Supplier monitoring e.g Bitsight, Security Scorecard

Hi all, looking for ideas on how to improve the supplier management program of my company (fintech industry). Majority of our suppliers are SaaS application providers, half of them are startups companies, not yet security oriented.

We usually do audit such providers annually to record major findings and that's about it. Management would like to see us proactively monitoring them for breaches say on the Darkweb and severe security gaps e.g. public S3 buckets, passwords and API tokens on GitHub. …

bitsight cybersecurity monitoring scorecard security