Home
Products
Chevron down icon
UpGuard BreachSight logo
UpGuard BreachSight
Attack surface management
UpGuard Vendor Risk logo
UpGuard Vendor Risk
Third-party risk management
UpGuard CyberResearch logo
UpGuard CyberResearch
Managed security services
Pricing
Resources
Chevron down icon
Book icon
Blog
The latest issues in cybersecurity
News icon
Breaches
Data breach research and global news
Paper icon
eBooks, Reports, & more
Insights on cybersecurity and vendor risk
Document edit icon
News
In-depth reporting on data breaches and news
Customers
Community
Chevron down icon
Calendar icon
Events
Summit, webinars & exclusive events
News icon
Newsletter
News, breaches, events and updates
UpGuard CyberResearch features

Fully managed third-party risk and data leak detection

Monitor

Evidence chasing
Vendor registration
?
Instantly request a new vendor risk assessment.
Vendor classification
?
Easily classify your vendors by risk criticality.
Vendor administration
?
Track the progress of vendor risk assessments.
Questionnaire selection
?
A library of powerful security questionnaires.
Response validation
?
Receive validated questionnaire responses.
Data protection
Data leak detection
?
Detect sensitive data exposed publicly.
Vendor data leak detection
?
Detect sensitive data exposed by your vendors.

Assess and remediate

Risk assessment
Managed risk assessment
?
Fully managed vendor risk assessments/remediation.
Questionnaire analysis
?
Analyzed and quantified risks from questionnaires.
Vendor security ratings
?
Instantly understand your vendor's security ratings.
Vendor data leak assessment
?
One-time data leak search to detect exposed data.
Additional evidence analysis
?
Analysis of public security documents.
Risk remediation
Remediation planning
?
Risk mitigation plan for identified risks.
Remediation tracking
?
Track progress of the mitigation efforts.
Managed remediation
?
Our analysts work with vendors for risk remediation.
Close data leaks
?
Get help from our analysts in closing detected leaks.

Manage

Reporting and insights
Executive reporting
?
In-built executive reports for the Board and C-Suite.
Business operations
Roles and permissions
?
Tailor access for your team to protect sensitive info.
Account security
?
Support for Azure, Okta, Ping Identity and more.
Collaboration notes
?
Attach notes and info for your teammates.
Documents and contacts
?
Capture contact details and store relevant documents.
Audit log
?
Keep track of important events and users.
Third-party integrations
UpGuard API
?
Access your account programmatically.
Abstract shape
Contact sales
Free trial
User shield icon

Monitor vendors

Managed vendorsAbstract shape
Additional evidence document icon

Evidence chasing

Any third party risk management program starts with the collection of security evidence. And it takes time and effort to chase your vendors to complete security questionnaires, provide additional evidence and then validate their responses. Let our analysts do this for you, so you can better allocate your security resources.

Vendor registration

Instantly request our third-party risk analyst team to kick off a new vendor risk assessment.
  • Check icon
    One-click request through the UpGuard platform
  • Check icon
    Collect relevant information about this vendor, to kick off an assessment
  • Check icon
    Let your vendor know that UpGuard will be assessing them

Vendor classification

Prioritize and tier your vendors, so we apply the appropriate level of due diligence through the risk assessment process. You can decide if UpGuard should simply chase evidence, or conduct a risk assessment and facilitate remediation.
  • Check icon
    Classify your vendors by criticality
  • Check icon
    Prioritize UpGuard risk assessment activities

Vendor administration

Let us chase and follow up your vendors to ensure they complete questionnaires and provide relevant evidence.
  • Check icon
    Don't let vendors avoid giving you evidence
  • Check icon
    Track progress in a single dashboard
  • Check icon
    Get updated as soon as vendor evidence is available

Questionnaire selection

UpGuard’s meticulously designed questionnaire library means you no longer have to create questionnaires from scratch.
  • Check icon
    UpGuard questionnaire
  • Check icon
    Short-form UpGuard questionnaire
  • Check icon
    ISO 27001 questionnaire
  • Check icon
    NIST Cybersecurity framework questionnaire
  • Check icon
    PCI DSS questionnaire
  • Check icon
    COBIT 5 questionnaire
  • Check icon
    ISA 62443-2-1:2009 questionnaire
  • Check icon
    ISA 62443-3-3:2013 questionnaire
  • Check icon
    GDPR questionnaire
  • Check icon
    CIS Controls 7.1 questionnaire
  • Check icon
    NIST SP 800-53 Rev. 4 questionnaire
  • Check icon
    CCPA questionnaire
  • Check icon
    Modern slavery questionnaire
  • Check icon
    Pandemic questionnaire
  • Check icon
    Security and privacy program questionnaire
  • Check icon
    Web application security questionnaire
  • Check icon
    Infrastructure security questionnaire
  • Check icon
    Physical and data centre security questionnaire

