Fortress Boosts Third-Party Risk Identification & Continuous Cyber Vulnerability Monitoring Platform Capacity to 2 Million Companies

Fortress Information Security’s Risk Identification, Monitoring & Management (RIMM) Platform Now Tracks Third-Party Cyber Risk of 2 Million Businesses Worldwide; RIMM is Most Comprehensive Continuous Monitoring Database in Industry

ORLANDO, Fla.--()--Fortress Information Security today announced it has expanded the analytics database of its Risk Identification, Monitoring & Management (RIMM) Platform to include continuous cyber security monitoring of more than 2 million businesses.

The RIMM Platform is the central element of Fortress’ Third Party Risk Management Service, providing continuous, non-intrusive monitoring of third parties for potential cyber security threats.

The expanded database is a result of the growth of the company’s service and improvements to its algorithm, which allows RIMM users to find risk intelligence information on a broader base of companies worldwide. RIMM users now have better information on their expanded security perimeter, thus helping them make cyber security readiness a proactive component of their vendor selection process.

Finding Cyber Risk in the Supply Chain

Fortress is a leader in the market for third-party risk management solutions that help organizations judge potential cyber risks that exist in their supply chain. The market for third-party risk management is divided into managed services (assessments, contract review, etc.), threat and vulnerability scanning and asset management.

These options provide snapshots of risk management issues, but Fortress’ RIMM is a pioneering technology for continually monitoring third parties to help companies manage evolving risk challenges. RIMM goes beyond “one size fits all” ratings by delivering actionable vulnerability findings. RIMM customers can use a combination of non-intrusive monitoring or contractually agreed-upon intrusive monitoring to get even more in-depth information. With this data, RIMM users can expedite vendor risk assessments.

“Companies are increasingly aware that third-party risk is an important cyber security dimension that needs to play a bigger role in supply chain decisions,” said Alex Santos, Fortress Information Security CEO and Co-Founder. “Fortress’ unique system scalability offers comprehensive and continuous non-intrusive vulnerability assessments covering most major companies worldwide. Our objective is to scan the Internet so we can put more information into the hands of our users, empowering them to both make better decisions and help their vendors to improve their cyber security defenses.”

RIMM Detects Third-Party Cyber Security Issues

RIMM continuous monitoring is a proprietary process that non-intrusively or, with agreement, intrusively scans publicly accessible online data sources about a company and can detect malware, ransom attacks, compromised email and other cyber security issues that impact the company’s risk profile.

RIMM scans expose key security issues such as availability of leaked employee credentials on the dark web, a lack of SSL on log-in pages, lack of encryption on a marketing portal, or a customer website that is susceptible to cross-site scripting or path-transversal attacks.

RIMM evaluations are organized as easy-to-read score cards with a letter grade assigned to each company (ranging from "A" to "F"), a composite score that determines the grade and the company’s key cyber security challenge highlighted. A button on the scorecard provides access to the full scan results.

The monitoring reports are also a valuable tool for critical infrastructure providers (such as utility companies) and other businesses in regulated industries that need to disclose when breaches occur and document how issues are mitigated.

Given the increase in database size, Fortress customers can now more fully utilize the risk intelligence results as part of the due diligence assessment process. This allows for an unparalleled level of focus on third-party cyber risks, which brings clients the most return on their monitoring dollar by seamlessly combining both services (monitoring & assessments).

A critical component of the platform is Fortress’ Threat Intelligence service that proactively monitors breach disclosures and the dark web to forewarn customers of breaches and assist with remediation.

About Fortress Information Security

Fortress Information Security, founded in 2014, is an information security and cyber risk mitigation company redefining traditional risk management. The company delivers next-generation capabilities to help large enterprises upgrade their cyber risk management capabilities, by making vulnerability and threat management cheaper, repeatable, more accurate, and more actionable – in real-time. Using the Risk Identification, Monitoring & Management Platform (RIMM), Fortress helps companies to better Understand, Visualize and Secure its critical business assets. Unlike traditional outsourcing and advisory firm business models, Fortress’ always-on, co-managed RIMM platform combines next-gen security technology and vulnerability management tools, to more efficiently operationalize findings, remediation and risk management across the enterprise. Fortress is one of the first security companies to seamlessly bundle innovative technology, threat intelligence and service delivery into a central governance platform. Fortress targets industries that comprise our country’s critical infrastructure, energy generation and distribution, financial services and healthcare companies, where security is a major priority. The company is headquartered in Orlando, FL, and more information is at


The David James Agency
Amber Rubin, 805-494-9508
Senior Account Executive

Release Summary

Fortress Information Security today announced it has expanded the analytics database of its RIMM Platform to include continuous cyber security monitoring of more than 2 million businesses.


The David James Agency
Amber Rubin, 805-494-9508
Senior Account Executive