Alternatives to Trustpage
Compare Trustpage alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Trustpage in 2026. Compare features, ratings, user reviews, pricing, and more from Trustpage competitors and alternatives in order to make an informed decision for your business.
-
1
StandardFusion
StandardFusion
A GRC solution for technology-focused SMB and Enterprise Information Security teams. StandardFusion eliminates spreadsheet pain by using a single system of record. Identify, assess, treat, track and report on risks with confidence. Turn audit-based activities into a standardized process. Conduct audits with certainty and direct access to evidence. Manage compliance to multiple standards; ISO, SOC, NIST, HIPAA, GDPR, PCI-DSS, FedRAMP and more. Manage vendor and 3rd party risk, and security questionnaires easily in one place. StandardFusion is a Cloud-Based SaaS or on-premise GRC platform designed to make InfoSec compliance simple, approachable and scalable. Connect what your organization does, with what your organization needs to do.Starting Price: $1800 per month -
2
Scrut Automation
Scrut
With Scrut, automate your risk assessment and monitoring, build your own unique risk-first infosec program, effortlessly manage multiple compliance audits, and demonstrate trust with your customers, all from a single window. Discover cyber assets, set up your infosec program and controls, continuously monitor your controls for 24/7 compliance, and manage multiple compliance audits simultaneously, all through a single window on Scrut. Monitor risks across your infrastructure and application landscape in real-time and continuously stay compliant with 20+ compliance frameworks. Collaborate with team members, auditors, and pen-testers with automated workflows and seamless artifact sharing. Create, assign, and monitor tasks to manage daily compliance with automated alerts and reminders. With the help of 70+ integrations with commonly used applications, make continuous security compliance effortless. Scrut’s intuitive dashboards provide quick overviews and insights. -
3
Secureframe
Secureframe
Secureframe helps organizations get SOC 2 and ISO 27001 compliant the smart way. We help you stay secure at every stage of growth. Get SOC 2 ready in weeks, not months. Preparing for a SOC 2 can be confusing and full of surprises. We believe achieving best-in-class security should be transparent at every step. With our clear pricing and process, know exactly what you’re getting from the start. You don’t have time to fetch your vendor data or manually onboard employees. We’ve streamlined every step for you, automating hundreds of manual tasks. Your employees can easily onboard themselves through our seamless workflows, saving you both time. Maintain your SOC 2 with ease. Our alerts and reports notify you when there’s a critical vulnerability, so you can fix it quickly. Get detailed guidance for correcting each issue, so you know you’ve done it right. Get support from our team of security and compliance experts. We strive to respond to questions in 1 business day or less. -
4
Apiiro
Apiiro
Complete risk visibility with every change, from design to code to cloud. Industry-first Code Risk Platform™ A 360° view of security & compliance risks across applications, infrastructure, developers’ knowledge & business impact. Data-driven decisions are better decisions. Understand your security & compliance risks with a real-time inventory of apps & infra code behavior, devs knowledge, 3rd-party security alerts & business impact. From design to code to cloud. Security architects don’t have time to review every change & investigate every alert. Make the most of their expertise by analyzing context across developers, code & cloud to identify risky material changes & automatically build an actionable workplan. No one likes manual risk questionnaires, security & compliance reviews - they’re tedious, inaccurate & not synced with the code. When the code is the design, we must do better - trigger contextual & automatic workflows. -
5
Panorays
Panorays
The fastest way to securely do business together. Automating Third Party Security Lifecycle Management. Gain a 360° view of the supplier through a combination of the hacker’s view and internal policy. The hacker’s view tests the posture just like a hacker would evaluate a company. The internal policy ensures that the supplier complies with security policies and practices. The most seamless end-to-end third party security workflow solution. Panorays’ rapid security ratings are based on an “outside-in” simulated hacker’s view of assets, combined with an “inside-out” view that checks that the supplier adheres to your internal company security policies. Panorays’ automated customized security questionnaires include only the questions that are relevant for each supplier, and you can track progress with a click. Choose from a built-in template or create your own. -
6
ThirdPartyTrust
ThirdPartyTrust
TPRM by ThirdPartyTrust is your one pane of glass risk dashboard: An end-to-end document repository and workflow automation tool to scale your vendor risk management program. Leverage a network of 17,000+ existing vendor profiles to fast forward your reviews and stay proactive with continuous monitoring. Beacon is the one source of truth for third party vendors: A centralized security profile comprising all your questionnaires, certifications, and attestations. Answer them once and easily share the latest versions any time your team receives a security assessment request. The tool will help you manage your end-to-end process, reducing the time spent on requesting and reviewing security documents.Starting Price: $120000.00/year -
