# Best Enterprise Vendor Security and Privacy Assessment Software *By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)* Products classified in the overall Vendor Security and Privacy Assessment category are similar in many regards and help companies of all sizes solve their business problems. However, enterprise business features, pricing, setup, and installation differ from businesses of other sizes, which is why we match buyers to the right Enterprise Business Vendor Security and Privacy Assessment to fit their needs. Compare product ratings based on reviews from enterprise users or connect with one of G2's buying advisors to find the right solutions within the Enterprise Business Vendor Security and Privacy Assessment category. In addition to qualifying for inclusion in the Vendor Security and Privacy Assessment Software category, to qualify for inclusion in the Enterprise Business Vendor Security and Privacy Assessment Software category, a product must have at least 10 reviews left by a reviewer from an enterprise business. ## How Many Vendor Security and Privacy Assessment Software Products Does G2 Track? **Total Products under this Category:** 126 ### Category Stats (May 2026) - **Average Rating**: 4.58/5 (↓0.01 vs Apr 2026) - **New Reviews This Quarter**: 96 - **Buyer Segments**: Mid-Market 43% │ Small-Business 39% │ Enterprise 18% - **Top Trending Product**: Copla (+0.018) *Last updated: May 18, 2026* ## How Does G2 Rank Vendor Security and Privacy Assessment Software Products? **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 15,100+ Authentic Reviews - 126+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. --- **Sponsored** ### Perimeter Painless end-to-end VRM: Perimeter covers the full VRM lifecycle for your entire vendor universe while cutting manual effort more than 80%. Unlimited scalability: Perimeter makes it easy to scale your VRM program to any number of vendors without hiring dozens of new roles. Fully customizable and branded for your organization: All assessments, logic, design, and language is fully customizable to your needs, processes, and brand. Bi-directional APIs and pre-configured templates: Works straight out of the box with pre-built templates while enabling the flexibility to easily customize assessments, workflows and processes to accommodate nuanced risk management as needed. Secure document sharing and storage: Perimeter makes scaling VRM easy with secure, centralized document management. Data hosted according to regulatory requirements. Onboarding, training, and support are all included in the price. Built to Eliminate the Pain
of Vendor Risk Management. Our Mission Is Simple: deliver painless, real-time vendor risk management through one integrated platform - from onboarding to assessment to continuous monitoring. We give teams the tools they need to automate assessments, validate vendor responses, continuously monitor their attack surfaces, and respond to issues before they escalate - all without adding headcount, complexity, or overhead. We were founded to fix the inefficiencies and blind spots plaguing traditional VRM programs - programs that are too slow to scale, too manual to trust, and too fragmented to protect against real-world threats. Fully integrated assessment, continuous monitoring and AI data extraction platform. Don’t just trust vendor attestations - validate them in real time. Up and running in under a week - no implementation partner needed. Cut manual work by 80% - and still improve your coverage. Easily customizable assessments, workflows and processes to accommodate nuanced risk management needs. See vendor risk as it happens - including early breach notifications. AI with guardrails - built for risk professionals. Built for Speed, Scale, and Simplicity. [Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&secure%5Bad_slot%5D=category_product_list&secure%5Bcategory_id%5D=2445&secure%5Bdisplayable_resource_id%5D=2445&secure%5Bdisplayable_resource_type%5D=Category&secure%5Bmedium%5D=sponsored&secure%5Bplacement_reason%5D=page_category&secure%5Bplacement_resource_ids%5D%5B%5D=2445&secure%5Bprioritized%5D=false&secure%5Bproduct_id%5D=73524&secure%5Bresource_id%5D=2445&secure%5Bresource_type%5D=Category&secure%5Bsource_type%5D=category_page&secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fvendor-security-and-privacy-assessment&secure%5Btoken%5D=2adc02dcb7398a92db5756729973fbb462c8da623943573be59327342ec14511&secure%5Burl%5D=https%3A%2F%2Fperimeter.net%2Fwho-we-help%2F%3Futm_source%3DG2%26utm_medium%3Dplacements%26utm_campaign%3DVendor%2BSecurity%2Band%2BPrivacy%2BAssessment&secure%5Burl_type%5D=custom_url) --- ## What Are the Top-Rated Vendor Security and Privacy Assessment Software Products in 2026? ### 1. [Vendor Risk](https://www.g2.com/products/vendor-risk/reviews) UpGuard Vendor Risk is an AI-powered third-party cyber risk management (TPCRM) solution that empowers security teams to eliminate the response gap and take control of their vendor ecosystem. As part of the UpGuard Cyber Risk Posture Management (CRPM) platform, it integrates seamlessly with Breach Risk and User Risk to provide a unified defense against modern cyber threats. As organizations scale, their reliance on third-party vendors expands, creating dangerous blind spots across their supply chain. Traditional assessment methods often rely on point-in-time questionnaires, leaving teams vulnerable to hidden control gaps and unmonitored shifts in a vendor's security posture. Vendor Risk solves this by combining continuous monitoring, AI-powered document analysis, and security questionnaire automation into a single, scalable platform. Key Capabilities: • Continuous Monitoring & Security Ratings: Get a complete picture of your vendor ecosystem. Vendor Risk proactively monitors all your vendors with daily scanning and objective, industry-leading security ratings. Continuous monitoring ensures you are instantly alerted to critical shifts in a vendor's security posture, even between assessments. • AI-Powered Vendor Assessments: Double your assessment speed. UpGuard AI instantly analyzes vendor documentation to uncover control gaps and risks in minutes. It gives you a clear view of which controls are met or failed, the exact risks present, and the actionable remediation steps required—meaning far less evidence chasing. • Security Questionnaire Automation: Move beyond manual spreadsheets. Leverage automation and a complete library of pre-configured questionnaires—including NIST, ISO, SIG, and regional regulations like DORA—to quickly fill any information gaps. Centralized intelligence consolidates vendor communications, cutting manual assessment work by up to 90%. • Reporting & Program Oversight: Scale without limits. Generate accurate, point-in-time risk assessment reports in under a minute using UpGuard AI. With intuitive, one-click reporting, security teams can easily communicate current risks and compliance status to stakeholders like the board or C-Suite. By translating complex third-party risks into objective, quantifiable Security Ratings, UpGuard Vendor Risk enables security leaders to benchmark vendor performance, accelerate onboarding workflows, and confidently prove supply chain risk reduction to the board. **Average Rating:** 4.5/5.0 **Total Reviews:** 704 **How Do G2 Users Rate Vendor Risk?