The blind faith required to purchase equipment from vendors who receive their parts from all over the world, including from countries that may have malicious intent directed at the United States, has now become a supply chain risk that’s evolving at a rapid pace. Due Diligence X© (DDX) was created with this in mind.


DDX performs both static and dynamic analysis where the threats are often lurking and could be activated at the time of installation or pre-programmed to activate at a specific date and time.

What's the problem?

Supply chain security has been overlooked for years and now at last, U.S. regulations are going into place to safeguard this massively overlooked vulnerability. For those who have recognized the vulnerability, there has been frustration over how to tackle such a huge undertaking.

Our Product

Due Diligence X  as a product, performs a deep analysis to verify vendors and/or suppliers’ product security. It can detect and notify you of potential threats and compromises your vendors and/or suppliers may not even be aware of involving the components built into their products.

how does it work?

DDX is a multi-user web based platform for Cyber Supply Chain Security. Our hardware and software automates analysis of your devices and associated sub- components.

It can run in the Cloud (our cloud or yours) or it can run in your data center or on private networks.

How Long Have We Been Doing Cyber Supply Chain Security?

Great Question! We saw the cyber threat involving supply chain security first hand 6 years ago and started right then and there to develop and implement a model and platform to handle the risk associated with these vulnerabilities and threats.

DDX is a straightforward and tested product that does NOT involve a massive change to internal procedures. It is designed to help you protect your assets including appliances, servers, IoT (Internet of Things) and commodity IT hardware.

Tophat Security’s DDX product goes above and beyond standard static analysis by performing dynamic analysis as well.


Whether or not your organization is required to follow NERC regulations, there is no denying they were designed to safeguard and protect vital components. Due Diligence X addresses one of the most important North American Reliability Corporation requirements, NERC’s Reliability Standard CIP-013-1 – Cyber Security – Supply Chain Risk Management.

Viewed from a wider perspective, Due Diligence X is a game changer in Third Party Supply Chain Security!