UpGuard BreachSight Features

Acknowledge risks

Security ratings

Use our security ratings to get a data-driven, objective, and dynamic measurement of your organization’s security posture. Our security ratings are generated through the analysis of trusted commercial, open-source, and proprietary threat intelligence feeds and non-intrusive data collection methods.

Custom notifications

UpGuard comes with a host of default notifications, and allows you to create and manage custom notifications as well. These can be used for in-app and email alerts, or webhook triggers.

Get notified when you organization score drops
Get notified when a vendor's score drops below a threshold
Custom notifications can also be used to trigger webhook integrations
Customize notifications based on labels and vendor tiers

Your security rating

Instantly understand your organization’s overall security posture.

Easy to understand for non-technical stakeholders and senior management
Updated multiple times a day
Based on the analysis of each of your underlying domains and their security ratings

Domain security ratings

Explore the security posture of individual domains and drill into issues.

Based on the analysis of hundreds of individual risks across five risk categories

Continuous security monitoring

Get real-time information about misconfigurations, understand your risk profile, and get started in minutes, not weeks, with our fully integrated solution and API. Because we use externally verifiable information, you won’t have to lift a finger to get started.

Incidents & news feed

View all of the recent security incidents or just the ones related to you and your vendors, or even view news and incidents separately.

Stay on top of important security trends and news related to your industry and your vendors
See incidents based on severity for you organization and your vendors
Easily search an organization, or an incident
Filter the incidents by company, time, threat actor, threat actor location or the type of data exposed

Risk profile

Instantly understand your risk profile and drill down into individual risks shared across your infrastructure.

Transparent security ratings
Intelligent risk categories
Updated daily
Real-time risk insights

Domains & IPs

View the domains and IPs that belong to your organization and their corresponding cyber risks.

See the security rating of each domain and associated risks
Automatic domain discovery, no manual input needed
Label domains based on owner, use, or any other category

Attack surface reduction

Reduce your attack surface by discovering exploitable vulnerabilities and permutations of your domains that are at risk of typosquatting.

Vulnerabilities

Discover vulnerabilities that may be exploitable in the software that is running on your websites.

Automatically detected through exposed information in HTTP headers and website content
Each vulnerability has CVE ID information and a CVSS, a numerical score between 0 and 10 that reflects the severity

Typosquatting

Monitor and identify permutations of your domains that are at risk of typosquatting.

Prevent bait and switching, domain parking, imitators, phishing, and other typosquatting-related risks

Remediate risks

Data protection

Failure to detect exposed data can have serious consequences on your business, from enabling corporate espionage to customer identity theft. This data provides attackers with a huge advantage: enabling reconnaissance, providing a foothold in the network for further exploration, selling data to the highest bidder, or holding data at ransom.

Identity breaches

Discover credentials exposed in third-party data breaches on the open, deep, and dark web and notify affected employees before their accounts are compromised.

Notify impacted employees from inside the platform
Archive remediated breaches
Automated severity assessment
Know what data has been exposed

Workflows and waivers

Simplify and accelerate how you remediate issues, waive risks, and respond to security queries. Use our real-time data to get information about risks, rely on our workflows to track progress, and know exactly when issues are fixed.

Remediation workflows

Use inbuilt workflows to remediate risks identified by the UpGuard platform.

Fix man-in-the-middle risks
Find insecure SSL/TLS certificates
Understand email security
Enforce HSTS
Close unnecessary open ports
Fix vulnerable software
Prevent HTTP accessibility
Secure cookie configuration

Remediation planner

See the potential improvement in security ratings from remediating a risk or set of risks instead of knowing the impact after the fact.

See how specific risks impact security ratings
Prioritize risks to be mitigated based on the improvement in rating
Securely create and share a remediation plan with your team or your vendors within UpGuard
Collaborate with internal teams and third-party vendors within UpGuard
Track the progress of each remediation request in a centralized location

Risk waivers

Accept specific risks that have been identified by the UpGuard platform.

Stop risks from appearing in your risk profile and impacting the internally-reported score of your company

Templates

Templates lets administrators set up templates for remediation requests, risk assessments, questionnaires, and identity breach notifications emails sent from the UpGuard platform.

Save time and ensure consistency
Uniformity across teams and processes
Reduce mistakes and errors caused by copying and pasting text across documents

Security profile

Eliminate security questionnaires and stop answering the same questions over and over. Create an UpGuard security profile and share it before being asked.

Security profile

Save time by proactively and securely sharing your security information in one place. This includes your security rating, industry comparison, completed security questionnaires, and supporting documents. Save time and let companies assess you without email tennis and configure who has access in a few clicks.

Avoid responding to the same security-related queries
Embeddable on your website
Streamlined workflows
An access log of who has viewed your profile
Control who has access your profile

Manage risks

Reporting and insights

See all risks–across different domains, IPs, and categories–in the UpGuard platform or extract the data directly from the API.

Executive reporting

Use our prebuilt executive reporting suite to get insights right inside the platform. With structured access to your data, you can do things such as: see your current security rating and twelve-month history, compare your organization to your competition, and breakdown your security rating into various risk categories like website security and email security.

Prebuilt reportings for company security rating, competitor analysis, and risk category breakdown
Filter executive summary based on labels
Customizable report
Export report to PDF

Subsidiaries

Allows complex organisations with multiple subsidiaries to be able to see their entire security posture in one place.

Entire security posture in one place
Drill into subsidiary's security performance
Easily navigate between subsidiaries
Whole-of-organisation view that lets you see how individual risks affect your entire portfolio

Business operations

Share access to your UpGuard account with other team members with confidence. Each user gets an individual account with fine-grained access control.

Roles and permissions

Tailor access for your team to ensure that sensitive information and actions are protected. Keep track of who has access to your UpGuard account and remove team members easily.

Get fine-grained control on providing specific users access to specific products and features
Create roles, and associate permissions with these
Grant users access to a role
A change in permission associated with a role applies to all users with that role

Account security

Secure access to the UpGuard platform and your account data. Integrate with various SSO options like Microsoft Azure, Okta, and Ping Identity. As long as your identity provider has a SAML interface we can integrate with it.

SSO options like Microsoft Azure, Okta, and Ping Identity
SAML integration

Collaboration notes

Attach notes for your teammates on remediation requests, risk waivers, and data leaks to give them context when they jump into the platform.

Audit log

Keep track of important events and who performed them inside the UpGuard platform.

Searchable
Real-time reporting and data
Filter by user, event type, and time
Streamline workflows

Scheduled reports

Use the reports feature to see the status of queued reports, and download, delete or archive completed reports.

See all exported reports in one place
Hit export and continue working while the report gets generated in the background
Create and manage schedules for any recurring reports

Third-party integrations

Integrate and extend the UpGuard platform with other tools with our easy to use API that can save hours of human time.

Zapier integration

Using Zapier, an automation platform that connects to thousands of apps, you can now connect UpGuard to any other app that Zapier supports.

Automate regularly used workflows without coding
Connect UpGuard to thousands of apps on the Zapier platform like JIRA, Trello, Google Sheets, ServiceNow and many more
Get instant notifications on Slack, Microsoft Teams and other collaboration apps and remediate security faster