** - **Ease of Admin:** 9.1/10 (Category avg: 9.0/10) - **Risk Scoring:** 8.8/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 8.6/10 (Category avg: 8.6/10) - **4th Party Assessments:** 7.9/10 (Category avg: 7.9/10) **Who Is the Company Behind Vendor Risk?** - **Seller:** [UpGuard](https://www.g2.com/sellers/upguard) - **Company Website:** https://upguard.com - **Year Founded:** 2012 - **HQ Location:** Mountain View, California - **Twitter:** @UpGuard (8,713 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/upguard/ (322 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** CISO, Security Analyst - **Top Industries:** Financial Services, Information Technology and Services - **Company Size:** 47% Enterprise, 39% Mid-Market #### What Are Vendor Risk's Pros and Cons? **Pros:** - Ease of Use (267 reviews) - Security (151 reviews) - Risk Management (140 reviews) - Time-saving (111 reviews) - Customer Support (109 reviews) **Cons:** - Lack of Clarity (56 reviews) - Expensive (38 reviews) - Limited Functionality (36 reviews) - Improvement Needed (28 reviews) - Limited Customization (27 reviews) ### 2. [Bitsight](https://www.g2.com/products/bitsight/reviews) Bitsight is the global leader in cyber risk intelligence, leveraging advanced AI to empower organizations with precise insights derived from the industry’s most extensive external cybersecurity dataset. With more than 3,500 customers and over 68,000 organizations active on its platform, Bitsight delivers real-time visibility into cyber risk and threat exposure, enabling teams to rapidly identify vulnerabilities, detect emerging threats, prioritize remediation, and mitigate risks across their extended attack surface. Bitsight proactively uncovers security gaps across infrastructure, cloud environments, digital identities, and third- and fourth-party ecosystems. From security operations and governance teams to executive boardrooms, Bitsight provides the unified intelligence backbone required to confidently manage cyber risk and address exposures before they impact performance. **Average Rating:** 4.5/5.0 **Total Reviews:** 76 **How Do G2 Users Rate Bitsight?** - **Ease of Admin:** 8.8/10 (Category avg: 9.0/10) - **Risk Scoring:** 8.7/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 7.6/10 (Category avg: 8.6/10) - **4th Party Assessments:** 7.7/10 (Category avg: 7.9/10) **Who Is the Company Behind Bitsight?** - **Seller:** [Bitsight](https://www.g2.com/sellers/bitsight) - **Company Website:** https://www.bitsight.com/ - **Year Founded:** 2011 - **HQ Location:** Boston, MA - **Twitter:** @BitSight (4,502 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/bitsight/ (740 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Hospital & Health Care - **Company Size:** 71% Enterprise, 24% Mid-Market #### What Are Bitsight's Pros and Cons? **Pros:** - Security (15 reviews) - Risk Management (14 reviews) - Ease of Use (13 reviews) - Features (11 reviews) - Customer Support (9 reviews) **Cons:** - Missing Features (6 reviews) - Lack of Clarity (5 reviews) - Poor Notifications (4 reviews) - Slow Performance (4 reviews) - Delay Issues (3 reviews) ### 3. [Responsive, formerly RFPIO](https://www.g2.com/products/responsive-formerly-rfpio/reviews) Responsive is the global leader in strategic response management software, transforming how organizations share and exchange critical information. Our commitment to product innovation and customer success empowers companies to accelerate growth, mitigate risk and improve the employee experience by leveraging intelligent technologies to quickly and accurately manage RFPs, RFIs, security questionnaires (VSQs), due diligence questionnaires (DDQs), risk assessments and all other complex information requests (RFXs). With Responsive, frontline teams deliver superior responses by automating the completion of questionnaires, documents and spreadsheets while collaborating with stakeholders, improving processes with data insights, and quickly accessing approved content across popular business applications. **Average Rating:** 4.5/5.0 **Total Reviews:** 1,275 **How Do G2 Users Rate Responsive, formerly RFPIO?** - **Ease of Admin:** 8.7/10 (Category avg: 9.0/10) - **Risk Scoring:** 7.1/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 7.7/10 (Category avg: 8.6/10) - **4th Party Assessments:** 6.6/10 (Category avg: 7.9/10) **Who Is the Company Behind Responsive, formerly RFPIO?** - **Seller:** [Responsive](https://www.g2.com/sellers/responsive) - **Company Website:** https://www.responsive.io/ - **Year Founded:** 2016 - **HQ Location:** Frisco, Texas - **Twitter:** @responsiveio (1,735 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/responsiveio (708 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Proposal Manager, Proposal Writer - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 48% Mid-Market, 39% Enterprise #### What Are Responsive, formerly RFPIO's Pros and Cons? **Pros:** - Ease of Use (150 reviews) - Features (117 reviews) - Time-saving (87 reviews) - Efficiency (86 reviews) - Team Collaboration (77 reviews) **Cons:** - Learning Curve (34 reviews) - Not Intuitive (33 reviews) - Inaccurate Responses (27 reviews) - Non-Intuitive Features (27 reviews) - Missing Features (23 reviews) ### 4. [Securiti](https://www.g2.com/products/securiti/reviews) Securiti is the pioneer of the DataAI Command Center, a centralized platform that enables the safe use of data and GenAI. It provides unified data intelligence, controls and orchestration across hybrid multicloud environments. Large global enterprises rely on Securiti's Data Command Center for data security, privacy, governance, and compliance. Securiti has been recognized with numerous industry and analyst awards, including "Most Innovative Startup" by RSA, "Top 25 Machine Learning Startups" by Forbes, "Most Innovative AI Companies'' by CB Insights, "Cool Vendor in Data Security" by Gartner, and "Privacy Management Wave Leader'' by Forrester. For more information, please follow us on LinkedIn and visit Securiti.ai. **Average Rating:** 4.7/5.0 **Total Reviews:** 86 **How Do G2 Users Rate Securiti?** - **Ease of Admin:** 8.9/10 (Category avg: 9.0/10) - **Risk Scoring:** 9.8/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 9.2/10 (Category avg: 8.6/10) - **4th Party Assessments:** 9.8/10 (Category avg: 7.9/10) **Who Is the Company Behind Securiti?