7
UpGuard
UpGuard
The new standard in third-party risk and attack surface management. UpGuard is the best platform for securing your organization’s sensitive data. Our security ratings engine monitors millions of companies and billions of data points every day. Continuously monitor your vendors, automate security questionnaires, and reduce third and fourth-party risk. Monitor your attack surface, prevent data breaches, discover leaked credentials, and protect customer data. Scale your third-party risk program with UpGuard analysts, and let us monitor your organization and vendors for data leaks. UpGuard builds the most powerful and flexible tools for cybersecurity. Whether you’re looking to prevent third-party data breaches, continuously monitor your vendors, or understand your attack surface, UpGuard’s meticulously designed platform, and unmatched functionality helps you protect your most sensitive data. Hundreds of the world’s most data-conscious companies are scaling faster and more securely.Starting Price: $5,249 per year -
8
Conveyor
Conveyor
Build trust with customers around data security. Conveyor is a platform that provides cloud-based companies what they need to prove they are trustworthy to their customers and ensure their vendors are trustworthy. Join the network and simplify building trust around data security. Conveyor is building the largest network of companies who know data security is a business driver not a cost center. We are creating a more trustworthy internet by simplifying the exchange of security information. Move compliance earlier in the sales cycle by streamlining sharing your security posture to customers and prospects. Spend 60% less time responding to customer security reviews by quickly answering questionnaires and enabling instant, self-serve access to security documents. -
9
Rescana
Rescana
Successful risk programs rely on accuracy in the process of discovering and managing assets and only then assessing the risks. Rescana's artificial intelligence preforms asset attribution, thereby keeping false positives to a minimum. Rescana's form engine gives you the flexibility you need to conduct your risk surveys. Use and customize our built in forms, or upload your own to make the perfect survey. Infinitely scalable, our army of collector bots scour the deepest corners of the web in search of your assets and data on a daily basis. With Rescana you are always up to date. Integrate into your procurement system, and make sure vendors are classified correctly from the beginning. Rescana's flexible survey will ingest any existing questionnaire, and is feature rich - providing the best experience for you and your vendor. Communicate the vulnerabilities to your vendors with ease, re-certify them quickly with pre filled forms.Starting Price: $25 per month -
10
Whistic
Whistic
The best way to assess, publish, and share vendor security information. Automate vendor assessments, share security documentation, and create trusted connections—all from the Whistic Vendor Security Network. Once companies start using Whistic, they can’t imagine how they managed vendor security assessments or responded to questionnaire requests before. Avoid the black box security reviews of the past by openly sharing vendor security requirements and publishing profiles. Focus on establishing trust rather than chasing down spreadsheets. Initiate assessments, assign inherent risk, engage vendors, calculate risk scores and trigger reassessments—automatically. In the fast-paced business environment we’re living in, no one has time for the slow, outdated security review processes of the past. Access the security posture of thousands of businesses immediately with Whistic. -
11
SecurityScorecard
SecurityScorecard
SecurityScorecard has been recognized as a leader in cybersecurity risk ratings. Download now to see the new cybersecurity risk rating landscape. Understand the principles, methodologies, and processes behind how our cybersecurity ratings work. Download the data sheet to learn more about our security ratings. Claim, improve, and monitor your scorecard for free. Understand your vulnerabilities and make a plan to improve over time. Get started with a free account and suggested improvements. Gain a holistic view of any organization's cybersecurity posture with security ratings. Leverage security ratings for a variety of use cases, including risk and compliance monitoring, M&A due diligence, cyber insurance underwriting, data enrichment, and executive-level reporting. -
12
Tribble
Tribble
As a Chrome extension, Tribble answers your RFPs and InfoSecs, follows your users where they work, and unlocks real-time collaboration. Put your questionnaires on auto-pilot, and say goodbye to stale data. In Slack and Teams, Tribble provides deal guidance to sales teams, answers deep technical product questions, and shares industry knowledge. Bridge knowledge and enablement gaps while allowing your pre-sales teams to scale in real time. Scale expertise across your company with Tribble, a digital teammate that integrates with your systems, learns from your data, updates stale content, and crafts proposals. Showcases one unified voice to your customers, regardless of who is answering a questionnaire. Have confidence that you are providing the right responses to your customers. Our agent fields questions from any app and answers hundreds within seconds. Escalate to an expert using our extension’s native Slack and Teams integrations. -
