Everstream Analytics
everstream.ai
Everstream Analytics sets the global supply chain standard. Through the application of artificial intelligence and predictive analytics to its vast proprietary dataset, Everstream delivers the predictive insights and risk analytics businesses need for a smarter, more autonomous and sustainable supply chain. Everstream’s proven solution integrates with procurement, logistics and business continuity platforms generating the complete information, sharper analysis, and accurate predictions required to turn the supply chain into a business asset. To learn more, visit www.everstream.ai.
Contingent
contingent.ai
Contingent - The Supplier Insight Platform Your Whole Business Will Love. We help teams get the supplier insight they need, to instil transparency, and build resilience across their business. Contingent is an easy to setup, intuitive platform, that fits seamlessly into any workflow. It's a single place where you can find answers you need about suppliers. Real-time monitoring lets you know what’s going on, all the time. So, you can focus on delivering true value - identifying potential risks and unlocking actionable opportunities.
SecurityScorecard
securityscorecard.com
Stopping sophisticated cyberattacks requires visibility beyond your organization. Security teams need a complete understanding of their attack surface and business ecosystem risk—including partners, contractors, third- and fourth-party vendors, and supply chains. As the industry leader in security ratings, SecurityScorecard provides actionable insights for over 12 million organizations so you can quantify trustworthiness, quickly respond to cyber risks, and strengthen cyber defenses. SecurityScorecard is a security ratings, response, and resilience company. As the industry leader in security ratings, we provide actionable insights so you can make fast, informed decisions that improve your defenses. SecurityScorecard offers the world’s most comprehensive platform for quantifying and reducing risk, so you can instantly know whether an organization deserves your trust and show others that you deserve theirs. With SecurityScorecard, you can quantify trustworthiness and instantly know the cyber risk of any company worldwide, including your business, competitors, vendors, and downstream suppliers. You can strengthen cyber defenses by accessing a stream of risk intelligence that pinpoints vulnerabilities, prioritizes next steps, and clarifies remediation plans. And you can verify vendor readiness by identifying cyber-risks posed by vendors and sub-tier suppliers throughout your ecosystem– and take action to ensure their problems don’t become your problems. What we offer: Supply Chain Cyber Risk: Your supply chain consists of your third and fourth parties as well as Nth parties that are all connected to your business. Vulnerabilities and threats in your supply chain can pose risks to your business operations. With SecurityScorecard, you can significantly reduce or eliminate the risk of compromise from a vendor or business partner. Offerings include: Third-Party Cyber Risk Management, Automatic Vendor Detection, Supply Chain Risk Intelligence, and Security Questionnaires. Threat Landscape: Go outside the wire to identify threats facing your organization and your supply chain. Leverage terabytes of data and AI-driven analytics to identify the threats that put your business at risk. Offerings include: Attack Surface Intelligence, Intelligence Feeds, and Vulnerability Intelligence. Security and Risk Operations: SecurityScorecard enables companies to see what a hacker sees across their own external attack surface so they can identify threats and take action before the bad guys have a chance to exploit critical vulnerabilities. Offerings include: External Attack Surface Management and Cyber Risk Quantification. Services: A focus on expert-led continuous improvement, actionable insights, and tailored strategies positions SecurityScorecard as a trusted partner in achieving and maintaining a robust cybersecurity posture. Offerings include: Digital Forensics & Incident Response, Advisory Services, Penetration Testing, Red Team, and Tabletop Exercises. MAX: SecurityScorecard MAX is a technology-enabled supply chain cyber risk managed service. Organizations leverage SecurityScorecard's technology, expertise, and partner ecosystem to minimize supply chain risk and gain tangible business outcomes.
UpGuard
upguard.com
UpGuard is a cybersecurity platform that helps global organizations prevent data breaches, monitor third-party vendors, and improve their security posture. Using proprietary security ratings, world-class data leak detection capabilities, and powerful remediation workflows, we proactively identify security exposures for companies of all sizes.
