UpGuard Vendor Risk features

One solution for all your third-party risk management needs

Monitor

Security ratings
Vendor security ratings
?
Instantly understand your vendor’s security posture.
Domain security ratings
?
Explore the security of individual domains.
Custom notifications
?
Create custom notifications for in-app and email alerts, or webhook triggers.
Third-party risk
Vendors
?
Instantly understand your vendor’s security posture.
Vendor inventory
?
See all your monitored vendors in a centralized location.
Vendor tiering
?
Categorize vendors and adjust the level of assessments.
Vendor portfolios
?
Efficiently sort monitored organizations into different lists
Custom vendor attributes
?
Capture additional information for better vendor management
Portfolio risk profile
?
Identify common issues across your vendors.
Vendor summary
?
Executive-level overview of individual vendors.
Risk profile
?
Understand an individual vendor’s risks.
Compliance reporting
?
View vendors' compliance against standard security frameworks
Domains and IPs
?
Dive deep into individual domain and IP risks.
Vulnerabilities
?
Discover vulnerabilities in vendor software.
Fourth-party risk
Concentration risk
?
Instantly identify common fourth-party vendors.
Supply chain
?
Instantly identify fourth-party supply chain risk.
Evidence chasing
Vendor registration
?
Instantly request a new vendor risk assessment.
Vendor classification
?
Easily classify your vendors by risk criticality.
Vendor administration
?
Track the progress of vendor risk assessments.
Questionnaire selection
?
A library of powerful security questionnaires.
Response validation
?
Received validated questionnaire responses.

Assess and remediate

Risk assessment
Vendor users
?
Vendors of UpGuard customers can create a free vendor account.
Vendor comparison
?
Compare the security posture of vendors side-by-side.
Vendor risk waivers
?
See updated vendor scores after waiving vendors risks.
Vendor risk matrix
?
Quickly identify vendors with the highest risk exposure to your business
Risk assessment
?
Seamless inbuilt risk assessment process.
Additional evidence
?
Capture documentation and identify new risks.
Security questionnaires
Security questionnaires
?
Powerful and flexible security questionnaires.
Questionnaire library
?
Based on regulations and best practices.
Questionnaire builder
?
Create your own custom questionnaires.
Security profiles
Vendor security profiles
?
Instantly access info published by your vendor.
Workflows
Remediation workflows
?
Simplify and accelerate your remediation requests.
Remediation planner
?
Plan your remediation on the impact on security ratings.
Managed vendor assessments
Comprehensive risk assessment
?
Delivery of detailed vendor risk assessments
Actionable reports
?
Best practice reports aligned to industry standards
UpGuard analyst
?
Expert delivery by UpGuard’s cybersecurity analysts
Risk Remediation
Remediation planning
?
Risk mitigation plan for identified risks.
Remediation tracking
?
Track the progress of mitigation efforts.
Managed remediation
?
Our analysts work with vendors for risk remediation.
Close data leaks
?
Get help from our analysts in closing detected leaks.

Manage

Reporting and insights
Executive reporting
?
In-built executive reports for the Board and C-Suite.
Vendor risk report
?
In-depth vendor reports available for export.
Vendor subsidiaries
?
Monitor the security posture of vendors with multiple subsidiaries.
Custom report templates
?
Create and save custom report templates
Business operations
Templates
?
Standardize security related communication with vendors.
Co-branding
?
Add your company branding to emails, reports and questionnaires.
Roles and permissions
?
Tailor access for your team to protect sensitive info.
Account security
?
Support for Azure, Okta, Ping Identity and more.
Collaboration notes
?
Attach notes and info for your teammates.
Documents and contacts
?
Capture contact details and store relevant documents.
Audit log
?
Keep track of important events and users.
Scheduled reports
?
See all report exports queued from anywhere in UpGuard.
Shared assets
?
Share vendor information between related accounts.
Third-party integrations
Jira integration
?
Send issues directly from UpGuard into a Jira project
Slack integration
?
Send UpGuard notification directly to Slack channels
Zapier integration
?
Connect UpGuard to thousands of apps to automate your work.
ServiceNow integration
?
Access your account programmatically.
UpGuard API
?
Access your account programmatically.
Search browser icon

Monitor vendors

Vendor risk summary
Rating icon

Security ratings

Instantly understand your vendors’ security posture with our data-driven, objective, and dynamic security ratings. Our security ratings are generated through the analysis of trusted commercial, open-source, and proprietary threat intelligence feeds and non-intrusive data collection methods.

