OneTrust Reviews & Competitors

How does OneTrust compare to the competition?

There are a lot of security ratings platforms out there, and choosing the right one can be overwhelming. We want you to choose the best platform for you, even if it’s not us.
OneTrust is a competitor of UpGuard in the Vendor Risk Management space. Learn how cybersecurity professionals rate SecurityScorecard's VRM features against other alternatives in the market.
UpGuard is trusted by hundreds of companies worldwide
Trusted by hundreds of companies worldwide

OneTrust feature-by-feature comparisons

Here are a couple of handy feature-by-feature comparisons to help you compare OneTrust to the competition.
Capabilities
Star rating
Ability to create and automate workflows for onboarding and offboarding vendors. Helps users maintain a vendor inventory, along with relevant information.
5 stars
2,000,000+ organizations scanned daily. Non-intrusive scans of IPv4 web space completed in just 24 hours.
Star rating
Offers cybersecurity ratings and deep reporting capabilities to help businesses surface and manage cyber risks
Star rating
Provides a risk rating between 0 and 100 but unknown number of companies covered.
Star rating
Provides a security questionnaire and vendor due diligence information exchange to help reduce the operational overhead of traditionally manual and point in time assessments.
Usability and the learning curve
Star rating
A fully cloud-based service with minimal installation criteria required.
5 stars
High-level summation of risk with the ability to drill down into precise technical details.
Star rating
Provides dashboard visibility for risk prioritization based on configured policy. Cloud based platform offers minimal need for installation.
Star rating
Risks detailed on each point-in-time vendor assessment, as well as cybersecurity risk ratings.
Star rating
Risks detailed on point-in-time vendor assessment coupled with continuous monitoring of inherent risk, threat intelligence, and risk scoring. The exchange model forces more frequent point in time assessments, as many as 2-3 times each year.
Community support
Star rating
Engages their user community with regular blog posts on topics covering relevant security incidents, global privacy regulations, new feature updates, industry developments, webinars, and certification and training programs.
5 stars
UpGuard Summit brings together a community of security leaders from leading companies, explores the future of security and helps businesses stay secure. The UpGuard cybersecurity and risk management blog is updated four times a week and our breach research blog has uncovered and secured some of the largest data breaches.
Star rating
Offers a customer user academy, consistently updated company blog, coverage of critical global security events, and a regular webinar schedule for sharing best practices.
Star rating
Company and product blog.
Star rating
ProcessUnity (formerly CyberGRX) offers extensive community support sharing best platform and program practices via regularly updated podcasts, webinars, whitepapers, and strategic partnerships.
Release rate
Star rating
States that they make at least monthly updates to their suite of product offerings.
4 stars
UpGuard has adopted DevOps principles internally to develop, test, and release software continuously, ensuring fast, consistent, and safe releases.
Star rating
RiskRecon does not appear to publicly share regular release rates, roadmaps, or documentation for solution updates.
Star rating
Star rating
ProcessUnity (formerly CyberGRX) makes product releases throughout the year as needed and documents release notes monthly to help users understand and make use of beneficial changes.
Pricing and support
Star rating
Offers largely transparent pricing for their multiple offerings via their website, with flexible pricing & billing options for small & growing businesses.
5 stars
UpGuard has a transparent pricing model which you can view here. UpGuard pricing starts at $5,999/year and scales with your company.
Star rating
Public pricing information is not available. Pricing is reported to start at $10,000 and increases based on the number of vendors monitored.
Star rating
Public pricing information is not available.
Star rating
ProcessUnity (formerly CyberGRX) lists typical engagements as starting at around $120,000 USD. This includes validated assessments data, and unlimited access to the CyberGRX Exchange.
API and extensibility
Star rating
Offers REST API and SDK for data feed connectivity and workflow management options with external applications.
4 stars
UpGuard offers a standard API to pull data into other enterprise applications.
Star rating
Star rating
Star rating
ProcessUnity (formerly CyberGRX) offers a fully functional bidirectional API.
Third-party integrations
Star rating
Offers out-of-the-box integrations with a broad range of third-party platforms. OneTrust’s healthy ecosystem of integration options includes third-party platforms such as ServiceNow, UpGuard, Adobe, RSA Archer, and more.
4 stars
Connect UpGuard with over 4,000+ apps using our Zapier integration.
Star rating
Offers integrations with GRC platforms, such as RSA Archer, Sigma Ratings, Whistic, and more.
Star rating
Integrates with ServiceNow.
Star rating
Integrates with multiple GRC platforms, visualization tools, ticketing systems, and SOC tools.
Customers
Star rating
Notable listed OneTrust customers include Air Canada, DHL, and Drax.