Cyberday
cyberday.ai
Cyberday is a specialized software solution designed to assist organizations in enhancing their cyber security practices and developing a tailored Information Security Management System (ISMS). As businesses increasingly navigate the complexities of digital transformation, the need for effective cyber security measures becomes critical. Cyberday addresses this need by providing a structured approach to managing cyber security tasks, ensuring compliance with various frameworks, and fostering continuous improvement in security posture. Targeted primarily at organizations seeking to bolster their cyber security frameworks, Cyberday serves a diverse audience that includes IT professionals, compliance officers, and security managers. By breaking down complex frameworks such as ISO 27001, NIS2, DORA, and ISO 9001 into manageable, prioritized security tasks, Cyberday simplifies the implementation process. This focus on task prioritization allows organizations to allocate resources effectively and address the most pressing security needs first, ultimately leading to a more robust security environment. One of the key features of Cyberday is its integration with Microsoft Teams, a platform widely used for collaboration and communication in the workplace. This integration allows users to implement security tasks directly within a familiar interface, streamlining the process and enhancing user engagement. By leveraging the collaborative nature of Teams, Cyberday encourages teamwork and accountability, making it easier for organizations to track progress and ensure that security measures are being effectively executed. Cyberday not only aids in achieving compliance but also promotes a culture of continuous improvement in cyber security practices. The software provides tools for monitoring and evaluating security measures, enabling organizations to identify areas for enhancement. This proactive approach ensures that organizations are not only meeting current compliance requirements but are also prepared for future challenges in the ever-evolving cyber threat landscape. In summary, Cyberday is a comprehensive solution that empowers organizations to take control of their cyber security management. By offering a structured framework for implementing security tasks, facilitating collaboration through Microsoft Teams, and promoting ongoing improvement, Cyberday stands out as a valuable tool for organizations committed to safeguarding their sensitive data and enhancing their overall cyber security posture.
SureCloud
surecloud.com
Keep your business secure and compliant with SureCloud. Everything you need today and tomorrow is in its integrated GRC platform, which anyone can use. SureCloud GRC is built on its industry-first Dynamic Risk Intelligence technology, designed to empower you to proactively manage your GRC landscape by understanding the story within your data. This allows you to analyze, predict, and respond to risks before they become critical issues. The future of GRC delivered today. Its industry-first Dynamic Risk Intelligence technology enables you to be more proactive by revealing the full story and sequence of events across your programs with unparalleled visibility and certainty. It empowers you to anticipate and address potential risks before they escalate, ensuring you're always ahead of risk and compliance challenges. Leveraging advanced event-driven architecture and event sourcing, SureCloud GRC captures and analyzes every detail in real-time, giving you the tools to take proactive control and provide long-term business assurance.
Venminder
venminder.com
Venminder is a market leader in third-party risk management solutions. Venminder caters to the complex requirements of third-party risk management with robust solutions and expert guidance. The market-leading provider hones its solutions to address the evolving needs of risk management across various industries, servicing customers from startups to Fortune 100 organizations. Venminder's cutting-edge platform offers a centralized space for comprehensive third-party risk management. The third-party risk management software includes but is not limited to vendor onboarding and offboarding, document storage, contract and SLA tracking, questionnaire management, risk assessments, workflow creation, and comprehensive reporting. This versatility allows organizations to customize and streamline the risk management of suppliers, vendors, and third parties. Venmonitor™ is one of Venminder's standout risk intelligence solutions, designed to revolutionize third-party screening. It empowers customers to quickly screen potential or current third parties across multiple risk domains with less manual activities and without the need for direct involvement with the suppliers. With Venmonitor™, organizations gain deeper insight into crucial areas such as cybersecurity, business health, privacy, Know Your Vendor, and more. Thanks to daily refresh capabilities, users are equipped with continuous and up-to-date monitoring, ensuring that they remain ahead of any potential risks. Vendiligence™, another Venminder solution, is an outsourced service that performs on-demand control assessments on vendors, such as information security, data protection, cybersecurity, and financial health. Venminder's team of highly qualified experts includes CISSPs, CPAs, financial risk analysts, paralegals, and more. Available in an extensive online library, these risk-based assessments facilitate identifying and understanding potential risks and strengths related to vendors' information security posture, privacy standards, SOC reports, financial viability, business continuity/disaster recovery preparedness, contractual standards, and regulatory compliance. Venminder’s services also include vendor document collection, relieving customers of the cumbersome task of chasing paperwork. Additionally, their expert advisory services assist customers in aligning their third-party risk management policies and procedures with leading industry standards. Venminder is more than a solution provider; they are a knowledge hub for the industry. Venminder’s experienced professionals frequently contribute to industry conversations at conferences through educational content and hosting CPE credit-eligible webinars. Venminder also offers Third Party ThinkTank, the world’s largest online networking community dedicated to third-party risk professionals to share insights and best practices.
