# Best Vendor Security and Privacy Assessment Software

*By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)*


Vendor security and privacy assessment software helps companies manage cybersecurity and privacy risk assessment processes when identifying, evaluating, and regularly reevaluating their vendors, service providers, and other third parties. The purpose of this software is to help companies understand the privacy and cybersecurity risks associated with doing business with specific prospective and existing third parties. Vendor security and privacy assessments often include reviewing and scoring a vendor’s cybersecurity policies, documentation, results of recent audits, certifications, and legal agreements on how sensitive or personally identifying data will be accessed, used, processed, or sold as defined by data privacy laws such as the GDPR or CCPA.

Vendor security and privacy assessment software assists two constituencies—both the company and the third party they do business with. Companies use this software to assess the cybersecurity and data privacy compliance of their third-party vendors, while vendors use this software to more easily reply to buyers’ questionnaires and publish their company’s cybersecurity and data privacy compliance information in a centralized, up-to-date, and referenceable exchange. This software allows vendors to use the same responses across multiple customer assessments, as well as proactively share information with customers, which saves the vendor time instead of manually editing individual spreadsheets or forms. On the customer side, vendor security and privacy assessment software is typically managed by information security teams. On the vendor side, sales teams typically use the software to distribute security and privacy compliance information to prospective customers. Vendor security and privacy assessment software often integrates with other software tools, including [CRM software](https://www.g2.com/categories/crm), [governance, risk &amp; compliance software](https://www.g2.com/categories/governance-risk-compliance) , and [cybersecurity services providers](https://www.g2.com/categories/cybersecurity-services), such as ratings services providers.

Vendor security and privacy assessment software is for evaluating external parties and therefore is different from internal privacy or security risk assessment processes which utilize software such as [privacy impact assessment (PIA) software](https://www.g2.com/categories/privacy-impact-assessment-pia) or [security risk analysis software](https://www.g2.com/categories/security-risk-analysis). This software is also different from [IT risk management software](https://www.g2.com/categories/it-risk-management), which monitors risk of a company’s internal systems or data use. Vendor security and privacy assessment software is similar to, but narrower in scope than [vendor management software](https://www.g2.com/categories/vendor-management) and [third party &amp; supplier risk management software](https://www.g2.com/categories/third-party-supplier-risk-management), which evaluates risk more broadly than security or privacy, such as financial fraud, corruption, or human rights violations.

To qualify for inclusion in the Vendor Security and Privacy Assessment category, a product must:

- Enable vendors to own, manage, and publish a company profile containing cybersecurity and data privacy compliance information and documentation 
- Allow companies to assess vendor profiles in a centralized catalog, as well as by utilizing workflow to engage with vendors and request documentation such as security questionnaires, audits, certifications, etc. 
- Provide customer-facing teams with workflow to easily share access to the company’s vendor profile, including the ability to link to the profile on a company website or in marketing materials 
- Facilitate automated notifications, alerts, and reminders for specific actions including upcoming assessments, profile access requests, etc. 
- Support standardized security and privacy framework questionnaire templates commonly requested by customers, such as CAIQ, SIG, NIST, VSA, GDPR, ISO 27001, Privacy Shield, etc. 





## Top Vendor Security and Privacy Assessment Software at a Glance
| # | Product | Rating | Best For | What Users Say |
|---|---------|--------|----------|----------------|
| 1 | [Vanta](https://www.g2.com/products/vanta/reviews) | 4.6/5.0 (2,609 reviews) | Continuous SOC 2 compliance with automated evidence collection | "[Easy to Use, Fast Integration, and Helpful Review Reminders](https://www.g2.com/survey_responses/vanta-review-13103971)" |
| 2 | [UpGuard Vendor Risk](https://www.g2.com/products/upguard-vendor-risk/reviews) | 4.5/5.0 (721 reviews) | Automated vendor risk scoring with security questionnaires | "[Well-Organized Platform for Security Due Diligence](https://www.g2.com/survey_responses/upguard-vendor-risk-review-13089101)" |
| 3 | [Drata](https://www.g2.com/products/drata/reviews) | 4.7/5.0 (1,322 reviews) | Continuous SOC 2 compliance with automated evidence collection | "[Huge Time-Saver: Smart Control Mapping, Helpful Onboarding, and an Intuitive UI](https://www.g2.com/survey_responses/drata-review-12740328)" |
| 4 | [Sprinto](https://www.g2.com/products/sprinto-inc/reviews) | 4.8/5.0 (1,654 reviews) | Continuous compliance automation with guided audit readiness | "[Smooth, Structured HIPAA Compliance with Sprinto and Outstanding Support](https://www.g2.com/survey_responses/sprinto-review-12898116)" |
| 5 | [Secureframe](https://www.g2.com/products/secureframe/reviews) | 4.7/5.0 (805 reviews) | SOC 2 audit readiness with automated evidence collection | "[Secureframe Streamlined Our ISO 27001 Compliance](https://www.g2.com/survey_responses/secureframe-review-13111175)" |
| 6 | [Scrut Automation](https://www.g2.com/products/scrut-automation/reviews) | 4.9/5.0 (1,311 reviews) | AI-powered vendor questionnaire automation with policy mapping | "[Transforming Compliance and Security Management with Scrut Automation](https://www.g2.com/survey_responses/scrut-automation-review-10499291)" |
| 7 | [Thoropass](https://www.g2.com/products/thoropass/reviews) | 4.7/5.0 (578 reviews) | SOC 2 compliance with bundled audit | "[Thoropass and SOC2 process](https://www.g2.com/survey_responses/thoropass-review-11551425)" |
| 8 | [IBM OpenPages](https://www.g2.com/products/ibm-openpages/reviews) | 4.2/5.0 (66 reviews) | Third-party risk centralization with GRC workflows | "[Automates Security Tasks, But Pricey](https://www.g2.com/survey_responses/ibm-openpages-review-12229480)" |
| 9 | [OneTrust Tech Risk &amp; Compliance](https://www.g2.com/products/onetrust-tech-risk-compliance/reviews) | 4.6/5.0 (107 reviews) | Automated GRC workflows with multi-framework compliance | "[The best GRC Product on the Market](https://www.g2.com/survey_responses/onetrust-tech-risk-compliance-review-7634011)" |
| 10 | [RiskProfiler - External Threat Exposure Management](https://www.g2.com/products/riskprofiler-external-threat-exposure-management/reviews) | 4.9/5.0 (118 reviews) | Vendor exposure correlation with attack path mapping | "[Single Pane of Truth for External Exposure Correlation and Fast Risk Prioritization](https://www.g2.com/survey_responses/riskprofiler-external-threat-exposure-management-review-12394581)" |


## G2 Grid® for Vendor Security and Privacy Assessment Software
![G2 Grid® for Vendor Security and Privacy Assessment Software plotting products by satisfaction and market presence](https://www.g2.com/categories/vendor-security-and-privacy-assessment/grids.png?focus%5B%5D=123611&focus%5B%5D=4086&focus%5B%5D=140904&focus%5B%5D=162410&focus%5B%5D=140255&focus%5B%5D=167976&focus%5B%5D=130035&focus%5B%5D=953)
Highlighted products: Vanta, UpGuard Vendor Risk, Drata, Sprinto, Secureframe, Scrut Automation, Thoropass, and IBM OpenPages.
Underlying data: [Grid® JSON](https://www.g2.com/categories/vendor-security-and-privacy-assessment/grids.json?focus%5B%5D=vanta&amp;focus%5B%5D=upguard-vendor-risk&amp;focus%5B%5D=drata&amp;focus%5B%5D=sprinto-inc&amp;focus%5B%5D=secureframe&amp;focus%5B%5D=scrut-automation&amp;focus%5B%5D=thoropass&amp;focus%5B%5D=ibm-openpages)


## How Many Vendor Security and Privacy Assessment Software Products Does G2 Track?
**Total Products under this Category:** 127

### Category Stats (Jul 2026)
- **Average Rating**: 4.55/5 (↓0.02 vs Jun 2026) The average rating of products in this category, based on all submitted ratings
- **Top Trending Product**: SureCloud (+1.41%) - Among all products in this category, SureCloud recorded the largest rating increase compared to last month
*Last updated: July 16, 2026*


## How Does G2 Rank Vendor Security and Privacy Assessment Software Products?

**Why You Can Trust G2's Software Rankings:**

- 30 Analysts and Data Experts
- 15,600+ Authentic Reviews
- 127+ Products
- Unbiased Rankings

G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category.