** - **Seller:** [Veeam](https://www.g2.com/sellers/veeam) - **Company Website:** https://www.veeam.com - **Year Founded:** 2006 - **HQ Location:** Columbus, OH - **Twitter:** @veeam (51,575 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/veeam-software/ (7,230 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software, Retail - **Company Size:** 65% Enterprise, 14% Mid-Market #### What Are Securiti's Pros and Cons? **Pros:** - Ease of Use (38 reviews) - Customer Support (26 reviews) - Features (21 reviews) - Helpful (20 reviews) - Problem Solving (20 reviews) **Cons:** - Complexity (11 reviews) - Learning Curve (10 reviews) - Implementation Issues (9 reviews) - Complexity Issues (8 reviews) - Learning Difficulty (8 reviews) ### 5. [Loopio](https://www.g2.com/products/loopio/reviews) Loopio is the most highly-trusted response management software, helping enterprise businesses supercharge and scale their response process for RFPs, RFIs, Security Questionnaires, and more. Loopio streamlines manual and time-consuming processes through: Confident Answers: Our AI-powered library connects to preferred content sources, enabling teams to craft tailored responses, populate trustworthy answers, and ensure accuracy across every proposal. Effortless Projects: AI-driven automation helps teams seamlessly import and export complex document formats, track high-volume proposal pipelines, and respond to portal-based RFPs with ease. Seamless Collaboration: Our vast integrations break down departmental silos, allowing responders to engage with SMEs, centralize multi-stakeholder feedback, and deliver vetted content—all within an existing tech stack. Strategic Insights: Loopio transforms the response process into a data-driven operation by providing the visibility needed to monitor content health, identify winning trends, and measure business impact. At the heart of our enterprise RFP platform is Response Intelligence™, Loopio’s proprietary machine learning technology. It surfaces insights and makes recommendations in the response process to help responders work smarter and create winning proposals, making it the easiest RFP response solution to use on the market. The proof is in the numbers. Loopio customers experience: ■ 51% more RFP responses completed ■ 42% in time savings ■ And 85% win more business Loopio’s RFP software is trusted by 1,700+ leading companies to respond faster, improve response quality, and win more business. We’d love for you to be one of them. **Average Rating:** 4.6/5.0 **Total Reviews:** 802 **How Do G2 Users Rate Loopio?** - **Ease of Admin:** 9.1/10 (Category avg: 9.0/10) - **Risk Scoring:** 7.7/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 8.8/10 (Category avg: 8.6/10) - **4th Party Assessments:** 7.3/10 (Category avg: 7.9/10) **Who Is the Company Behind Loopio?** - **Seller:** [Loopio Inc.](https://www.g2.com/sellers/loopio-inc) - **Company Website:** https://www.loopio.com - **Year Founded:** 2014 - **HQ Location:** Toronto - **Twitter:** @loopioinc (1,665 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/5020707/ (300 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Proposal Manager, Bid Manager - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 51% Mid-Market, 34% Enterprise #### What Are Loopio's Pros and Cons? **Pros:** - Ease of Use (142 reviews) - Time-saving (95 reviews) - Efficiency (90 reviews) - Features (84 reviews) - Intuitive (70 reviews) **Cons:** - Missing Features (32 reviews) - Limitations (28 reviews) - Limited Features (26 reviews) - Inaccurate Responses (25 reviews) - Formatting Issues (24 reviews) ### 6. [SecurityScorecard](https://www.g2.com/products/securityscorecard/reviews) Stopping sophisticated cyberattacks requires visibility beyond your organization. Security teams need a complete understanding of their attack surface and business ecosystem risk—including partners, contractors, third- and fourth-party vendors, and supply chains. As the industry leader in security ratings, SecurityScorecard provides actionable insights for over 12 million organizations so you can quantify trustworthiness, quickly respond to cyber risks, and strengthen cyber defenses. SecurityScorecard is a security ratings, response, and resilience company. As the industry leader in security ratings, we provide actionable insights so you can make fast, informed decisions that improve your defenses. SecurityScorecard offers the world’s most comprehensive platform for quantifying and reducing risk, so you can instantly know whether an organization deserves your trust and show others that you deserve theirs. With SecurityScorecard, you can quantify trustworthiness and instantly know the cyber risk of any company worldwide, including your business, competitors, vendors, and downstream suppliers. You can strengthen cyber defenses by accessing a stream of risk intelligence that pinpoints vulnerabilities, prioritizes next steps, and clarifies remediation plans. And you can verify vendor readiness by identifying cyber-risks posed by vendors and sub-tier suppliers throughout your ecosystem– and take action to ensure their problems don’t become your problems. What we offer: Supply Chain Cyber Risk: Your supply chain consists of your third and fourth parties as well as Nth parties that are all connected to your business. Vulnerabilities and threats in your supply chain can pose risks to your business operations. With SecurityScorecard, you can significantly reduce or eliminate the risk of compromise from a vendor or business partner. Offerings include: Third-Party Cyber Risk Management, Automatic Vendor Detection, Supply Chain Risk Intelligence, and Security Questionnaires. Threat Landscape: Go outside the wire to identify threats facing your organization and your supply chain. Leverage terabytes of data and AI-driven analytics to identify the threats that put your business at risk. Offerings include: Attack Surface Intelligence, Intelligence Feeds, and Vulnerability Intelligence. Security and Risk Operations: SecurityScorecard enables companies to see what a hacker sees across their own external attack surface so they can identify threats and take action before the bad guys have a chance to exploit critical vulnerabilities. Offerings include: External Attack Surface Management and Cyber Risk Quantification. Services: A focus on expert-led continuous improvement, actionable insights, and tailored strategies positions SecurityScorecard as a trusted partner in achieving and maintaining a robust cybersecurity posture. Offerings include: Digital Forensics & Incident Response, Advisory Services, Penetration Testing, Red Team, and Tabletop Exercises. MAX: SecurityScorecard MAX is a technology-enabled supply chain cyber risk managed service. Organizations leverage SecurityScorecard's technology, expertise, and partner ecosystem to minimize supply chain risk and gain tangible business outcomes. **Average Rating:** 4.3/5.0 **Total Reviews:** 87 **How Do G2 Users Rate SecurityScorecard?** - **Ease of Admin:** 8.7/10 (Category avg: 9.0/10) - **Risk Scoring:** 8.6/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 7.7/10 (Category avg: 8.6/10) - **4th Party Assessments:** 7.7/10 (Category avg: 7.9/10) **Who Is the Company Behind SecurityScorecard?