C1Risk
c1risk.com
Our mission is Governance: C1Risk is a culture. Our technology drives communication of risk and controls to authorized stakeholders to make informed decisions. The achilles heel of the GRC industry is the amount of maintenance required for its tools. C1Risk is recognized by its customers for changing the focus of information security teams from maintenance to risk management. Our customers are all successful risk practitoioners. C1Risk provides a SaaS GRC platform, built on AWS, for the risk-aware enterprise. C1Risk is a technology company and the leading cloud-based, AI, enterprise risk and compliance management platform. We offer a full suite of GRC - integrated risk management - solutions for a single price, including a GRC Regulations and Standards Library for Compliance, Asset, Internal Audit, Issue, Incident, Policy, Vendor, Vulnerability and Risk Management for all-size companies.
RealCISO
realciso.io
RealCISO is an intuitive software platform that helps organizations easily understand and manage cyber risk. With RealCISO, you’ll gain CISO-level insight in just a few clicks. Understand your security posture. Address needs, gap analysis, opportunities, and receive real, actionable guidance on how to meet compliance and security requirements for your industry. With intuitive features built to help your organization take action from a place of understanding, RealCISO doesn’t just show risk; it helps your organization manage it. * Risk assessment to identify current security vulnerabilities * Intuitive dashboards make it easy to take action * Enhanced reporting capabilities provide visibility for every team member * Based on NIST Cybersecurity Framework (CSF), ISO 27001, SOC2, NIST 800-53, NIST 800-171, CMMC, PCI, HIPAA Security Rule, & the Critical Security Controls
Jscrambler
jscrambler.com
Jscrambler is the leader in Client-Side Protection and Compliance. We were the first to merge advanced polymorphic JavaScript obfuscation with fine-grained third-party tag protection in a unified Client-Side Protection and Compliance Platform. Our integrated solution ensures a robust defense against current and emerging client-side cyber threats, digital skimming, data leaks, and IP theft, empowering software development and digital teams to innovate securely. With Jscrambler, businesses adopt a unified, future-proof client-side security policy all while achieving compliance with emerging security standards including PCI DSS v4. All Jscrambler products are fully compliant with all the main tech frameworks and stacks, including HTML5, Node.js, React, Angular, Vue, Meteor, Ember, React Native, Ionic, and NativeScript. With Jscrambler, businesses adopt a unified, future-proof client-side security policy all while achieving compliance with emerging security standards. Jscrambler serves a diverse range of customers, including top Fortune 500 companies, online retailers, airlines, media outlets, and financial services firms whose success depends on safely engaging with their customers online. Join us in shaping the future of web security and enabling fearless digital innovation.
TrustCloud
trustcloud.ai
As a Trust Assurance platform, TrustCloud® uses a unified, graph-based architecture that connects your controls, policies, and knowledge base into one silo-free compliance automation and risk management platform. We help compliance teams: - Reduce cost and time managing controls and preparing for audits - Accelerate sales deals with faster security reviews - Manage and quantify risk We help CISOs: - Reduce corporate and personal liability - Programmatically measure and report on control status, compliance audits, customer commitments, and risk - Become strategic partners to the board and leadership TrustCloud is a fast, affordable, and accurate compliance and risk management platform that dynamically scopes to your objectives as regulations change and your business grows.
