As vulnerabilities and threats collide, Exiger clients have used Supply Chain Explorer to navigate their physical and cyber supply chains to create immediate actionable insight. Now more than ever, cybersecurity is a key part of supply chain risk. Wide-ranging vulnerabilities—like we see with Log4j—and recent breaches such as SolarWinds and Accellion have demonstrated how software itself can become the Trojan horse, turning the products that protect us into an ecosystem-wide threat. The cyber hygiene and risk management practices of the third parties we rely on can help us assess how susceptible they are to our own ecosystem or external breaches that could change or modify code.
In the last three years, Exiger’s clients have seen over 30 severe vulnerabilities targeted by hackers, often linked with powerful nation-state actors. In 2021, two cyber espionage groups, believed to be affiliated with the Chinese government, created over 16 different malware families just to target Pulse Secure VPN.
As one of the worst cyber breaches in the last decade was identified, Customer leveraged Exiger’s live, real-time cyber exploration tools to identify vendors in Customer ecosystem that potentially were responsive to the Log4j breach, Log4Shell. Exiger’s data immediately identified several at-risk vendors for the cyber vulnerability, as well as a direct nexus of Log4Shell to Customer ecosystem
Utilizing Supply Chain Explorer, Exiger clients can instantaneously identify and assess the criticality of threat in their environment. DDIQ Cyber Analysis created a real-time view of the threat and the vulnerabilities to Customer to allow for risk-based mitigation, stopping the threat where it matters most.