GRF Publishes Third-Party Vendor Vulnerabilities Report

RESTON, VA – October 27, 2017 – Global Resilience Federation has released its fifth bimonthly report covering trending threats to members.

This latest installment, “Supply Chain Risks: Third-Party Vendor Vulnerabilities,” covers risks associated with the use of support organizations, which are often vital to producing or delivering a company’s products.

The topic is increasingly relevant to members given recent, high-profile attacks that penetrated some industries through widely used software tools and similar vectors. This report provides attack details and discusses best practices to mitigate risks when engaging vendors.

GRF affiliated communities receive detailed information and analysis on timely topics in the TLP Amber reports. When a report topic is selected, GRF staff investigate significant open source events, provide custom analysis, and compile data and intelligence from member communities. The final product offers a unique set of industry perspectives on trending security issues.

Outside organizations interested in this report may request a redacted TLP White copy through the contact page on Please request using a business email address.

Chad McAuslin