“In terms of pure security improvement across our company, we now complete hundreds of maintenance tickets, which is a massive advancement we couldn’t have achieved without UpGuard. We previously wouldn’t have detected at least 10% of those tickets, so UpGuard has enabled us to work faster by detecting issues quickly …

"UpGuard provides an outsider's view of how an organization is doing in terms of vendor risk with the ever-increasing susceptibility of a cyberattack."

“UpGuard’s Cyber Risk scoring helps us understand which of our vendors are most likely to breach so we can take action now, before something happens."

"Our complicated environment requires attention to detail when reviewing security risks. We have many cloud-first vendors so the UpGuard platform allows us to be granular and gives us an interesting layered insight on our supply chain that could have a critical impact on our operation. As a telecommunications company providing …

“We had basic questions regarding business processes and security controls, but wanted to go deeper to provide high-level reporting that provided clarity into the vendor.”

"Before UpGuard, our vendor risk management activities were less effective and comprehensive, even began after a vendor was onboarded. Now it's easy to monitor them via the dashboard, and it starts before they even sign the agreement."

"Before UpGuard, conducting proper research for each vendor would eat up a lot of time – Does it comply with our requirements? Where is their data located? Do they have privacy policies."

“We had no way of determining the overall maturity of a vendor. So we had no way of estimating and comparing security maturity between vendors when going to tender.”

"If a vendor score drops below 600, we know there is a security issue with that vendor and we work with them to remediate that."

“We have set up notifications with UpGuard, such that if a vendor drops by 5 points, we reach out to the vendor in order to fix those security issues. These are usually issues such as SSL certificates expiring or DNS issues.”

“The UpGuard user experience was much nicer than other platforms and easier to use, while other platforms felt more outdated and not as friendly.”

"Having an automated way to look at the attack surface is a great way to flag things like unmanned pages or EOL apps. It’s a low-hanging fruit to improve our security."

"We now have an automated, robust process for validating that planned changes are made correctly. That reduces regulatory and operational risk, lowers costs, and allows us to drive continuous improvement."

"We can now get comprehensive vulnerability reports, tied directly to specific CIs. Because of this, we’ll also be able to drive end-to-end remediation processes within ServiceNow, and tie this directly back into other areas such as GRC.”

“Third-party assessments could take up to 20-80 hours per vendor. With hundreds of vendors, it would take a team of two a full year to assess them all.”