Bitsight launches dark-web monitoring for supplier cyber risk

Bitsight has launched Dark Web Intelligence for Supply Chains, adding a supply-chain focused module to its cyber risk intelligence and continuous monitoring portfolio as organisations push for earlier warning of third-party incidents.

The product is designed to monitor threat activity across the deep, dark, and open web, then map that activity to an organisation’s specific vendor ecosystem. In practical terms, the promise is less time spent trawling generic threat feeds and more time acting on vendor-relevant signals, including compromised credentials, breach indicators, and the online “noise” that often precedes exploitation at scale.

The company frames the issue as a timing problem. Risk functions are frequently alerted after the fact, either when a supplier discloses a breach, when customers see service impact, or when regulators, insurers, or press coverage force visibility. That sequence leaves little room for internal coordination across governance, risk, and compliance (GRC), third-party risk management (TPRM), and security operations teams.

“For most organizations, the difference between containing a third-party incident and reacting to it comes down to timing, context, and prioritization,” said Greg Keshian, Chief Product Officer at Bitsight. “Bitsight Dark Web Intelligence for Supply Chains uses AI to surface active threat and breach signals and map them directly to an organization’s supply chain, so teams know which vendors are being targeted, which weaknesses matter, and where to act — while attacks are still unfolding.”

Functionally, Bitsight says the capability supports three core workflows. First, it aims to show “what could happen” by mapping third-party exposures to active attacker tactics, techniques, and procedures (TTPs) using the MITRE ATT&CK framework, connecting observed threat behaviour with the supplier-side weaknesses an attacker is likely to use. Second, it is intended to show “what is happening” by detecting breach indicators across suppliers and partners earlier than public disclosures or standard notifications. Third, it tries to answer “where to act” using Bitsight’s Dynamic Vulnerability Exploitability (DVE) scoring, which predicts which vulnerabilities are likely to be targeted based on real-world exploit activity rather than theoretical severity.

The emphasis on cross-team collaboration is deliberate. Supplier risk has a habit of falling between the cracks: procurement sees contractual obligations, compliance tracks audits, IT security watches alerts, and business owners focus on continuity. Bitsight is positioning the module as a shared picture of supplier exposure that can be consumed by GRC and security operations centres without the usual handoffs and rework.

The launch also lands in a market where vendor resilience is increasingly tied to governance. EU frameworks such as the NIS2 Directive raise expectations for risk management and supply-chain security controls across covered sectors, while financial services regulation under DORA formalises oversight of critical ICT third parties. Even outside regulated verticals, boards are increasingly unwilling to accept “we were waiting for the supplier to tell us” as an incident narrative.

“Deep and dark web intelligence has changed how we manage third-party risk,” said Christoph Schacher, Chief Information Security Officer, Wienerberger. “It gives us clear and early visibility into threats emerging across our supply chain, sometimes even before vendors themselves are aware, allowing us to assess impact and respond with confidence instead of reacting after the fact.”

Bitsight said Dark Web Intelligence for Supply Chains is available as part of its Continuous Monitoring offering, with additional features planned over time.