Mastercard

RiskRecon traces its beginnings to 2011 when our founder, Kelly White, asked himself, “ Is it possible to measure the security program quality of any company simply by looking its Internet-facing presence?”

RiskRecon asset discovery is engineered to be extraordinarily thorough while having an extremely low false-positive rate of less than 1%. Our asset profiles are completely refreshed every two weeks, because even if a company owned an asset a month ago, it doesn't mean that they still do. At the heart of our asset discovery are analysts who train supervised machine learning models for each company monitored. These models enable RiskRecon to efficiently mine the internet for company systems and to ensure accurate company asset attribution as companies shift over time. RiskRecon’s asset attribution is independently certified to 99.1% accuracy. And we don’t hide any of the assessment details. It’s all visible to you and your vendors at no additional fee.

RiskRecon passively evaluates the security and infrastructure safeguards and gaps in an organization’s online cyber environment without interfering in their day-to-day business. RiskRecon evaluates over 40 criteria across 9 security domains including email security, breach events, network filtering, DNS security, system reputation, web encryption, application security, software patching and system hosting. RiskRecon then assesses the business impact of each vulnerability uncovered to determine an organization’s final cyber risk rating.

RiskRecon provide sorganizations with:•
1. An aggregated cyber risk rating for every third-party based on the assessment of their cyber environment•
2. Alerts on issues exceeding risk thresholds•
3. Downloadable detailed, summary and executive summary reports•
4. Benchmarking of third-parties•
5. Actionable risk plans•
6. View of organization’s cyber risk visibility to their extended supply chain of fourth-party providers.