A Platform Built From a Hacker’s Perspective
NormShield’s platform was built to provide full visibility into a vendor’s cyber position. It enables enterprises to continuously monitor third-party risks, assigns a letter grade to each vendor, correlates findings with industry standards to inform compliance requirements, and determines the financial impact if a third-party experiences a breach.
The high-quality data platform communicates risk in qualitative, quantitative and easy-to-understand business terms for executives, and allows IT-security teams to drill down to the technical details in each risk category.
3D Vendor Risk @ Scale®
NormShield identifies your cyber risk using three dimensions.
NormShield uses Open-Source Intelligence (OSINT) and non-intrusive cyber scans to identify and mitigate potential security risks. The platform points out vulnerabilities and attack patterns using 20 categories and more than 400 controls, without ever touching the target customer. Each vendor in your ecosystem is assigned a letter grade based on their cyber risk posture, giving you the tools to make better risk-based business decisions.
Financial Impact Report
NormShield is the only cyber risk rating system that calculates the probable financial loss(risk) in the case of a cyber breach. Most security issues get “lost in translation” when reported to upper-level executives. By translating the ” security language” to “business language”, the Financial Impact Report has been a game-changer in security-reporting.
Open FAIRTM is the only international standard Value at Risk (VaR) model for cybersecurity and operational risk. Platform users can leverage Open FAIRTM results in prioritization of financial resource allocation.
NormShield correlates platform findings to industry standards and best practices. The cross-correlation capability measures the compliance level of a target company based on the standard input, saving time and effort for both the company and vendor. The classification allows you to measure the compliance level of any company for different regulations and standards including NIST 800-53, ISO27001, PCI-DSS, HIPAA, GDPR, and Shared Assessments.
See What Hackers See
NormShield uses the same open-source intelligence tools and techniques hackers use – data collectors, crawlers, honeypots, etc. – to continuously collect information from internet-wide scanner databases, reputation sites, cyber events, hacker shares, and known vulnerability databases.
Continuously Monitor Your Third-Parties
What if your home surveillance system only monitored your house at one point in time? What? We feel the same way. Especially when it comes to your vendors and suppliers. It’s critical to know who poses the highest risk to your organization on an ongoing basis. What gets measured is what gets managed, so we make sure every third party in your ecosystem is taken care of at all times.