Apptega
apptega.com
Tired of spreadsheets that don’t scale and require too much manual effort? Hampered by overly complex IT GRC systems that have you working for them? Apptega is the cybersecurity and compliance management platform that makes it easy to assess, build, manage, and report your cybersecurity and compliance program. Organizations in all industries and MSSPs rely on Apptega to meet the challenges of cybersecurity and compliance more efficiently and cost-effectively than with any other approach. Featuring 25+ frameworks, including SOC 2, NIST, CMMC, ISO, CIS, PCI, GDPR, HIPAA and more, and manage your program with: - Multi-Tenant - Assessments - Compliance Scoring - Risk Management - Vendor Risk Management - Audit Management - Reporting - Integrations
Scytale
scytale.ai
Scytale is the global leader in compliance automation, helping companies get compliant and stay compliant with security frameworks like SOC 1, SOC 2, ISO 27001, HIPAA, GDPR , PCI-DSS and more, without breaking a sweat. Our experts offer personalized guidance to streamline compliance, enabling faster growth and boosting customer trust. Scytale is the only complete compliance hub including other key solutions, such as penetration testing and AI security questionnaires.
FloQast
floqast.com
FloQast, a Finance and Accounting Operations Platform provider created by accountants for accountants, enables organizations to operationalize accounting excellence. Trusted by more than 2,600 accounting teams – including Twilio, Los Angeles Lakers, Zoom, and Snowflake – FloQast enhances the way accounting teams work, enabling customers to streamline and manage the Financial Close, Finance and Accounting Operations, and Compliance Programs. With FloQast, teams can utilize the latest advancements in AI technology to manage every aspect of the month-end Close, reduce their compliance burden, stay audit-ready, and improve accuracy, visibility, and collaboration throughout the financial function. FloQast is consistently rated #1 across all user review sites. Learn more at FloQast.com.
Fraud.net
fraud.net
Fraud.net operates the first full-stack Fraud, AML and KYC platform built for digital enterprises and fintechs globally. The award-winning, cloud-born platform helps organizations of all sizes harness AI-driven risk intelligence to detect fraud, streamline their customer onboarding and transaction monitoring workflows, and leverage real-time, actionable insights to make safer, smarter, and more profitable decisions. Fraud.net is a proud member of the AWS Partner Network. AWS Infrastructure + Fraud.net’s Intelligence Layer = A Complete, Cloud-born Fraud Management Platform. Fraud.net leverages over 20 AWS services to deliver its enterprise-grade risk management and revenue enhancement platform. Fraud.net processes and analyzes billions of transactions, applications, and events monthly on behalf of financial services and digital commerce companies worldwide. Fraud.net's award-winning TransactionAI solution is available in AWS Marketplace: https://aws.amazon.com/marketplace/pp/prodview-ojxruzi5mf7yi Headquartered in New York, Fraud.net employs dedicated professionals with deep experience in e-commerce, financial services, data science, and advanced technology. It was founded in 2016 by Whitney Anderson and Cathy Ross. They recognized the need to empower business leaders like themselves with cutting-edge fraud prevention tools after spending more than two decades working with financial institutions and online retailers. Fraud.net is frequently listed as a fast-growing and innovative company, earning recognition from Accenture, Amazon Web Services, Gartner, Red Herring, and several other organizations. Contact us today to arrange a free consultation.
Whistic
whistic.com
The Whistic platform gives InfoSec teams the power to run world-class third-party risk management and customer trust programs with a unified, AI-powered experience that streamlines both sides of the vendor risk assessment process. Enable a Custom TPRM Program Easily manage all aspects of a third-party risk program and significantly reduce your company’s potential for a costly data breach. Meet regulatory compliance and audit requirements in a simple, automated process. Manage and Share Your Trust Center Substantially reduce inbound questionnaire response requests: manage all of your security and compliance information from one place, making it fast and easy to search, publish, share, and confidently meet a customer’s assessment requirements. AI-First TPRM The Whistic Platform integrates AI into every stage of the TPRM assessment process, making it possible to automate up to 90% of manual tasks and take assessment times from days or weeks to minutes. Whistic AI: —Automatically runs your preferred standard or questionnaire against all existing vendor documentation to accelerate the assessment process. —Provides control-specific summaries of lengthy security docs like SOC 2 reports at the push of a button. —Allows you to send bulk queries to your entire vendor inventory to surface insights. One-of-a-Kind Network Whistic’s Trust Catalog offers the industry’s most robust network where vendors and their customers can connect and seamlessly exchange on-demand security and compliance information, eliminating the need for a manual assessment. Access to 50+ Questionnaires and Frameworks Leverage the latest versions of more than 50 questionnaires and frameworks, including rapid response templates for industry-wide vulnerabilities, plus continuous monitoring by RiskRecon on over 60k companies — all included with your Whistic subscription.
