The 3GRC Threat analysis service utilises leading risk intelligence, financial and active threat intelligence security feeds to analyse and report on risks associated with an organisation’s third parties. The assessment assesses technical risks based on public facing sites or infrastructure that can be exploited. Our Threat assessment offers a formal report, with risks populated uniquely within a 3GRC risk register for any remediation activities.

The 3GRC Threat Assessment starts with the completion of a simple online survey through the 3GRC platform. This identifies the key information required by our analysts to deliver the components of the 3GRC Threat service. 3GRC Threat Analysts review the feeds to fully understand the third-party risk profile from a number of different aspects including: financial risk, technical cyber risk, threat intelligence including key personnel risks and dark web threats.

Contact us


3GRC will perform a Threat assessment against the business/business owners to understand the risks associated regarding the financial state of the on-boarding of a supplier.  The clear financial risk scoring report provided will ensure that a thorough business review has been conducted to identify any financial risks that may be present.

Passive Threat Intelligence

Using target information provided from the 3GRC Threat survey such as company name, domain names, key personnel or customised supplier information, 3GRC will perform a passive Threat Intelligence assessment using open source intelligence collected from publicly available sources on the internet and dark web.

3GRC’s Threat Analysts have access to a large number of Threat Intelligence providers.  This includes access to Open Source Intelligence feeds and commercial Threat Intelligence feeds.  The data extracted by our analysts will depend on the target and information supplied.  The data provided is likely to cover areas such as information related to the target from recent data breaches and anything which might be of interest collated from dark web sites and forums.

Active Technical Threat Assessment

3GRC Threat will conduct a technical Cyber Risk assessment of the supplier’s internet facing systems to identify any potential security vulnerabilities which could cause concern or impact to the on-boarding of that supplier.  This can include phishing techniques and traditional penetration testing against applications or infrastructure. This assessment will require the full agreement from the supplier before it can be conducted and will be performed by 3GRC’s experienced security consultants and penetration testers.


The key deliverable for the 3GRC Threat assessment is the report.  The report will provide a clear understanding of any risks based around Financial, Technical Cyber Risk and associated with on-boarding a supplier.

Contact us today

For more information or to arrange a free demonstration of the 3GRC platform, please contact us today.


Threat Datasheet

Download our Threat datasheet for more information.


Case Studies

Allianz Insurance

Allianz Insurance works with a large number of third party suppliers and was...

Read More

Cancer Research UK

Cancer Research UK were struggling with their approach to supplier risk manag...

Read More


TBWA faced challenges with managing their supply chain. Using spreadsheet-bas...

Read More

Arrange a free trial today

Contact us for a free demonstration of the 3GRC platform. We’ll show you how we can automate, simplify and centralise your risk and compliance management.

Contact us