including assessment scores, findings and the report pdf
“CyberGRX has the most extensive database of cyber risk data. More than 80% of the top 500 companies requested by customers are already on the Exchange. Coupling this data with advanced machine learning capabilities, we empower organizations to view, analyze and share cyber risk data like never before,” said Fred Kneip, CEO at CyberGRX.
“By partnering with other leaders in the risk management space, such as ServiceNow, we are able to work together to develop revolutionary risk-reducing capabilities and programs,” Kneip added.
CyberGRX has recently expanded its product capabilities to include Portfolio Risk Findings and the addition of a Predictive Data tool to the platform’s Attack Scenario Analytics feature.
These new capabilities will allow customers to leverage both predictive and attested data to determine where third parties fall on the risk spectrum and uncover gaps that might have gone unreported by utilizing MITRE techniques.