13
Auditive
Auditive
Auditive is a Third-Party Risk Management (TPRM) platform with continuous monitoring, empowering buyers and sellers to confidently engage with each other, like never before. Auditive's unique network approach eliminates 80% of the risk review work for businesses and their vendors. Buyers can complete third-party risk reviews four times faster, continuously monitor risk across their entire vendor portfolio, and gain near-instant visibility into third-party risk, resulting in a 35% increase in vendor response rates. Sellers benefit by avoiding repetitive questionnaires, focusing on high-value initiatives, marketing their security posture on the Auditive network, and building trust with customers. The platform supports evaluation against industry-specific frameworks, ensuring accurate risk assessment. Auditive integrates seamlessly with procurement and productivity workflows, enabling rapid onboarding and continuous monitoring of all vendors in one place.Starting Price: $800 per month -
14
RiskRecon
RiskRecon
Automated risk assessments tuned to match your risk appetite. Get the intimate risk performance assessments you need to efficiently manage your third-party risk. RiskRecon’s deep transparency and risk contextualized insights enable you to understand the risk performance of each vendor. RiskRecon’s workflow enables you to easily engage your vendors to realize good risk outcomes. RiskRecon knows a lot about your systems. Know what RiskRecon knows. Get continuous objective visibility of your entire internet risk surface, spanning managed, shadow and forgotten IT. RiskRecon knows a lot about your systems. Know what RiskRecon knows. Get continuous objective visibility of your entire internet risk surface, spanning managed, shadow and forgotten IT. See the intimate details of every system, the detailed IT profile and security configuration. We’ll even show you the data types at risk in every system. RiskRecon’s asset attribution is independently certified to 99.1% accuracy. -
15
ClearOPS
ClearOPS
ClearOPS helps buyers and sellers manage their vendors and satisfy due diligence requirements. ClearOPS is a full-circle third-party risk platform. With ClearOPS you can track and monitor all of your vendors, send assessments and upload evidence, and respond to their customer's vendor management processes. Vendor security questionnaires are like a hot potato, no one wants to do them. So our A.I. takes the first pass saving massive amounts of time. As a system of record, you never have to watch the information about your own business walk out the door. You won the customer, now what? Well, you have to retain them, and maintaining that healthy trust is what we are all about. ClearOPS manages privacy and security operations information so that it is easily accessible and up to date. Simple third-party risk management software solution. Inspire your colleagues with empowerment and assess your vendors on your schedule.Starting Price: $500 per month -
16
Counself
Counself
Counself Risk™ is designed for legal, making onboarding a breeze and due diligence an easy check-in. Take advantage of Counself’s library of legal industry best-practice forms, questionnaires, documents, and request templates to expedite your compliance gathering and monitoring processes. Counself RFP™ leverages and compares AFAs to increase price predictability and cost optimization for your legal department. Host sealed bidding events, perform conflict checks, attach custom forms and documents, and send requests to as many firms you want at once, securely and separately. We put data security at the forefront of everything we do because we understand how valuable your data is – to you and to cybercriminals. -
17
ProcessUnity
ProcessUnity
ProcessUnity Vendor Risk Management is a software-as-a-service (SaaS) application that helps companies identify and remediate risks posed by third-party service providers. Combining a powerful vendor services catalog with risk process automation and dynamic reporting, ProcessUnity VRM streamlines third-party risk activities while capturing key supporting documentation that ensures compliance and fulfills regulatory requirements. ProcessUnity VRM provides powerful capabilities that automate tedious tasks and free risk managers to focus on higher-value mitigation strategies. Powerful capabilities for real risk reduction. A proven track record of customer success. Schedule your personalized demo of our award-winning software and start your journey to a more mature, automated program. ProcessUnity Vendor Risk Management protects corporate brands by reducing risk from third parties, vendors and suppliers. -
18
3rdRisk
3rdRisk
Whether it concerns cyber, sustainability, compliance, or continuity risks, your supplier (third-party) relationships are a growing area of concern. The occurrence and impact of third-party incidents and compliance obligations are increasing. Our platform serves as a secure, all-in-one hub, facilitating multidisciplinary collaboration among all internal risk disciplines, business teams, and third-party partners. It enables the seamless and secure sharing of documents and questionnaires, while also providing a collaborative space for working on shared requirements. While working on one platform, internal teams can choose what information they would like to share with other teams and external parties. Our third-party catalog connects seamlessly with your internal procurement systems and external data feeds, creating a centralized overview of your entire third-party landscape. This comprehensive view includes everything you need to know about contracts and specific characteristics. -