5 stars
The New York Stock Exchange (ICE), Morningstar, TDK, PagerDuty, Hopin, and IAG. Read our customer stories.
Star rating
Major customers include Informatica, Tufts Health Plan, University of San Francisco, and Sentara.
Star rating
Customers include Iron Mountain, Pfizer, London Stock Exchange, Herbert Smith Freehills, and Ford.
Star rating
Major customers include Medibank Private, Mass Mutual, QBE, Solix, and McAfee.
G2 rating
Accurate as of January 2024
Star rating
4.5, based on 92 reviews
5 stars
4.5, based on 164 reviews. Named a G2 Market Leader for Third Party & Supplier Risk Management Software.
Star rating
4.5, based on 2 reviews.
Star rating
4.6, based on 19 reviews.
Star rating
4.5, based on 19 reviews.
Predictive capabilities
Star rating
Offers an AI engine via their Athena product enabling risk insights across privacy, security, & governance risks. For their third-party risk offerings, this will include insights about a vendor’s internally managed security controls, policies, and practices. However, OneTrust does not natively incorporate many of the critical breach vectors associated with an organization’s external-facing attack surfaces.
5 stars
As UpGuard checks for misconfigurations across your Internet footprint, many important breach vectors are covered, including phishing, ransomware susceptibility (like WannaCry), man-in-the-middle attacks, DNSSEC, vulnerabilities, email spoofing, domain hijacking, and DNS issues. Data leaks are automatically surfaced by the platform for your team to assess and close before they become breaches.
Star rating
Allows users to implement a baseline configuration within the RiskRecon portal to match risk structures being used to manage enterprise and third-party risk. Risks monitored provide visibility into email security, application security, network filtering, and more.
Star rating
Relies on point-in-time risk assessments and cybersecurity risk ratings based on monitoring 1,500+ criminal forums; thousands of onion pages, 80+ dark web special access forums; 65+ threat intelligence feeds; and 50+ paste sites for leaked credentials and potentially targeted companies — as well as several security communities, code repositories, and vulnerability databases.
Star rating
Checks identified risk vectors such as phishing, ransomware susceptibility (like WannaCry), man-in-the-middle attacks, DNSSEC, vulnerabilities, email spoofing, domain hijacking, and DNS issues. Data breach incidents are captured, and notice is provided via the exchange.
Security rating
X
950
/ 950
X
950
/ 950
X
950
/ 950
X
950
/ 950
X
950
/ 950
Capabilities
Star rating
Ability to create and automate workflows for onboarding and offboarding vendors. Helps users maintain a vendor inventory, along with relevant information.
Usability and the learning curve
Star rating
A fully cloud-based service with minimal installation criteria required.
Community support
Star rating
Engages their user community with regular blog posts on topics covering relevant security incidents, global privacy regulations, new feature updates, industry developments, webinars, and certification and training programs.
Release rate
Star rating
States that they make at least monthly updates to their suite of product offerings.
Pricing and support
Star rating
Offers largely transparent pricing for their multiple offerings via their website, with flexible pricing & billing options for small & growing businesses.
API and extensibility
Star rating
Offers REST API and SDK for data feed connectivity and workflow management options with external applications.
Third-party integrations
Star rating
Offers out-of-the-box integrations with a broad range of third-party platforms. OneTrust’s healthy ecosystem of integration options includes third-party platforms such as ServiceNow, UpGuard, Adobe, RSA Archer, and more.
Customers
Star rating
Notable listed OneTrust customers include Air Canada, DHL, and Drax.
G2 rating
Accurate as of January 2024
Star rating
4.5, based on 92 reviews
Predictive capabilities
Star rating
Offers an AI engine via their Athena product enabling risk insights across privacy, security, & governance risks. For their third-party risk offerings, this will include insights about a vendor’s internally managed security controls, policies, and practices. However, OneTrust does not natively incorporate many of the critical breach vectors associated with an organization’s external-facing attack surfaces.
Security rating
X
950
/ 950
Capabilities
5 stars
2,000,000+ organizations scanned daily. Non-intrusive scans of IPv4 web space completed in just 24 hours.
Usability and the learning curve
5 stars
High-level summation of risk with the ability to drill down into precise technical details.
Community support
5 stars
UpGuard Summit brings together a community of security leaders from leading companies, explores the future of security and helps businesses stay secure. The UpGuard cybersecurity and risk management blog is updated four times a week and our breach research blog has uncovered and secured some of the largest data breaches.
Release rate
4 stars
UpGuard has adopted DevOps principles internally to develop, test, and release software continuously, ensuring fast, consistent, and safe releases.
Pricing and support
5 stars
UpGuard has a transparent pricing model which you can view here. UpGuard pricing starts at $5,999/year and scales with your company.
API and extensibility
4 stars