## Which Vendor Security and Privacy Assessment Software Is Best for Your Use Case?

- **Leader:** [Vanta](https://www.g2.com/products/vanta/reviews)
- **Highest Performer:** [RiskProfiler - External Threat Exposure Management](https://www.g2.com/products/riskprofiler-external-threat-exposure-management/reviews)
- **Easiest to Use:** [Sprinto](https://www.g2.com/products/sprinto-inc/reviews)
- **Top Trending:** [Vanta](https://www.g2.com/products/vanta/reviews)
- **Best Free Software:** [UpGuard Vendor Risk](https://www.g2.com/products/upguard-vendor-risk/reviews)


---

**Sponsored**

### Conveyor

Conveyor is the market-leading AI security review automation platform that helps infosec &amp; presales teams automate the entire security review -- from security questionnaire completion and sharing security documentation like a SOC 2 in one-click. With AI so accurate, you can even pass most of your security review workflows to our new AI Agent for Customer Trust. Why teams love Conveyor: 1. The only trust center to offer an upload questionnaire for instant answers experience along with all the bells &amp; whistles to share security documentation at scale 2. Plus, AI-questionnaire response to auto-generate 95%+ accurate answers to entire questionnaires so you can speed through review.



[Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&amp;secure%5Bad_slot%5D=category_product_list&amp;secure%5Bcategory_id%5D=2445&amp;secure%5Bchosen_at%5D=2026-07-17T03%3A50%3A58Z&amp;secure%5Bdisplayable_resource_id%5D=2445&amp;secure%5Bdisplayable_resource_type%5D=Category&amp;secure%5Bmedium%5D=sponsored&amp;secure%5Bplacement_reason%5D=page_category&amp;secure%5Bplacement_resource_ids%5D%5B%5D=2445&amp;secure%5Bprioritized%5D=false&amp;secure%5Bproduct_id%5D=75579&amp;secure%5Bresource_id%5D=2445&amp;secure%5Bresource_type%5D=Category&amp;secure%5Bsource_type%5D=category_page&amp;secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fvendor-security-and-privacy-assessment&amp;secure%5Btoken%5D=111333c738ef9997dd24b3d615d01eece32598edeb129454d7c163d31754ba20&amp;secure%5Burl%5D=https%3A%2F%2Fwww.conveyor.com&amp;secure%5Burl_type%5D=company_website)

---

## What Are the Top-Rated Vendor Security and Privacy Assessment Software Products in 2026?
### 1. [Vanta](https://www.g2.com/products/vanta/reviews)
Vanta is the leading Agentic Trust Platform helping 15k+ companies—like Atlassian, Duolingo, Golden State Warriors, and Icelandair—start and scale their security programs and build trust with buyers. Vanta saves security teams time and improves program visibility by automating 35+ compliance frameworks, such as SOC 2 and ISO 27001, and GRC workflows, like risk management.


**Average Rating:** 4.6/5.0
**Total Reviews:** 2,609
**How Do G2 Users Rate Vanta?**

- **Ease of Admin:** 8.9/10 (Category avg: 9.0/10)
- **Risk Scoring:** 8.6/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 8.4/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 7.7/10 (Category avg: 7.9/10)

**Who Is the Company Behind Vanta?**

- **Seller:** [Vanta](https://www.g2.com/sellers/vanta)
- **Company Website:** https://www.vanta.com/
- **Year Founded:** 2018
- **HQ Location:** San Francisco, California
- **Twitter:** @TrustVanta (4,694 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/vanta-security/ (1,871 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CTO, CEO
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 56% Small-Business, 39% Mid-Market


#### What Are Vanta's Pros and Cons?

**Pros:**

- Ease of Use (798 reviews)
- Compliance (606 reviews)
- Integrations (463 reviews)
- Automation (457 reviews)
- Time-saving (446 reviews)

**Cons:**

- Integration Issues (207 reviews)
- Pricing Issues (178 reviews)
- Expensive (173 reviews)
- Limited Integrations (172 reviews)
- Missing Features (165 reviews)


### What Do G2 Reviewers Say About Vanta?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of Vanta, enjoying its straightforward interface and clear organizational plans.
- Users value Vanta for turning **compliance into a business driver** , enhancing efficiency and accuracy in the process.
- Users value the **seamless integrations** Vanta offers, enhancing compliance monitoring and documentation preparation effortlessly.
- Users admire Vanta&#39;s **automation** , enhancing compliance efficiency while maintaining speed and accuracy for business success.
- Users value Vanta for its **time-saving automation** , significantly reducing manual tasks and improving efficiency in compliance management.

**Cons:**

- Users face **integration issues** with Vanta, leading to manual work and limited reporting, but improvement is underway.
- Users express concerns about Vanta&#39;s **high pricing and lack of flexibility** , particularly for small businesses and solopreneurs.
- Users feel that Vanta is **very expensive** , impacting their overall perception of its value and accessibility.
- Users note the **limited integrations** with niche tech stacks, which may hinder broader application performance.
- Users find the **missing features** in Vanta&#39;s lower tiers limit its effectiveness for diverse tech stacks.

#### What Are Recent G2 Reviews of Vanta?

**"[Well-Structured, Interactive Security Standards Tracking with a Strong Trust Center](https://www.g2.com/survey_responses/vanta-review-13086207)"**

**Rating:** 4.5/5.0 stars
*— Ejike I.*

[Read full review](https://www.g2.com/survey_responses/vanta-review-13086207)

---

**"[Easy to Use, Fast Integration, and Helpful Review Reminders](https://www.g2.com/survey_responses/vanta-review-13103971)"**

**Rating:** 4.5/5.0 stars
*— Jared S.*

[Read full review](https://www.g2.com/survey_responses/vanta-review-13103971)

---


#### What Are G2 Users Discussing About Vanta?

- [What is Vanta used for?](https://www.g2.com/discussions/what-is-vanta-used-for) - 3 comments, 2 upvotes

### 2. [UpGuard Vendor Risk](https://www.g2.com/products/upguard-vendor-risk/reviews)
UpGuard Vendor Risk is an AI-powered third-party cyber risk management (TPCRM) solution that empowers security teams to eliminate the response gap and take control of their vendor ecosystem. As part of the UpGuard Cyber Risk Posture Management (CRPM) platform, it integrates seamlessly with Breach Risk and User Risk to provide a unified defense against modern cyber threats. As organizations scale, their reliance on third-party vendors expands, creating dangerous blind spots across their supply chain. Traditional assessment methods often rely on point-in-time questionnaires, leaving teams vulnerable to hidden control gaps and unmonitored shifts in a vendor&#39;s security posture. Vendor Risk solves this by combining continuous monitoring, AI-powered document analysis, and security questionnaire automation into a single, scalable platform. Key Capabilities: • Continuous Monitoring &amp; Security Ratings: Get a complete picture of your vendor ecosystem. Vendor Risk proactively monitors all your vendors with daily scanning and objective, industry-leading security ratings. Continuous monitoring ensures you are instantly alerted to critical shifts in a vendor&#39;s security posture, even between assessments. • AI-Powered Vendor Assessments: Double your assessment speed. UpGuard AI instantly analyzes vendor documentation to uncover control gaps and risks in minutes. It gives you a clear view of which controls are met or failed, the exact risks present, and the actionable remediation steps required—meaning far less evidence chasing. • Security Questionnaire Automation: Move beyond manual spreadsheets. Leverage automation and a complete library of pre-configured questionnaires—including NIST, ISO, SIG, and regional regulations like DORA—to quickly fill any information gaps. Centralized intelligence consolidates vendor communications, cutting manual assessment work by up to 90%. • Reporting &amp; Program Oversight: Scale without limits. Generate accurate, point-in-time risk assessment reports in under a minute using UpGuard AI. With intuitive, one-click reporting, security teams can easily communicate current risks and compliance status to stakeholders like the board or C-Suite. By translating complex third-party risks into objective, quantifiable Security Ratings, UpGuard Vendor Risk enables security leaders to benchmark vendor performance, accelerate onboarding workflows, and confidently prove supply chain risk reduction to the board.


