Black Kite Introduces Product Analysis Module to Deliver Product-Level Intelligence to Mitigate Software Supply Chain Risk

News provided by

Black Kite

Dec 09, 2025, 06:00 ET

New capability empowers TPRM teams to go one step beyond vendor-level assessments to assess product-level risks through deep CPE, SaaS subdomain, and SBOM analysis

BOSTON, Dec. 9, 2025 /PRNewswire/ -- Black Kite, the leader in third-party cyber risk management, today announced the release of its new Product Analysis module, which allows security teams to evaluate the risks of third-party software products at a granular level. As the first TPRM platform to offer this capability, Black Kite delivers a more detailed view of exposure and supports better decision-making around specific products and vendor outreach. The new module delivers intelligence on software supply chain risk through deep downloadable software analysis (CPE), SaaS subdomain analysis, and SBOM analysis.

Continue Reading
Assess product-level risks through deep CPE, SaaS subdomain, and SBOM analysis
Assess product-level risks through deep CPE, SaaS subdomain, and SBOM analysis

"Organizations depend on a wide range of software products that can introduce hidden risks into their environments," said Candan Bolukbas, CTO & Founder of Black Kite. "Vendor assessments provide critical visibility, but a strong overall vendor posture doesn't necessarily guarantee the security of every product they offer, and vice versa. Black Kite's new Product Analysis module closes that gap by giving teams precise, actionable insight into where vulnerabilities exist, from SaaS to software supply chain dependencies, so they can take targeted action before risk becomes exposure."

With Black Kite's Product Analysis, teams can go one step beyond vendor analysis by assessing individual products to gain deeper insight into supply chain risks associated with third-party software, improving both the speed and accuracy of product evaluations.

The new module combines multiple intelligence sources and analysis methods to deliver clear, product-level insight into vulnerabilities, exploitability, and risk posture:

  • Downloadable Software Analysis (CPE): Maps software products to their producing vendors and calculates risk levels (low, medium, high) based on CVEs, exploits, certifications, and end-of-life status.
  • SaaS Subdomain Analysis: Identifies SaaS subdomains, associates them with the correct company, and evaluates vulnerabilities and potential exploits for each.
  • SBOM Analysis & Mapping: Analyzes open-source components and dependencies within third-party software to uncover hidden vulnerabilities and nested dependencies.

The Product Analysis module gives TPRM teams and security leaders a clear, accurate understanding of product-level risk exposure. Key benefits include:

  • More confident decisions during software evaluation and onboarding.
  • Stronger ongoing monitoring through precise insights that drive mitigation actions such as upgrades or configuration changes.
  • Compliance support for federal and regulated industries that must perform SBOM analysis and broader risk assessments in alignment with EO 14028.

Product Analysis enables TPRM teams to seamlessly evaluate the risks associated with both the software they use and the software used by their third parties, helping them prioritize mitigation actions and vendor outreach to reduce potential exposure and impact from software vulnerabilities and other risks.

To learn more, visit https://blackkite.com/solution-briefs/product-analysis-with-black-kite

About Black Kite
Black Kite is the AI-native third-party cyber risk management platform trusted by over 3,000 customers to manage every supplier and every risk across their extended ecosystem. Powered by the industry's highest-quality risk intelligence, spanning over 40 million companies, Black Kite is differentiated by the accuracy, transparency, and actionability of its data. The platform automates vendor monitoring and risk assessments, surfacing reliable insights into ransomware susceptibility, regulatory gaps, financial exposure, and more. With Black Kite, security and risk teams gain always-on visibility and trusted intelligence to act early, reduce exposure, and stay ahead of third-party threats. Black Kite has received numerous industry awards and recognition from customers. Learn more at www.blackkite.com, or on the Black Kite blog.

Media Contact:
Michelle Kearney
Hi-Touch PR
443-857-9468
[email protected]

SOURCE Black Kite

Also from this source

Fueled by Record Growth and Customer Satisfaction, Black Kite Introduces Black Kite AI Agent, Continuing to Drive the Future of AI-Native Third-Party Cyber Risk Management

Fueled by Record Growth and Customer Satisfaction, Black Kite Introduces Black Kite AI Agent, Continuing to Drive the Future of AI-Native Third-Party Cyber Risk Management

Black Kite, the leader in third-party cyber risk management, today announced the release of Black Kite AI Agent, a super agent that automatically...
Black Kite Releases Global Adaptive AI Assessment Framework (BK-GA³™) Developed in Consultation with Shared Assessments

Black Kite Releases Global Adaptive AI Assessment Framework (BK-GA³™) Developed in Consultation with Shared Assessments

Black Kite, the leader in third-party cyber risk management, today announced the release of its Global Adaptive AI Assessment Framework™, BK-GA³™....
More Releases From This Source

Explore

Computer & Electronics

Computer & Electronics

Computer Software

Computer Software

Computer Software

Computer Software

High Tech Security

High Tech Security

News Releases in Similar Topics