Vendor security ratings

Instantly understand your vendor’s overall security posture.
  • Check icon
    Easy to understand for non-technical stakeholders and senior management
  • Check icon
    Updated multiple times a day
  • Check icon
    Based on the analysis of each of your vendor’s underlying domains and their security posture
  • Check icon
    Takes into account risks identified in UpGuard security questionnaires

Domain security ratings

Explore the security posture of individual domains and drill into issues.
  • Check icon
    Based on the analysis of hundreds of individual risks across five risk categories

Custom notifications

UpGuard comes with a host of default notifications, and allows you to create and manage custom notifications as well. These can be used for in-app and email alerts, or webhook triggers.
  • Check icon
    Get notified when you organization score drops
  • Check icon
    Get notified when a vendor's score drops below a threshold
  • Check icon
    Custom notifications can also be used to trigger webhook integrations
  • Check icon
    Customize notifications based on labels and vendor tiers
Users icon

Third-party risk

Get real-time insight into your vendors’ security performance, misconfigurations, and risk profile. Track their performance over time and get started in minutes, not weeks, with our fully integrated solution and API. Because we use externally verifiable information, you can monitor any vendor, instantly.

Vendors

Instantly find and monitor your vendors with just their domain name.
  • Check icon
    Instant and continuous visibility into the cyber health of any vendor
  • Check icon
    Monitor their security performance over time
  • Check icon
    Get notified immediately when their security degrades

Vendor inventory

Vendor inventory helps you find, track, and monitor the security posture of any organization instantly. You can categorize vendors, compare them against industry benchmarks, and see how their security posture is changing over time.
  • Check icon
    All monitored vendors in a centralized location
  • Check icon
    Easily find vendors using the search bar
  • Check icon
    Sort by vendor tier, name, score, or labels

Vendor labels

Labels provide an easy way to tag your vendors with key characteristics, allowing you to easily filter and identify vendors of a specific type
  • Check icon
    Easily filter and identify vendors
  • Check icon
    Apply actions to vendors with the same labels
  • Check icon
    Automatically assign vendors to labels based on Vendor Relationship Questionnaire responses

Vendor tiering

Vendor tiering allows you to classify your vendors based on the inherent risk they pose to your organization, and adjust the level of assessment you do on each vendor as a result.
  • Check icon
    Easily filter the vendors list by tier
  • Check icon
    See a vendor's tier when viewing any vendor-specific page in the platform
  • Check icon
    Customize notifications for a tier of vendors
  • Check icon
    Adjust the level of assessment you do on each vendor based on their tier
  • Check icon
    Automatically assign tiers based on Vendor Relationship Questionnaire responses

Custom vendor attributes

Attributes provide you with the ability to add additional structured information to manage individual vendor relationships that have common themes.
  • Check icon
    Customize and create attributes based on your business requirements and reporting needs
  • Check icon
    Improved filtering and sorting allows for more efficient analysis of data
  • Check icon
    Easily export vendor information based on common themes for reporting and analysis
  • Check icon
    Consolidate key vendor information in one centralized location
  • Check icon
    Automatically assign custom attributes based on Vendor Relationship Questionnaire responses