** - **Seller:** [SecurityScorecard](https://www.g2.com/sellers/securityscorecard) - **Company Website:** https://securityscorecard.com - **Year Founded:** 2013 - **HQ Location:** New York, New York - **Twitter:** @security_score (8,146 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/5054644/ (615 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 47% Enterprise, 36% Mid-Market #### What Are SecurityScorecard's Pros and Cons? **Pros:** - Security (24 reviews) - Ease of Use (17 reviews) - Insights (10 reviews) - Customer Support (9 reviews) - Intuitive (8 reviews) **Cons:** - Lack of Clarity (4 reviews) - Limited Reporting (4 reviews) - Scoring Issues (4 reviews) - Improvement Needed (3 reviews) - Inefficient Risk Management (3 reviews) ### 7. [OneTrust Privacy Automation](https://www.g2.com/products/onetrust-privacy-automation/reviews) OneTrust’s mission is to enable the responsible use of data and AI. Our platform simplifies the collection of data with consent and preferences, automates the governance of data with integrated risk management across privacy, security, IT/tech, third-party, and AI risk, and activates the responsible use of data by applying and enforcing data policies across the entire data estate and lifecycle. The Privacy Automation solution simplifies compliance, automates privacy operations and mitigates risk. Our tools include: -A real-time view of your compliance posture -Evergreen data and activity map -Data subject request automation -Privacy and AI risk workflows OneTrust supports seamless collaboration between data teams and risk teams to drive rapid and trusted innovation. Recognized as a market pioneer and leader, OneTrust boasts over 300 patents and serves more than 14,000 customers globally, ranging from industry giants to small businesses. For more information, visit www.onetrust.com. **Average Rating:** 4.3/5.0 **Total Reviews:** 143 **How Do G2 Users Rate OneTrust Privacy Automation?** - **Ease of Admin:** 8.4/10 (Category avg: 9.0/10) - **Risk Scoring:** 8.4/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 9.0/10 (Category avg: 8.6/10) - **4th Party Assessments:** 8.1/10 (Category avg: 7.9/10) **Who Is the Company Behind OneTrust Privacy Automation?** - **Seller:** [OneTrust](https://www.g2.com/sellers/onetrust) - **Company Website:** https://www.onetrust.com/ - **Year Founded:** 2016 - **HQ Location:** Atlanta, Georgia - **Twitter:** @OneTrust (6,562 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/10795459/ (2,489 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Data Protection Officer - **Top Industries:** Information Technology and Services, Financial Services - **Company Size:** 46% Enterprise, 40% Mid-Market #### What Are OneTrust Privacy Automation's Pros and Cons? **Pros:** - Ease of Use (7 reviews) - Data Protection (5 reviews) - Problem Solving (5 reviews) - Compliance (4 reviews) - Regulatory Compliance (4 reviews) **Cons:** - Learning Difficulty (5 reviews) - Complexity (4 reviews) - Complexity Issues (4 reviews) - Learning Curve (4 reviews) - Complex Implementation (3 reviews) ### 8. [Apptega](https://www.g2.com/products/apptega/reviews) Tired of spreadsheets that don’t scale and require too much manual effort? Hampered by overly complex IT GRC systems that have you working for them? Apptega is the cybersecurity and compliance management platform that makes it easy to assess, build, manage, and report your cybersecurity and compliance program. Organizations in all industries and MSSPs rely on Apptega to meet the challenges of cybersecurity and compliance more efficiently and cost-effectively than with any other approach. Featuring 25+ frameworks, including SOC 2, NIST, CMMC, ISO, CIS, PCI, GDPR, HIPAA and more, and manage your program with: - Multi-Tenant - Assessments - Compliance Scoring - Risk Management - Vendor Risk Management - Audit Management - Reporting - Integrations **Average Rating:** 4.7/5.0 **Total Reviews:** 153 **How Do G2 Users Rate Apptega?** - **Ease of Admin:** 9.3/10 (Category avg: 9.0/10) - **Risk Scoring:** 9.3/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 9.1/10 (Category avg: 8.6/10) - **4th Party Assessments:** 7.6/10 (Category avg: 7.9/10) **Who Is the Company Behind Apptega?** - **Seller:** [Apptega](https://www.g2.com/sellers/apptega) - **Company Website:** https://www.apptega.com - **HQ Location:** Atlanta Junction, Georgia, United States - **Twitter:** @apptega (290 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/19418228/ (56 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Chief Information Security Officer - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 42% Mid-Market, 41% Small-Business #### What Are Apptega's Pros and Cons? **Pros:** - Ease of Use (38 reviews) - Compliance Management (30 reviews) - Compliance (29 reviews) - Features (22 reviews) - Security (22 reviews) **Cons:** - Improvements Needed (12 reviews) - Limited Functionality (11 reviews) - Missing Features (8 reviews) - Limitations (7 reviews) - Limited Customization (7 reviews) ### 9. [Hyperproof](https://www.g2.com/products/hyperproof/reviews) Hyperproof is a modern, AI-powered GRC platform that empowers IT, security, and compliance teams to manage controls at scale, integrate their risk operations, and build trust with customers. With Hyperproof, you can scale compliance across your business, automate many controls and orchestrate the rest, connect controls to risks to protect your business, and unlock new business by automating security questionnaires and trust management. Leading organizations like Reddit, Fortinet, Appian, Outreach, and Thales trust Hyperproof. **Average Rating:** 4.5/5.0 **Total Reviews:** 215 **How Do G2 Users Rate Hyperproof?** - **Ease of Admin:** 9.1/10 (Category avg: 9.0/10) - **Risk Scoring:** 8.5/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 8.2/10 (Category avg: 8.6/10) - **4th Party Assessments:** 7.9/10 (Category avg: 7.9/10) **Who Is the Company Behind Hyperproof?** - **Seller:** [Hyperproof](https://www.g2.com/sellers/hyperproof) - **Company Website:** https://hyperproof.io/ - **Year Founded:** 2018 - **HQ Location:** Seattle, Washington, United States - **Twitter:** @Hyperproof (192 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/hyperproof (154 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 47% Mid-Market, 38% Enterprise #### What Are Hyperproof's Pros and Cons? **Pros:** - Ease of Use (67 reviews) - Compliance Management (37 reviews) - Features (35 reviews) - Automation (33 reviews) - Compliance (32 reviews) **Cons:** - Learning Curve (17 reviews) - Learning Difficulty (13 reviews) - Limited Customization (13 reviews) - Not Intuitive (13 reviews) - Improvement Needed (12 reviews) ### 10. [Vanta](https://www.g2.com/products/vanta/reviews) Vanta is the leading Agentic Trust Platform helping 15k+ companies—like Atlassian, Duolingo, Golden State Warriors, and Icelandair—start and scale their security programs and build trust with buyers. Vanta saves security teams time and improves program visibility by automating 35+ compliance frameworks, such as SOC 2 and ISO 27001, and GRC workflows, like risk management. **Average Rating:** 4.6/5.0 **Total Reviews:** 2,413 **How Do G2 Users Rate Vanta?