19
Blue Umbrella GRC
Blue Umbrella
Identify and manage third-party risk. A modular, best-in-class, plug & play compliance platform to effectively manage multiple areas of third-party risk. Buy Only What You Need. Blue Umbrella GRC is designed to scale as your third-party risk management program matures and expands. Get started today with one module or create a bundle and build from there. Streamline your data. Forget using multiple tools and systems to manage third-party risk. Blue umbrella grc centralizes it all. Get started today. Sign up online and get started within minutes with a hassle-free setup and friendly user interface. Trusted expertise. Tap into the gold standard of third-party risk management questionnaires, including anti-bribery and corruption, data privacy, ccpa, it security and more. Automate the process Each module is built so you can easily identify risk in your vendor relationships and take actionable steps to remediate.Starting Price: $325 per month -
20
VivoSecurity
VivoSecurity
Regulators and management need 3rd party assessment that are accurate and not based upon opinions or assumptions. VivoSecuiry enables our customers to satisfy regulators by assessing true 3rd party risk, which is the probability that one of their vendors will have a data breach, obsoleting the use of questionnaires, maturity scores and SOC2 reports. The risk from 3rd parties is from breaches caused by the sheer number of vendors. VivoSecurity quantifies this risk twice per year, with an aggregate forecast. We help senior management set risk appetite goals with a testable forecast of data breach frequency. We help cybersecurity teams identify the few vendors that represent most of the risk, we then quantify the value of mitigation. Finally, we satisfy regulators with an accurate and documented process for vendor assessment using an empirical and transparent regression model for probability of data breach. -
21
Black Kite
Black Kite
The Black Kite RSI follows a process of inspecting, transforming, and modeling collected from a variety of OSINT sources (internet wide scanners, hacker forums, the deep/dark web and more). Using the data and machine learning, the correlation between control items is identified to provide approximations. Operationalize with a platform that integrates with questionnaires, vendor management systems and process workflows. Automate adherence to cybersecurity compliance requirements and reduce the risk of a breach with a defense in depth approach. The platform uses Open-Source Intelligence (OSINT) and non-intrusive cyber scans to identify potential security risks, without ever touching the target customer. Vulnerabilities and attack patterns identified using 20 categories and 400+ controls, making the Black Kite platform 3x more comprehensive than competitors’. -
22
Venminder
Venminder
Venminder is loaded with all the features you need for effective third-party risk management. Complete inherent risk assessments to determine which of your vendors require attention. Streamline the onboarding, ongoing management and offboarding of your vendors with dedicated workspaces. Manage each stage in our purpose-built configurable software platform. Risk assessments are an extremely important activity to complete on your vendor's products as they provide you with the level of risk a product will or is posing to your organization. The Venminder platform enables you to create custom risk assessment questions, invite unlimited internal users to contribute answers, apply scoring preferences, create clear and concise risk rating reports and more. Features also include template creation, progress monitoring and residual risk capabilities. -
23
VISO TRUST
VISO TRUST
VISO TRUST's AI-powered third-party risk platform lets your security team effortlessly access risk intelligence for any number of third parties. Instantly assess all your third parties without hiring additional analysts and take action to reduce risk without reading documents and analyzing surveys. Leverage data from thousands of vendors to gain unparalleled risk intelligence. VISO TRUST is the only SaaS third-party cyber risk management platform that delivers the rapid security intelligence needed for modern companies to make critical risk decisions early in the procurement process. Frictionless due diligence simplifies an otherwise complex process and allows companies to effortlessly assess any number of third parties. Leverage curated AI to extract insights from source artifacts and automatically determine vendor security posture without any user interaction. Gain a comprehensive overview of your organization's cyber risk posture and make data-driven decisions to reduce risk. -
24
Proof&Trust
Proof&Believe LLC
We’ve dedicated 6 years to crafting the perfect algorithm for vendor risk assessment. This algorithm has been meticulously refined and enhanced with cutting-edge AI technologies, ensuring unparalleled accuracy and efficiency. Vendors provide evidence and answer 32 straightforward questions covering various aspects of their operations, compliance, and security measures. With our user-friendly interface, 95% of vendors complete the assessment in under 30 minutes, minimizing disruption to their operations. Our algorithm thoroughly analyzes vendor-provided evidence and responses, leveraging AI to identify risks, vulnerabilities, and compliance issues. Businesses receive a comprehensive report with actionable insights and recommendations, enabling informed decision-making and proactive risk management. -