Vendor portfolios

The vendor portfolios feature allows you to organize your monitored vendors by different use-cases into separate lists. Once setup, you can control user access for each of the portfolios.
  • Check icon
    Easily filter, view and report the performance of  individual portfolios
  • Check icon
    Maintain and report on separate vendor portfolios for different departments or groups within your organization
  • Check icon
    Manage permissions so that users only have access to the portfolios and vendors they need
  • Check icon
    Automatically assign vendors to portfolios based on Vendor Relationship Questionnaire responses

Portfolio risk profile

Identify common cybersecurity issues across your vendor portfolio and request remediation.
  • Check icon
    Ordered by severity
  • Check icon
    Grouped by finding
  • Check icon
    See the number of vendors with the risk
  • Check icon
    Filter by risk category, label, or vendor
  • Check icon
    Rely on UpGuard’s remediation workflows

Vendor summary

Get an executive-level overview of an individual vendor’s security posture.
  • Check icon
    Key vendor information
  • Check icon
    Security rating
  • Check icon
    Questionnaire and remediation context
  • Check icon
    Twelve-month security performance

Risk profile

Understand an individual vendor’s risk profile and drill down into risks shared across their infrastructure.
  • Check icon
    Transparent security ratings
  • Check icon
    Intelligent risk categories
  • Check icon
    Updated daily
  • Check icon
    Real-time risk insights

Compliance reporting

The compliance reporting feature enables customers to view their own or their vendor’s risk details (including web risks) mapped against recognized security standards or compliance frameworks like NIST CSF or ISO 27001.
  • Check icon
    Assess if your organization or a vendor complies with a security framework
  • Check icon
    Easily view sections of the compliance framework that your organization or the vendor does or does not comply with
  • Check icon
    Understand the risks detected in specific sections of the compliance framework

Domains and IPs

Dive deep into an individual vendor and view the domains and IPs that belong to them and their corresponding cyber risks.
  • Check icon
    See the security rating of each domain and associated risks
  • Check icon
    Automatic vendor domain discovery, no manual input needed
  • Check icon
    See active and inactive domains

Vulnerabilities

Discover vulnerabilities that may be exploitable in the software that is running on your vendor’s website.
  • Check icon
    Automatically detected through exposed information in HTTP headers and website content
  • Check icon
    Each vulnerability has CVE ID information and a CVSS, a numerical score between 0 and 10 that reflects the severity
User group icon

Fourth-party risk

Stop relying on third-parties to monitor your fourth-parties and get instant insight into your fourth-party vendors. While fourth-parties aren’t necessarily contractually connected to your organization, they still represent risk that needs to be monitored.

Concentration risk

Instantly understand your organization’s most common fourth-party vendors.
  • Check icon
    Add fourth-parties to your monitored vendors list
  • Check icon
    Know how to plan for disaster recovery
  • Check icon
    Instantly assess downstream impacts
  • Check icon
    Streamline your breach response

Supply chain

Dive deep into an individual vendor’s supply chain and understand the impact fourth-parties on your security posture.
  • Check icon
    Identify who your vendors do business with and validate their use of subcontractors
  • Check icon
    Validate assessment responses from third-parties on the use of or reliance on fourth-parties
User group icon

Evidence chasing

Any third party risk management program starts with the collection of security evidence. And it takes time and effort to chase your vendors to complete security questionnaires, provide additional evidence and then validate their responses. Let our analysts do this for you, so you can better allocate your security resources.

Vendor registration

Instantly request our third-party risk analyst team to kick off a new vendor risk assessment.
  • Check icon
    One-click request through the UpGuard platform
  • Check icon
    Collect relevant information about this vendor, to kick off an assessment
  • Check icon
    Let your vendor know that UpGuard will be assessing them

Vendor classification

Prioritize and tier your vendors, so we apply the appropriate level of due diligence through the risk assessment process. You can decide if UpGuard should simply chase evidence, or conduct a risk assessment and facilitate remediation.
  • Check icon
    Classify your vendors by criticality
  • Check icon
    Prioritize UpGuard risk assessment activities

