Watch this video on YouTube
What is the MOST cost-effective method of identifying new vendor vulnerabilities?