Third-party onboarding today isn’t easy and with the rise in supply chain attacks, the importance of auditing and ensuring your third parties won’t impact your infrastructure from a security perspective remains a burning issue.
Many companies still maintain a tick box approach when onboarding or managing third parties and mainly consist of sending out questionnaires at regular intervals. What’s more, these questions tend to be focused at the company level, rather than the product level, and if you are buying some kind of SaaS from a company which integrates into your environment, then the technical security . . .