Learn more about the Vendor Marketplace in the Policyholder Dashboard and how to use it
What is the Vendor Marketplace and Where is it Located?
The Vendor Marketplace is part of the vCISO Center in the Corvus Policyholder Dashboard and is available to all Corvus Policyholders. The Vendor Marketplace is a centralized repository of thoroughly vetted partners that offer cybersecurity products and services. When exploring the Vendor Marketplace, you will be presented with “tiles” that include: descriptions of our cybersecurity partners, what categories of services or products they offer, and upon clicking an individual tile, it will connect you directly to the vendor to take advantage of preferred pricing or discounts.
What types of vendors are in the Vendor Marketplace?
All vendors in the Vendor Marketplace have been thoroughly vetted by the Corvus team to ensure they will be a value-add to your organization and cybersecurity program. Vendors included within the Vendor Marketplace have been identified as industry leaders in each category of products / services and were handpicked by the Corvus Team with policyholders in mind. This means that each category of products and services includes vendors that will cater to each of our policyholder’s unique needs, big or small. To learn more, simply click on a tile to get connected with a vendor and discuss how their offerings can help improve your organization's cybersecurity program!
What do the categories of services or products mean?
Vendors in the Vendor Marketplace are tagged with sub-categories of product or service offerings. There are three overarching categories that these products and services fall into: Security Products, Security Services, and Incident Response Services. See below for more details and an explanation of each sub-category.
If you are responsible for your organization’s security (or its security budget), you have likely observed the sheer volume of cybersecurity products available and may struggle to cut through the noise of product data sheets. The Corvus Team regularly receives this feedback from our policyholders, and the Vendor Marketplace seeks to turn the volume down and help you focus on pre-vetted vendors with great track records. Security products typically fall within the following sub-categories (and we will be rolling out new partnerships in each of these categories on an ongoing basis):
- Backup and Recovery
- Cloud Security
- DDOS Mitigation
- Email Security
- Endpoint Security
- Firewalls (VPNs)
- Insider Threat
- Privileged Access Management (PAM)
- SaaS Backups
- SaaS Security / CSPM
- Security Training
- SSO / MFA / Authentication
- Third Party Risk Management
- Vulnerability Management
- Web Application Firewalls
- Zero Trust Network Access (ZTNA)
Whether your organization has no internal information security resources, or you have a full time CISO on staff, chances are you could use some additional help, or outside assessment, from security experts. The Corvus Team has thoroughly vetted cybersecurity firms that offer a range of services from assessments, consults, vCISO advisory through to full managed security services. Reach out to our vendors to learn more about their services offerings and preferred pricing for Corvus policyholders.
- Managed Security Services Providers (MSSPs) / Managed Detection and Response (MDRs)
- IT Managed Services Providers (MSPs)
- Backup as a Service
- Consults on Active Directory Hardening, Backups, EDR, and MFA
- Governance, Risk and Compliance (GRC)
- Penetration Testing
- Security Assessments
- Tech Advisory Services
Incident Response (IR) Vendors
When your organization experiences a cybersecurity incident, you may need outside help – Incident Response Vendors – to investigate and respond. In the Vendor Marketplace, these incident response vendors fall into three main categories: IR - Legal, IR - Forensics, and IR - Notification and Identity Monitoring. Please keep in mind that for incident response vendors, your organization will need to submit a claim and work with the claims manager to determine the vendors best positioned to help for the situation at hand.
- Legal counsel, often referred to in the industry as “Breach Coaches”, help policyholders determine whether notification to individuals or regulators is required under various state, federal and international laws and regulations. If required, counsel will assist in drafting the notification letters.
- Digital forensics firms help policyholders investigate what occurred and confirm there is not an ongoing threat. These firms may also assist with ransom negotiation and data recovery if capable.
- Notification, call center, and identity monitoring vendors will mail breach notification letters to impacted individuals, staff a call center, and provide identity monitoring services when appropriate.
Questions? Feedback? Please reach out to the Risk + Response Team at Services@corvusinsurance.com.