Product Listings
SecurityScorecard Platform is a software that provides organizations with assessments and continuous monitoring of cybersecurity risk across their digital ecosystem. The software aggregates and analyzes data from open-source intelligence, proprietary sensors, and internal security practices to evaluate cybersecurity posture. It offers security ratings, detailed risk factor breakdowns, and analytics to help identify vulnerabilities, misconfigurations, and compliance gaps. The software supports vendor risk management and third-party risk assessments through ongoing monitoring and scoring, enabling organizations to make informed decisions about cybersecurity risks and prioritize remediation efforts. The platform addresses challenges related to understanding and mitigating cyber risk within supply chains and extended partner networks.
Bitsight Cyber Risk Intelligence is a software designed to provide organizations with insights into cyber risk by analyzing and monitoring security performance data from both internal systems and external third parties. The software aggregates information from various sources to assess vulnerability exposure, threat severity, and overall security posture. It enables businesses to identify potential risk areas, evaluate the effectiveness of security controls, and benchmark their cyber resilience against industry standards. By delivering continuous risk assessments and actionable intelligence, the software supports decision-making processes related to security investments, vendor management, and regulatory compliance. The primary business problem addressed involves the need for continuous visibility into cybersecurity risks and the capacity to manage and mitigate those risks effectively.
OneTrust Third-Party Management is a software designed to help organizations identify, assess, and monitor third-party risks throughout the vendor lifecycle. The software enables users to centralize third-party information, conduct risk assessments, automate due diligence processes, and facilitate ongoing monitoring of vendors to support compliance with regulatory requirements. It offers features for workflow automation, documentation management, and customizable risk questionnaires. The software addresses the business challenge of reducing exposure to risks such as data breaches, compliance violations, and operational disruptions that can arise from third-party relationships. It helps streamline third-party onboarding and management while providing tools for continuous evaluation of vendor risk profiles.
Black Kite Third Party Risk Intelligence Platform is a software designed to assess and manage cyber risk across supply chains and third-party vendors. The software provides non-intrusive cyber risk ratings by leveraging open-source intelligence to quantify risk in categories such as data breach probability, compliance, and network security. It translates technical findings into standardized risk assessments, enabling organizations to identify vulnerabilities and prioritize mitigation efforts in their vendor ecosystem. The software aims to support decision-making for risk management by providing continuous risk monitoring and automated reporting, helping organizations reduce the potential impact of third-party cyber threats on business operations.
The Prevalent Third-Party Risk Management Platform is a SaaS solution that automates workflows required to onboard, assess, manage, continuously monitor and remediate third-party vendor and supplier security, privacy, compliance, procurement and supply chain-related risks across every stage of the vendor lifecycle.
Archer is a software designed to help organizations manage risk, compliance, and governance processes. The software offers capabilities such as risk assessment, policy management, incident tracking, third-party management, audit management, and regulatory compliance tracking. Archer enables organizations to centralize and automate risk and compliance data, facilitating the identification, assessment, and mitigation of potential risks across business operations. By providing customizable workflows and reporting tools, Archer aims to support decision-making by delivering visibility into risk posture and supporting adherence to regulatory requirements. The software addresses the business need to streamline risk management activities, improve oversight, and support organizational resilience through an integrated platform.
ServiceNow Vendor Risk Management is a software that streamlines the process of assessing, monitoring, and mitigating risks associated with third-party vendors. The software facilitates centralized management of vendor information, automates risk assessments, and provides tools for tracking performance and compliance with regulations and policies. It supports the identification of potential risks and monitors vendor activities throughout the lifecycle, helping organizations to manage due diligence processes and maintain an updated risk profile for each vendor. The software integrates with other risk and compliance processes, offering reporting and analytics to support informed decision making and organizational risk reduction.
ProcessUnity Vendor Risk Management is a software that helps organizations assess, monitor, and manage the risks associated with third-party vendors. The software provides a centralized platform for tracking vendor information, due diligence activities, risk assessments, and ongoing monitoring processes. It offers features such as workflow automation, customizable questionnaires, document management, and reporting capabilities. The software is designed to support organizations in identifying potential vulnerabilities within their supply chain, ensuring regulatory compliance, and maintaining oversight of vendor performance. ProcessUnity Vendor Risk Management addresses business challenges related to vendor risk visibility, compliance requirements, and operational risk mitigation.
Panorays is a software designed to automate third-party security risk management. It enables organizations to assess, monitor, and manage the security posture of their external vendors. The software provides continuous security assessments using multiple data sources and questionnaires customized to business requirements. Panorays offers automated workflows for risk remediation and integrates with existing governance, risk, and compliance processes. Its features include risk rating and analysis, reporting capabilities, and collaboration tools to facilitate communication with vendors. The software addresses the business problem of managing cybersecurity risks associated with third-party relationships, aiming to streamline risk evaluation and enhance visibility into vendors security practices.
Coupa is a software designed for business spend management, enabling organizations to control and optimize procurement, invoicing, and expenses. The software provides modules for sourcing, contract management, supplier collaboration, and analytics to help monitor and manage financial operations. Through its cloud-based platform, users can automate purchasing workflows, enforce compliance with policies, and gain visibility into spend data. Coupa addresses challenges such as manual processing, lack of spend control, and limited insight into supplier performance, supporting businesses in improving efficiency and reducing costs associated with unmanaged spending.
Diligent One Platform is a software that integrates governance, risk and compliance functionalities to support organizational oversight and decision-making. The software offers modules for board management, risk assessment, internal controls, audit management and compliance tracking. It enables users to centralize documentation, monitor regulatory requirements, and automate reporting processes. By providing analytics and customizable dashboards, the software aims to streamline workflows and enhance transparency in managing risks and meeting compliance obligations. Diligent One Platform is designed to facilitate collaboration among stakeholders, support policy and procedure management, and help organizations address regulatory and operational challenges.
