UpGuard CyberRisk allows you to monitor and control third-party vendor risk and improve your own external cyber risk posture. The platform comprises of two main modules: UpGuard BreachSight focuses on your external risk posture and VendorRisk manages the risk posture of your vendors.
The CyberRisk Dashboard provides a high-level summary of all risks and CSR scores across your own assets and the risk posture detected for your vendors.
The Notifications section shows any outstanding items that you have asked to be notified about. We provide a default set of notification types, but you can also configure your own notifications. For more information, please view our guide on Notifications.
The Vendor Breakdown section shows a breakdown of the overall scores of all vendors you are currently monitoring.
Your Score provides a single place to view your overall CSR score, which combines all risk scoring detected with your external assets as well as any technical and questionnaire based risks identified with your in-use vendors. The score change indicator shows how much your score has varied between 30 days ago and now. The chart also shows a daily increment of how your overall score has trended over that 30 day period.
The Risk Profile section summarizes all identified risks for you and your in-use vendors. Your current overall score along with our overall score’s history over the last 30 days are shown at the top. You can optionally compare your score’s historical performance with the average CSR score of vendors we have profiled and identified to be in the same industry as you. Your identified technical risks and any risky vendors are summarized and categorized below.
Risk categories are sorted by severity, with critical severity items at the top. Categories with no identified risks are listed at the bottom. Each category section can be expanded to the specific risks that contribute to a category and each risk can be further expanded to show the domains or vendors that are identified with that risk.
BreachSight focuses on your external risk posture. It reveals technical risks from all of your Internet domains as email address identity exposures from domains under your organization’s control. If you have purchased one of our Data Exposures extension modules you can also review analyst results for potential data leaks.
For more information, please visit What is BreachSight?.
Vendor Risk focuses on the vendors you currently have in your supply chain, but also allows you to generate instant risk reports for potential vendors. Vendor Risk collects reports on the technical risk posture of your vendors, allows you to request completion of security questionnaires and manages the remediation of technical and questionnaire risks directly with the vendor.
For more information, please visit What is Vendor Risk?