Name: RiskRecon
Rating: 4.4 (79 reviews)

Overview

Product Information on RiskRecon

Updated 13th October 2025

What is RiskRecon?

RiskRecon is a software designed to assist organizations in managing third-party risk by providing continuous monitoring and analysis of vendors' cybersecurity practices. The software enables users to evaluate the security postures of external partners through automated assessments that use openly available data and proprietary techniques. It offers features such as risk rating, detailed security reporting, and benchmarking, helping businesses identify potential vulnerabilities in their supply chain. RiskRecon supports compliance and governance efforts by highlighting areas where vendors may fall short of industry standards and enables prioritization of risk mitigation actions. The software aims to improve decision-making regarding vendor relationships and to reduce exposure to threats originating from third-party connections.

Overall experience with RiskRecon

DIRECTOR, IT SECURITY AND RISK MANAGEMEN

1B - 3B USD, Healthcare and Biotech

FAVORABLE

“RiskRecon: Balancing Multiple Integrations for Robust TPRM Programs”

5.0

Apr 22, 2025

The Risk Recon team has been instrumental in getting us up and running and using the tools. Also, they periodically meet with us to ensure we are provided the relevant knowledge and updates to take advantage of the RiskRecon tool and the vendor information that we've purchase.

MANAGER, IT SECURITY AND RISK MANAGEMENT

250M - 500M USD, Banking

CRITICAL

“RiskRecon's Data Breach Notification Enhances Third Party Risk Management”

3.0

Apr 3, 2025

RiskRecon is one of our key third party and supplier risk management tools and their data breach notification is useful. There are too many false positives which require human interaction which should be solved using AI in the future. However, the ease of use of the tool and vendor breach notification is making the product worth it.

About Company

Company Description

RiskRecon, a division of Mastercard, focuses on the identification and mitigation of cybersecurity risks within businesses and their supply chains. Utilizing its sophisticated technology, RiskRecon provides an understanding of potential risks, creating action plans according to the risk-priorities of a business. The primary usefulness of the company lies in its provision of cyber risk analysis and management. RiskRecon has developed a reliable, data-driven platform that offers insights to assist businesses in identifying weak points in their security protocols. Efficient and scalable risk management programs can be established using the RiskRecon platform, thereby allowing for a significant transformation from previously manual processes to automated solutions. By using RiskRecon, businesses can successfully manage cyber risks, resulting in better overall risk outcomes.

Company Details

Company type

Private

Year Founded

2013

Head office location

Salt Lake City, United States

Number of employees

51 - 200

Website

https://www.riskrecon.com

Do You Manage Peer Insights at Mastercard (RiskRecon)?

Access Vendor Portal to update and manage your profile.

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

User Sentiment About RiskRecon

Reviewer Insights for: RiskRecon

Deciding Factors: RiskRecon Vs. Market Average

Performance of RiskRecon Across Market Features

RiskRecon Likes & Dislikes

Ease of use, great portal that allows us to review different vendors and ensure there 3rd party services meet our needs. Continuing support by support team to inform us of new product specific updates or additions that would allow us to review our 3rd parties and ensure they meet different Information Security criteria or security frameworks such as HIPPA, NIST, SOX, etc..

Ease of use and supplier Data breach notification

The ability to share reports with third parties so I don't have to be a go-between for any issues that arise with the third parties that we ask to review and respond to. They have an interface where they can see the report results and recommended solutions.

There are so many integrations sometimes it is difficult to know which we should use or provide the most bang for the buck. Also, the tool has so many frameworks and controls it can be difficult to ensure the vendor meets the ones critical to success to our TPRM program.

False positive rate, not fully customizable, not combined with offline security assessment

Weaknesses: 1. Currently using separate user IDs and passwords, but we are working on AD integration (which it was not obvious was available in their administration menu); 2. ability to trace what improved or declined between scans is limited (beyond the generic title); 3. Reports can be tricky if you aren't paying attention to which categories in your portfolio are being applied to them.

Top RiskRecon Alternatives

4.4

(278 Ratings)

4.6

(264 Ratings)

4.6

(242 Ratings)

View All Alternatives

Peer Discussions

RiskRecon Reviews and Ratings

4.4

(79 Ratings)

Rating Distribution

5 Star: 56%
4 Star: 33%
3 Star: 11%
2 Star: 0%
1 Star: 0%

Customer Experience

Evaluation & Contracting

4.5

Integration & Deployment

4.5

Service & Support

4.6

Product Capabilities

4.3

Filter Reviews

Sort By:

Most helpful

Last 12 Months

Star Rating

Reviewer Type

Reviewer's Company Size

Reviewer's Industry

Reviewer's Region

Reviewer's Job Function

DIRECTOR, IT SECURITY AND RISK MANAGEMEN
1B-10B USD
Healthcare and Biotech
Review Source
RiskRecon: Balancing Multiple Integrations for Robust TPRM Programs
5.0
Apr 22, 2025
The Risk Recon team has been instrumental in getting us up and running and using the tools. Also, they periodically meet with us to ensure we are provided the relevant knowledge and updates to take advantage of the RiskRecon tool and the vendor information that we've purchase.
CISO
Gov't/PS/Ed
Education
Review Source
Exploring RiskRecon: A Powerful Tool for Internet Presence Surveillance
5.0
Apr 17, 2025
We leverage RiskRecon to look at our own internet facing presence but also that of our data sharing partners and vendors. It has been a fantastic tool to provide awareness.
IT SECURITY PROGRAM MANAGER
10B+ USD
Healthcare and Biotech
Review Source
Get a Picture of your Organization's Risk Exposure - Great Product!
5.0
Apr 17, 2025
RiskRecon has provided us with a clear assessment of our vulnerabilities and has worked tirelessly with us to assist us to remediate risk and security issues for our company. The staff is friendly, supportive, and tremendously easy to work with. Our overall experience with RiskRecon has been extremely excellent!
Vendor Managment Program Manager
1B-10B USD
Banking
Review Source
Efficient Security Tool with Room for Improvement
4.0
Apr 14, 2025
The tool has been very useful. The only drawback I've experienced is unnecessary "noise" that can lead to misleading and inaccurate results for some of the larger vendors being reviewed.
AVP ENTERPRISE SECURITY
50M-1B USD
Insurance (except health)
Review Source
RiskRecon: A Useful Tool for Scoring 3rd Party Vendors
4.0
Apr 17, 2025
I find that RiskRecon is a helpful tool to provide a high level score for 3rd Party Vendors.

...

Showing Result 1-5 of 79

Recommended Gartner Insights

Market Guide for Third-Party Risk Management Technology Solutions

RiskRecon