UpGuard offers a standard API to pull data into other enterprise applications.
Third-party integrations
4 stars
Connect UpGuard with over 4,000+ apps using our Zapier integration.
Customers
5 stars
The New York Stock Exchange (ICE), Morningstar, TDK, PagerDuty, Hopin, and IAG. Read our customer stories.
G2 rating
Accurate as of January 2024
5 stars
4.5, based on 164 reviews. Named a G2 Market Leader for Third Party & Supplier Risk Management Software.
Predictive capabilities
5 stars
As UpGuard checks for misconfigurations across your Internet footprint, many important breach vectors are covered, including phishing, ransomware susceptibility (like WannaCry), man-in-the-middle attacks, DNSSEC, vulnerabilities, email spoofing, domain hijacking, and DNS issues. Data leaks are automatically surfaced by the platform for your team to assess and close before they become breaches.
Capabilities
Star rating
Offers cybersecurity ratings and deep reporting capabilities to help businesses surface and manage cyber risks
Usability and the learning curve
Star rating
Provides dashboard visibility for risk prioritization based on configured policy. Cloud based platform offers minimal need for installation.
Community support
Star rating
Offers a customer user academy, consistently updated company blog, coverage of critical global security events, and a regular webinar schedule for sharing best practices.
Release rate
Star rating
RiskRecon does not appear to publicly share regular release rates, roadmaps, or documentation for solution updates.
Pricing and support
Star rating
Public pricing information is not available. Pricing is reported to start at $10,000 and increases based on the number of vendors monitored.
API and extensibility
Star rating
Offers a standard API to create extensibility for RiskRecon cybersecurity ratings.
Third-party integrations
Star rating
Offers integrations with GRC platforms, such as RSA Archer, Sigma Ratings, Whistic, and more.
Customers
Star rating
Major customers include Informatica, Tufts Health Plan, University of San Francisco, and Sentara.
G2 rating
Accurate as of January 2024
Star rating
4.5, based on 2 reviews.
Predictive capabilities
Star rating
Allows users to implement a baseline configuration within the RiskRecon portal to match risk structures being used to manage enterprise and third-party risk. Risks monitored provide visibility into email security, application security, network filtering, and more.
Security rating
X
950
/ 950
Capabilities
Star rating
Provides a risk rating between 0 and 100 but unknown number of companies covered.
Usability and the learning curve
Star rating
Risks detailed on each point-in-time vendor assessment, as well as cybersecurity risk ratings.
Community support
Star rating
Company and product blog.
Release rate
Star rating
Pricing and support
Star rating
Public pricing information is not available.
API and extensibility
Star rating
Third-party integrations
Star rating
Integrates with ServiceNow.
Customers
Star rating
Customers include Iron Mountain, Pfizer, London Stock Exchange, Herbert Smith Freehills, and Ford.
G2 rating
Accurate as of January 2024
Star rating
4.6, based on 19 reviews.
Predictive capabilities
Star rating
Relies on point-in-time risk assessments and cybersecurity risk ratings based on monitoring 1,500+ criminal forums; thousands of onion pages, 80+ dark web special access forums; 65+ threat intelligence feeds; and 50+ paste sites for leaked credentials and potentially targeted companies — as well as several security communities, code repositories, and vulnerability databases.
Security rating
X
950
/ 950
Capabilities
Star rating
Provides a security questionnaire and vendor due diligence information exchange to help reduce the operational overhead of traditionally manual and point in time assessments.
Usability and the learning curve
Star rating
Risks detailed on point-in-time vendor assessment coupled with continuous monitoring of inherent risk, threat intelligence, and risk scoring. The exchange model forces more frequent point in time assessments, as many as 2-3 times each year.
Community support
Star rating
ProcessUnity (formerly CyberGRX) offers extensive community support sharing best platform and program practices via regularly updated podcasts, webinars, whitepapers, and strategic partnerships.
Release rate
Star rating
ProcessUnity (formerly CyberGRX) makes product releases throughout the year as needed and documents release notes monthly to help users understand and make use of beneficial changes.
Pricing and support
Star rating
ProcessUnity (formerly CyberGRX) lists typical engagements as starting at around $120,000 USD. This includes validated assessments data, and unlimited access to the CyberGRX Exchange.
API and extensibility
Star rating
ProcessUnity (formerly CyberGRX) offers a fully functional bidirectional API.
Third-party integrations
Star rating
Integrates with multiple GRC platforms, visualization tools, ticketing systems, and SOC tools.
Customers
Star rating
Major customers include Medibank Private, Mass Mutual, QBE, Solix, and McAfee.
G2 rating
Accurate as of January 2024
Star rating
4.5, based on 19 reviews.
Predictive capabilities
Star rating
Checks identified risk vectors such as phishing, ransomware susceptibility (like WannaCry), man-in-the-middle attacks, DNSSEC, vulnerabilities, email spoofing, domain hijacking, and DNS issues. Data breach incidents are captured, and notice is provided via the exchange.
Security rating
X
950
/ 950

