Known exploited vulnerabilities
CISA KEV entries are matched to vendors by CPE, product, vendor name, domain, subscribed framework and extra keywords.
Compliance On DemandMenu
Back to homepage
Vendor threat intelligence
Vendor threat intelligence connected to third-party risk management
Compliance On Demand watches free public sources and turns relevant vendor events into reviewable work. The same register used for assurance also carries the source, severity, status and context for vendor risk changes.
What this page covers
Specific product capability, without vague compliance automation claims.
Monitor CISA KEV, ACSC advisories, SEC cyber disclosures and vendor status pages, then match public events to supplier records.
Australian advisories
ACSC alerts and advisories are fanned out by vendor context so local assurance teams can see which public events matter.
Disclosures and outages
SEC 8-K Item 1.05 cyber filings and statuspage.io incident feeds sit beside the supplier record and event workflow.
Operational proof
What buyers and assessors should be able to verify.
These are the concrete operating claims this page should support in search results, sales calls and evaluator conversations.
01
No paid threat-intel API is required for the public-source feed
02
Events move through new, acknowledged, resolved or dismissed states
03
Each event carries severity, source link, published time and vendor context
04
High-priority vendor events can feed dashboard news and notification workflows
Questions
Common questions about vendor threat intelligence.
Which vendor intel sources are monitored?
The product monitors CISA KEV, ACSC advisories, SEC 8-K cybersecurity incident disclosures and configured vendor statuspage feeds.
Is this dark-web monitoring?
No. The current feed focuses on public sources that can be verified and linked back to vendor records without paid breach-monitoring APIs.
Product briefing
Bring this assurance work into a self-hosted product review.
Share your deployment boundary, frameworks and evidence workflow, and we will talk through fit without generic compliance theatre.