Move from manual to automated risk management
Start to scale your third-party risk program
Strengthen governance and oversight across your ecosystem
Orchestrate risk management across complex ecosystems
| Feature | Standard
$1,750 /mo, billed annually | Professional Contact sales | Corporate Contact sales | Enterprise Contact sales | Enterprise+ Contact sales |
|---|---|---|---|---|---|
| Vendor Monitoring Slots Continuously monitor vendors for security changes, rating drops, and new risks that could impact your business | 50 | 150 | 500 | Unlimited | Unlimited |
| Vendor Snapshots Generate an instant security rating and risk overview for a vendor, without long-term monitoring commitments | Not included | 10 | 25 | Unlimited | Unlimited |
| Platform Users (Admin/General) Tailor access for your team to protect sensitive information | 6 | 6 | 10 | 30 | Unlimited |
| Platform Users (Read-only) View-only access for executives and stakeholders who need visibility without edit permissions | Unlimited | Unlimited | Unlimited | Unlimited | Unlimited |
| Role-Based Access Control who can view, edit, and manage specific data across your vendor risk program | Not included | Included | Included | Included | Included |
| Audit Log Maintain a complete record of user activity to support audits and demonstrate oversight | Not included | Included | Included | Included | Included |
| SSO Enable secure, enterprise-grade access through your existing identity provider (e.g., Microsoft Azure, Okta, Ping Identity) | Included | Included | Included | Included | Included |
| API Access Integrate vendor risk data into other internal systems for downstream reporting and workflows | Included | Included | Included | Included | Included |
| News & Incidents Receive instant alerts when vendors experience breaches or major security events that change their risk profile | Included | Included | Included | Included | Included |
| Vendor Summary Centralize tiers, tags, portfolios, and custom attributes to organize your vendor inventory—making filtering, reporting, and program oversight effortless. | Included | Included | Included | Included | Included |
| Onboarding Questionnaire Capture critical vendor relationship context to properly tier vendors and scope assessments | Included | Included | Included | Included | Included |
| Questionnaire Builder Create tailored security questionnaires aligned to your internal standards that automate risk discovery - so you can spend time remediating risk instead of reading responses. | Included | Included | Included | Included | Included |
| Questionnaire Library Accelerate assessments with pre-built questionnaires aligned to leading security frameworks | Included | Included | Included | Included | Included |
| Traditional Risk Assessment Workflows Run structured, repeatable vendor risk assessments with consistent scoring and defensible outcomes | Included | Included | Included | Included | Included |
| Security Profile See how a vendor's controls stack up against UpGuard standards and frameworks like ISO 27001 or NIST CSF -- using AI document parsing to deliver rapid, structured assessments. | Included | Included | Included | Included | Included |
| Instant Risk Assessments | Included | Included | Included | Included | Included |
| Risk & Remediation Management Track identified risks and manage vendor remediation through to resolution with guided workflows and advice | Included | Included | Included | Included | Included |
| Vulnerability Management Prioritize fixes based on exploitability. Identify misconfigurations and prioritize remediation with vendors. | Included | Included | Included | Included | Included |
| Additional Evidence/Documents Store and manage supporting documents and compliance evidence in one centralized location | Included | Included | Included | Included | Included |
| Recurring Reports Automatically deliver executive-ready vendor risk reports on a scheduled basis | Included | Included | Included | Included | Included |
| Fourth Parties Gain visibility into subcontractors and extended supply chain dependencies to eliminate concentration risk | Not included | Not included | Included | Included | Included |
| Onboarding Portal Strengthen intake governance with a structured onboarding workflow that connects business requests to InfoSec from day one - bringing clarity and speed to every assessment request | Not included | Included | Included | Included | Included |
| Custom Notifications Stay ahead of risk with configurable alerts for rating changes, new findings, and critical vendor events. | Included | Included | Included | Included | Included |
| Templates & Automation | Not included | Included | Included | Included | Included |
| Custom Co-branding Deliver vendor communications and reports with your branding to reinforce trust. | Not included | Included | Included | Included | Included |
| Multi-Org Accounts Manage multiple business units or subsidiaries within a single platform environment | Not included | Not included | Not included | Not included | 3 Organizations |
| Ticket-Only Support Access our world-class customer support team through standard ticketing for expert guidance and reliable issue resolution. | Not included | Not included | Not included | Not included | Not included |
| Standard Support Priority access to our world-class support team with defined response times to keep your program moving. | Included | Included | Included | Not included | Not included |
| Premium Assurance (Enterprise Support) White-glove enterprise support with accelerated SLAs and dedicated guidance from our expert team for mission-critical programs. | Not included | Not included | Not included | Included (data residency additional cost) | Included (data residency additional cost) |
Experience superior visibility and a simpler approach to cyber risk management