**Average Rating:** 4.5/5.0
**Total Reviews:** 721
**How Do G2 Users Rate UpGuard Vendor Risk?**

- **Ease of Admin:** 9.1/10 (Category avg: 9.0/10)
- **Risk Scoring:** 8.8/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 8.6/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 7.9/10 (Category avg: 7.9/10)

**Who Is the Company Behind UpGuard Vendor Risk?**

- **Seller:** [UpGuard](https://www.g2.com/sellers/upguard)
- **Company Website:** https://upguard.com
- **Year Founded:** 2012
- **HQ Location:** Mountain View, California
- **Twitter:** @UpGuard (8,705 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/upguard/ (371 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CISO, Security Analyst
- **Top Industries:** Information Technology and Services, Financial Services
- **Company Size:** 47% Enterprise, 39% Mid-Market


#### What Are UpGuard Vendor Risk's Pros and Cons?

**Pros:**

- Ease of Use (252 reviews)
- Security (143 reviews)
- Risk Management (133 reviews)
- Time-saving (108 reviews)
- Customer Support (101 reviews)

**Cons:**

- Lack of Clarity (52 reviews)
- Expensive (38 reviews)
- Limited Functionality (32 reviews)
- Improvement Needed (26 reviews)
- Limited Customization (24 reviews)


### What Do G2 Reviewers Say About UpGuard Vendor Risk?
*AI-generated summary from verified user reviews*

**Pros:**

- Users praise the **ease of use** of UpGuard Vendor Risk, enhancing daily tasks and understanding data safety improvements.
- Users appreciate the **intuitive interface and reliable updates** of UpGuard, enhancing security and ease of use.
- Users value UpGuard&#39;s **dynamic scoring system** for effectively identifying and prioritizing risks in public infrastructure.
- Users value UpGuard&#39;s **time-saving features** that streamline monitoring and reporting, enhancing overall security efficiency.
- Users value the **responsive customer support** of UpGuard, enhancing experience with efficient query resolution and smooth operation.

**Cons:**

- Users find the **lack of clarity** in remediation recommendations complicates implementation and slows down the process.
- Users find UpGuard Vendor Risk **expensive** , particularly for smaller organizations with fewer vendor needs.
- Users note the **limited functionality** of UpGuard, particularly in customization and context for alerts, affecting usability.
- Users note that UpGuard needs to improve on **false positives** that impact accuracy and require manual correction.
- Users find **limited customization** in UpGuard Vendor Risk, affecting the flexibility and effectiveness of notifications and reports.

#### What Are Recent G2 Reviews of UpGuard Vendor Risk?

**"[Strong Platform for Managing Vendor Risk](https://www.g2.com/survey_responses/upguard-vendor-risk-review-13042780)"**

**Rating:** 5.0/5.0 stars
*— Utkarsh K.*

[Read full review](https://www.g2.com/survey_responses/upguard-vendor-risk-review-13042780)

---

**"[Well-Organized Platform for Security Due Diligence](https://www.g2.com/survey_responses/upguard-vendor-risk-review-13089101)"**

**Rating:** 4.5/5.0 stars
*— Mohamed S.*

[Read full review](https://www.g2.com/survey_responses/upguard-vendor-risk-review-13089101)

---



### 3. [Drata](https://www.g2.com/products/drata/reviews)
Founded in 2020 and headquartered in San Francisco, California, Drata provides the trust network that enables businesses to operate, scale, and partner with confidence. Born from experience in mission-critical aerospace work and the painful reality of manual security audits, Drata was created to turn trust into an always-on state instead of a point-in-time exercise. Today, the Drata Agentic Trust Management Platform helps more than 8,500 organizations worldwide build continuous trust across the cloud and prove their posture to customers, partners, and auditors. Drata unifies governance, risk, compliance, and assurance so security and GRC teams can manage everything in one place. Drata&#39;s core capabilities include Automated Governance to streamline policy management, control monitoring, evidence collection, and access reviews; Integrated Risk Management to centralize internal and third-party risk with real-time visibility and ownership; Continuous Compliance to automate evidence collection and control testing across frameworks; and Accelerated Security Assurance to show your security posture in real time and shorten review cycles while supporting faster, more confident sales and vendor decisions. Together, these capabilities deliver Continuous Real-Time Trust, Enterprise-Grade Flexibility, and Agentic AI Productivity. Drata continuously monitors controls, flags risks immediately, and makes always-current proof easy to share so you&#39;re demonstrating effective security every day—not just at audit time. The platform scales across multiple frameworks and connects to hundreds of tools to fit complex environments, and AI-driven automation helps assess vendors, collect evidence, and draft questionnaire responses—eliminating repetitive manual work, reducing operational overhead, and turning assurance into a strategic business enabler for modern, trust-driven organizations.


**Average Rating:** 4.7/5.0
**Total Reviews:** 1,322
**How Do G2 Users Rate Drata?**

- **Ease of Admin:** 9.2/10 (Category avg: 9.0/10)
- **Risk Scoring:** 8.8/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 8.5/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 8.0/10 (Category avg: 7.9/10)

**Who Is the Company Behind Drata?**

- **Seller:** [Drata](https://www.g2.com/sellers/drata)
- **Company Website:** https://drata.com/
- **Year Founded:** 2020
- **HQ Location:** San Francisco, CA 
- **Twitter:** @DrataHQ (1,525 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/drata/ (677 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CTO, CEO
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 47% Mid-Market, 46% Small-Business


#### What Are Drata's Pros and Cons?

**Pros:**

- Customer Support (161 reviews)
- Ease of Use (148 reviews)
- Compliance (130 reviews)
- Time-saving (106 reviews)
- Integrations (103 reviews)

**Cons:**

- Limited Integrations (47 reviews)
- Improvements Needed (42 reviews)
- Integration Issues (41 reviews)
- Lack of Clarity (31 reviews)
- Missing Features (24 reviews)


### What Do G2 Reviewers Say About Drata?
*AI-generated summary from verified user reviews*

**Pros:**

- Users commend Drata&#39;s **amazing customer support** , noting their responsiveness and commitment to improving the user experience.
- Users appreciate the **intuitive ease of use** of Drata, making compliance management accessible and efficient for all.
- Users value Drata for its **efficient compliance framework mapping** and proactive support, enhancing security and reducing redundancy.
- Users love Drata for its **time-saving automations** , streamlining compliance tasks and enhancing efficiency across workflows.
- Users value the **seamless integrations** of Drata, enhancing connectivity and audit readiness across multiple platforms effortlessly.

**Cons:**

- Users note the **limited integrations** of Drata, which can complicate workflows and increase onboarding costs.
- Users indicate that **improvements are needed** in the audit section and Trust Center functionalities for a better experience.
- Users face **integration issues** with Drata, especially with Google Workspace and lacking support for certain MDM solutions.
- Users experience a **lack of clarity** with Drata, particularly in user flow and policy templates, leading to confusion.
- Users desire **additional features** for formatting, better user interface, and more integrations for improved functionality.

#### What Are Recent G2 Reviews of Drata?

**"[Intuitive, Well-Organized UX with Helpful Auditors and Time-Saving Integrations](https://www.g2.com/survey_responses/drata-review-12892040)"**

**Rating:** 4.0/5.0 stars
*— Sarah J.*

[Read full review](https://www.g2.com/survey_responses/drata-review-12892040)

---

**"[Huge Time-Saver: Smart Control Mapping, Helpful Onboarding, and an Intuitive UI](https://www.g2.com/survey_responses/drata-review-12740328)"**

**Rating:** 4.5/5.0 stars
*— Dylan E.*

[Read full review](https://www.g2.com/survey_responses/drata-review-12740328)

---


#### What Are G2 Users Discussing About Drata?

- [How are others coping with slower support, chatbot inconsistencies, and login / chat issues?](https://www.g2.com/discussions/how-are-others-coping-with-slower-support-chatbot-inconsistencies-and-login-chat-issues) - 1 comment, 1 upvote
- [Has anyone else felt friction between Drata’s control depth and their own compliance approach or frameworks?](https://www.g2.com/discussions/has-anyone-else-felt-friction-between-drata-s-control-depth-and-their-own-compliance-approach-or-frameworks) - 1 comment, 1 upvote
- [What’s your workaround when Drata’s integrations and automation do not go deep enough?](https://www.g2.com/discussions/what-s-your-workaround-when-drata-s-integrations-and-automation-do-not-go-deep-enough) - 1 comment, 1 upvote
- [How are you all dealing with confusing navigation and policy / control relationships in Drata?](https://www.g2.com/discussions/how-are-you-all-dealing-with-confusing-navigation-and-policy-control-relationships-in-drata) - 1 comment, 1 upvote
- [Complex setup and overloaded templates slow down my first audit cycle](https://www.g2.com/discussions/complex-setup-and-overloaded-templates-slow-down-my-first-audit-cycle) - 1 comment, 1 upvote

### 4. [Sprinto](https://www.g2.com/products/sprinto-inc/reviews)
Sprinto is the world&#39;s first Autonomous Trust Platform, detecting change across your posture, determining what&#39;s at risk, and acting across compliance, vendor risk, AI governance, and more, so your organization stays trustworthy without the operational chaos. Sprinto is trusted by 3,000+ companies across 75 countries, including Emergent, CodeRabbit, Anaconda, and Whatfix. The platform supports 200+ global standards, including SOC 2, ISO 27001, GDPR, HIPAA, PCI-DSS, and ISO 42001, for AI governance across 300+ integrations.