Response validation

Improve the speed and consistency of your vendors' responses to information requests. We'll validate responses to security questionnaires and requests for additional evidence.
  • Check icon
    Be certain that vendor responses make sense
  • Check icon
    No unanswered questions
  • Check icon
    Link additional evidence to their responses
Data protection icon

Data protection

Failure to detect exposed data can have serious consequences on your business, from enabling corporate espionage to customer identity theft. This data provides attackers with a huge advantage: enabling reconnaissance, providing a foothold in the network for further exploration, selling data to the highest bidder, or holding data at ransom.

Data leak detection

UpGuard's proprietary Data Leak Search Engine scans every corner of the Internet, and identifies data that presents a risk. It doesn't just monitor your Internet presence but also scans every website we can find, cloud storage buckets, source code repos like GitHub, the Dark Web, pastebin, exposed databases like Mongodb, and many other sources.
  • Check icon
    Detect sensitive documents that aren’t meant for distribution
  • Check icon
    Protect customer data and avoid reputation, business, and regulatory damage
  • Check icon
    Find exposed employee credentials before attackers do
  • Check icon
    Automatically classify identified leaks
  • Check icon
    Identify API keys from hundreds of providers, database connection strings, SSL certificates, and more
  • Check icon
    Monitor for data exposures that occur at third-party party vendors that reference your organization

Vendor data leak detection

Don't get surprised by a vendor data leak. Provide UpGuard with a list of vendors you want to monitor, and get notified when any of them leak their data.
  • Check icon
    Prevent data leakage due to third party breaches
  • Check icon
    Identify your critical risk vendors
  • Check icon
    Manage all third-party risks
  • Check icon
    Collaborate with vendors on remediation efforts
  • Check icon
    Get analyst support to close the leaks
User check icon

Assess and remediate vendor risk

UpGuard vendor portfolio risksAbstract shape
Compliance document icon

Risk assessment

Stop using lengthy and error-prone spreadsheet-based vendor risk assessments. Let our analysts perform these for you, right from within the UpGuard platform. From evidence obtained from security questionnaires to additional evidence such as security documents, we combine these with security ratings and data leak detection to create a comprehensive third-party risk assessment. When we’re done, you can access the risk assessment in the platform and we can help you with your remediation strategy.

Managed risk assessment

Our analysts use UpGuard platform's in-built risk assessment process to comprehensively assess your third-party vendors.
  • Check icon
    Request a managed risk assessment in one click
  • Check icon
    Track the progress of your risk assessments
  • Check icon
    Review completed risk assessments
  • Check icon
    Review the evidence (like security questionnaire) we used to complete the assessment
  • Check icon
    Include results from security ratings, questionnaires and data leaks scans
  • Check icon
    Export the assessment as a PDF report

Questionnaire analysis

Our team will analyze all security questionnaire responses and publish them in the risk assessment report.
  • Check icon
    Analyze security questionnaire responses
  • Check icon
    Assign risk severity
  • Check icon
    Security questionnaire ratings
  • Check icon
    Single view of risks in the assessment report

Vendor security ratings

Instantly understand your vendor’s overall security posture.
  • Check icon
    Easy to understand for non-technical stakeholders and senior management
  • Check icon
    Updated multiple times a day
  • Check icon
    Based on the analysis of each of your vendor’s underlying domains and their security posture
  • Check icon
    Takes into account risks identified in UpGuard security questionnaires

Vendor data leak assessment

Our managed risk assessments include a vendor data leak search. Our team will analyze the results and include any identified risks in the assessment report.
  • Check icon
    Prevent data leakage due to third party breaches
  • Check icon
    Identify vendors with poor data security
  • Check icon
    Manage third party risks
  • Check icon
    Collaborate with vendors on remediation efforts

Additional evidence analysis

Our team will analyse additional evidence like publicly available security reports and audit reports (e.g. SOC-2, ISO27001).
  • Check icon
    Comprehensive view of a vendor's security posture
  • Check icon
    Reuse existing documentation to reinforce the risk assessment
  • Check icon
    All risks identified are published in a risk assessment report
Programming icon

Risk remediation

Eliminate the pain of chasing vendors to remediate risks. Our analysts will use the results of a vendor risk assessment to create a remediation plan and expedite the remediation process. Similarly, we'll also help your close any data leaks for your organization.