Vendor administration

Let us chase and follow up your vendors to ensure they complete questionnaires and provide relevant evidence.
  • Check icon
    Don't let vendors avoid giving you evidence
  • Check icon
    Track progress in a single dashboard
  • Check icon
    Get updated as soon as vendor evidence is available

Questionnaire selection

UpGuard’s meticulously designed questionnaire library means you no longer have to create questionnaires from scratch.
  • Check icon
    UpGuard questionnaire
  • Check icon
    Short-form UpGuard questionnaire
  • Check icon
    ISO 27001 questionnaire
  • Check icon
    NIST Cybersecurity framework questionnaire
  • Check icon
    PCI DSS questionnaire
  • Check icon
    COBIT 5 questionnaire
  • Check icon
    ISA 62443-2-1:2009 questionnaire
  • Check icon
    ISA 62443-3-3:2013 questionnaire
  • Check icon
    GDPR questionnaire
  • Check icon
    CIS Controls 7.1 questionnaire
  • Check icon
    NIST SP 800-53 Rev. 4 questionnaire
  • Check icon
    CCPA questionnaire
  • Check icon
    Modern slavery questionnaire
  • Check icon
    Pandemic questionnaire
  • Check icon
    Security and privacy program questionnaire
  • Check icon
    Web application security questionnaire
  • Check icon
    Infrastructure security questionnaire
  • Check icon
    Physical and data centre security questionnaire

Response validation

Improve the speed and consistency of your vendors' responses to information requests. We'll validate responses to security questionnaires and requests for additional evidence.
  • Check icon
    Be certain that vendor responses make sense
  • Check icon
    No unanswered questions
  • Check icon
    Link additional evidence to their responses
User check icon

Assess and remediate vendor risk

UpGuard vendor portfolio risks
Compliance document icon

Risk assessment

Stop using lengthy and error-prone spreadsheet-based risk assessments. Let us guide you each step of the way from documenting the evidence you referenced to adding commentary. When you’re done, you can save your assessment inside the UpGuard platform.

Vendor users

Vendors of UpGuard customers can create a free account to answer questionnaires, complete risk assessments and to create a shared vendor profile.
  • Check icon
    Vendors can easily respond to security questionnaires from UpGuard customers
  • Check icon
    Vendors can invite collaborators to complete risk assessments requested by UpGuard customers
  • Check icon
    Vendors can save answered questionnaires to their shared profile to avoid answering the same questions multiple times

Vendor comparison

UpGuard's vendor comparison tool lets you compare the security posture of up to four vendors side-by-side and dive into the details to see which vendor represents the lowest risk.
  • Check icon
    Great way to communicate the security posture of new vendors to stakeholders who may not have security expertise
  • Check icon
    Save time when deciding which new vendor to onboard
  • Check icon
    Easily evaluate potential alternatives that offer improved security

Vendor risk waivers

Vendor risk waivers let you waive vendor risks identified by automated scanning, security questionnaires and additional evidence.
  • Check icon
    Allows you to see a vendor's score after waiving the risks
  • Check icon
    Waived vendor risk will stop appearing in the vendor’s risk profile and their security rating will be recalculated for your organization
  • Check icon
    Streamline the risk assessment workflow by creating, reviewing and waiving risks within a risk assessment
  • Check icon
    View the public risk waivers of other UpGuard customers, and choose whether to accept those risks

Vendor risk matrix

Quickly focus on the most impactful areas of your vendor risk management program by visualizing your vendor portfolio risk by Security Rating and Vendor Tier.
  • Check icon
    Identify vendors with the highest risk exposure to the business to drive remediation with your vendors
  • Check icon
    Quickly visualize your vendor portolio to enable decision making on which vendor risks to focus on first
  • Check icon
    See a filtered list of your vendors and their risks so you can start reducing your cyber risk with maximum impact

