CyberGRX Leverages MITRE Techniques to Uncover Security Gaps in Third Parties

2 minute read

January 2023

attack scenario analytics

Denver, CO — January 18, 2023 – CyberGRX, provider of the world’s first and largest global risk exchange, today announced the availability of a Predictive Data tool to the Exchange platform’s Attack Scenario Analytics feature. Customers can leverage CyberGRX’s predictive risk intelligence capabilities, which has up to 91% accuracy, to evaluate levels of risk posed by a third party against 13 key security categories established by the MITRE ATT&CK™ framework. This allows organizations to pinpoint outliers that will require further assessments to ensure they meet their security standards.

The MITRE ATT&CK framework is perhaps the largest, most in-depth, organized and strongly supported base of adversarial behavior. By using this framework, an organization can review its security controls to gain visibility into gaps in its defenses. While Attack Scenario Analytics evaluates a third party’s attested data against categories established by the MITRE framework, Predictive Data uses CyberGRX’s predictive data to provide a similar level of visibility on any third party in your portfolio without an assessment. As a result, customers can access the necessary information to help them focus budgets and resources on those third parties who potentially have a more severe impact on your day-to-day operations.

“Our assessment database continues to grow every day, because we have developed a standardized assessment that has been used by over 12,000 companies. Currently, we have extensive third-party cyber risk data available on over 225,000 companies, allowing CyberGRX to serve as a one-stop-shop for threat and risk analytics. We want to continue to give customers the tools to be efficient and secure, without the extra work, which is what makes the Predictive Data revolutionary,” said Fred Kneip, CEO of CyberGRX. “With Predictive Data, we are able to uncover areas of risk that may have gone unreported and provide a path forward with remediation.” 

CyberGRX’s Attack Scenario Analytics provides the following benefits:

  • Map to the widely adopted framework for threat hunting analysis in the cybersecurity industry. 
  • Uncover gaps that might have gone unreported otherwise by leveraging MITRE techniques to create kill chains/use cases 
  • Integrate CyberGRX results with an organizations’ internal risk and threat management programs
  • Enhance third-party relationships through credible risk findings and suggested defense mechanisms and mitigation strategies
  • Improve third-party detection, monitoring and response to attacks

This advancement to the Attack Scenario Analytics feature now provides, for the first time, a single platform that enables stakeholders, cyber defenders, and vendors to easily view and clearly communicate on the exact nature of a threat and the objective assessment of the cyber defense plan that can defeat it.

Learn more about Attack Scenario Analytics or book a demo online.

Related Articles

About Us

ProcessUnity is a leading provider of cloud-based applications for risk and compliance management. The company’s software as a service (SaaS) platform gives organizations the control to assess, measure, and mitigate risk and to ensure the optimal performance of key business processes. ProcessUnity’s flagship solution, ProcessUnity Vendor Risk Management, protects companies and their brands by reducing risks from third-party vendors and suppliers. ProcessUnity helps customers effectively and efficiently assess and monitor both new and existing vendors – from initial due diligence and onboarding through termination. Headquartered outside of Boston, Massachusetts, ProcessUnity is used by the world’s leading financial service firms and commercial enterprises. For more information, visit