**Average Rating:** 4.8/5.0
**Total Reviews:** 1,654
**How Do G2 Users Rate Sprinto?**

- **Ease of Admin:** 9.3/10 (Category avg: 9.0/10)
- **Risk Scoring:** 9.6/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 9.4/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 8.9/10 (Category avg: 7.9/10)

**Who Is the Company Behind Sprinto?**

- **Seller:** [Sprinto Technology Private Limited](https://www.g2.com/sellers/sprinto-technology-private-limited)
- **Company Website:** https://sprinto.com/
- **Year Founded:** 2020
- **HQ Location:** San Francisco, US
- **Twitter:** @sprintoHQ (13,279 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/sprinto-com (424 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CTO, CEO
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 57% Small-Business, 42% Mid-Market


#### What Are Sprinto's Pros and Cons?

**Pros:**

- Ease of Use (384 reviews)
- Customer Support (319 reviews)
- Compliance (303 reviews)
- Helpful (297 reviews)
- Compliance Management (252 reviews)

**Cons:**

- Integration Issues (71 reviews)
- Limited Customization (40 reviews)
- Limited Integrations (40 reviews)
- Unclear Guidance (38 reviews)
- UX Improvement (37 reviews)


### What Do G2 Reviewers Say About Sprinto?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Sprinto&#39;s platform to have **exceptional ease of use** , aided by excellent support and clear guidance.
- Users praise the **customer support** of Sprinto for being knowledgeable, accommodating, and always ready to help.
- Users highlight the **exceptional compliance support** from Sprinto&#39;s knowledgeable team, enhancing their overall compliance experience significantly.
- Users find Sprinto&#39;s **excellent customer support** and user-friendly design crucial for effective compliance management.
- Users highlight the **intuitive compliance management** of Sprinto, appreciating its automation and excellent support from dedicated account managers.

**Cons:**

- Users note **integration issues** with some niche tools, despite ongoing improvements to support more systems.
- Users find **limited customization** options in Sprinto, especially for reporting features and initial integrations.
- Users face **limited integrations** that cause delays and require extra effort for a seamless experience.
- Users find the **unclear guidance** on auditor accreditation and onboarding documentation can complicate the initial setup experience.
- Users note some **UI/UX challenges** with Sprinto, including navigation issues and reminder dependencies for links.

#### What Are Recent G2 Reviews of Sprinto?

**"[Smooth, Structured HIPAA Compliance with Sprinto and Outstanding Support](https://www.g2.com/survey_responses/sprinto-review-12898116)"**

**Rating:** 5.0/5.0 stars
*— Gayathri v.*

[Read full review](https://www.g2.com/survey_responses/sprinto-review-12898116)

---

**"[Fast path to SOC 2 Type 1 — great platform, outstanding support](https://www.g2.com/survey_responses/sprinto-review-12885389)"**

**Rating:** 5.0/5.0 stars
*— Ignacio B.*

[Read full review](https://www.g2.com/survey_responses/sprinto-review-12885389)

---



### 5. [Secureframe](https://www.g2.com/products/secureframe/reviews)
Secureframe empowers businesses to build trust with customers by simplifying information security and compliance through AI and automation. Thousands of organizations such as AngelList, Nasdaq, Coda, and Remote trust Secureframe to help them obtain and maintain compliance with global information security standards.


**Average Rating:** 4.7/5.0
**Total Reviews:** 805
**How Do G2 Users Rate Secureframe?**

- **Ease of Admin:** 9.0/10 (Category avg: 9.0/10)
- **Risk Scoring:** 9.1/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 8.7/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 8.0/10 (Category avg: 7.9/10)

**Who Is the Company Behind Secureframe?**

- **Seller:** [Secureframe](https://www.g2.com/sellers/secureframe)
- **Company Website:** https://secureframe.com/
- **Year Founded:** 2020
- **HQ Location:** San Francisco, US
- **Twitter:** @secureframe (2,228 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/secureframe/ (126 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CEO, CTO
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 66% Small-Business, 30% Mid-Market


#### What Are Secureframe's Pros and Cons?

**Pros:**

- Ease of Use (663 reviews)
- Compliance (560 reviews)
- Automation (422 reviews)
- Security (406 reviews)
- Integrations (390 reviews)

**Cons:**

- Integration Issues (188 reviews)
- Limited Integrations (145 reviews)
- Limited Customization (141 reviews)
- Improvements Needed (110 reviews)
- Missing Features (109 reviews)


### What Do G2 Reviewers Say About Secureframe?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** of Secureframe, making task tracking and setup straightforward and efficient.
- Users value the **ease of use** in structuring the compliance approval process for their teams.
- Users value how Secureframe&#39;s **automation simplifies compliance** , making it easy and manageable for all users.
- Users value Secureframe&#39;s **strong security measures** , enhancing trust while managing sensitive client information effectively.
- Users value the **seamless integrations** of Secureframe, significantly enhancing efficiency and compliance management for small teams.

**Cons:**

- Users face **integration issues** with niche tools, requiring manual effort and time for proper setup.
- Users find the **limited integrations** with platforms like Azure Dev Ops frustrating, hindering seamless automation and audits.
- Users find **limited customization** options for timing and follow-up schedules frustrating for compliance and training needs.
- Users express a need for **improvements in the audit function** to enhance integration and streamline their experience.
- Users note some **missing features** in Secureframe, especially regarding test management and policy association improvements.

#### What Are Recent G2 Reviews of Secureframe?

**"[Secureframe Streamlined Our ISO 27001 Compliance](https://www.g2.com/survey_responses/secureframe-review-13111175)"**

**Rating:** 5.0/5.0 stars
*— Kunal P.*

[Read full review](https://www.g2.com/survey_responses/secureframe-review-13111175)

---

**"[Essential for SOC 2 Compliance, Smooth Integration](https://www.g2.com/survey_responses/secureframe-review-13095337)"**

**Rating:** 5.0/5.0 stars
*— Sachin C.*

[Read full review](https://www.g2.com/survey_responses/secureframe-review-13095337)

---


#### What Are G2 Users Discussing About Secureframe?

- [How are you getting value from the AI features when first-pass answers and automation feel hit-or-miss?](https://www.g2.com/discussions/how-are-you-getting-value-from-the-ai-features-when-first-pass-answers-and-automation-feel-hit-or-miss) - 1 comment, 1 upvote
- [Is anyone else struggling with limited reporting and document/search friction during executive reviews?](https://www.g2.com/discussions/is-anyone-else-struggling-with-limited-reporting-and-document-search-friction-during-executive-reviews) - 1 comment, 1 upvote
- [What do you do to make the first-year setup and control mapping less overwhelming?](https://www.g2.com/discussions/what-do-you-do-to-make-the-first-year-setup-and-control-mapping-less-overwhelming) - 1 comment, 1 upvote
- [How are other teams handling integrations that are partially supported or keep needing manual work?](https://www.g2.com/discussions/how-are-other-teams-handling-integrations-that-are-partially-supported-or-keep-needing-manual-work) - 1 comment
- [Unreliable training and login flows slow down my audits and force awkward deadline conversations](https://www.g2.com/discussions/unreliable-training-and-login-flows-slow-down-my-audits-and-force-awkward-deadline-conversations) - 1 comment

### 6. [Scrut Automation](https://www.g2.com/products/scrut-automation/reviews)
Scrut Automation is a leading compliance automation platform designed for fast-growing businesses looking to streamline security, risk, and compliance without disrupting operations. It centralizes compliance functions, automates evidence collection, and simplifies audits, helping security teams reduce compliance efforts. Scrut supports 70+ out-of-the-box frameworks, including SOC 2, ISO 27001, GDPR, HIPAA, and PCI-DSS, with the flexibility to add custom frameworks for unique regulatory needs. With 150+ integrations, Scrut seamlessly integrates into your security and IT ecosystem, automating compliance, eliminating manual work, and improving risk visibility. Join 2500+ industry leaders who trust Scrut for simplified compliance and risk management. Schedule a demo today.


