-
“We’re stewards of public funds, When we choose a vendor, we need to justify that decision. Now, if anyone questions why we selected a particular provider, we can point to an independent, third-party assessment. That transparency is crucial.”
-
"Our vendor security risk assessments are now a well-oiled machine from where we started using UpGuard."
-
"Our complicated environment requires attention to detail when reviewing security risks. We have many cloud-first vendors so the UpGuard platform allows us to be granular and gives us an interesting layered insight on our supply chain that could have a critical impact on our operation. As a telecommunications company providing …
-
"UpGuard was able to give us insight immediately into our online profile and identify our cyber risk."
-
"UpGuard to quickly assess the security profile of new company acquisitions to determine their impact on the company’s own security posture. The CIO notes that with so many third-party vendors to manage, immediate security score feedback is instrumental in providing accurate risk assessment."
-
"UpGuard catches things that penetration testing misses and helps Xinja automate our vendor risk management processes."
-
“If they had a potential accounting impact, then we would insist on a SOC 1, Type 2 or SOC 2, Type 2. If they did not have an accounting impact, we had a phone call or sent a questionnaire.”
-
“I take a deep dive into the technical features to help the vendor when I send a remediation request.”
-
“I look at the newsfeed to see if any companies we do business with have had a cybersecurity incident.”
-
"Having an automated way to look at the attack surface is a great way to flag things like unmanned pages or EOL apps. It’s a low-hanging fruit to improve our security."
-
“We knew no one tool would be a silver bullet, but we were looking for a solution that met the majority of our requirements without too much extra customization. When we compared the tools, UpGuard came out on top.”
-
"Open-Xchange uses a vulnerability scanner across the organization’s internal and external attack surfaces. While the scanner provides in-depth coverage, it doesn’t have asset discovery capabilities. It can only monitor what we know. It doesn’t have a perfect register of where every IT asset is, especially as we use dozens of …
-
“Our previous vendor assessment process required a significant amount of time and also lacked the capability to identify specific types of risks that may be present across our supply chain.”
-
"Vendor Risk helps us manage vendor security performance across a diverse client base. It’s easy to use, and the vendor security questionnaire module helps us track workflows, surface security and prioritise specific risks for remediation."
-
“We used UpGuard because it was an easily-delegated, easily-deployed product which did what we needed it to do."