Cyber Risk Rating Software

SecurityScorecard enables users to view and continuously monitor security ratings, easily add vendors or partner organizations, and report on the cyberhealth of their ecosystems. The platform automatically generates a recommended action plan for issue remediation in order to achieve a “target” letter grade for customers and their vendor and partner organizations. It also provides access to breach insights and shows a clear record of issues that have impacted scores over time. Additional collaboration tools help enterprises better manage cyber security and ensure continuous compliance with regulatory standards and frameworks.

Bitsight Third-Party Risk Management empowers risk leaders to manage their digital ecosystem from start to finish. Accelerate vendor assessments. Continuously monitor and uncover blind spots across your digital ecosystem. Take action on exposure swiftly and confidently.

iTrust provides cybersecurity risk ratings and risk intelligence to help businesses build trusted relationships with their vendors, partners, and suppliers. iTrust collects and analyzes third-party risk metrics using machine learning to deliver 360° vendor security and compliance visibility. iTrust is designed to be the world’s most intelligent cyber risk rating and threat intelligence platform.

Knowing your Cyber Risk Score gives you the information necessary to protect your business from cyberattacks and increases your awareness of third-party risks. Cyber Risk Scorecards allow you to monitor your own cyber risks as well as the cyber hygiene of your entire vendor ecosystem. With easy-to-understand letter-grade scores, you will have a clear view of your security posture, understand how you compare against your competitors and know your status on relevant compliance standards and regulations.

RiskRecon provides a SaaS platform that helps organizations more effectively manage the risk reality of increasingly interconnected IT ecosystems by delivering frequent, comprehensive and actionable security performance measurements. Using proprietary data gathering techniques, RiskRecon creates a 360-degree risk profile of an enterprise's public IT footprint. Based on that footprint and a detailed analysis, a RiskRecon rating and report is generated providing detailed, actionable information with context. No additional analysis is required.

Guidewire has developed a scenario designed to estimate the origin of losses due to a mass business interruption following a ransomware event. This advancement in our latest risk model—version 4—expands the parameters of risk evaluation to enable a more comprehensive view of cyber risk exposure. Insurers can improve their portfolio exposure management, set appropriate limits, and gain the confidence to adapt and succeed in the rapidly evolving world of cyber risk.

Panorays automates third party security management. The platform enables companies to easily view, manage and engage on the security posture of their third-parties, vendors, suppliers, and business partners. With the Panorays platform, companies dramatically shorten their third-party security evaluation process and gain continuous visibility while ensuring compliance to regulations such as GDPR and NY DFS. Panorays is a SaaS-based platform, no installation needed.

Vendor Risk Assessments to Ensure Compliance and Reduce Security Exposures. Delivered as part of the industry’s only purpose-built, unified platform for third-party risk management, the cloud-based Prevalent Vendor Assessment Service helps IT security, privacy, and risk management professionals determine vendor compliance with IT security and data privacy requirements to reduce vendor risk.

Control third-party risk and improve your security posture. Monitor and rate your vendor security performance. Automate your security questionnaires.

Corax is the leading and largest source of cyber exposure data and predicted loss costs of breach and network outage events. Corax’s rich data foundation is created through expert selection, ingestion and analysis of third party datasets, including threat intelligence, internet performance data and loss data, and using proprietary automated discovery tools that identify detailed characteristics of the technology and security environment of individual companies and their interconnections with other companies.