25
Shared Assessments
Shared Assessments
We’ve harnessed the collective intelligence of world’s top risk assessment and management experts to create our industry leading SIG Questionnaire and the most recognized third party risk certification, CTPRP. The VRMMM, SIG, SCA and Privacy tools are designed to meet the needs across the vendor risk management lifecycle. Certification classes and exams establish a knowledge base and verify third party risk professionals’ expertise. Studies, papers and our blog are member-driven, industry-informed and forward looking. Premier global, multi-industry event to shed light on the processes, technologies, and efficiencies in TPRM. -
26
Complyance
Complyance
Complyance is an AI-powered GRC platform designed for enterprise teams to centralize, automate, and manage their compliance, risk, vendor, and policy workloads. Its modular system includes out-of-the-box and fully customizable controls, a vendor management suite, risk registers, and a policy center. With hundreds of integrations into existing enterprise tools, Complyance automatically collects and maps evidence, continuously monitors controls and vendor risk, and keeps your compliance posture audit-ready. Built-in AI features (and optional specialized AI Agents) auto-draft policy documents, cross-map evidence to controls, score vendor risk, generate client questionnaire responses, and surface compliance gaps, cutting manual work by up to 70–90%. The AI operates in a privacy-first way; each client has an isolated instance, and no data is used to train shared models. -
27
Halo Ai
Halo Ai
Use Halo Ai to reduce costs, increase quality, and support business growth. It’s a full-body scan for your vendors. We continuously integrate millions of data points from countless sources covering 430M private and public companies globally. We eliminate time-consuming questionnaire completion work and deliver compliance control assessments in minutes. Our trained AI models connect, correlate, and contextualize 1,000s of data points to bring you the full risk story. We give you a 360 view of your vendors to create better situational and informed awareness of areas of concern. We identify vendors highly susceptible to attack with specific actions to mitigate risks. See real-time changes automatically so you always have an accurate comprehensive risk picture at your fingertips. Leverage automation to focus your best people on the most impactful areas. Unlock growth in your business and proactively reduce risks to protect your organization. -
28
Realm
Realm
Realm is an AI-powered knowledge and workflow platform designed for revenue teams, enabling instant access to company knowledge, automation of RFPs and questionnaires, and creation of bespoke AI agents that handle tasks across sales, support, and product workflows. It connects to tools your team already uses, such as Slack, Notion, Jira, Confluence, HubSpot, Zendesk, Google Drive, and more, to surface answers, automate responses, and orchestrate tasks from a single unified interface. Key features include a searchable knowledge base, “Assistant” chat for real-time answers, “RFP AI” for automating RFIs, RFQs, and security questionnaires, and customizable “Agents” that can be built for meeting prep, deal reviews, deal-desk support, or support-ticket resolution. Realm emphasizes secure enterprise architecture, single-tenant deployment, data encryption at rest and in transit, permissions enforcement, and regular penetration testing. -
29
Responsive
Responsive
Responsive (formerly RFPIO) is the global leader in strategic response management software, transforming how organizations share and exchange critical information. Our commitment to product innovation and customer success empowers companies to accelerate growth, mitigate risk and improve the employee experience by leveraging intelligent technologies to quickly and accurately manage RFPs, RFIs, security questionnaires (VSQs), due diligence questionnaires (DDQs), risk assessments and all other complex information requests (RFXs). With Responsive, frontline teams deliver superior responses by automating the completion of questionnaires, documents and spreadsheets while collaborating with stakeholders, improving processes with data insights, and quickly accessing approved content across popular business applications. -
30
TrustMAPP
TrustMAPP
TrustMAPP provides customers with a continuous process of measuring, reporting, planning and cintinuous improvement. Provides information security leaders with a real-time view of the effectiveness of their cybersecurity program while aligning to business objectives and risk. TrustMAPP provides the story of where you are, where you’re going, and what it will take to get there. From a single source of data, or from multiple integrations, an organization’s security posture is visible based on stakeholder perspectives: CISO, C-Suite, and Board. TrustMAPP gives organizations the ability to manage security as a business, quantifying and prioritizing remediation actions and costs. -
31
Orbit Risk
Thomas Murray
