Optiv Security Acquires Substantially All Assets of Evantix to Build Industry’s First Holistic, Cloud-Based Third-Party Risk Solution

Optiv Security Acquires Substantially All Assets of Evantix to Build Industry’s First Holistic, Cloud-Based Third-Party Risk Solution

Denver – May 12, 2016 - Optiv Security, a market-leading provider of end-to-end cyber security solutions, today announced that it has completed the purchase of substantially all assets of Evantix GRC, LLC, a Calif.-based provider of a Software as a Service (SaaS) application for managing third-party risk. Optiv will combine the Evantix technology platform with Optiv’s existing third-party risk services to develop the industry’s first holistic, cloud-based third-party risk cyber security solution. The terms of the transaction are not being disclosed.


“The majority of breaches occur as a result of third parties. That’s because most organizations with limited resources and budget are only able to assess a small number of the hundreds to thousands of third parties they use,” said Tim Hoffman, Optiv’s executive vice president, client solutions. “This acquisition of the Evantix platform enables us to create a robust, comprehensive, third-party risk solution backed by cloud to assess client environments and develop a cohesive program strategy to help them plan, build and run more successful third-party risk programs.” 


Optiv currently offers four existing and proven third-party risk services, including:


  1. Third-Party Risk Maturity Assessment – reviews clients’ existing third-party risk management programs and key functional areas. Provides high-level assessments of current maturity and prioritized roadmaps for improvement that align with business need.
  2. Third-Party Risk Management Program Development – helps clients develop a third-party risk management program that allows them to “hit the ground running” with processes and tools that are customized to their organization and tested to meet their specific needs.
  3. Third-Party Risk Discovery and Analysis – creates a single source of information and provides risk analysis of current third parties for risk ranking and prioritization of clients’ third-party populations. 
  4. Third-Party Risk Assessment – classifies clients’ third parties based on client-provided criteria to determine the level of due diligence desired. Optiv evaluates the security practices of each third-party partner to determine if they meet the clients’ security requirements or accepted standards, such as ISO 27002 or applicable regulations. 

Optiv Security: Secure greatness.®

Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.