UpGuard CyberRisk

CyberRisk offers the only complete solution for managing vendor risk to avoid data breaches.

UpGuard CyberRisk


Vendor Risk

Suppliers allow you to focus on your business, but each of them puts your data at risk.

Rate of Change

Systems can be misconfigured in seconds, leaving your critical data publicly accessible.

Manual Processes

Manually validating vendor security practices takes time, leaving you open to exposure.

Our Solution

Risk Scoring

UpGuard’s cyber risk scoring makes it easy to compare and monitor vendors’ risk.

Breach Notification

Receive notifications when the UpGuard research team discovers your exposed data.

Assessment Questionnaires

Automate the questionnaire assessments to complete your vendor management process.

download data sheet


Risk Scoring

CyberRisk quantifies risk for every website, API, and organization.

Questionnaire Assessments

Attestations gather critical information that can't be gathered programmatically.

Portfolio Management

Large numbers of vendors can be managed effectively with custom labels and filters.

Remediation Guidance

All configuration findings are available so you know exactly what to do to improve.

Risk Analysts

Consultation with UpGuard's risk analysts can help identify exposed private data.

Universal Monitoring

CyberRisk's methodology scores every vendor without attribution problems.


CyberRisk's authentication can integrate with your SSO of choice.

Integrated Risk Management

CyberRisk seamlessly interoperates with UpGuard Core for security inside and out.



How often does CyberRisk refresh its data?

CyberRisk refreshes data on monitored entities every 24 hours.

How many companies does CyberRisk monitor?

CyberRisk's unique configuration-centric methodology allows it to monitor every organization with a digital footprint.

What data does CyberRisk collect?

CyberRisk gathers all the information needed to assess a vendor for their risk of a data breach. The cloudscanner constantly crawls public facing assets to measure the risk of man-in-the-middle attacks, phishing, malware, and other common vectors. Additionally, automated assessment questionnaires provide visibility into the risks that are not publically accessible. Sign up to see all risk factors for yourself and your vendors.

Can I customize the vendor questionnaires?

Yes, customers of CyberRisk can add their own questions or map our library of questions to their controls.

How is CyberRisk priced?

CyberRisk is priced per organization you monitor, regardless of the number of digital assets associated with that organization.

Can I reuse vendor licenses if I change vendors?

Yes, if you no longer wish to monitor an organization you can use that license to monitor a different one.