Achieve trust, transparency and security with a single platform. A leading solution for companies looking to digitize and automate their risk management, that combines Orbit Intelligence, Orbit Diligence and Orbit Security. Orbit Intelligence captures your risk landscape with insights from across the platform. It centralizes risk analysis, data, and news on your portfolio of monitored organizations. Automate your due diligence questionnaires (DDQ) and request for information (RFI) processes for a wide range of use cases. Access a library of off-the-shelf questionnaires and risk frameworks, and free up valuable resources. Orbit Security Ratings are an automated, powerful way to continuously monitor the cyber security posture of your organization and the third parties it relies on, with data-driven analytics so you can enhance the security of your ecosystem. -
32
BitSight
Bitsight
Bitsight is the global leader in cyber risk intelligence, leveraging advanced AI to empower organizations with precise insights derived from the industry’s most extensive external cybersecurity dataset. With more than 3,500 customers and over 68,000 organizations active on its platform, Bitsight delivers real-time visibility into cyber risk and threat exposure, enabling teams to rapidly identify vulnerabilities, detect emerging threats, prioritize remediation, and mitigate risks across their extended attack surface. Bitsight proactively uncovers security gaps across infrastructure, cloud environments, digital identities, and third- and fourth-party ecosystems. From security operations and governance teams to executive boardrooms, Bitsight provides the unified intelligence backbone required to confidently manage cyber risk and address exposures before they impact performance. -
33
C1Risk
C1Risk
C1Risk is a technology company and the leading cloud-based, AI, enterprise risk and compliance management platform. Ou vision is to demystify and take the complexity out of risk management. We aim to To simplify your risk and compliance management for you to build and maintain the trust of your stakeholders. C1Risk sets the standard for companies that lead with risk, to win, with a full suite of solutions for a single, affordable price. GRC Regulations and Standards Library Policy Management Compliance Automation Enterprise Asset Management Risk Register and Risk Management Auto-calculated inherent and residual risk scoring Issue Management Incident Management Internal Audit Vulnerability Management Vendor Onboarding and Security Review Vendor Risk Scorecards REST API IntegrationsStarting Price: $18,000 per year -
34
TrustElements
TrustElements
TrustElements helps to mitigate risk and prioritize investments. Your cyber resiliency score is defined in a percentage after analyzing all loads of data your company owns. TrustElements maps your results to industry frameworks (NIST, CIS, MITRE) and helps to establish a golden standard of cyber resilience by continuously assessing your organization exposure to risks. The TE platform enhances decision making based on your business context and helps to better allocate financial resources. Communicate cybersecurity strategy to the C-level and Board of Directors to strengthen the decision making in Security, IT, and Risk Management. Whether your challenge is vendor risk management, tight security budgets, overcoming resource obstacles or applying the right level of protection and risk management, we have your back to make your company propel. -
35
Risk Ledger
Risk Ledger
The Risk Ledger platform gives clients all the tools they need to run a comprehensive, cyber security-led, third-party risk management programme against their entire supply chain at speed and at scale while making it simple, free and fast for third parties to engage with the process and improve their risk management maturity. Our unique secure network model allows every organisation to both run a third-party risk management programme and respond to client risk assessments, facilitating a network of trust relationships between organisations on the platform. Organisations running a third-party risk management programme on the Risk Ledger platform benefit from: - continuous monitoring of risk controls implemented in their supply chain - visibility beyond third-parties to fourth, fifth and sixth parties - procurement cycles reduced by up to 80% - Increased supplier engagement - low per-supplier costs -
36
COBRA
C2 Cyber
Supply chains are complex, organic networks of relationships that grow extensively over time. Statistics show that two-thirds of security breaches originate from third parties. C2 Cyber’s Cobra platform immediately assesses the inherent risk of a supplier, saving time from the start. It then recommends a tier of service for each supplier that matches both the risk presented and the client’s risk appetite. -
37
Sphera Supply Chain Risk Management helps you proactively identify, assess and mitigate supply chain risk. You need to master supply chain risk management—we can help. The Sphera Supply Chain Risk Management Solution helps you proactively identify, analyze and mitigate all types of supply chain risk. You can turn risk into opportunity to rise above the competition—and we can help. Prevent risk from costing you by strengthening your categories with Impact Analyzer. Assess supplier criticality and detect vulnerabilities at the category. Save valuable time by making the right moves with Action Planner. Collaborate across your organization and with your suppliers to proactively mitigate risk. For certain areas of your risk exposure, your suppliers themselves are the only ones who can provide the answers. This is where you need a professional. Establish a new level of collaboration by inviting your suppliers to join you in the next frontier of supply chain risk visibility.
