Product Listings
SecurityScorecard was established in 2013 by security and risk specialists Dr. Alex Yampolskiy and Sam Kassoumeh. The company's patented rating technology is leveraged by a substantial number of organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting. With a mission to make the digital world safer, SecurityScorecard provides solutions for better understanding, enhancing, and conveying security risk. The company's unique offering includes instant cyber risk ratings that correspond with vendor cybersecurity questionnaire responses. This allows a comprehensive view of risk and helps organizations enhance their digital security stance externally. Furthermore, the company’s risk ratings are utilized by companies globally, denoting its widespread acceptance.
Bitsight provides global cyber risk intelligence by leveraging advanced AI to empower organizations with precise insights derived from an extensive external cybersecurity dataset. With more than 3,400 customers and 65,000 organizations active on its platform, Bitsight delivers real-time visibility into cyber risk and threat exposure, enabling teams to rapidly identify vulnerabilities, detect emerging threats, prioritize remediation, and mitigate risks across their extended attack surface.
Bitsight proactively uncovers security gaps across infrastructure, cloud environments, digital identities, and third- and fourth-party ecosystems. From security operations and governance teams to executive boardrooms, Bitsight provides the unified intelligence backbone required for confidently managing cyber risk to address exposures before they impact performance.
UpGuard helps businesses manage cybersecurity risk. UpGuard's integrated risk platform combines third-party security ratings, security assessment questionnaires, and threat intelligence capabilities to give businesses a full and comprehensive view of their risk surface.
Venminder is a firm that concentrates on providing third-party risk management solutions. Their core business lies in offering software, control assessments, expert knowledge, and education to manage such risks. Venminder operates a platform that serves as a one-stop solution for managing a third-party risk management program. The platform includes features such as document storage, vendor onboarding, contract tracking, questionnaire management, and risk assessments among others. Assessments are carried out by a team of experts which enables the identification of potential risks and the understanding of strengths in the vendors' security, privacy, and regulatory compliance among other areas. The platform is utilized by a diverse range of users to execute their third-party risk management programs. In addition to providing software solutions, Venminder staff also contribute their expertise to various conferences, research projects and provide educational content.
OneTrust enables the responsible use of data and AI. The OneTrust Platform simplifies the collection of data with consent and preferences, automates the governance of data with integrated risk management across privacy, security, IT/tech, third-party, and AI risk, and activates the responsible use of data by applying and enforcing data policies across the entire data estate and lifecycle.
Black Kite is a company focused on solving the issue of cyber attacks, particularly those that occur through third parties. The company has developed the first global third-party cyber risk monitoring platform. Its perspective is unique in that it is built from a perspective to counter hacker's approaches. Black Kite concentrates on enhancing the overall cyber ecosystem with their highly accurate and comprehensive cyber intelligence. Unlike other security ratings service providers, Black Kite provides standards-based cyber risk assessments analyzing the cybersecurity posture from three essential dimensions: technical, financial, and compliance, thus bringing a broader and more holistic approach to addressing potential cyber threats and vulnerabilities.
Mitratech Prevalent helps companies reduce security and compliance exposures that come from working with vendors and suppliers throughout the third-party risk management lifecycle.
Archer is a pioneer in risk management, delivering solutions for the heroes tasked with helping their organization deal with uncertainty. We enable better decision making with a technology platform to manage all types of risk. With more than 20 years of experience, Archer is solely dedicated to helping organizations manage risk, ensure compliance and meet emerging challenges such as ESG and operational resilience. Working with the largest pure risk management community globally with more than 1,200 customers of all sizes and industries, we help our customers not by building a wall around their business but by building a bridge to their next opportunity.
ServiceNow is putting AI to work for people. We move with the pace of innovation to help customers transform organizations across every industry while upholding a trustworthy, human centered approach to deploying our products and services at scale. Our AI platform for business transformation connects people, processes, data, and devices to increase productivity and maximize business outcomes.
ProcessUnity is a cloud-based solutions provider helping organizations automate their risk and compliance programs. By offering highly configurable, user-friendly tools, the company aims to drastically reduce manual administrative tasks. As a Software-as-a-Service technology, ProductUnity is designed to deploy quickly with minimal effort from IT resources. The technology aims to deliver faster, improved outcomes with scalability to accommodate the growth of risk governance and compliance programs. The suite of applications provided by ProcessUnity includes Third-Party Risk Management, Cybersecurity Program Management, Policy and Procedure Management, Enterprise Risk Management, Regulatory Compliance Management, and Product and Service Offer Management. The company also emphasizes the importance of creating and nurturing a diverse and inclusive workplace.