Remediation requests

Creating a risk assessment for a vendor allows you to specify the evidence reviewed, document findings based on this evidence, record who conducted the assessment, and more. It provides a way to capture a snapshot of the risks and evidence at the time this vendor was assessed
  • Check icon
    Specify the evidence you reviewed as part of the assessment including UpGuard security questionnaires and automated scan results
  • Check icon
    Document your findings based on evidence
  • Check icon
    Record who conducted the assessment
  • Check icon
    Export the assessment as a PDF
  • Check icon
    Send remediation requests, track the progress of each item under remediation and have a record of the remediation request embedded directly in a point-in-time risk assessment
  • Check icon
    Reduce the time it takes to perform and document a vendor risk assessment
  • Check icon
    Efficiently monitor and track the risk assessment of your vendors

Additional evidence

Capture and store security and compliance-related documentation and identify new risks
  • Check icon
    Securely store security and compliance-related documentation
  • Check icon
    Create risks inside the platform and associate them with a specific vendor
  • Check icon
    Use identified risks in risk assessment workflows
Programming icon

Security questionnaires

Accelerate your questionnaire exchange process by using UpGuard’s powerful and flexible security questionnaire tools. UpGuard’s meticulously designed questionnaire library means you no longer have to create questionnaires from scratch.

Security questionnaires

Automate security questionnaires to get deeper insights into your vendors’ security and scale your security team by 10x.
  • Check icon
    Choose from more than twenty industry-standard questionnaires
  • Check icon
    Select multiple vendors, and send them the same questionnaire simultaneously
  • Check icon
    Easily set deadlines and send reminders to ensure questionnaires are completed
  • Check icon
    Track the status of each outgoing security questionnaire
  • Check icon
    A sophisticated audit log and messaging built-in
  • Check icon
    Quickly review only the answers that have changed with a side-by-side comparison of different version of questionnaires that have been sent to your vendors

Questionnaire library

Use questionnaires based on regulations and best practices from our industry leading library.
  • Check icon
    UpGuard questionnaire
  • Check icon
    Short-form UpGuard questionnaire
  • Check icon
    ISO 27001 questionnaire
  • Check icon
    NIST Cybersecurity framework questionnaire
  • Check icon
    PCI DSS questionnaire
  • Check icon
    COBIT 5 questionnaire
  • Check icon
    ISA 62443-2-1:2009 questionnaire
  • Check icon
    ISA 62443-3-3:2013 questionnaire
  • Check icon
    GDPR questionnaire
  • Check icon
    CIS Controls 7.1 questionnaire
  • Check icon
    NIST SP 800-53 Rev. 4 questionnaire
  • Check icon
    CCPA questionnaire
  • Check icon
    Modern slavery questionnaire
  • Check icon
    Pandemic questionnaire
  • Check icon
    Security and privacy program questionnaire
  • Check icon
    Web application security questionnaire
  • Check icon
    Infrastructure security questionnaire
  • Check icon
    Physical and data centre security questionnaire
  • Check icon
    SolarWinds Questionnaire
  • Check icon
    Kaseya Questionnaire
  • Check icon
    Apache Log4J - Critical Vulnerability Questionnaire
  • Check icon
    HECVAT questionnaire
  • Check icon
    HIPAA questionnaire

Questionnaire builder

Questionnaire builder lets you build custom questionnaires for specific use cases as per your requirements. You can use one of our standard questionnaires to get started and edit the questions or create one from scratch.
  • Check icon
    Use questionnaire library to get started
  • Check icon
    Supports many question types like single-select, multi-select, full text and file uploads
  • Check icon
    Supports conditional logics for building sophisticated questionnaires
  • Check icon
    Build simple questionnaires for vendor onboarding or complex security questionnaires for vendor risk assessments
  • Check icon
    Automatic risk identification and score updates based on the responses
User profile icon

Security profiles

Save time, eliminate the email back and forth, and onboard new vendors faster by accessing the security information of a potential vendor who has published security information to their UpGuard Security Profile.