Remediation planning

Our analysts will prepare a remediation plan based on the risk assessment report.
  • Check icon
    Risk mitigation recommendation for each identified risk
  • Check icon
    Save time and deploy security resources more efficiently
  • Check icon
    PDF version available

Managed remediation process

Ease the pain of chasing vendors for risk remediation. Our analysts proactively follow up with your vendors, helping shorten the remediation cycle.
  • Check icon
    Chase vendors to remediate risks
  • Check icon
    Record who conducted the remediation
  • Check icon
    Improve your own security rating by remediating vendor risks

Remediation tracking

Track the progress of remediation activities through a single, easy-to-use dashboard.
  • Check icon
    Single remediation dashboard
  • Check icon
    Track the progress of your requests
  • Check icon
    Know when risks are remediated

Close data leaks

UpGuard gives you everything you need to close data leaks before they fall into the wrong hands.
  • Check icon
    Review findings within the platform
  • Check icon
    Remediate leaks with support from our analyst team
  • Check icon
    Get notified in-app and via email when leaks are closed
  • Check icon
    Close leaks and prevent costly data breaches
Check bracket icon

Manage vendor risk

Vendor security ratings over timeAbstract shape
Pie chart icon

Reporting and insights

Effectively report on your third-party risk management program to the Board and C-Suite. Have more productive conversations and create a common language and reporting framework that is easily understood by anyone at your organization.

Executive reporting

Use our prebuilt executive reporting suite to get insights right inside the platform. With structure access to your data, you can do things such as: see your average vendor security rating and twelve-month history, explore your current vendor risk ratings breakdown, and find your highest and lowest rated vendors.
  • Check icon
    Prebuilt reporting for your third-party risk management program
  • Check icon
    Current average vendor rating and twelve-month history
  • Check icon
    Distribution of vendor ratings and twelve-month comparison
  • Check icon
    Highest and lowest-rated vendors
  • Check icon
    Most and least improved vendors
  • Check icon
    Concentration of fourth-party technologies
User profile icon

Business operations

Share access to your UpGuard account with other team members with confidence. Each user gets an individual account with fine-grained access control.

Roles and permissions

Tailor access for your team to ensure that sensitive information and actions are protected. Keep track of who has access to your UpGuard account and remove team members easily.
UpGuard roles and permissions

Account security

Secure access to the UpGuard platform and your account data. Integrate with various SSO options like Microsoft Azure, Okta, and Ping Identity. As long as your identity provider has a SAML interface we can integrate with it.
  • Check icon
    SSO options like Microsoft Azure, Okta, and Ping Identity
  • Check icon
    SAML integration

Collaboration notes

Attach notes for your teammates on remediation requests, risk waivers, and data leaks to give them context when they jump into the platform.
UpGuard collaboration notes

Documents and contacts

Capture contact details and store relevant documentation on a vendor directly in the UpGuard platform.
  • Check icon
    Know exactly where to find contact details and documents about a specific vendor

Audit log

Keep track of important events and who performed them inside the UpGuard platform.
  • Check icon
    Searchable
  • Check icon
    Real-time reporting and data
  • Check icon
    Filter by user, event type, and time
  • Check icon
    Streamline workflows
Cloud server icon

Third-party integrations

Integrate and extend the UpGuard platform with other tools with our easy to use API that can save hours of human time.

UpGuard API

Access information about your UpGuard account programmatically.
UpGuard API
Pricetag icon

Simple, transparent pricing

Add CyberResearch to your existing BreachSight or Vendor Risk subscription today.
Free trial
View pricing
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Free score
Website Security scan resultsWebsite Security scan ratingAbstract shape

Book a free demo

Book a free, personalized onboarding call with one of our cybersecurity experts.
Contact sales
Free demo
UpGuard logo
UpGuard is a complete third-party risk and attack surface management platform. Our security ratings engine monitors millions of companies every day.
Products
Compare
Tools
Company
Insights
©2021 UpGuard, Inc.
Research GuidelinesTermsPrivacyCookies