**Average Rating:** 4.9/5.0
**Total Reviews:** 1,311
**How Do G2 Users Rate Scrut Automation?**

- **Ease of Admin:** 9.6/10 (Category avg: 9.0/10)
- **Risk Scoring:** 9.2/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 9.2/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 8.7/10 (Category avg: 7.9/10)

**Who Is the Company Behind Scrut Automation?**

- **Seller:** [Scrut Automation](https://www.g2.com/sellers/scrut-automation)
- **Company Website:** https://www.scrut.io/
- **Year Founded:** 2022
- **HQ Location:** Palo Alto, US
- **Twitter:** @scrutsocial (120 Twitter followers)
- **LinkedIn® Page:** https://in.linkedin.com/company/scrut-automation (233 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CTO, CEO
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 50% Small-Business, 48% Mid-Market


#### What Are Scrut Automation's Pros and Cons?

**Pros:**

- Ease of Use (289 reviews)
- Customer Support (255 reviews)
- Helpful (224 reviews)
- Compliance Management (220 reviews)
- Compliance (191 reviews)

**Cons:**

- Improvement Needed (68 reviews)
- Missing Features (48 reviews)
- Technical Issues (46 reviews)
- Learning Curve (40 reviews)
- Lack of Clarity (39 reviews)


### What Do G2 Reviewers Say About Scrut Automation?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find the **ease of use** of Scrut Automation invaluable for tracking and coordinating tasks efficiently.
- Users praise Scrut Automation for its **exceptional customer support** , with dedicated team guidance during compliance training and audits.
- Users highlight the **exceptional support** from the Scrut team, noting effective guidance throughout the compliance process.
- Users value the **exceptional compliance management** of Scrut Automation, which simplifies the SOC 2 process significantly.
- Users appreciate the **comprehensive compliance support** from Scrut Automation, which aids in successful audits and clarity.

**Cons:**

- Users find **improvement needed** in Scrut Automation, citing UI confusion, documentation issues, and small bugs in functionality.
- Users note the **missing features** in Scrut Automation, particularly in risk management and report customization.
- Users face **technical issues** that can overwhelm non-technical stakeholders and complicate usage of the platform.
- Users find the **learning curve steep** , making it challenging for new users to navigate and understand the system.
- Users experience a **lack of clarity** with test outcomes and feature purposes, leading to confusion and delays.

#### What Are Recent G2 Reviews of Scrut Automation?

**"[Transforming Compliance and Security Management with Scrut Automation](https://www.g2.com/survey_responses/scrut-automation-review-10499291)"**

**Rating:** 5.0/5.0 stars
*— Karan A.*

[Read full review](https://www.g2.com/survey_responses/scrut-automation-review-10499291)

---

**"[Automates Compliance and Evidence Collection — Boosts Audit Readiness and Efficiency](https://www.g2.com/survey_responses/scrut-automation-review-13049695)"**

**Rating:** 4.0/5.0 stars
*— Ravindra N.*

[Read full review](https://www.g2.com/survey_responses/scrut-automation-review-13049695)

---


#### What Are G2 Users Discussing About Scrut Automation?

- [What is Scrut Automation used for?](https://www.g2.com/discussions/what-is-scrut-automation-used-for) - 1 upvote

### 7. [Thoropass](https://www.g2.com/products/thoropass/reviews)
Thoropass is a modern compliance audit firm that helps organizations of all sizes build and prove trust with high-quality audits, expert guidance, and integrated security services. Combining deep auditor expertise with intuitive technology, Thoropass delivers a streamlined path to achieving and maintaining compliance with frameworks including SOC 1, SOC 2, ISO 27001, ISO 42001, HIPAA, HITRUST, GDPR, CMMC, Cyber Essentials, PCI DSS, and others. As a licensed CPA firm and CREST-accredited provider, Thoropass brings a level of credibility and rigor that scales from fast-growing startups to complex, regulated enterprises. Our auditors, security engineers, and compliance experts partner closely with customers to simplify evidence collection, reduce audit friction, and ensure results that stand up to regulator, partner, and customer scrutiny. Beyond audits, Thoropass supports the full trust-building lifecycle with penetration testing, risk assessment, access reviews, AI governance assessments, and questionnaire automation—helping teams unify compliance operations without relying on multiple vendors. Organizations choose Thoropass for our responsive expert support, consistent audit outcomes, and a service experience built for modern security and compliance teams. Thoropass is trusted by thousands of companies to prove compliance, strengthen security posture, and confidently meet the expectations of customers, auditors, and regulators.


**Average Rating:** 4.7/5.0
**Total Reviews:** 578
**How Do G2 Users Rate Thoropass?**

- **Ease of Admin:** 9.0/10 (Category avg: 9.0/10)
- **Risk Scoring:** 8.8/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 8.5/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 7.8/10 (Category avg: 7.9/10)

**Who Is the Company Behind Thoropass?**

- **Seller:** [Thoropass](https://www.g2.com/sellers/thoropass)
- **Company Website:** https://thoropass.com/?utm_source=adwords&amp;utm_medium=ppc&amp;utm_campaign=Brand+NA&amp;utm_term=b_thoropass
- **Year Founded:** 2019
- **HQ Location:** New York
- **Twitter:** @thoropass (379 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/thoropass/ (233 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CEO, CTO
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 71% Small-Business, 26% Mid-Market


#### What Are Thoropass's Pros and Cons?

**Pros:**

- Ease of Use (239 reviews)
- Helpful (221 reviews)
- Customer Support (171 reviews)
- Compliance (157 reviews)
- Team Helpfulness (115 reviews)

**Cons:**

- Lack of Clarity (39 reviews)
- Integration Issues (34 reviews)
- UX Improvement (33 reviews)
- Audit Issues (32 reviews)
- Improvements Needed (31 reviews)


### What Do G2 Reviewers Say About Thoropass?
*AI-generated summary from verified user reviews*

**Pros:**

- Users praise Thoropass for its **ease of use** , benefiting from an intuitive dashboard and excellent support.
- Users appreciate the **excellent support and user-friendly system** of Thoropass, making audits manageable and efficient.
- Users value the **excellent customer support** from Thoropass, enhancing their experience and ensuring project success.
- Users appreciate the **seamless integrations** of Thoropass, streamlining compliance processes and enhancing overall efficiency.
- Users commend the **helpful support team** of Thoropass, enhancing their audit experience and ensuring successful compliance.

**Cons:**

- Users find **lack of clarity** in Thoropass, struggling with disjointed UX and missing critical information at point of sales.
- Users face **integration issues** with Thoropass, causing exceptions and inefficiencies in reporting and user experience.
- Users find the **UX improvement** of Thoropass necessary due to its disjointed experience and clunky features.
- Users find a lack of **visibility regarding audit status** in Thoropass, making it hard to track progress.
- Users note that **improvements are needed** in scheduling and feature development to enhance overall usability and efficiency.

#### What Are Recent G2 Reviews of Thoropass?

**"[Thoropass and SOC2 process](https://www.g2.com/survey_responses/thoropass-review-11551425)"**

**Rating:** 5.0/5.0 stars
*— Nicole B.*

[Read full review](https://www.g2.com/survey_responses/thoropass-review-11551425)

---

**"[Centralizes Compliance Tasks Efficiently](https://www.g2.com/survey_responses/thoropass-review-10958552)"**

**Rating:** 5.0/5.0 stars
*— Monica .*

[Read full review](https://www.g2.com/survey_responses/thoropass-review-10958552)

---


#### What Are G2 Users Discussing About Thoropass?

- [What is Laika used for?](https://www.g2.com/discussions/what-is-laika-used-for) - 1 comment

### 8. [IBM OpenPages](https://www.g2.com/products/ibm-openpages/reviews)
OpenPages is an AI-powered, easy-to-use, and highly scalable GRC management solution that runs on any cloud and centralizes siloed risk management functions into a single environment. OpenPages lays emphasis upon ‘GRC is Everyone’s Business’ strategy by establishing a risk and compliance culture that promotes inclusiveness, consistency and transparency Easy-to-use, highly configurable and requires little/no training Saves time - Users are guided by an AI powered virtual assistant giving real-time answers to users. Improves data quality - AI suggested classifications help users reduce errors, mitigate risks and promote accuracy and efficiency in incident reporting and risk mitigation efforts. Reduces the knowledge gap - Users are guided by AI in the interface for areas like risk and compliance taxonomies.