Vendor security profiles

Eliminate email tennis and instantly access information published by your vendor on their security profile. To accelerate the vendor assessment process, UpGuard also collects and includes publicly available information to the Vendor Security Profile.
  • Check icon
    Vendor security rating
  • Check icon
    Industry average security rating
  • Check icon
    Vendor information
  • Check icon
    Completed security questionnaires
  • Check icon
    Supporting documentation
  • Check icon
    Publicly available security and privacy pages
Workflows icon

Workflows

Simplify and accelerate how you request remediation of cybersecurity risks from your third-party vendors. Use our real-time data to provide context to your vendors, rely on our workflows to track progress, and get notified when issues are fixed.

Remediation workflows

Use inbuilt workflows to remediated risks identified in security questionnaires and by the UpGuard platform.
  • Check icon
    Fix man-in-the-middle risks
  • Check icon
    Find insecure SSL/TLS certificates
  • Check icon
    Understand vendor email security
  • Check icon
    Enforce HSTS
  • Check icon
    Close unnecessary open ports
  • Check icon
    Fix vulnerable software
  • Check icon
    Prevent HTTP accessibility
  • Check icon
    Secure cookie configuration

Remediation planner

See the potential improvement in security ratings from remediating a risk or set of risks instead of knowing the impact after the fact.
  • Check icon
    See how specific risks impact security ratings
  • Check icon
    Prioritize risks to be mitigated based on the improvement in rating
  • Check icon
    Securely create and share a remediation plan with your team or your vendors within UpGuard
  • Check icon
    Collaborate with internal teams and third-party vendors within UpGuard
  • Check icon
    Track the progress of each remediation request in a centralized location
Workflows icon

Managed vendor assessments

Get insight into your third-party risk without the manual effort. Let us take on the complex task of conducting vendor risk assessments, and alleviate the challenges you’re facing from a lack of specialized skills and limited internal capacity. With our expert analysts, your business can concentrate on growth and innovation, assured that your vendor risk assessments are thorough, insightful, and current.

Comprehensive risk assessment

Extensive vendor risk evaluations through attack surface scans, document analysis, and security questionnaires.
  • Check icon
    Request a managed risk assessment in one click
  • Check icon
    Receive regular updates and track the progress of your risk assessments
  • Check icon
    Integrated scanning, documentation, and questionnaires used to identify vendor risks
  • Check icon
    Utilization of existing evidence, without reliance on security questionnaires, to prepare the report
  • Check icon
    Report mapped to industry frameworks
  • Check icon
    Receive a comprehensive risk assessment PDF report

Actionable reports

Best practice report aligned to standardized control groups, with key risks highlighted to prioritize action planning.
  • Check icon
    Classification of risks, mapped to 6 categories and 18 control groups
  • Check icon
    Easy-to-read report with engaging visuals
  • Check icon
    Summary of key risks to share with internal stakeholders
  • Check icon
    Clear statement of risks and compensating control information to drive remediation plans

UpGuard analyst

Experienced in-house cybersecurity analysts oversee the risk assessment process and vendor communication.
  • Check icon
    A designated analyst to manage the end-to-end process
  • Check icon
    Rely on the analyst's deep expertise and experience to prepare your risk assessments
  • Check icon
    Analyst liaises with the vendor to capture missing information
Workflows icon

Risk remediation

Eliminate the pain of chasing vendors to remediate risks. Our analysts will use the results of a vendor risk assessment to create a remediation plan and expedite the remediation process. Similarly, we'll also help your close any data leaks for your organization.

