The UpGuard CyberRisk Engine monitors millions of vendors' external risk posture on a daily basis. This guide outlines how to find your vendors and begin monitoring them.
The UpGuard CyberRisk Engine scans millions of internet domains on a daily basis and automatically assigns each to the vendor that owns or manages the domain. This guide outlines how to view the external risk posture of a particular vendor by showing how to locate the correct vendor and then deciding between generating a one-off instant report, or continuously monitoring the vendor.
Locating a Vendor
To begin locating a vendor, navigate to the Monitored Vendors section under the Vendor Risk module.
This will display a list of vendors you are already monitoring and provide you with the usage status and a link to any instant reports you have already generated. Below the status bar, locate the search bar asking you to Search for vendors or type a URL.
Searching for a particular vendor by name will provide search results, both with any vendors you are already monitoring but also below that, any vendors that match your search in our wider vendor database. The main website for a vendor is listed to help you identify the correct vendor. For example, here we have searched for “BBC” and we want to make sure we are selecting the broadcasting corporation and not Big Bob’s corner store.
Clicking on a vendor’s name in the bottom set of search results will provide you with an option to either monitor the vendor or generate an instant report. For more information on how to decide, please view our section on Instant Report vs. Monitoring below.
If you can’t find the vendor you are looking for, but know their primary domain, then you can also type that domain into the search bar and then press Enter or click View Profile for this URL. Here we are searching for another broadcasting corporation by their known primary domain name.
Instant Report vs. Monitoring
Once you’ve located a particular vendor you can choose to either generate an Instant Vendor Report or to Monitor Vendor. The number of remaining instant reports or vendor monitoring slots is also displayed on this page.
An Instant Report allows you to view the external risks of a particular vendor for 30 days. You can go back and view this vendor’s instant report at any time via the Instant Reports Available link at the top of the Monitored Vendors page. You may choose to generate instant reports for vendors if you are considering or comparing potential vendors.
By monitoring a vendor, you can access additional functionality associated with that vendor. For example, you must be monitoring a vendor to request them to remediate any identified risks on their profile, or to send them a Security Questionnaire to complete. Notifications around vendor scores, vendor domains or vendor risks also only apply to vendors that are currently being monitored.