Supply Chain Ransomware Exposure Monitoring
Even with a strong ransomware prevention posture, it’s a virtual certainty that a member of your supply chain will be a victim at some point in the future, presenting potential threat exposures that come with unique risk to your business.
Flare Supply Chain Ransomware Exposure Monitoring solves this challenge by empowering you to identify and respond to these specific threat exposures within minutes of their appearance.
Supply Chain Ransomware Exposure Monitoring is a platform feature that provides users with precise and timely information about the level of exposure their business has from ransomware attacks that have affected their third parties and extended supply chain.
Last year, Flare tracked over 5500 ransomware victims who were attacked by the 50+ most active ransomware groups including LockBit, Cl0P, and ALPHV/Blackcat.
When a victim can’t or refuses to pay, the attacker decrypts the data and exposes it for the world to see, often implicating the victim’s customers, partners, and third parties in the process.
- Visibility Across Known and Unknown Supply Chain Entities: Supply Chain Monitoring leverages Flare's entire database of threat intelligence combined with information specific to your Tenant to extend visibility into threats affecting third parties and even fourth parties
- Rapid and Precise Risk Determination: AI-powered file path analysis provides the foundation for quantifying risk associated with threat exposures found in supply chain ransomware incidents.
- Near Real-Time Monitoring and Alerting: Flare’s platform contains a dynamic and world-class collection of the most active ransomware groups and their platforms for disclosing attacks. This data is constantly updated in near real time, meaning customers can be notified of threat exposures minutes after they have been disclosed.
- Boost GRC efforts with Tangible and Contextual Intelligence: Many compliance-focused data sources related to third party risk are vague and lack precision or context. Flare's database off threat intelligence provides added context that is extremely valuable in a changing regulatory environment where higher standards around transparency around disclosing breaches are being applied.
Supply Chain Monitoring will begin compiling relevant results and information automatically based on the Identifiers in your Tenant. To review what's been Identified in your Tenant so far, visit the Supply Chain Monitoring page.
The supply chain analysis is only run for identifiers that have the "Ransom Leaks" category enabled. Results will predominantly be found using Keyword identifiers. Therefore to see results in the Supply Chain Monitoring page make sure you have set up Keyword identifiers with the "Ransom Leak" category activated.
If you ignore an event in the main event feed it will also be ignored in the Supply Chain table. If you wish to view the ignored events in your Supply Chain table you can toggle to view them; see item 1 and 2 in the image below. If you ignore an event in the Supply Chain table it will ignore the event in the main event feed.
If you remediate an event in the main event feed it will also be remediated in the Supply Chain table. You will still be able to see the event in the table but it will have the remediated icon selected; see item 3 in the image below. If you remediate an event in the Supply Chain table it will remediate the event in the main event feed as well.