Panorays is a provider of third-party cyber risk management solutions, helping businesses optimize their defenses for each unique third-party relationship. Panorays provides businesses the tools to stay ahead of any emerging third-party threats and provides actionable remediations.
RiskRecon, a division of Mastercard, focuses on the identification and mitigation of cybersecurity risks within businesses and their supply chains. Utilizing its sophisticated technology, RiskRecon provides an understanding of potential risks, creating action plans according to the risk-priorities of a business. The primary usefulness of the company lies in its provision of cyber risk analysis and management. RiskRecon has developed a reliable, data-driven platform that offers insights to assist businesses in identifying weak points in their security protocols. Efficient and scalable risk management programs can be established using the RiskRecon platform, thereby allowing for a significant transformation from previously manual processes to automated solutions. By using RiskRecon, businesses can successfully manage cyber risks, resulting in better overall risk outcomes.
Coupa Software is a cloud-based platform focusing on business spend management (BSM). The primary objective of Coupa Software is to provide companies with the necessary tools and features needed to gain visibility and control over their business expenditures, enabling them to make more effective and secure spending decisions. The company has a global outreach and serves an extensive range of businesses worldwide.
Diligent provides AI-powered governance, risk and compliance (GRC) SaaS solutions, helping more than 1 million users and 700,000 board members to clarify risk and elevate governance. The Diligent One AI Platform gives practitioners, the C-suite and the board a consolidated view of their entire GRC practice so they can more effectively manage risk, build greater resilience and make better decisions, faster.
LogicManager is focused on effective risk management in the contemporary See-Through Economy, where company reputation can be jeopardized instantly over social platforms. The company aids enterprises in anticipating future risks, maintaining their reputation, and augmenting their business performance through robust governance. Their enterprise risk management (ERM) software is designed to facilitate proactive risk management across businesses of various sizes and industries. Through its services, LogicManager aims to ensure organizations meet the expectations of various stakeholders within their purview, preparing for surprise events and ultimately contributing positively to the larger community.
CyberGRX is focused on delivering effective third-party cyber risk management solutions. The company has developed a first-of-its-kind third-party cyber risk Exchange. This innovation equips organizations with a dynamic collection of third-party data, along with advanced analytics capabilities. This helps organizations in managing, monitoring, and mitigating risks within their partner ecosystems. CyberGRX is based in Denver, CO and provides a scalable solution for third-party cyber risk management.
Quantivate, established in 2005, provides solutions from enterprise risk and resilience to regulatory compliance and audit, to streamline GRC management in one system that scales as organizations grow. Designed on a configurable platform, solutions are purpose-built for banks, credit unions, and other financial institutions.
SAI360 is an established cloud provider that specializes in the integration of Governance, Risk and Compliance (GRC), Environment, Health and Safety (EHS), Sustainability and Learning. With its SAI360 platform, the company provides a variety of modules which can be adjusted to suit the needs of different organizations. This comprehensive approach aids organizations in their efforts to progress, create trust, comprehend their impact, and develop resilience. The company's primary location is in Chicago and it has a global presence with operations in various regions worldwide.
Allgress is a company that provides solutions to enterprise risk, security, and compliance professionals. The main focus of the company is to manage risk posture efficiently. It uses cutting-edge visualization, automation, streamlined workflows, and the integration of existing data feeds to minimize the complexity and cost involved in risk management. The distinguishing feature of the company's solutions is that customers derive value in a short span of time, compared to other risk management solutions in the market.
Aravo provides third-party risk management solutions powered by intelligent automation software. Designed to meet the needs of third-party risk management teams at Global 2000 enterprises, we help organizations thrive in a global economy with growing security, regulatory, and brand risk. With our Intelligence First Platform purpose-built to manage third-party risk, Aravo uses AI to optimize time-intensive processes, reduce manual work, and drive better business outcomes. Trusted by over 9 million third-party users and 700,000 corporate users in 195+ countries, Aravo empowers global enterprises to mitigate risk, build business resilience, and promote brand integrity across their extended enterprise.