Cypago
cypago.com
The revolutionary Cypago Cyber GRC Automation (CGA) Platform combines the strength of SaaS architecture and advanced Correlation Engines, GenAI, and NLP based automation with an intuitive user experience, delivering complete coverage across all security frameworks and IT environments. The platform enables organizations to increase security and GRC maturity through simplified cross-functional workflows, reduced manual efforts, and lower costs–all while reinforcing trust with their customers and stakeholders.
Havoc Shield
havocshield.com
All-in-one cybersecurity solution for financial services. Built to satisfy GLBA, FTC Safeguards, IRS Tax Preparer, New York DFS and other financial industry security requirements. Havoc Shield quickly removes the fear and risk of a lacking cybersecurity program by providing an industry-compliant plan, expert guidance, and professional security tools in an all-in one-platform.
Smarsh
smarsh.com
Smarsh enables companies to transform oversight into foresight by surfacing business-critical signals in their digital communications. Regulated organizations of all sizes rely upon the Smarsh portfolio of cloud-native digital communications capture, retention, and oversight solutions to help them identify regulatory and reputational risks within their communications data before those risks become fines or headlines. Smarsh serves a global client base spanning the top banks in North America, Europe, and Asia, along with leading brokerage firms, insurers, and registered investment advisors and U.S. state and local government agencies.
Enactia
enactia.com
Comprehensive software solution for Cybersecurity and Data Protection Governance Risk Compliance (GRC). Support your business addressing compliance and governance challenges with multiple Data Protection ad Cybersecurity Laws and Frameworks from multiple jurisdictions across the world, including GDPR, CCPA, PDPL, HIPPA, PIPEDA, ISO27001, NIST CSF, SAMA and much more Regulations/Standards. Enactia is a governance, risk management, and compliance (GRC) suite of solutions, which enables businesses to manage compliance, data breach, incidents, tasks and risks using assessments. Professionals can store investigation reports, policies, supporting evidence and other documents within a centralized repository. Key features of Enactia include audit trail, reminders, role-based access permissions, predefined templates and vendor management. Businesses can create compliance assessments, delete, edit or add questions and perform data protection impact assessments (DPIAs). Additionally, organizations can assess compliance with various regulations such as California Consumer Privacy Act (CCPA) and General Data Protection Regulation (GDPR), among others. Using Enactia, businesses can access information about specific documents, answers, tasks and risks from within a unified platform. The product is available on monthly or annual subscriptions and support is extended via phone and other online measures.
VISO TRUST
visotrust.com
A rationalized vendor security due diligence platform. VISO TRUST puts reliable, comprehensive, actionable vendor security information directly in the hands of decision-makers who need to make informed risk assessments.
TechnoMile
technomile.com
TechnoMile empowers companies to find, pursue, win, and retain more business with the government. Our transformative cloud solutions empower companies doing business with the government to optimize BD and capture processes, fuse curated public information with their own data to gain unique insights, streamline contract management, and mitigate risk throughout the entire lifecycle of government sales.
AuditComply
auditcomply.com
AuditComply enables modern businesses operating in highly regulated industries to manage their compliance demands and provides a new level of visibility through our Analytic dashboard, instantaneous report generation, issue tracking and in-depth analytics.
Supply Wisdom
supplywisdom.com
Supply Wisdom transforms global business with comprehensive, predictive, real-time risk intelligence. Through continuous monitoring, comprehensive intelligence reports, and real-time alerts, Supply Wisdom speeds business growth, lowers costs, increases security and compliance, and unlocks revenue opportunities. Supply Wisdom’s full-stack AI-based SaaS products turn open-source data into risk intelligence and are the market’s only software to cover all risk domains in real-time: financial, cyber, operational, ESG, compliance, Nth party, and location-based risk. Supply Wisdom clients include Fortune 100 and Global 2000 firms in the financial services, insurance, healthcare, and technology sectors, including United Healthcare, BNY Mellon, and Bank of Ireland. Supply Wisdom values diversity with a global workforce that is currently 57% female. Contact us today for a quick demo so you can see how our actionable approach can achieve great results for your company.
