RiskRecon Advisor™ delivers a more comprehensive assessment that includes not just scores and issue counts, but also detailed evidence and findings, automated action plans, and full IT and 4th party risk profiles. Examples when Subscriber may require these capabilities are:
RiskRecon Advisor™ solution combines: (a) an analyst-built company profile, (b) analyst trained supervised machine learning model, and (c) RiskRecon automated scanning service. As with the RiskRecon Discover™, Subscriber supplies a company name and at least one company domain name. But rather than a fully-automated process, the next step involves a RiskRecon analyst who curates and builds a subsidiary profile of the company to ensure complete coverage of the entity, including all subsidiaries. The analyst then initiates a supervised machine learning model to recognize company and subsidiary domains and networks automatically.
RiskRecon algorithms discover systems based on the supervised machine learning model and conduct a passive analysis of every domain, domain hosts, email servers, and so forth. To ensure data quality, analysts review exceptions in cases where the algorithms cannot determine domain or network ownership automatically with a high degree of confidence.
Subscriber receives comprehensive ratings, evidence and action plans. This solution provides the accuracy and depth needed for Subscriber to understand root causes for each security gap, understand corrective actions recommended, share confidently with Subscriber’s vendors, and collaborate on remediation steps.
Subscribers can choose from two different update schedules for the RiskRecon Advisor™ service:
To obtain a one-time report with all of the above information on an existing vendor or a new vendor that you wish to assess before signing contracts. This one-time report remains available during license term, but the information is not updated once published.
Subscriber receives regularly updated assessment information, refreshed approximately every 2 weeks, which contains comprehensive data from the most recent scan plus historical ratings trends. Since this scan is fully refreshed approximately every 2 weeks, Subscriber can set alerts. Subscriber can set these notifications based on (a) overall vendor score changes (b) individual security criteria score changes and/or (c) specific events that exceed Subscriber-defined risk policy.
Subscribers licensed for Advisor - Continuous Monitoring service, can also take advantage of RiskRecon Collaborate™ and RiskRecon Search™ modules (see descriptions below and note that these modules may be licensed separately).