** - **Ease of Admin:** 8.9/10 (Category avg: 9.0/10) - **Risk Scoring:** 8.6/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 8.4/10 (Category avg: 8.6/10) - **4th Party Assessments:** 7.7/10 (Category avg: 7.9/10) **Who Is the Company Behind Vanta?** - **Seller:** [Vanta](https://www.g2.com/sellers/vanta) - **Company Website:** https://www.vanta.com/ - **Year Founded:** 2018 - **HQ Location:** San Francisco, California - **Twitter:** @TrustVanta (4,641 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/vanta-security/ (1,624 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** CTO, CEO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 56% Small-Business, 38% Mid-Market #### What Are Vanta's Pros and Cons? **Pros:** - Ease of Use (798 reviews) - Compliance (606 reviews) - Integrations (463 reviews) - Automation (457 reviews) - Time-saving (446 reviews) **Cons:** - Integration Issues (207 reviews) - Pricing Issues (178 reviews) - Expensive (173 reviews) - Limited Integrations (172 reviews) - Missing Features (165 reviews) ### 11. [SafeBase](https://www.g2.com/products/safebase/reviews) SafeBase is a comprehensive Trust Center Platform designed specifically for enterprises to facilitate seamless security reviews. This platform addresses the challenges organizations face when responding to security questionnaires by significantly reducing the volume of inbound inquiries. By providing self-serve, secure access to essential information, SafeBase empowers customers to find the answers they need without the friction typically associated with traditional security review processes. Trusted by high growth companies and enterprise organizations like OpenAI, Asana, T-Mobile, and Zoom, SafeBase helps eliminate friction in the inbound security review process and helps build customer trust. The target audience for SafeBase includes security teams, sales professionals, and compliance officers within medium to large enterprises that require efficient management of security documentation and inquiries. The platform is particularly beneficial for organizations that frequently engage with clients who have rigorous security requirements. Use cases for SafeBase range from automating responses to security questionnaires to streamlining internal workflows, thus enabling teams to focus on more strategic initiatives rather than administrative tasks. Key features of SafeBase include: • Advanced Trust Center access and governance capabilities, which offer robust permissioning and access controls. Users can manage access through functionalities such as auto bulk invites, SCIM integration, and expiration dates, ensuring that sensitive information is shared securely and efficiently. • Automated NDA workflows further enhance the user experience by allowing buyers to securely access necessary documentation through integrated NDA signing, simplifying the process for all parties involved. • Chrome extension - enables users to provide questionnaire responses directly within their buyers' Third-Party Risk Management (TPRM) portals. This integration not only saves time but also enhances the accuracy of information shared. • Advanced analytics dashboards helping organizations communicate the return on investment (ROI) of their security programs. By leveraging CRM data, these dashboards highlight key focus areas and demonstrate how security initiatives contribute to overall revenue growth. • Multi-product Trust Center profiles, allowing organizations to showcase their trust posture across various product offerings. This feature makes it easy for buyers to self-serve security documentation tailored to their specific needs. By streamlining the security review process and positioning security as a strategic driver of revenue, SafeBase enables fast-growing companies to reclaim valuable time and resources, ultimately enhancing the buying experience for their clients. In 2025, SafeBase was acquired by Drata. Together, they also offer the leading Trust Management Platform enabling organizations to: ~ Proactively build trust with customers through dynamic, real-time Trust Centers. Accelerate security questionnaire responses and close deals faster with AI-powered automation. ~ Simplify and scale compliance efforts with advanced automation and robust integrations. ~ Enhance vendor and third-party risk management with improved efficiency and continuous visibility. ~ Scale and modernize enterprise GRC programs to address evolving market needs. **Average Rating:** 4.7/5.0 **Total Reviews:** 143 **How Do G2 Users Rate SafeBase?** - **Ease of Admin:** 9.5/10 (Category avg: 9.0/10) - **Risk Scoring:** 8.3/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 8.2/10 (Category avg: 8.6/10) - **4th Party Assessments:** 7.6/10 (Category avg: 7.9/10) **Who Is the Company Behind SafeBase?** - **Seller:** [SafeBase](https://www.g2.com/sellers/safebase) - **Company Website:** https://safebase.io/ - **Year Founded:** 2020 - **HQ Location:** San Francisco, California - **LinkedIn® Page:** https://www.linkedin.com/company/safebase/ (57 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Account Executive - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 73% Mid-Market, 20% Enterprise #### What Are SafeBase's Pros and Cons? **Pros:** - Ease of Use (9 reviews) - Communication (4 reviews) - Customer Success (4 reviews) - Helpful (4 reviews) - Integrations (4 reviews) **Cons:** - Missing Features (4 reviews) - Lack of Customization (2 reviews) - Limited Customization (2 reviews) - Feature Complexity (1 reviews) - Improvements Needed (1 reviews) ### 12. [Conveyor](https://www.g2.com/products/conveyor-conveyor/reviews) Conveyor is the market-leading AI security review automation platform that helps infosec & presales teams automate the entire security review -- from security questionnaire completion and sharing security documentation like a SOC 2 in one-click. With AI so accurate, you can even pass most of your security review workflows to our new AI Agent for Customer Trust. Why teams love Conveyor: 1. The only trust center to offer an upload questionnaire for instant answers experience along with all the bells & whistles to share security documentation at scale 2. Plus, AI-questionnaire response to auto-generate 95%+ accurate answers to entire questionnaires so you can speed through review. **Average Rating:** 4.6/5.0 **Total Reviews:** 150 **How Do G2 Users Rate Conveyor?** - **Ease of Admin:** 9.2/10 (Category avg: 9.0/10) - **Risk Scoring:** 7.5/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 8.0/10 (Category avg: 8.6/10) - **4th Party Assessments:** 7.5/10 (Category avg: 7.9/10) **Who Is the Company Behind Conveyor?