**Average Rating:** 4.2/5.0
**Total Reviews:** 66
**How Do G2 Users Rate IBM OpenPages?**

- **Ease of Admin:** 7.3/10 (Category avg: 9.0/10)
- **Risk Scoring:** 9.8/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 9.8/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 9.8/10 (Category avg: 7.9/10)

**Who Is the Company Behind IBM OpenPages?**

- **Seller:** [IBM](https://www.g2.com/sellers/ibm)
- **Year Founded:** 1911
- **HQ Location:** Armonk, New York, United States
- **Twitter:** @IBMSecurity (74,660 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/1009/ (328,202 employees on LinkedIn®)
- **Ownership:** SWX:IBM

**Who Uses This Product?**
- **Top Industries:** Banking, Information Technology and Services
- **Company Size:** 39% Mid-Market, 34% Enterprise


#### What Are IBM OpenPages's Pros and Cons?

**Pros:**

- Risk Management (12 reviews)
- Time-saving (9 reviews)
- Automation (7 reviews)
- Ease of Use (7 reviews)
- Security (7 reviews)

**Cons:**

- Complexity (3 reviews)
- Expensive (3 reviews)
- Improvement Needed (3 reviews)
- Learning Curve (3 reviews)
- Learning Difficulty (3 reviews)


### What Do G2 Reviewers Say About IBM OpenPages?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **efficient risk management** capabilities of IBM OpenPages, enhancing compliance and streamlining internal processes.
- Users value the **time-saving capabilities** of IBM OpenPages, enhancing efficiency in monitoring and reporting activities.
- Users appreciate the **automation capabilities** of IBM OpenPages, enhancing efficiency and simplifying compliance tasks across teams.
- Users find IBM OpenPages **easy to use** thanks to its intuitive interface and strong customer support.
- Users value the **robust security features** of IBM OpenPages, ensuring reliable risk management and compliance across the organization.

**Cons:**

- Users find the **complexity** of IBM OpenPages daunting, particularly due to its heavy interface and steep learning curve.
- Users find IBM OpenPages to be **too expensive** , with concerns regarding costs and implementation complexity.
- Users note a **need for improved usability** , as IBM OpenPages can be complex and struggles with user-friendly customization.
- Users highlight a **steep learning curve** with IBM OpenPages, making it challenging for new users and occasional teams.
- Users find the **steep learning curve** of IBM OpenPages challenging, hindering ease of use for new or occasional users.

#### What Are Recent G2 Reviews of IBM OpenPages?

**"[Transforms Risk Management and Compliance](https://www.g2.com/survey_responses/ibm-openpages-review-12242779)"**

**Rating:** 5.0/5.0 stars
*— Charlotte W.*

[Read full review](https://www.g2.com/survey_responses/ibm-openpages-review-12242779)

---

**"[Automates Security Tasks, But Pricey](https://www.g2.com/survey_responses/ibm-openpages-review-12229480)"**

**Rating:** 4.0/5.0 stars
*— Madhav B.*

[Read full review](https://www.g2.com/survey_responses/ibm-openpages-review-12229480)

---


#### What Are G2 Users Discussing About IBM OpenPages?

- [What is Watson discovery?](https://www.g2.com/discussions/what-is-watson-discovery)
- [What is the best GRC tool?](https://www.g2.com/discussions/ibm-openpages-with-watson-what-is-the-best-grc-tool)
- [What is IBM OpenPages?](https://www.g2.com/discussions/what-is-ibm-openpages)
- [What is IBM OpenPages with Watson?](https://www.g2.com/discussions/what-is-ibm-openpages-with-watson)

### 9. [OneTrust Tech Risk &amp; Compliance](https://www.g2.com/products/onetrust-tech-risk-compliance/reviews)
OneTrust&#39;s Tech Risk &amp; Compliance solution simplifies compliance and effectively manage risks. You can scale your resources and optimize your risk and compliance lifecycle by automating governance with business-ready content, guidance, and mapping. Simplify business collaboration by turning complex regulations into simple, actionable tasks that fit into your existing processes, and ensure continuous compliance. You can also mature your risk program and contextualize risk across the business to monitor over time, educate stakeholders, report to leadership, and prioritize action. Tech Risk and Compliance includes Compliance Automation and IT &amp; Risk Management tools. Compliance Automation scales your resources while optimizing compliance processes to efficiently scope, manage, and communicate your compliance posture, empowering InfoSec and IT Compliance professionals to automate regulatory guidance, reinforce program governance, and maintain audit readiness. With Compliance Automation you can: -Simplify business collaboration to streamline compliance workflows -Deploy pre-built integrations to automate evidence collection -Collect once, comply many with 50+ ready-to-use frameworks IT Risk Management allows you to proactively identify and mitigate risk, streamline data collection, and map risk relationships to assess and quantify risk across your IT and business ecosystem. Identify risk across complex IT ecosystems by discovering information systems vulnerabilities and cybersecurity risks across an inventory of assets, processes, and vendors. Reflect the interconnected nature of how systems, data, and risk flow throughout your business to monitor changes over time. Standardize and quantify risk with context by balancing qualitative and quantitative metrics with a scalable risk methodology that can mature from a standard matrix to automated calculations to inform risk mitigation prioritization without losing critical business context. You can enhance risk ownership across the business through automation of key enterprise risk management activities such as assessments and control management to effectively engage the business, collect information, evaluate impact, and execute remediation strategies. 


**Average Rating:** 4.6/5.0
**Total Reviews:** 107
**How Do G2 Users Rate OneTrust Tech Risk &amp; Compliance?**

- **Ease of Admin:** 8.7/10 (Category avg: 9.0/10)
- **Risk Scoring:** 8.5/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 8.7/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 7.4/10 (Category avg: 7.9/10)

**Who Is the Company Behind OneTrust Tech Risk &amp; Compliance?**

- **Seller:** [OneTrust](https://www.g2.com/sellers/onetrust)
- **Company Website:** https://www.onetrust.com/
- **Year Founded:** 2016
- **HQ Location:** Atlanta, Georgia
- **Twitter:** @OneTrust (6,566 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/10795459/ (2,487 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 46% Mid-Market, 40% Small-Business


#### What Are OneTrust Tech Risk &amp; Compliance's Pros and Cons?

**Pros:**

- Ease of Use (17 reviews)
- Automation (15 reviews)
- Compliance Management (12 reviews)
- Risk Management (12 reviews)
- Features (11 reviews)

**Cons:**

- Complex Implementation (6 reviews)
- Difficult Setup (6 reviews)
- Learning Curve (6 reviews)
- Learning Difficulty (6 reviews)
- Slow Loading (6 reviews)


### What Do G2 Reviewers Say About OneTrust Tech Risk &amp; Compliance?
*AI-generated summary from verified user reviews*

**Pros:**

- Users appreciate the **ease of use** of OneTrust Tech Risk &amp; Compliance, simplifying risk and compliance management on a centralized platform.
- Users commend the **effortless automation** features of OneTrust, enhancing risk management and streamlining compliance processes.
- Users value the **centralized compliance management** in OneTrust, enhancing ease of tracking and fostering accountability.
- Users appreciate the **centralized platform** of OneTrust Tech Risk &amp; Compliance, enhancing risk and compliance management efficiency.
- Users appreciate the **centralized platform** of OneTrust Tech Risk &amp; Compliance for simplifying risk and compliance management.

**Cons:**

- Users find the **complex implementation** of OneTrust Tech Risk &amp; Compliance can be challenging, requiring significant time and effort.
- Users find the **difficult setup** of OneTrust Tech Risk &amp; Compliance a significant barrier, complicating initial experiences and configurations.
- Users find a **steep learning curve** with OneTrust Tech Risk &amp; Compliance, making initial setup challenging and time-consuming.
- Users find the **learning difficulty** of OneTrust Tech Risk &amp; Compliance to be steep, complicating the initial setup process.
- Users often face **slow loading** issues with OneTrust Tech Risk &amp; Compliance, impacting their overall experience with the platform.