Remediation planning

Our analysts will prepare a remediation plan based on the risk assessment report.
  • Check icon
    Risk mitigation recommendation for each identified risk
  • Check icon
    Save time and deploy security resources more efficiently
  • Check icon
    PDF version available

Managed remediation process

Ease the pain of chasing vendors for risk remediation. Our analysts proactively follow up with your vendors, helping shorten the remediation cycle.
  • Check icon
    Chase vendors to remediate risks
  • Check icon
    Record who conducted the remediation
  • Check icon
    Improve your own security rating by remediating vendor risks

Remediation tracking

Track the progress of remediation activities through a single, easy-to-use dashboard.
  • Check icon
    Single remediation dashboard
  • Check icon
    Track the progress of your requests
  • Check icon
    Know when risks are remediated

Close data leaks

UpGuard gives you everything you need to close data leaks before they fall into the wrong hands.
  • Check icon
    Review findings within the platform
  • Check icon
    Remediate leaks with support from our analyst team
  • Check icon
    Get notified in-app and via email when leaks are closed
  • Check icon
    Close leaks and prevent costly data breaches
Check bracket icon

Manage vendor risk

UpGuard Executive Summary
Pie chart icon

Reporting and insights

The Reports Library makes it easier and faster for you to access tailor made reports for different stakeholders, all in one centralized location. Effectively report on your third-party risk management program, including to the Board and C-Suite and other interested parties.

Executive reporting

Use our prebuilt executive reporting suite to get insights right inside the platform. With structure access to your data, you can do things such as: see your average vendor security rating and twelve-month history, explore your current vendor risk ratings breakdown, and find your highest and lowest rated vendors.
  • Check icon
    Board Summary report provides a high level snapshot of key factors about your company's cyber security posture
  • Check icon
    Prebuilt reporting for your third-party risk management program
  • Check icon
    Current average vendor rating and twelve-month history
  • Check icon
    Distribution of vendor ratings and twelve-month comparison
  • Check icon
    Highest and lowest-rated vendors
  • Check icon
    Most and least improved vendors
  • Check icon
    Concentration of fourth-party technologies

Vendor risk report

Generate an in-depth PDF report that can be shared with internal stakeholders and vendors.
  • Check icon
    Summarized or detailed Vendor Summary report to help reduce third party risks
  • Check icon
    Outlines security posture of vendor
  • Check icon
    Configure to include automated scanning, questionnaires, and additional evidence
  • Check icon
    Share with colleagues, board members, or vendors without having to invite them to UpGuard
  • Check icon
    Give vendors the context they need to remediate risks
  • Check icon
    Most and least improved vendors
  • Check icon
    Concentration of fourth-party technologies

Vendor subsidiaries

Single view that allows you to see the security performance of a vendor organisation with multiple subsidiaries
  • Check icon
    A vendor's entire security posture in one place
  • Check icon
    Drill into vendor's subsidiary security performance
  • Check icon
    Easily navigate between vendor's subsidiaries
  • Check icon
    Whole-of-organisation view that lets you see how individual risks affect vendor's entire portfolio

Custom report templates

Ensure consistency and standardization of your reports by creating and saving custom report templates.
  • Check icon
    Add custom commentary and configure which elements to include in your report
  • Check icon
    Save time and create templates that can be utilized by your team to run custom reports
User profile icon

Business operations

Share access to your UpGuard account with other team members with confidence. Each user gets an individual account with fine-grained access control.

Roles and permissions

Tailor access for your team to ensure that sensitive information and actions are protected. Keep track of who has access to your UpGuard account and remove team members easily.
  • Check icon
    Get fine-grained control on providing specific users access to specific products and features
  • Check icon
    Create roles, and associate permissions with these
  • Check icon
    Grant users access to a role
  • Check icon
    A change in permission associated with a role applies to all users with that role
UpGuard roles and permissions

Templates

Templates lets administrators set up templates for remediation requests, risk assessments, and questionnaires sent from the UpGuard platform.
  • Check icon
    Save time and ensure consistency
  • Check icon
    Uniformity across teams and processes
  • Check icon
    Reduce mistakes and errors caused by copying and pasting text across documents

Co-branding

Co-branding lets you add your company branding to all emails and any vendor risk reports generated in the UpGuard platform.
  • Check icon
    Showcase your brand in all external communications done via emails
  • Check icon
    Create professional security reports with your branding on it
  • Check icon
    Make it easier for vendors to recognize questionnaires sent by you by adding your logo to it