** - **Seller:** [Conveyor](https://www.g2.com/sellers/conveyor-5e432251-cc59-40a2-a9dd-cff110558d40) - **Company Website:** https://www.conveyor.com - **Year Founded:** 2021 - **HQ Location:** San Francisco, US - **Twitter:** @conveyor (379 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/conveyorhq (61 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** Account Executive - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 59% Mid-Market, 27% Enterprise #### What Are Conveyor's Pros and Cons? **Pros:** - Ease of Use (46 reviews) - Efficiency (34 reviews) - Time-saving (30 reviews) - Intuitive (23 reviews) - Artificial Intelligence (17 reviews) **Cons:** - Missing Features (9 reviews) - Inaccurate Responses (6 reviews) - Poor Interface Design (6 reviews) - Lack of Clarity (5 reviews) - Limited Customization (5 reviews) ### 13. [Drata](https://www.g2.com/products/drata/reviews) Drata is a security and compliance automation platform that continuously monitors and collects evidence of a company's security controls, while streamlining compliance workflows end-to-end to ensure audit readiness. Drata helps thousands of companies streamline their compliance efforts through continuous, automated control monitoring and evidence collection, resulting in lower costs and time spent preparing for annual audits and better overall security posture. Drata's supported frameworks include: SOC 2, ISO 27001, HIPAA, GDPR, PCI DSS, CCPA, CCM, CMMC, ISO 27701, ISO 27017, ISO 27018, Cyber Essentials, Microsoft SSPA, NIST 800-53, NIST CSF, NIST AI, FFIEC, NIST 800-171, and Custom Frameworks. Drata is backed by ICONIQ Growth, GGV Capital, SVCI (Silicon Valley CISO Investments), Okta Ventures, Salesforce Ventures, Cowboy Ventures, Leaders Fund, SV Angel, and many key industry leaders. **Average Rating:** 4.7/5.0 **Total Reviews:** 1,150 **How Do G2 Users Rate Drata?** - **Ease of Admin:** 9.2/10 (Category avg: 9.0/10) - **Risk Scoring:** 8.8/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 8.6/10 (Category avg: 8.6/10) - **4th Party Assessments:** 8.1/10 (Category avg: 7.9/10) **Who Is the Company Behind Drata?** - **Seller:** [Drata](https://www.g2.com/sellers/drata) - **Company Website:** https://drata.com/ - **Year Founded:** 2020 - **HQ Location:** San Diego, US - **Twitter:** @DrataHQ (1,522 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/drata/ (690 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** CTO, CEO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 51% Small-Business, 43% Mid-Market #### What Are Drata's Pros and Cons? **Pros:** - Customer Support (161 reviews) - Ease of Use (148 reviews) - Compliance (130 reviews) - Time-saving (106 reviews) - Integrations (103 reviews) **Cons:** - Limited Integrations (47 reviews) - Improvements Needed (42 reviews) - Integration Issues (41 reviews) - Lack of Clarity (31 reviews) - Missing Features (24 reviews) ### 14. [Whistic](https://www.g2.com/products/whistic/reviews) Whistic is the fastest and most efficient way to exchange, evaluate, and manage security information — whether you’re assessing third-party vendors or responding to customer questionnaires. Designed for today’s fast-moving security and compliance teams, Whistic helps organizations build trust faster, reduce manual work, and move at the speed of business. Unlike other TPRM solutions that focus on just one side of the process, Whistic bridges both. Our platform combines AI-powered automation with the Trust Center Exchange™, a dynamic network where companies proactively publish and share their security posture. This eliminates repetitive back-and-forth communication, accelerates due diligence, and ensures transparency across the entire vendor ecosystem. With Whistic Assessment AI, teams can automate up to 90% of manual tasks, cut assessment time from weeks to minutes, and refocus valuable resources on high-impact security initiatives — all without increasing headcount. The result is a modern, scalable Third-Party Risk Management (TPRM) program that strengthens trust, enhances visibility, and transforms risk management from a roadblock into a competitive advantage. **Average Rating:** 4.6/5.0 **Total Reviews:** 52 **How Do G2 Users Rate Whistic?** - **Ease of Admin:** 9.1/10 (Category avg: 9.0/10) - **Risk Scoring:** 8.6/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 8.9/10 (Category avg: 8.6/10) - **4th Party Assessments:** 7.6/10 (Category avg: 7.9/10) **Who Is the Company Behind Whistic?** - **Seller:** [Whistic](https://www.g2.com/sellers/whistic) - **Company Website:** https://www.whistic.com - **Year Founded:** 2015 - **HQ Location:** Pleasant Grove, Utah - **Twitter:** @Whistic_Inc (1,212 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/6611250/ (52 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 48% Mid-Market, 35% Enterprise #### What Are Whistic's Pros and Cons? **Pros:** - Ease of Use (6 reviews) - Vendor Management (6 reviews) - Customer Support (4 reviews) - Documentation (4 reviews) - Efficiency (4 reviews) **Cons:** - Non-Intuitive Features (4 reviews) - Improvement Needed (3 reviews) - Not Intuitive (3 reviews) - UX Improvement (3 reviews) - Inefficient Risk Management (2 reviews) ### 15. [Scrut Automation](https://www.g2.com/products/scrut-automation/reviews) Scrut Automation is a leading compliance automation platform designed for fast-growing businesses looking to streamline security, risk, and compliance without disrupting operations. It centralizes compliance functions, automates evidence collection, and simplifies audits, helping security teams reduce compliance efforts by up to 80%. Scrut supports 60+ out-of-the-box frameworks, including SOC 2, ISO 27001, GDPR, HIPAA, and PCI-DSS, with the flexibility to add custom frameworks for unique regulatory needs. With 100+ integrations, Scrut seamlessly integrates into your security and IT ecosystem, automating compliance, eliminating manual work, and improving risk visibility. Join 1700+ industry leaders who trust Scrut for simplified compliance and risk management. Schedule a demo today. **Average Rating:** 4.9/5.0 **Total Reviews:** 1,298 **How Do G2 Users Rate Scrut Automation?** - **Ease of Admin:** 9.6/10 (Category avg: 9.0/10) - **Risk Scoring:** 9.2/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 9.2/10 (Category avg: 8.6/10) - **4th Party Assessments:** 8.7/10 (Category avg: 7.9/10) **Who Is the Company Behind Scrut Automation?** - **Seller:** [Scrut Automation](https://www.g2.com/sellers/scrut-automation) - **Company Website:** https://www.scrut.io/ - **Year Founded:** 2022 - **HQ Location:** Palo Alto, US - **Twitter:** @scrutsocial (120 Twitter followers) - **LinkedIn® Page:** https://in.linkedin.com/company/scrut-automation (230 employees on LinkedIn®) **Who Uses This Product?** - **Who Uses This:** CTO, CEO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 50% Small-Business, 48% Mid-Market #### What Are Scrut Automation's Pros and Cons? **Pros:** - Ease of Use (276 reviews) - Customer Support (249 reviews) - Compliance Management (225 reviews) - Helpful (216 reviews) - Compliance (190 reviews) **Cons:** - Improvement Needed (69 reviews) - Technical Issues (52 reviews) - Missing Features (44 reviews) - UX Improvement (44 reviews) - Learning Curve (41 reviews) ### 16. [Risk Ledger](https://www.g2.com/products/risk-ledger/reviews) Risk Ledger is a pioneering third-party risk management platform that revolutionises supply chain security through a powerful, unified solution. By onboarding and connecting your entire supply chain into an active network, Risk Ledger provides real-time insights to identify concentration risks and emerging threats. Our dynamic network-based model offers a clear view of your entire supply chain, enhancing your ability to visualise and manage risks effectively. With immediate access to a vast, trusted supplier network and continuously updated risk assessments, Risk Ledger streamlines risk management processes, reduces manual workload, and empowers you with unparalleled clarity and control across all supply chain tiers. Join 10,000+ organisations on the Risk Ledger network today. **Average Rating:** 4.4/5.0 **Total Reviews:** 126 **How Do G2 Users Rate Risk Ledger?