-
38
OneTrust Tech Risk and Compliance
OneTrust
Scale your risk and security functions so you can operate through challenges with confidence. The global threat landscape continues to evolve each day, bringing new and unexpected risks to people and organizations. The OneTrust Tech Risk and Compliance brings resiliency to your organization and supply chain in the face of continuous cyber threats, global crises, and more – so you can operate with confidence. Manage increasingly complex regulations, security frameworks, and compliance needs with a unified platform for prioritizing and managing risk. Gain regulatory intelligence and manage first- or third-party risk based on your chosen methodology. Centralize policy development with embedded business intelligence and collaboration capabilities. Automate evidence collection and manage GRC tasks across the business with ease. -
39
Proteus NextGen Data Privacy
Proteus-Cyber
Proteus NextGen Data Privacy software provides DPOs, Privacy teams and Legal teams with the data privacy management tools required to manage GDPR compliance, CCPA compliance or other data privacy compliance programme, comprehensively and effectively. Designed for enterprise organisations using current, secure technologies, Proteus NextGen is often regarded as the most highly configurable and comprehensive data privacy software on the market. Covering Privacy Impact Assessments, DPIAs, Transfer Impact Assessments, data mapping, reporting (eg Records of Processing Activity reports), Subject Access Request management, breach notification, vendor management, risk assessment and even automated SCC generation to help with Schrems II compliance, plus other features you would and would not expect. With training and consultancy available to get you up and running quickly, we aim for ultimate customer satisfaction. Go to our website to request a demo www.proteuscyber.com -
40
Graphite Connect
Graphite Connect
Graphite Connect is a supplier management and procurement platform designed to help organizations streamline supplier onboarding, maintain accurate vendor data, and manage supplier relationships from a centralized system. It functions as a connected supplier network where vendors maintain a single shareable profile containing commercial information, compliance documents, and due diligence data that can be securely shared with multiple buyers. This approach eliminates repetitive onboarding forms and reduces the manual effort required to collect and validate supplier information. Graphite Connect continuously validates supplier data using automated checks that identify inconsistencies, fraud risks, compliance issues, and other data gaps that could affect procurement operations. It enables procurement teams to monitor vendor performance, manage supplier relationships, and create action plans to address compliance issues or renegotiate contracts when needed. -
41
Scytale
Scytale
Scytale is an AI-powered compliance automation platform supported by dedicated GRC experts. It streamlines more than 40 security and privacy frameworks, including SOC 2, ISO 27001, PCI DSS, GDPR, ISO 42001 and SOX ITGC. Scytale centralizes all GRC workflows, penetration testing, AI security questionnaires and Trust Center solutions, into one platform to help organizations navigate complex regulatory requirements. In 2025, Scytale was named the AWS Rising Star Partner of the Year (Technology) in EMEA, recognized for helping customers innovate and scale securely on AWS. Key capabilities include the AI GRC Agent, automated evidence collection, continuous control monitoring, vendor risk management and automated user access reviews. Scytale also provides tailored GRC expert support throughout the compliance journey. Companies of all sizes use Scytale to reduce the time and resources spent on security and compliance and to support efficient growth. -
42
SecurityStudio
SecurityStudio
Simplify your vendor risk management program to ease the burden on your company and its employees. Standardize the process to easily locate all third and fourth-party vendors and keep track of those that pose a risk to your company. Defend against any risk created by your vendors, and against lawyers, regulators and customers if a breach occurs. Unlike other vendor risk management tools on the market, SecurityStudio doesn’t simply communicate risk. Through an easy-to-use automated workflow, SecurityStudio evaluates all third-party vendors and brings your weakest links to the surface. Then you have the power to accept, avoid or request remediation of each vendor. -
43
2ask
amundis Communications
With the intuitive questionaire generator you can create your questionnaire very quickly and easily. You can arrange the structure of the questionnaire individually, and formulate the questions and answers freely. You can also use one of our templates (e.g. customer/employee survey) and customize it according to your requirements. As soon as you begin creating your online questionnaire you will be able to view it in its final form, allowing you to test and tune it extensively. Using filters or skips, you can easily implement even complex branching logic in your questionnaire without any programming skills. In addition, single questions or entire pages can be conditionally viewed. Possible conditions include particular answers, previously assigned parameters, or specific participant data.Starting Price: €198 one-time payment -
44
Supply Chain Catalyst
Moody's Analytics