Vendor Management Software by Quantivate is a software designed to help organizations manage the entire lifecycle of third-party vendors. The software provides features such as centralized document storage, automated risk assessments, contract management, due diligence tracking, performance monitoring, and compliance management. It enables organizations to streamline communication with vendors, track and evaluate vendor performance, and ensure regulatory requirements are met. By automating workflows and centralizing data, the software addresses challenges related to manual tracking, reducing errors and improving visibility into vendor relationships. The software supports effective risk mitigation and decision-making through reporting and analytics capabilities.
SAI360 Third-Party Risk & Vendor Risk Management is a software designed to help organizations identify, assess, and monitor risks associated with third-party vendors throughout the lifecycle of their relationships. The software provides tools for due diligence, risk assessment, contract management, and ongoing vendor performance monitoring. It enables users to centralize documentation, automate risk assessments, and track mitigation activities in alignment with regulatory requirements. The software also facilitates reporting and audit capabilities to support governance and compliance objectives. By streamlining these risk management processes, the software aims to support organizations in reducing exposure to third-party risks and maintaining oversight of vendor operations.
Aravo’s Intelligence-First platform delivers AI-powered third-party risk management for global enterprises to manage risk and performance across suppliers, vendors, partners, and other external relationships. It consolidates risk views and many scorecards by combining external and internal data, giving teams clear, actionable insights into vendor risk. Flexible risk domain management spans Cyber, Privacy, ABAC, ESG, and more, while the scalable model captures 4th- and nth-party relationships. Aravo AI provides interactive and workflow agents that orchestrate consistent, data-driven decisions and automate time-consuming tasks, streamlining complex processes while maintaining transparency. With dozens of configurable dashboards, teams gain complete visibility into risk. Aravo’s integration ecosystem includes over 45 plug-and-play risk intel connectors and seamless data exchange with ERPs, CRMs, GRCs, and analytics platforms, enabling fast, confident mitigation across all risk domains.
Allgress is a software designed to streamline and simplify risk management, compliance, and security operations for organizations. The software assists users in identifying, assessing, and mitigating risks associated with information technology and regulatory requirements. It provides features such as automated risk assessments, compliance tracking, policy management, and reporting capabilities. Allgress software enables businesses to categorize and prioritize risks, monitor regulatory changes, and maintain documentation for audits. By facilitating efficient risk and compliance processes, the software aims to reduce manual effort and help organizations maintain a comprehensive understanding of their risk posture.
Smarsh Vendor Risk Management is a software designed to assist organizations in identifying, evaluating, and mitigating risks associated with third-party vendors. The software provides tools for automating vendor risk assessments, monitoring vendor compliance with regulatory requirements, and managing documentation related to vendor relationships. It enables users to centralize vendor information, track performance metrics, and streamline risk reporting processes. Smarsh Vendor Risk Management supports businesses in reducing exposure to operational, financial, and compliance risks by facilitating thorough due diligence and ongoing oversight of vendor activities within a secure and organized framework.
Recorded Future Third-Party Intelligence is a software designed to provide continuous risk monitoring and analysis of third-party vendors and partners. The software utilizes data aggregation and machine learning to assess external threats and vulnerabilities related to supply chain and vendor relationships. It enables organizations to identify, prioritize, and remediate risks by delivering actionable intelligence about cyber, operational, and regulatory exposures associated with third-party entities. The software integrates with existing security workflows and systems to streamline the evaluation and management of third-party risk, helping organizations make informed decisions and comply with regulatory requirements. Its features include automated data collection, risk scoring, and reporting tools that support efficient and comprehensive third-party risk assessments.
Optro is a GRC software solution that helps enterprises manage audit, risk, and compliance workflows through an agentic system of action. By using GRC-trained AI, centralizing disparate data points, and automating manual processes, the platform enables organizations to transition from reactive risk management to proactive strategic planning. The platform functions as a comprehensive ecosystem for risk managers, assurance leaders, internal auditors, and compliance officers. It addresses the increasing complexity of modern regulatory environments by providing tools for real-time monitoring and reporting. Optro facilitates a streamlined flow of information between teams, ensuring that risk data is not siloed but instead used to inform high-level business decisions. Optro’s approach allows companies to identify emerging threats and operational vulnerabilities before they impact the bottom line, ultimately turning risk management into a driver of organizational opportunity.
It discovers and analyzes vendors’ external-facing assets, including cloud infrastructure, to identify vulnerabilities, misconfigurations, and potential data exposures. The platform uses AI-driven modules for attack surface visibility, shadow IT detection, and threat intelligence correlation. A proprietary Vendor Risk Questionnaire system automates compliance assessments and triggers re-evaluation based on changes in a vendor’s environment.
Additionally, RiskProfiler facilitates compliance tracking by mapping findings to regulatory frameworks and internal policies. The system supports integration with SIEMs, GRC tools, and other platforms, enabling centralized issue management, benchmarking, and portfolio oversight. Risk findings are enriched with threat actor profiling and updated through real-time monitoring. All vendor data is presented in a unified dashboard, supporting both operational security workflows and regulatory audits.
NAVEX IRM Software is designed to support organizations with integrated risk management by providing tools to identify, assess, and manage risks across various business units. The software enables users to automate risk and compliance workflows, document and track incidents, evaluate controls, and ensure regulatory adherence. Features include centralized dashboards, reporting capabilities, policy management, and audit tracking. NAVEX IRM Software assists businesses in improving visibility into risk exposure and helps facilitate the management of operational, third-party, and IT-related risks to support informed decision-making and organizational governance.