Black Kite has launched ThreatTrace™, a new capability that enhances third-party cyber risk detection by integrating NetFlow and DNS telemetry into its monitoring and ratings platform. As the first third-party cyber risk management (TPCRM) vendor to incorporate this level of network-level visibility, Black Kite enables organizations to identify indicators of compromise (IOCs) and anomalies in vendor environments more proactively and take targeted remediation actions.
Quick Intel
ThreatTrace™ addresses a critical gap in third-party risk management by leveraging network telemetry traditionally used in SecOps for internal threat hunting. By applying NetFlow and DNS data to external vendors, Black Kite provides risk teams with actionable signals of compromise that go beyond surface-level indicators, enabling earlier intervention before incidents escalate.
"The release of ThreatTrace™ reflects our continued commitment to building the most comprehensive and trusted data foundation for third-party risk intelligence," said Candan Bolukbas, CTO & Founder, Black Kite. "Internet traffic flows provide powerful signals of potential compromise. When an organization's digital assets repeatedly connect to known malicious infrastructure, high-risk regions, or unusual services, it's a strong indicator that something may be wrong - and teams need to act quickly."
The new capability expands IOC and anomaly detection across several high-impact scenarios. It identifies botnet infections by flagging IP addresses blacklisted across multiple threat intelligence sources, signaling that a vendor's assets—such as servers, IoT devices, or workstations—may be compromised and involved in malicious operations like DDoS or command-and-control activities.
Suspicious outbound activity is detected through correlations between DNS queries to risky domains (including Tor sites, hacker forums, or known C2 infrastructure) and corresponding network flows from the vendor's IPs. Active targeting by threat actors is surfaced when malicious IPs interact with vendor digital assets, indicating reconnaissance or impending attacks.
ThreatTrace™ also monitors for deviations from normal traffic baselines, such as unusual volume spikes, connections to previously unseen high-risk IPs, or abnormal port usage—common markers of data exfiltration attempts. Additionally, it flags unauthorized flows to high-risk or sanctioned regions, helping organizations detect potential data leakage and compliance issues.
By revealing previously unseen subdomains and interconnected third-party services, the feature enhances supply chain mapping and contextual risk understanding. These insights integrate seamlessly with Black Kite's existing platform, which already automates monitoring, assessments, and scoring across ransomware susceptibility, regulatory compliance, financial exposure, and other risk dimensions.
ThreatTrace™ strengthens Black Kite's position as an AI-native TPCRM leader, delivering always-on visibility and high-accuracy intelligence trusted by over 3,000 customers managing risks across millions of suppliers. The capability empowers security and risk teams to move from reactive to proactive strategies in safeguarding their extended ecosystems against evolving third-party threats.
About Black Kite
Black Kite is the AI-native third-party cyber risk management platform trusted by over 3,000 customers to manage every supplier and every risk across their extended ecosystem. Powered by the industry's highest-quality risk intelligence, spanning over 40 million companies, Black Kite is differentiated by the accuracy, transparency, and actionability of its data. The platform automates vendor monitoring and risk assessments, surfacing reliable insights into ransomware susceptibility, regulatory gaps, financial exposure, and more. With Black Kite, security and risk teams gain always-on visibility and trusted intelligence to act early, reduce exposure, and stay ahead of third-party threats.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.