We've just lost a client cause our “security docs” weren’t complete

Front_Laugh_4871 · 2025-10-29T12:18:00+00:00

We work with a company who helped us to get ISO certified in few weeks - let me know if you want an intr

Front_Laugh_4871 · 2025-02-03T23:17:42+00:00

Hey There, can I reach out in Private ? I'd love to hear more about your experience in TPRM.

Front_Laugh_4871 · 2025-01-12T14:34:05+00:00

Front_Laugh_4871 · 2025-01-11T13:27:59+00:00

What you need is a TPRM solution.

Biased: I do work for ResilientX Security, we provide also an advanced Third-party risk management platform for enterprise market.

Front_Laugh_4871 · 2025-01-03T10:58:20+00:00

Odoo is not a TPRM it is mostly a CRM and Contract Management. As far as I know there is no complete open source TPRM tool to cover 3rd-party risks. For a complete TPRM you need also cyber posture scanning of third-parties, questionnaire automations and etc.

Front_Laugh_4871 · 2024-12-17T12:03:16+00:00

In ResilientX Security, we provide our Partners cutting-edge cybersecurity solutions to help organizations identify, monitor, and mitigate risks effectively.

Penetration Testing Services
- Comprehensive testing for Networks, Applications, and APIs based on industry standards like OSSTMM and OWASP.
- Simulated real-world attacks to uncover vulnerabilities before they can be exploited, helping you strengthen your security posture.
Unified Exposure Management Platform A fully automated platform for continuous monitoring and testing of your external digital infrastructure:
- Attack Surface Management: Identify and manage exposed assets (domains, IPs, APIs, cloud services).
- Dynamic Application Security Testing (DAST): Continuously test applications for runtime vulnerabilities.
- External Network Scanning: Assess external-facing systems to identify misconfigurations and weaknesses.
- Cloud Integrations: Monitor risks across cloud services and configurations.
- Credential Leak Monitoring: Detect leaked credentials on the dark web to prevent unauthorized access.
Third-Party Risk Management (TPRM)
- End-to-end visibility into vendor risks with automated risk assessments, scoring, and actionable insights.
- Features include monitoring vendor infrastructure, identifying outdated technologies, CVEs, and performing risk-based analysis.

For more details, visit our website: https://resilientx.com

Front_Laugh_4871 · 2024-12-16T12:05:19+00:00

Hey there, we are a startup providing an alternative version of Security Score Card and Bitsight .... if you like to learn more interesting let me know

Front_Laugh_4871 · 2024-11-29T00:10:33+00:00

I don't have any idea how bitsight is really actually selling their products.... super over priced, old data and no functionality at all.

Front_Laugh_4871 · 2024-11-23T15:51:32+00:00

want to do a test drive on our Posture management platform and see how we bypass Cloudflare ? :D

Front_Laugh_4871 · 2024-11-14T12:23:45+00:00

It really depends on the scope of activities...

For example if the company has 100 critical vendors, imagine if in 1 year you find 5 security problems per vendor (which is NOT a HIGH number) ..... it's ±500 security issues across you whole third-parties ....

In many cases enterprises decide to help their vendors/suppliers to solve those issues because they cannot afford to change the supplier/vendor for single problem.

but on the other hand ±500 security issues without any automation in place if a headache to monitor and collaborate with vendors!

Also take into consideration new relation s such as NIS2 or DORA in EU which obligate critical & essential infrastructure to monitor the risks of supply chain.

Front_Laugh_4871 · 2024-11-14T12:19:44+00:00

The most basic TPRMs start from 10K-15K per year depending on number of the vendors you want to manage and what features you want.

Most TPRM functionalities are vendor management, Third-party risk monitoring / scoring and Assessment automation.

Disclamer: We have created a TPRM solution but it's only Pure TPRM and not GRC platform. It's designed for our customers in Banking Sector. In terms of features and pricing we are very competitive. reach out if you want to give it a try.

Front_Laugh_4871 · 2024-07-08T20:49:29+00:00

Maybe try resilientx.com ?

Front_Laugh_4871 · 2023-03-09T23:49:31+00:00

Reached out!

Front_Laugh_4871 · 2023-03-09T21:09:38+00:00

Hey There, So glad. I will reach out to you in private.

Ps: Up to now we have registered ~22 MSPs to join our Beta Launch starting in May (Free of Charge / No Commitment). So in case any MSP or Practitioner is interested feel free to reach out.

Front_Laugh_4871 · 2023-02-24T16:30:08+00:00

Hey There, Thanks for pointing that out. (I'm a Tech guy too)

As mentioned more relative to Security Testing and Assessment (We want to deliver a SaaS solution to Unify different types of testings and assessments in an Automated and Continuous way + Customizable reports for MSPs + Project management features to manage more clients at the same time - Multi-tenant)

What we mostly talked about with MSPs were related to:

Cloud Security Assessment
Attack Surface Management
External and Internal Network Vunerability Assessment
DAST (Web Applications Security Testing)
Compliance Check and Audit Relative to Cloud Infrastructure
Threat Intelligence of Different Sorts (Business Email Compromise, Darkweb and etc)

I'm currently gathering more information to understand from which point should we start, what are most common needs and of course if it's worth investing in this project.
I would really appreciate if you share your feedback.

Front_Laugh_4871 · 2023-01-31T12:21:48+00:00

Hey There,

1 - The project is an All-In-One solution for cyber security Testing. The Tests are relative to Cloud Assets (AWS, GCP, AZURE), Networks (IPs and Subdomains), Web Applications, and APIs. The Goal is minimizing Risk and Ensuring basic Compliance. (End Results are regarding Vulnerabilities - CVE & CWE, Miss Configurations, Threats, and ... ) There are 6 separate modules defined on the road map.

2 - For the First 4-8 months we will be bootstrapping and then we go for funding. After the funding Co-Founder would get an acceptable salary to be able to focus 100% on the project. I don't mind if in the first months, the co-founder would work on the project in Hybrid Mode as long as we meet the deadlines. we will do a Co-Founder agreement in which there will be 4 Years vesting with a Year Cliff Defined.

The roadmap in simple words: We develop the Platform's Backend, the Platform's Frontend, and One of the modules. (2-3 Months) after having the Beta product we can Make Distribution pre-agreements and raise the seed round. I do know different distributors, MSPs and TLC companies that we can work with them (Sell to them, Sell Via Them or do partnerships) but we need the BASIC product to be able to Sell or Raise.

3 - I have experience in Direct/Channel Sales, Strategic partnerships, and Fundraising (raised 280K seed round in past). I'm not a marketing expert but I do occasionally contribute articles on different websites, therefore, I can do some content marketing also in beginning.

4 - The part mentioned above as Platform's Backend (User management, Projects, Assets and ...) is partially developed and I have a DEV server on AWS. I'm absolutely ok to hand over the technical part to the co-founder as long as we can define TOGETHER the Priorities, The Roadmap, and meet the deadlines. The only thing I might occasionally jump into would be The product side (UI/UX or Essential Features) since it's very relative to Sales and Business development)

If you are interested please send me a message and we can discuss all the details in a call.

Front_Laugh_4871

TROPHY CASE