{
	"id": "4dfccc04-4dec-499d-a3e9-a375cbabd5b6",
	"created_at": "2026-04-06T00:22:17.800599Z",
	"updated_at": "2026-04-10T03:21:52.546734Z",
	"deleted_at": null,
	"sha1_hash": "32a2b5d1d93880ddd9e58bce6aba376da4207a80",
	"title": "Protecting supply chains and third-party vendor connections | Mandiant",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 68860,
	"plain_text": "Protecting supply chains and third-party vendor connections |\r\nMandiant\r\nBy Mandiant\r\nPublished: 2022-06-06 · Archived: 2026-04-05 17:41:41 UTC\r\nProtecting your digital assets and brand is difficult in itself, but when you rely on supply chains, share proprietary\r\ninformation with vendors and subsidiaries or are involved with a merger or acquisition transaction, the complexity\r\nincreases exponentially. The difficulty arises when users you don’t know, and systems you don’t own or have\r\ncomplete control over, now have access to your network and vice versa. Vendor contracts may be drawn up to\r\ninclude requirements for certain technology and updates within a set window, but execution is often out of your\r\nhands.\r\nTo address these scenarios and others, industry analysts coined the term digital risk protection which uses a\r\ncombination of products and services to protect assets and data from external threats. Together they provide\r\nvisibility into the open, deep and dark web, externally facing assets including cloud, and provide contextual\r\ninformation on the tactics, techniques and procedures (TTPs) currently used by threat actors. With early\r\nknowledge of this information, security professionals can better anticipate attacks and make proactive\r\nadjustments.\r\nThe Mandiant digital risk protection solution, offered as products or services, addresses these scenarios and many\r\nothers.\r\nMandiant Advantage Threat Intelligence is derived from intelligence by over 300 security analysts across\r\n23 countries to give organizations relevant threat intelligence so they can focus on the threats that matter to\r\ntheir business now and take action.\r\nMandiant Advantage Digital Threat Monitoring helps detect and respond to external threats by monitoring\r\nthe internet, including the deep and dark web, providing early notification of malicious actors targeting an\r\norganization and provides notification of data and credentials leaks for quicker response.\r\nMandiant Advantage Attack Surface Management discovers and analyzes internet assets across today’s\r\ndynamic, distributed and shared environments. It is designed to continually monitor discovered assets for\r\nexposures and enables intelligence and red teams to operationalize and inform risk management.\r\nMandiant Cyber Threat Profile is a service that provides a composite picture of the most important and\r\nrelevant identified cyber threats an organization is facing and how those threats are likely to materialize,\r\nimpacting the organization and its partners.\r\nhttps://www.mandiant.com/resources/supply-chain-analysis-from-quartermaster-to-sunshop\r\nPage 1 of 3\n\nIndividually these products and services can provide glimpses into threat actors, the dark web and vulnerable,\r\nexposed assets. When used together they can provide security professionals with visibility outside their\r\norganization, the ability to identify high-risk attack vectors, malicious orchestration from the deep and dark web as\r\nwell as campaign execution on the open web. They can also provide contextual information on threat actors and\r\ntheir tactics, techniques and procedures necessary to create a comprehensive cyber threat profile, helping users to\r\nstay relentless in their fight to protect their digital assets, their supply chain and their brand.  \r\nThe M-Trends 2022 report shows that supply chain compromise rose to the second most common initial infection\r\nvector in 2021 at 17% of intrusions investigated by Mandiant. Monitoring supply chain vendors for active threat\r\nactor chatter and exposures is as important as trying to secure subsidiaries and conducting compromise\r\nassessments in connection with a merger or acquisition. Mandiant helps monitor and provide visibility into these\r\ncomplex situations.\r\nThe following use cases show how digital risk protection from Mandiant can help protect these complex\r\nrelationships:\r\nUse case #1\r\n1. Threat Intelligence provides details on an espionage-driven threat actor targeting supply chain compromise\r\nas their primary initial infection vector.\r\n2. With this intelligence, a monitor is set up in Digital Threat Monitoring for all supply chain vendors looking\r\nfor potential malicious targeting. This triggers an alert showing dark web forum chatter targeting both you\r\nand your vendor.\r\n3. Attack Surface Management starts monitoring supply chain vendors looking for potential vulnerabilities in\r\nexternal-facing assets. A publicly accessible AWS S3 bucket is identified as being accessible by\r\nunauthenticated users.\r\n4. The security team reaches out to the vendor to make them aware of the vulnerable S3 bucket and potential\r\ntargeting. The security team would also kick off a breach analysis to determine if they have already been\r\nbreached.\r\nUse case #2\r\n1. Attack Surface Management identifies a Webmin installation that is vulnerable to CVE-2019-15107.\r\n2. Threat Intelligence reports that CVE-2019-15107 has a High Risk Rating and Mandiant has observed\r\nexploitation in the wild.\r\n3. The security team updated the Webmin installation and added to a monitor in Digital Threat Monitoring\r\nwhich turns up a conversation from a dark web forum detailing how threat actors were using spear phishing\r\ncampaigns to get Webmin users to open a specially crafted webpage.\r\n4. Knowing this, the security team initiates incident response actions to investigate a potential compromise.\r\nWhether you are looking to protect supply chain, subsidiary connections or day-to-day operations, digital risk\r\nprotection from Mandiant offers products or services designed to deliver a comprehensive cyber threat profile\r\nwith the critical steps needed to prepare for an attack.\r\nPosted in\r\nhttps://www.mandiant.com/resources/supply-chain-analysis-from-quartermaster-to-sunshop\r\nPage 2 of 3\n\nSecurity \u0026 Identity\r\nSource: https://www.mandiant.com/resources/supply-chain-analysis-from-quartermaster-to-sunshop\r\nhttps://www.mandiant.com/resources/supply-chain-analysis-from-quartermaster-to-sunshop\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://www.mandiant.com/resources/supply-chain-analysis-from-quartermaster-to-sunshop"
	],
	"report_names": [
		"supply-chain-analysis-from-quartermaster-to-sunshop"
	],
	"threat_actors": [],
	"ts_created_at": 1775434937,
	"ts_updated_at": 1775791312,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/32a2b5d1d93880ddd9e58bce6aba376da4207a80.pdf",
		"text": "https://archive.orkl.eu/32a2b5d1d93880ddd9e58bce6aba376da4207a80.txt",
		"img": "https://archive.orkl.eu/32a2b5d1d93880ddd9e58bce6aba376da4207a80.jpg"
	}
}