OneTrust Pricing

OneTrust offers largely transparent pricing for their multiple offerings via their website. Additionally, OneTrust offers flexible pricing & billing options for small & growing businesses.

For established businesses with more advanced needs, OneTrust offers Standard & Advanced packages ranging in annual price from $6,000 - $18,000 USD. 

Pricing for more complex deployments requiring API and integrations access can only be accessed by speaking to a OneTrust representative.

See UpGuard's pricing >

OneTrust Features

The OneTrust platform helps users assess and manage cyber risk from third-party vendors in their digital supply chain.

The OneTrust solution leverages security questionnaires and remediation workflows through both an exchange and ad-hoc model to help customers reduce risk and improve due diligence efficiency across vendor relationships.

OneTrust Use Cases

The core capability of OneTrust’s third-party risk offering is the ability to create and automate workflows for onboarding and offboarding vendors. This helps users maintain an inventory of their vendors along with relevant information such as risk tiers, service types, and commercial timeframes.

OneTrust Demo / Trial

OneTrust offers a free trial of its platform of Privacy & Data Governance, GRC & Security Assurance, Ethics & Compliance, and ESG solutions to help organizations learn how OneTrust can help operationalize risk, compliance, and business initiatives to make trust a competitive advantage.

OneTrust API

OneTrust offers out-of-the-box integrations with a broad range of third-party platforms. OneTrust’s healthy ecosystem of integration options includes third-party platforms such as ServiceNow, UpGuard, Adobe, RSA Archer, and more.

OneTrust Reviews

The general sentiment of OneTrust users based on multiple review sources is summarized below.

Key Pros:

1. Ease of Use and User-Friendly Interface

The user-friendly design of OneTrust's interface is highly regarded by users, simplifying the management of data privacy and governance tasks.

2. Impressive feature-set 

OneTrust users have praised the platform's wide range of featues addressing multple categories of third-party risk management, including privacy management, GDPR compliance and even data mapping.

3. Customer support

OneTrust's customer support team is highly regarded by users, with prompt assistance consistently available even beyond initial implementation.

4. Regular updates

Some users have highlighted the regularity of updates being pushed to the OneTrust platform. 

Key Cons:

1. Integration challenges

Several users have reported integration issues, particularly with cookies compliance and consent management tools. Issues include bugs and challenges with establishing integrations.

2. Complex implementation

While OneTrust offers an impressive set of features in its platform, users have reported frustrations with implementing these features, resulting in lengthy and challenging implementation processes.

3. Performance issues

Some users have reported functionality issues on the OneTrust platform, particularly with cookie compliance modules and export functionalities​​.

OneTrust Reviews

Gartner Peer Insights

Overall ratings for the IT VRM Solutions market. Accurate as of January 2024

UpGuard

5 stars
4.4, based on 160 reviews. Named a Representative Vendor in the 2022 Gartner Market Guide for IT VRM Solutions

OneTrust

4.3, based on 163 reviews

G2

Accurate as of January 2024

UpGuard

5 stars
4.5, based on 164 reviews. Named a G2 Market Leader for Third Party & Supplier Risk Management Software.

OneTrust

4.5, based on 92 reviews

Glassdoor

Accurate as of January 2024

UpGuard

5 stars
4.6

OneTrust

2.7
All Competitors & Alternatives

See how OneTrust compares side-by-side

We want you to choose the best platform, even if it's not UpGuard.
Want to see how UpGuard stacks up against the competition?
Start a free trial and get complete visibility into your attack surface and third-party risks.