Comprehensive software reviews to make better IT decisions
Six Tips on Managing Your Software Vendor Relationship
In today’s world, we rely heavily on software vendors to provide us with special expertise, products, and services to deliver value for a project or a business. Acquiring valuable software can yield immediate visible benefits, but it’s the vendor relationship management process that makes sure those benefits are there for the long run.
Here are a few tips that will help you improve vendor relationships organically as you work together:
- Establish an executive sponsor
Show the vendor that you’re treating the relationship seriously. Appoint an executive sponsor for each strategic vendor. This sponsor should talk to an executive contact at the vendor, including attending major meetings.
- Get to know your vendor
Find out more about the people you work with, their challenges, and what you can do to help them.
When you have problems with your vendor, remember that the people you deal with probably aren’t directly responsible for the vendor’s poor performance. Don’t back down, but don’t take your frustrations out on them. Always treat your contacts with respect.
- Share bad news early
Don’t surprise the vendor with a slew of problems and bad news. Communicate regularly and keep the vendor up to date with problems you’re having. Give them time to take corrective actions and follow up.
- Discover and share in a collaborative way
Work through the review as a collaborative process. Don’t treat the performance review as a time to shame the vendor for underperformance; use it as an opportunity to work together to fix problems.
Use the vendor to provide another opinion on your issues and opportunities; they could provide insight.
- Solicit vendor feedback
Treat key vendors like they are a group of your top employees – you want to check in on them and get their feedback.
Make the evaluation go both ways. Ask the vendor about your own performance as a customer and ask specific questions to help improve the relationship.
Conduct a vendor satisfaction survey (paper/electronic) or ask related questions during another review.
- Don’t immediately run to the contract
The contract should be used, in general, as a last resort. It’s there to protect you but enforcing the contract too strictly and frequently can damage a potentially strong relationship.
Remember, these relationships require intentional effort to grow and maintain and they go both ways: you rely on your vendor, but your vendor also relies on you. Besides, you’re more likely to get better service if you’ve developed a personal relationship with your sales rep.
Have a great relationship with a vendor already? Click here and write a review!
Spoofing Be Gone: Abnormal Security Says Hasta la Vista, Baby, to Business and Vendor Email Compromise Scams
The conversation around security awareness training and phishing simulations has changed in the past year. The training and tools of the past simply aren’t working against today’s more sophisticated attackers. Abnormal Security can mitigate an assortment of the most common types of business and vendor email compromise.
This analysis examines Zscaler's cloud-based security platform, with a focus on its Zero Trust Exchange (ZTE), Zero Trust Network Access (ZTNA), and broader suite of security solutions. It explores Zscaler's approach to overcoming the limitations of traditional VPN architectures, using artificial intelligence (AI) for threat detection, and integrating various security functionalities within a unified platform. Drawing insights from analyst demo notes, vendor information, and independent research, this analysis aims to provide a comprehensive and unbiased assessment of Zscaler's value proposition for security professionals.
In today's cybersecurity landscape, managing machine identities and digital certificates across complex, hybrid multi-cloud environments is a growing challenge. As the volume of digital certificates used to secure machines, applications, workloads, services, and devices continues to grow exponentially, organizations often struggle with a lack of visibility and manual processes, resulting in critical service outages and security vulnerabilities. AppViewX CERT+ is a next-generation automated certificate lifecycle management (CLM) solution that simplifies PKI and certificate management. It combines the best of automation, security, and insights to meet enterprise machine identity and digital trust requirements. AppViewX CERT+ features are purpose-built to address both the operational and security challenges of certificate management to, in turn, help organizations prevent application outages and security breaches. By enabling enterprise-wide crypto-agility, AppViewX CERT+ enhances machine identity trust, eliminates security gaps, promotes compliance, and supports post-quantum cryptography readiness.
In the digital realm, trust is currency. Without robust identity verification, online interactions become a breeding ground for fraud and exploitation.
In the ever-evolving landscape of SaaS Security, one company has quietly forged its path, becoming a beacon of protection for large enterprises grappling with the growing complexity of SaaS applications. This is the story of Adaptive Shield, a rising star in the SaaS Security space, whose journey from a nimble startup to a recognized industry leader is as remarkable as the solutions it offers. Founded in 2019 by cybersecurity veterans Maor Bin and Jony Shlomoff, Adaptive Shield entered the scene with a bold vision: to address the growing blind spot in the SaaS ecosystem regarding enterprise security – including the dangers deriving from misconfigured security controls, lack of management regarding human and non-human identities, interconnected apps, and the detection of threats within these business-critical apps. Recognizing the exponential adoption of SaaS and the inherent risks it posed, the company set out to build a comprehensive shield, not just for individual applications, but for the entire interconnected SaaS ecosystem.
LoginRadius started as a simple social login provider but pivoted to create a comprehensive CIAM platform that now reaches over a billion consumers worldwide. My analyst demo with LoginRadius confirmed what they pride themselves on: delivering a user-friendly platform that simplifies CIAM implementation and management.
Qwiet AI is a San Jose, California-based company that develops an AI-powered application security platform. The company's flagship product, preZero, uses machine learning to automate and accelerate application security testing, enabling developers to identify and remediate vulnerabilities early in the software development lifecycle (SDLC). Qwiet AI was founded in 2016 by a team of experienced cybersecurity professionals with a shared vision of empowering developers to build secure software. The company's mission is to "Prevent the Unpreventable" by providing a comprehensive and AI-driven solution that helps organizations of all sizes secure their applications from the very beginning.
We should start by defining what a secret is. It’s really any piece of confidential information used to authenticate access to sensitive resources. This includes passwords, API keys, encryption keys, SSH keys, and other digital credentials. Many of the organizations I talk to have an application security program with some OWASP checks in the pipeline, some SAST, but rarely SCA or DAST testing. GitGuardian believes secrets detection and remediation is crucial for maintaining security and preventing unauthorized individuals from accessing sensitive information or disrupting critical systems. I agree and believe the value it can bring to an application security program is significant.
Q headlines a bevy of announcements at AWS re:Invent 2023 in Las Vegas that shed more light on the cloud service provider’s AI strategy and where its differentiation from other vendors lies.