Supply Chain Catalyst, provides a 360-degree view of suppliers across financial, sustainability, reputational and operational risk factors to assist the user to analyze vulnerabilities and anticipate potential disruptions across the supply chain. It helps organizations with complex supply chains and distribution networks to make better decisions when onboarding and monitoring their suppliers, and to mitigate exposure to risk in their supply chains. Powered by the award-winning Orbis database, Supply Chain Catalyst helps organizations to focus on specific risk factors such as financial deterioration, reputational risks, and exposure to major climate events, as well as enterprise-wide risk. It allows firms to combine their own knowledge of suppliers with our extensive company information, robust risk metrics, and extensive analytical tools. -
45
Avetta
Avetta
Avetta connects the world's leading organizations with qualified suppliers, contractors and vendors. Avetta’s expertise is contractor management services. When you hire a contractor, you want to know they have the qualifications you need—the experience, the workforce, the certifications. With Avetta’s software you can find all the information you need to manage your supply chain in one central, customizable location, instead of having to gather it from several departments. Prequalifying suppliers is an important first step to managing supply chain risk. But collecting all the right documentation, verifying the data, and managing the process for a large number of suppliers is both complicated and costly. When you work with Avetta, our team of professionals does all the heavy lifting. We’ll streamline your qualification process, saving you time and money. -
46
Perimeter
Perimeter
Our Mission Is Simple: Deliver painless, real-time vendor risk management through one integrated platform - from onboarding to assessment to continuous monitoring. We give teams the tools they need to automate assessments, validate vendor responses, monitor risk continuously, and respond to issues before they escalate - all without adding headcount, complexity, or overhead. We were founded to fix the inefficiencies and blind spots plaguing traditional VRM programs - programs that are too slow to scale, too manual to trust, and too fragmented to protect against real-world threats. -
47
GRMS
GRMS | Global Risk Management Solutions
Leveraging an advanced technology platform, GRMS is a risk assessment service that provides customizable Supplier Risk Assessment Programs. GRMS offers companies the ability to proactively manage and continuously monitor suppliers. GRMS is different than data only providers like D&B, Thomson Reuters, and others that just provide raw data. GRMS’ services include the validation of data, physical review of documents and a support system that assists suppliers to obtain compliance with a client’s unique risk assessment requirements. Available in over 120 countries, GRMS’ Supplier Risk Assessment Programs can be delivered via a SaaS model or seamlessly integrated with leading Supplier Management Platforms. Risk assessment services can include: Financial Stability, Cyber Security, Digital Insurance Verification, Document Verification, Reputational Protection, Social Responsibility, Regulatory Compliance, and Health and Safety. -
48
D&B Onboard
Dun & Bradstreet
Deliver on your internal policies and processes. Minimize regulatory and reputational risks and start working with clients more quickly. Define the purpose of your check: this applies to any new customer or supplier. Identify the company or person you want to audit. Compliance-related information such as sanction lists, media sources and PEP lists becomes available. Add your notes - eg categorization and surveillance reminders. Each run is filed and fully traceable to the employees who handled the process. The runs can then be followed up regularly to secure and automate the department’s processes. Search the data and add your own notes in the system. Keep a dated and timestamped record of the search for compliance purposes. Make faster compliant decisions because you really know your customers. -
49
Wolfia
Wolfia
Wolfia is an AI-powered knowledge and response platform built to help sales, security, and support teams answer customer questions faster and more accurately. Wolfia centralizes company knowledge by connecting to internal documents, past RFPs, security questionnaires, policies, wikis, and team conversations, then uses AI to generate clear, consistent, and cited answers on demand. Designed for high-stakes workflows like sales cycles, compliance reviews, and customer due diligence, Wolfia reduces repetitive manual work, minimizes errors, and ensures teams always respond with up-to-date, approved information. By turning fragmented knowledge into a single, continuously improving source of truth, Wolfia helps organizations move deals forward faster while maintaining trust, accuracy, and control. -
50
Ostendio
Ostendio
Ostendio is the only integrated security and risk management platform that leverages the strength of your greatest asset. Your people. Ostendio delivers an easy-to-use, cost-effective platform that allows you to assess risk, create and manage critical policies and procedures, educate and empower your people to be secure with security awareness training, and monitor continuous compliance across 250+ security frameworks. With deep customization, advanced intelligence, and flexible controls, you’re always audit-ready, always secure, and always able to take on what’s next. For more information about Ostendio, visit ostendio.com.