#### What Are Recent G2 Reviews of OneTrust Tech Risk &amp; Compliance?

**"[The best GRC Product on the Market](https://www.g2.com/survey_responses/onetrust-tech-risk-compliance-review-7634011)"**

**Rating:** 5.0/5.0 stars
*— Chinua K.*

[Read full review](https://www.g2.com/survey_responses/onetrust-tech-risk-compliance-review-7634011)

---

**"[Powerful Automation, But Setup Challenges](https://www.g2.com/survey_responses/onetrust-tech-risk-compliance-review-11988415)"**

**Rating:** 4.5/5.0 stars
*— SONIA G.*

[Read full review](https://www.g2.com/survey_responses/onetrust-tech-risk-compliance-review-11988415)

---


#### What Are G2 Users Discussing About OneTrust Tech Risk &amp; Compliance?

- [What improvements would you suggest for OneTrust GRC to better meet your compliance needs?](https://www.g2.com/discussions/what-improvements-would-you-suggest-for-onetrust-grc-to-better-meet-your-compliance-needs)

### 10. [RiskProfiler - External Threat Exposure Management](https://www.g2.com/products/riskprofiler-external-threat-exposure-management/reviews)
RiskProfiler is an advanced cybersecurity platform purpose-built for Continuous Threat Exposure Management (CTEM). It unifies external, cloud, vendor, and brand risk intelligence into a single ecosystem—providing organizations with real-time visibility, contextual threat insights, and actionable remediation guidance. Through its integrated suite, External Attack Surface Managemnet, Third\_party Risk Management, Cloud Attack Surface Management, and Brand Risk Protection; the platform continuously discovers, classifies, and evaluates external-facing assets and risks across the internet, multi-cloud environments, and third-party ecosystems. Powered by AI-enabled risk questionnaires, RiskProfiler automates the exchange, validation, and scoring of security assessments, dramatically accelerating third-party due diligence and compliance validation. The platform’s context-enriched graph engine correlates vulnerabilities, exposures, and configurations with real-world threat data, revealing how attackers might exploit an organization’s digital footprint. Its newly enhanced Cyber Threat Intelligence (CTI) module provides live insights into industry-specific attack trends, threat actor profiles, and evolving TTPs, directly embedded within the dashboard. By analyzing CVEs, IOCs, and exploit patterns, it maps these to relevant assets and potential attack paths, enabling focused, prioritized mitigation. From identifying exposed cloud resources across AWS, Azure, and Google Cloud to uncovering brand impersonation, phishing campaigns, or logo abuse, RiskProfiler delivers unified visibility and continuous monitoring that extends beyond the perimeter. It helps organizations anticipate, contextualize, and neutralize threats before they turn into breaches, transforming exposure management into a truly intelligent, predictive defense capability.


**Average Rating:** 4.9/5.0
**Total Reviews:** 118
**How Do G2 Users Rate RiskProfiler - External Threat Exposure Management?**

- **Ease of Admin:** 9.7/10 (Category avg: 9.0/10)
- **Risk Scoring:** 9.8/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 9.8/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 9.7/10 (Category avg: 7.9/10)

**Who Is the Company Behind RiskProfiler - External Threat Exposure Management?**

- **Seller:** [Riskprofiler](https://www.g2.com/sellers/riskprofiler)
- **Company Website:** https://riskprofiler.io/
- **Year Founded:** 2019
- **HQ Location:** Rock Hill , US
- **Twitter:** @riskprofilerio (209 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/riskprofiler (32 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Software Engineer, Security Consultant
- **Top Industries:** Information Technology and Services, Design
- **Company Size:** 66% Mid-Market, 33% Small-Business


#### What Are RiskProfiler - External Threat Exposure Management's Pros and Cons?

**Pros:**

- Risk Management (70 reviews)
- Features (32 reviews)
- Customer Support (31 reviews)
- Ease of Use (30 reviews)
- Easy Setup (29 reviews)

**Cons:**

- Learning Curve (17 reviews)
- Complexity (16 reviews)
- Difficult Learning (16 reviews)
- Learning Difficulty (10 reviews)
- Complex Setup (8 reviews)


### What Do G2 Reviewers Say About RiskProfiler - External Threat Exposure Management?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **effective threat intelligence** of RiskProfiler, enabling efficient management of external and vendor threats.
- Users appreciate the **seamless onboarding and integration** of RiskProfiler, enhancing their threat monitoring and management capabilities.
- Users commend the **fast and efficient customer support** of RiskProfiler, enhancing their overall experience and response time.
- Users praise the **ease of use** of RiskProfiler, enabling quick integration and seamless onboarding into existing workflows.
- Users value the **easy setup** of RiskProfiler, allowing quick implementation and effective monitoring of security threats.

**Cons:**

- Users face a **steep learning curve** with RiskProfiler, necessitating time for training and customization for effective use.
- Users find the **complexity** of RiskProfiler can lead to a steep learning curve and information overload.
- Users find the **difficult learning** curve challenging, requiring substantial training to navigate the platform effectively.
- Users face a **steep learning curve** with RiskProfiler, necessitating significant time for training and customization.
- Users find the **complex setup** of RiskProfiler challenging, hindering adoption for non-specialist teams.

#### What Are Recent G2 Reviews of RiskProfiler - External Threat Exposure Management?

**"[Contextual Intelligence That Connects Risk Across the Attack Surface](https://www.g2.com/survey_responses/riskprofiler-external-threat-exposure-management-review-12719957)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/riskprofiler-external-threat-exposure-management-review-12719957)

---

**"[Single Pane of Truth for External Exposure Correlation and Fast Risk Prioritization](https://www.g2.com/survey_responses/riskprofiler-external-threat-exposure-management-review-12394581)"**

**Rating:** 5.0/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/riskprofiler-external-threat-exposure-management-review-12394581)

---



### 11. [Responsive, formerly RFPIO](https://www.g2.com/products/responsive-formerly-rfpio/reviews)
Responsive is the global leader in strategic response management software, transforming how organizations share and exchange critical information. Our commitment to product innovation and customer success empowers companies to accelerate growth, mitigate risk and improve the employee experience by leveraging intelligent technologies to quickly and accurately manage RFPs, RFIs, security questionnaires (VSQs), due diligence questionnaires (DDQs), risk assessments and all other complex information requests (RFXs). With Responsive, frontline teams deliver superior responses by automating the completion of questionnaires, documents and spreadsheets while collaborating with stakeholders, improving processes with data insights, and quickly accessing approved content across popular business applications.


**Average Rating:** 4.5/5.0
**Total Reviews:** 1,300
**How Do G2 Users Rate Responsive, formerly RFPIO?**

- **Ease of Admin:** 8.7/10 (Category avg: 9.0/10)
- **Risk Scoring:** 7.1/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 7.7/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 6.6/10 (Category avg: 7.9/10)

**Who Is the Company Behind Responsive, formerly RFPIO?**

- **Seller:** [Responsive](https://www.g2.com/sellers/responsive)
- **Company Website:** https://www.responsive.io/
- **Year Founded:** 2016
- **HQ Location:** Frisco, Texas
- **Twitter:** @responsiveio (1,735 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/responsiveio (716 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Proposal Manager, Proposal Writer
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 48% Mid-Market, 39% Enterprise


#### What Are Responsive, formerly RFPIO's Pros and Cons?

**Pros:**

- Ease of Use (340 reviews)
- Features (227 reviews)
- Efficiency (186 reviews)
- Time-saving (160 reviews)
- Team Collaboration (143 reviews)

**Cons:**

- Learning Curve (71 reviews)
- Not Intuitive (60 reviews)
- Missing Features (59 reviews)
- Non-Intuitive Features (45 reviews)
- Difficult Learning (44 reviews)


### What Do G2 Reviewers Say About Responsive, formerly RFPIO?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Responsive.io&#39;s platform incredibly **intuitive and efficient** , significantly enhancing proposal management and team collaboration.
- Users appreciate the **user-friendly interface** and effective features, which streamline the response process significantly.
- Users value the **efficiency** of Responsive, enabling quick collaboration and streamlined responses across teams.
- Users value the **time-saving capabilities** of Responsive, enabling quick content reuse and efficient project management.
- Users value the **team collaboration** features of Responsive, enabling seamless project management and efficient responses across teams.

**Cons:**

- Users note a **steep initial learning curve** for advanced features, though support resources aid in the transition.
- Users find the interface **not intuitive** , making navigation challenging, particularly for those unfamiliar with the platform.
- Users find the lack of **duplicate Q&amp;A notifications** and unsupported formats a limitation in Responsive&#39;s functionality.
- Users find the **non-intuitive features** of Responsive frustrating, especially when searching for specific content or locating buttons.
- Users face a **difficult learning curve** initially, especially with advanced features and the application&#39;s complex UI.