** - **Ease of Admin:** 8.9/10 (Category avg: 9.0/10) - **Risk Scoring:** 8.7/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 8.5/10 (Category avg: 8.6/10) - **4th Party Assessments:** 7.2/10 (Category avg: 7.9/10) **Who Is the Company Behind Risk Ledger?** - **Seller:** [Risk Ledger](https://www.g2.com/sellers/risk-ledger) - **Company Website:** https://riskledger.com/ - **Year Founded:** 2018 - **HQ Location:** London, GB - **Twitter:** @RiskLedger (632 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/risk-ledger/ (86 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 47% Mid-Market, 29% Small-Business #### What Are Risk Ledger's Pros and Cons? **Pros:** - Ease of Use (30 reviews) - Risk Management (19 reviews) - Time-saving (18 reviews) - Efficiency (15 reviews) - Helpful (12 reviews) **Cons:** - Complex Setup (5 reviews) - Difficult Setup (4 reviews) - Onboarding Difficulties (4 reviews) - Poor Interface Design (4 reviews) - Improvement Needed (3 reviews) ### 17. [Perimeter](https://www.g2.com/products/processbolt-perimeter/reviews) Painless end-to-end VRM: Perimeter covers the full VRM lifecycle for your entire vendor universe while cutting manual effort more than 80%. Unlimited scalability: Perimeter makes it easy to scale your VRM program to any number of vendors without hiring dozens of new roles. Fully customizable and branded for your organization: All assessments, logic, design, and language is fully customizable to your needs, processes, and brand. Bi-directional APIs and pre-configured templates: Works straight out of the box with pre-built templates while enabling the flexibility to easily customize assessments, workflows and processes to accommodate nuanced risk management as needed. Secure document sharing and storage: Perimeter makes scaling VRM easy with secure, centralized document management. Data hosted according to regulatory requirements. Onboarding, training, and support are all included in the price. Built to Eliminate the Pain
of Vendor Risk Management. Our Mission Is Simple: deliver painless, real-time vendor risk management through one integrated platform - from onboarding to assessment to continuous monitoring. We give teams the tools they need to automate assessments, validate vendor responses, continuously monitor their attack surfaces, and respond to issues before they escalate - all without adding headcount, complexity, or overhead. We were founded to fix the inefficiencies and blind spots plaguing traditional VRM programs - programs that are too slow to scale, too manual to trust, and too fragmented to protect against real-world threats. Fully integrated assessment, continuous monitoring and AI data extraction platform. Don’t just trust vendor attestations - validate them in real time. Up and running in under a week - no implementation partner needed. Cut manual work by 80% - and still improve your coverage. Easily customizable assessments, workflows and processes to accommodate nuanced risk management needs. See vendor risk as it happens - including early breach notifications. AI with guardrails - built for risk professionals. Built for Speed, Scale, and Simplicity. **Average Rating:** 4.8/5.0 **Total Reviews:** 45 **How Do G2 Users Rate Perimeter?** - **Ease of Admin:** 9.2/10 (Category avg: 9.0/10) - **Risk Scoring:** 9.1/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 8.6/10 (Category avg: 8.6/10) - **4th Party Assessments:** 7.3/10 (Category avg: 7.9/10) **Who Is the Company Behind Perimeter?** - **Seller:** [Perimeter](https://www.g2.com/sellers/perimeter) - **Company Website:** https://perimeter.net/ - **Year Founded:** 2017 - **HQ Location:** Minnetonka, MN - **LinkedIn® Page:** https://www.linkedin.com/company/perimeter-vrm/ (21 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Hospital & Health Care, Information Technology and Services - **Company Size:** 50% Enterprise, 33% Mid-Market #### What Are Perimeter's Pros and Cons? **Pros:** - Ease of Use (5 reviews) - Vendor Management (3 reviews) - Automation (2 reviews) - Customization (2 reviews) - Helpful (2 reviews) **Cons:** - Complex Setup (2 reviews) - Integration Issues (1 reviews) - Learning Curve (1 reviews) - Learning Difficulty (1 reviews) - Limited Customization (1 reviews) ### 18. [Graphite Connect](https://www.g2.com/products/graphiteconnect-graphite-connect/reviews) Graphite Connect is the premiere solution for fast, easy supplier onboarding. Inspired by social networks, Graphite’s unique structure utilizes supplier-managed, verified profiles so onboarding data is always accurate and ready to use. When you’re ready to onboard, Graphite immediately integrates the supplier information you need directly into your ERP. Graphite allows you to filter, segment, and select your preferred suppliers before onboarding. Graphite also validates key supplier information like banking details, OFAC, and TIN, so you can be certain that your data is not only accurate but also safe from fraudulent changes. Key Features: \> Single point-of-entry for requesters’ purchasing-related activities \> Fast, accurate and secure supplier data onboarding \> Automated supplier risk management/due diligence \> Robust security measures to prevent fraudulent bank changes \> Extensive audit trail \> Full Integration with your ERP and other tools Additionally, all users have access to a myriad of valuable capabilities like localization, supplier diversity module, and extensive collaboration features. **Average Rating:** 4.4/5.0 **Total Reviews:** 29 **How Do G2 Users Rate Graphite Connect?** - **Ease of Admin:** 9.1/10 (Category avg: 9.0/10) - **Risk Scoring:** 8.5/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 8.1/10 (Category avg: 8.6/10) - **4th Party Assessments:** 7.5/10 (Category avg: 7.9/10) **Who Is the Company Behind Graphite Connect?