Risk Ledger
riskledger.com
Risk Ledger is a cybersecurity and risk management platform designed to help organisations securely share risk data with their supply chains. This solution addresses the pressing need for businesses to effectively identify, assess, and manage third-party risks while ensuring compliance with various industry standards. By streamlining the risk management process, Risk Ledger empowers organisations to maintain operational integrity and safeguard sensitive information. Aimed at organisations with complex supplier networks, Risk Ledger offers a centralised system for conducting comprehensive risk assessments and sharing vital data. Sectors such as finance, healthcare, and manufacturing benefit greatly from the platform's insights into third-party vendor risk profiles. These insights help businesses bolster operational resilience and protect against potential breaches or vulnerabilities from supply chain partners. Risk Ledger’s customisable risk assessment tool allows organisations to tailor evaluations to their specific needs, meeting various regulatory requirements. The platform’s collaborative network enables real-time communication and data sharing, ensuring all stakeholders remain informed and engaged. This approach enhances the effectiveness of risk assessments and promotes transparency. One major advantage of Risk Ledger is its ability to improve supply chain transparency and accountability. By providing a shared platform for risk data, organisations can build trust and foster collaboration with their partners, leading to more informed and proactive decision-making. The platform’s strong focus on compliance also helps organisations meet regulatory obligations, reducing the risk of penalties and strengthening their reputation. Risk Ledger is an essential tool for navigating the complexities of third-party risk management. Its combination of collaborative features and robust assessment capabilities makes it a valuable asset for businesses aiming to enhance their cybersecurity measures and mitigate supply chain risks, creating a more secure and resilient operational framework.
Vistar
vistar.cloud
Vistar Cloud empowers organizations to streamline security and compliance through automation. Our platform simplifies the process of achieving and maintaining key industry standards, including SOC 2, ISO 27001, GDPR, and HIPAA, allowing companies to focus on growth while building trust with customers and partners. By automating control monitoring and evidence collection, we help businesses save time, reduce manual efforts, and enhance security in real time. Vistar Cloud serves a diverse range of companies across the globe, ensuring they meet regulatory requirements efficiently and securely.
Sicura
sicura.us
Sicura automates and simplifies security compliance of IT infrastructure. Sicura provides a way to automate the translation, enforcement, and remediation of security policies at the operating system (OS) and middleware level. Sicura is used by organizations in highly-regulated industries, from government to finance to healthcare, to ensure continuous compliance to frameworks and regulations such as NIST 800-53, DISA STIG, PCI-DSS, CIS Benchmarks and HIPAA technical controls.
Compleye
compleye.io
Compleye is an ISO 27001 platform crafted specifically for startups! Our goal is to help startups towards achieving certification effortlessly and affordably, with a solution that's both easy to use and powerful. Compleye's platform is designed to enable startups to handle ISO 27001 compliance independently, without requiring prior experience. But for those who prefer expert guidance, our team of specialists is ready to fast-track your journey without the DIY hassle. We've reimagined compliance by eliminating unnecessary documents and making the process more enjoyable and accessible. Compleye offers a single platform where you can store evidence, access 35+ policy templates, dive into our in-depth wiki for ISO 27001 understanding, and utilize our signature X-Ray session to break down your business into manageable compliance components and much more. Compleye transforms ISO 27001 compliance from a daunting task into an engaging and streamlined experience. Let's make compliance (almost) fun together!
ClearOPS
clearops.io
ClearOPS offers an AI-Driven governance platform that supports customers to drive more revenue and mitigate data loss to AI model training. Govern the use of AI using AI with ClearOPS GenAI risk assessments technology and vendor management.
ComplyDog
complydog.com
Make your service or product GDPR compliant without the complexity. Answer common compliance questions from your prospects and customers. Provide signed DPAs hands-free. ComplyDog is GDPR compliance software that helps software companies handle data subject requests, automate DPA signature requests, and answer common compliance questions from prospects. With ComplyDog, you can: * Quickly answer common GDPR questions from prospects and customers through a self-service compliance portal. * Showcase security and data protection practices. * Automate data processing agreement signatures. * Streamline subject access requests.
© 2025 WebCatalog, Inc.