User Risk administrators can now set a policy on any application: approve it, block it, nudge users toward alternatives, or mark it as tolerated. Role, team, and individual user exceptions layer on top of a base policy, with no parallel rule sets to manage. For example, Social Media apps can be blocked for everyone while remaining approved for the Marketing team. Newly discovered apps inherit the organization's default state automatically. For more information see App Usage Policies.
Safer web controls with User Risk
User Risk now gives administrators browser-level controls that govern what employees can do on a site, not just whether they can access it. Administrators can prevent employees from pasting or uploading sensitive data into shadow AI tools. Corporate sign-in can be enforced on approved apps. Predictable passwords are flagged before they're set. For more information see Browser Defense Policies.
Email notifications for expiring additional evidence
In addition to in-app notifications, Vendor Risk users can now enable email notifications when additional evidence documents are approaching their expiry date.
Other improvements
- Vendor Risk users can now export Incidents and News data to Excel for their own organization and their vendors.
- Vendor Risk risk assessment templates now support using merge tags within HTML content, allowing HTML styling to dynamically change based on vendor attributes.
- Breach Risk and Vendor Risk now include Bootstrap version detection, enabling identification of assets running outdated or vulnerable Bootstrap versions.
- When uploading documents to the Trust Center content library, duplicate files are now flagged inline with a blue pill indicator, allowing users to view and manage all duplicates at a glance rather than resolving them one by one.
UpGuard Release Notes
See UpGuard In Action
Free instant security score
How secure is your organization?