** - **Seller:** [graphiteConnect](https://www.g2.com/sellers/graphiteconnect) - **Year Founded:** 2018 - **HQ Location:** Lehi, US - **Twitter:** @graphiteConnect (17 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/graphite-systems/ (86 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Information Technology and Services - **Company Size:** 84% Enterprise, 6% Mid-Market #### What Are Graphite Connect's Pros and Cons? **Pros:** - Ease of Use (7 reviews) - Customer Support (5 reviews) - Collaboration (4 reviews) - Easy Implementation (4 reviews) - Automation (3 reviews) **Cons:** - Onboarding Difficulties (5 reviews) - Difficult Navigation (2 reviews) - Inefficient Processes (2 reviews) - Integration Issues (2 reviews) - Lack of Clarity (2 reviews) ### 19. [ProcessUnity TPRM Platform](https://www.g2.com/products/processunity-tprm-platform/reviews) ProcessUnity is THE Third-Party Risk Management (TPRM) company. Our software platforms and data services protect customers from cybersecurity threats, breaches, and outages that originate from their ever-growing ecosystem of business partners. With ProcessUnity, customers can assess more of their contractors, suppliers, vendors, and service providers faster and more thoroughly, securing intellectual property and customer data so business operations can continue to operate uninterrupted. Our unique combination of the world’s largest third-party risk data exchange, the leading TPRM workflow platform, and powerful artificial intelligence powers the industry’s most complete solution for Third-Party Risk Management. Our solutions, platforms, and people extend third-party risk, procurement, and cybersecurity teams to cover 100 percent of their vendor ecosystem and build a comprehensive controls framework that extends to their business partners. This results in measurable value to our customers through inherent risk assessments on their portfolio, reduced vendor onboarding cycle times, the elimination of assessment backlogs, the ability to get assessment data from hard-to-assess third parties, and a streamlined threat response. Ultimately, using ProcessUnity, our customers can close any gaps in their third-party risk programs. Organizations of all sizes utilize ProcessUnity to reduce assessment work while improving quality, automate processes across their entire TPRM lifecycle, respond to and manage emerging threats and vulnerabilities, and minimize risk posed by their third-party ecosystem. To learn more or request a demo, visit www.processunity.com. **Average Rating:** 4.5/5.0 **Total Reviews:** 54 **How Do G2 Users Rate ProcessUnity TPRM Platform?** - **Ease of Admin:** 8.6/10 (Category avg: 9.0/10) - **Risk Scoring:** 9.0/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 9.0/10 (Category avg: 8.6/10) - **4th Party Assessments:** 8.3/10 (Category avg: 7.9/10) **Who Is the Company Behind ProcessUnity TPRM Platform?** - **Seller:** [ProcessUnity](https://www.g2.com/sellers/processunity) - **Company Website:** https://www.processunity.com - **Year Founded:** 2003 - **HQ Location:** Concord, US - **Twitter:** @ProcessUnity (741 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/processunity/ (232 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Banking, Financial Services - **Company Size:** 54% Enterprise, 31% Mid-Market #### What Are ProcessUnity TPRM Platform's Pros and Cons? **Pros:** - Ease of Use (11 reviews) - Customization (8 reviews) - Customizability (7 reviews) - Risk Management (7 reviews) - Security Management (7 reviews) **Cons:** - Limitations (4 reviews) - Slow Loading (4 reviews) - Limited Features (3 reviews) - Slow Performance (3 reviews) - Steep Learning Curve (3 reviews) ### 20. [SureCloud](https://www.g2.com/products/surecloud/reviews) SureCloud is the most intelligent GRC platform, enabling organisations to take centralised command of their risk, compliance and audit activities. Built for established teams managing complex environments, SureCloud offers a single, scalable solution that connects all GRC domains while fostering collaboration across your business units. Powered by event-sourced architecture, SureCloud provides a real-time, intelligent view of every risk so you understand how they have impacted you and what really matters to your business. See how risks evolve, track control performance, and link issues directly to outcomes while AI-driven insights help inform your next steps. SureCloud simplifies GRC complexity through a modular, no-code platform that is easy to configure without developer input. Collaboration is built in from role-based dashboards to automated approval workflows ensuring alignment and accountability no matter the business unit. Whether you are managing ISO 27001 compliance, improving your vendor assessments or driving data privacy, SureCloud gives you confidence to improve your posture and build lasting resilience. Highlights: - The Most Intelligent GRC Platform: SureCloud event-based architecture powers deep insights across your compliance and risk activities, capturing context over time instead of just static snapshots. Unlike other platforms, this enables you to track real changes, drive better decision-making, and gain clarity across your risks, controls, and even third-party interactions. - Clever compliance driven by ready automation: By automating manual human tasks such as evidence collection and controls monitoring, SureCloud dramatically reduces preparation time and ensures continued adherence to frameworks like ISO 27001, SOC 2 and GDPR. Get time back for teams to focus on your more important strategic decisions, uplifted by AI to inform improvements and next steps. - Total collaboration for enterprise success: Operate at scale without reliance on distributed toolsets, people and data by linking entities and projects. Clear task management and staged reviewing create accountability throughout the execution process so you deliver faster and without error, letting you improve your overall risk posture. **Average Rating:** 4.2/5.0 **Total Reviews:** 48 **How Do G2 Users Rate SureCloud?** - **Ease of Admin:** 8.0/10 (Category avg: 9.0/10) - **Risk Scoring:** 9.0/10 (Category avg: 8.8/10) - **Questionnaire Templates:** 8.7/10 (Category avg: 8.6/10) - **4th Party Assessments:** 7.5/10 (Category avg: 7.9/10) **Who Is the Company Behind SureCloud?** - **Seller:** [SureCloud](https://www.g2.com/sellers/surecloud) - **Company Website:** https://www.surecloud.com - **Year Founded:** 2006 - **HQ Location:** London, United Kingdom - **Twitter:** @SureCloud (750 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1107556/ (59 employees on LinkedIn®) **Who Uses This Product?** - **Top Industries:** Retail, Financial Services - **Company Size:** 63% Enterprise, 27% Mid-Market #### What Are SureCloud's Pros and Cons? **Pros:** - Helpful (12 reviews) - Customer Support (10 reviews) - Ease of Use (9 reviews) - Intuitive (5 reviews) - Reporting (5 reviews) **Cons:** - Not Intuitive (6 reviews) - Limited Functionality (5 reviews) - Inadequate Reporting (4 reviews) - Limited Customization (4 reviews) - Limited Reporting (4 reviews) ## What Is Vendor Security and Privacy Assessment Software? [Risk Assessment Software](https://www.g2.com/categories/risk-assessment) ## What Software Categories Are Similar to Vendor Security and Privacy Assessment Software? - [Audit Management Software](https://www.g2.com/categories/audit-management) - [Third Party & Supplier Risk Management Software](https://www.g2.com/categories/third-party-supplier-risk-management) - [Security Compliance Software](https://www.g2.com/categories/security-compliance)