Account security

Secure access to the UpGuard platform and your account data. Integrate with various SSO options like Microsoft Azure, Okta, and Ping Identity. As long as your identity provider has a SAML interface we can integrate with it.
  • Check icon
    SSO options like Microsoft Azure, Okta, and Ping Identity
  • Check icon
    SAML integration

Collaboration notes

Attach notes for your teammates on remediation requests, risk waivers, and data leaks to give them context when they jump into the platform.
UpGuard collaboration notes

Documents and contacts

Capture contact details and store relevant documentation on a vendor directly in the UpGuard platform.
  • Check icon
    Know exactly where to find contact details and documents about a specific vendor

Audit log

Keep track of important events and who performed them inside the UpGuard platform.
  • Check icon
    Searchable
  • Check icon
    Real-time reporting and data
  • Check icon
    Filter by user, event type, and time
  • Check icon
    Streamline workflows

Scheduled reports

Use the reports feature to see the status of queued reports, and download, delete or archive completed reports.
  • Check icon
    See all exported reports in one place
  • Check icon
    Hit export and continue working while the report gets generated in the background
  • Check icon
    Create and manage schedules for any recurring reports

Shared assets

Vendor information collected by an entity in a larger group of companies can now be shared with other related entities by easily providing them access to it within the UpGuard Vendor Risk platform.
  • Check icon
    Use evidences collected by related entities
  • Check icon
    Reuse existing risk assessments
  • Check icon
    Avoid repetition and save time
  • Check icon
    Greater visibility of the total risk exposure to a vendor
Cloud server icon

Third-party integrations

Integrate and extend the UpGuard platform with other tools with our easy to use API that can save hours of human time.

Jira integration

Quickly and easily push events and notifications from UpGuard into any Jira project, giving you the flexibility to manage workflows to address security risks promptly
  • Check icon
    Save time by quickly creating Jira issues, prioritizing, and assigning them to the relevant person
  • Check icon
    Ensure people receive the correct information so they can promptly investigate and remediate security risks
  • Check icon
    Easily maintain your workflow and present only the information you want to the relevant people in your team

Slack integration

Connect UpGuard to your Slack workspace to get the notifications you need directly into a Slack channel of your choice, giving you the flexibility to display the information you need to act promptly.
  • Check icon
    Easily integrate your Slack workplace to receive notifications from UpGuard
  • Check icon
    Setup triggers for notifications, decide what Slack channel to send them to, and customize your messages.
  • Check icon
    Get instantly notified on Slack, and remediate security faster

Zapier integration

Using Zapier, an automation platform that connects to thousands of apps, you can now connect UpGuard to any other app that Zapier supports.
  • Check icon
    Automate regularly used workflows without coding
  • Check icon
    Connect UpGuard to thousands of apps on the Zapier platform like JIRA, Trello, Google Sheets, ServiceNow and many more
  • Check icon
    Get instant notifications on Slack, Microsoft Teams and other collaboration apps and remediate security faster

ServiceNow integration

Get vendor security ratings in ServiceNow.
  • Check icon
    Add UpGuard as a scoring provider in ServiceNow
  • Check icon
    Automatically add vendors for risk scoring in UpGuard

UpGuard API

Access information about your UpGuard account programmatically.
UpGuard API

UpGuard Vendor Risk Datasheet

UpGuard Vendor Risk continuously monitors your vendors, automates security questionnaires, and reduces third and fourth-party risk.
  • Check icon
    Key features and benefits of UpGuard Vendor Risk
  • Check icon
    More info on UpGuard Vendor Risk and UpGuard
UpGuard Product Datasheet
Pricetag icon

Simple, transparent pricing

Start monitoring your vendors from $15,000 per year.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Website Security scan resultsWebsite Security scan rating

Book a free demo

Book a free, personalized onboarding call with one of our cybersecurity experts.