#### What Are Recent G2 Reviews of Responsive, formerly RFPIO?

**"[Effortless RFP Management, Clean and Simple Interface](https://www.g2.com/survey_responses/responsive-formerly-rfpio-review-4305533)"**

**Rating:** 5.0/5.0 stars
*— Jack P.*

[Read full review](https://www.g2.com/survey_responses/responsive-formerly-rfpio-review-4305533)

---

**"[Powerful AI and Document Management for better responses](https://www.g2.com/survey_responses/responsive-formerly-rfpio-review-11884656)"**

**Rating:** 4.0/5.0 stars
*— Rui D.*

[Read full review](https://www.g2.com/survey_responses/responsive-formerly-rfpio-review-11884656)

---


#### What Are G2 Users Discussing About Responsive, formerly RFPIO?

- [What is RFPIO used for?](https://www.g2.com/discussions/what-is-rfpio-used-for) - 1 comment
- [What is RFP360, an RFPIO company used for?](https://www.g2.com/discussions/what-is-rfp360-an-rfpio-company-used-for) - 1 comment

### 12. [OneTrust Privacy Automation](https://www.g2.com/products/onetrust-privacy-automation/reviews)
OneTrust’s mission is to enable the responsible use of data and AI. Our platform simplifies the collection of data with consent and preferences, automates the governance of data with integrated risk management across privacy, security, IT/tech, third-party, and AI risk, and activates the responsible use of data by applying and enforcing data policies across the entire data estate and lifecycle. The Privacy Automation solution simplifies compliance, automates privacy operations and mitigates risk. Our tools include: -A real-time view of your compliance posture -Evergreen data and activity map -Data subject request automation -Privacy and AI risk workflows OneTrust supports seamless collaboration between data teams and risk teams to drive rapid and trusted innovation. Recognized as a market pioneer and leader, OneTrust boasts over 300 patents and serves more than 14,000 customers globally, ranging from industry giants to small businesses. For more information, visit www.onetrust.com.


**Average Rating:** 4.3/5.0
**Total Reviews:** 143
**How Do G2 Users Rate OneTrust Privacy Automation?**

- **Ease of Admin:** 8.4/10 (Category avg: 9.0/10)
- **Risk Scoring:** 8.4/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 9.0/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 8.1/10 (Category avg: 7.9/10)

**Who Is the Company Behind OneTrust Privacy Automation?**

- **Seller:** [OneTrust](https://www.g2.com/sellers/onetrust)
- **Company Website:** https://www.onetrust.com/
- **Year Founded:** 2016
- **HQ Location:** Atlanta, Georgia
- **Twitter:** @OneTrust (6,566 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/10795459/ (2,487 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Data Protection Officer
- **Top Industries:** Information Technology and Services, Financial Services
- **Company Size:** 45% Enterprise, 40% Mid-Market


#### What Are OneTrust Privacy Automation's Pros and Cons?

**Pros:**

- Ease of Use (4 reviews)
- Problem Solving (3 reviews)
- Automation (2 reviews)
- Compliance (2 reviews)
- Compliance Support (2 reviews)

**Cons:**

- Complexity (3 reviews)
- Complexity Issues (3 reviews)
- Complexity Management (3 reviews)
- Feature Limitations (3 reviews)
- Learning Difficulty (3 reviews)


### What Do G2 Reviewers Say About OneTrust Privacy Automation?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find OneTrust Privacy Automation&#39;s **ease of use** beneficial for streamlining privacy workflows and enhancing team collaboration.
- Users appreciate the **comprehensive all-in-one platform** of OneTrust Privacy Automation, streamlining privacy workflows and regulatory compliance.
- Users appreciate the **comprehensive automation** of OneTrust Privacy Automation, streamlining privacy tasks and enhancing compliance efficiency.
- Users value the **centralized automation of privacy workflows** , enhancing compliance efficiency and proactive management of privacy tasks.
- Users appreciate the **comprehensive all-in-one platform** of OneTrust Privacy Automation for its efficiency and regulatory intelligence.

**Cons:**

- Users find the **complexity and steep learning curve** of OneTrust Privacy Automation to be challenging and time-consuming.
- Users find the **complexity issues** of OneTrust Privacy Automation challenging, requiring extensive training and configuration time.
- Users find the **complexity of configuration** and steep learning curve challenging, particularly for those without IT skills.
- Users find the **feature limitations** of OneTrust Privacy Automation hinder effective reporting and data migration processes.
- Users find the **learning difficulty** of OneTrust Privacy Automation discouraging, requiring extensive training and time for setup.

#### What Are Recent G2 Reviews of OneTrust Privacy Automation?

**"[Easy-to-Use Compliance Tool That Integrates Seamlessly](https://www.g2.com/survey_responses/onetrust-privacy-automation-review-12589467)"**

**Rating:** 5.0/5.0 stars
*— Ryan H.*

[Read full review](https://www.g2.com/survey_responses/onetrust-privacy-automation-review-12589467)

---

**"[Intuitive UI and Smooth Onboarding for Workflows and Integrations](https://www.g2.com/survey_responses/onetrust-privacy-automation-review-12641842)"**

**Rating:** 4.5/5.0 stars
*— Mark B.*

[Read full review](https://www.g2.com/survey_responses/onetrust-privacy-automation-review-12641842)

---



### 13. [Bitsight](https://www.g2.com/products/bitsight/reviews)
Bitsight is the global leader in cyber risk intelligence, leveraging advanced AI to empower organizations with precise insights derived from the industry’s most extensive external cybersecurity dataset. With more than 3,500 customers and over 68,000 organizations active on its platform, Bitsight delivers real-time visibility into cyber risk and threat exposure, enabling teams to rapidly identify vulnerabilities, detect emerging threats, prioritize remediation, and mitigate risks across their extended attack surface. Bitsight proactively uncovers security gaps across infrastructure, cloud environments, digital identities, and third- and fourth-party ecosystems. From security operations and governance teams to executive boardrooms, Bitsight provides the unified intelligence backbone required to confidently manage cyber risk and address exposures before they impact performance.


**Average Rating:** 4.5/5.0
**Total Reviews:** 76
**How Do G2 Users Rate Bitsight?**

- **Ease of Admin:** 8.8/10 (Category avg: 9.0/10)
- **Risk Scoring:** 8.7/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 7.6/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 7.7/10 (Category avg: 7.9/10)

**Who Is the Company Behind Bitsight?**

- **Seller:** [Bitsight](https://www.g2.com/sellers/bitsight)
- **Company Website:** https://www.bitsight.com/
- **Year Founded:** 2011
- **HQ Location:** Boston, MA
- **Twitter:** @BitSight (4,503 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/bitsight/ (741 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Hospital &amp; Health Care
- **Company Size:** 71% Enterprise, 24% Mid-Market


#### What Are Bitsight's Pros and Cons?

**Pros:**

- Security (15 reviews)
- Risk Management (14 reviews)
- Ease of Use (13 reviews)
- Features (11 reviews)
- Customer Support (10 reviews)

**Cons:**

- Lack of Clarity (5 reviews)
- Missing Features (5 reviews)
- Poor Customer Support (4 reviews)
- Poor Notifications (4 reviews)
- Slow Loading (4 reviews)


### What Do G2 Reviewers Say About Bitsight?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **easy-to-understand security rating** from Bitsight for quick assessments and benchmarking.
- Users value the **detailed risk scanning** capabilities of BitSight, enabling effective vendor and partner evaluations.
- Users value the **ease of use** of BitSight, finding the interface intuitive and implementation fast for effective security management.
- Users value the **rich insights** provided by Bitsight, enhancing risk management through comprehensive reporting and collaboration.
- Users appreciate the **responsive customer support** from Bitsight, enhancing their overall experience and satisfaction.

**Cons:**

- Users find a **lack of clarity** in BitSight&#39;s scoring, leading to confusion and trust issues with the findings.
- Users find **missing features** like limited questionnaire options and absence of a mobile app frustrating in Bitsight.
- Users face **poor customer support** with BitSight, citing inadequate documentation and unhelpful responses from support teams.
- Users face issues with **poor notifications** , including delayed alerts and reliance on outdated breach information.
- Users find that Bitsight has **slow loading times** , which can hinder their overall experience and efficiency.

#### What Are Recent G2 Reviews of Bitsight?

**"[Effortless Cyber Risk Scoring for Proactive Security](https://www.g2.com/survey_responses/bitsight-review-12098656)"**

**Rating:** 4.0/5.0 stars
*— Matthew P.*

[Read full review](https://www.g2.com/survey_responses/bitsight-review-12098656)

---

**"[Finds Public-Facing Security Flaws and Clearly Shows How to Fix Them](https://www.g2.com/survey_responses/bitsight-review-12760320)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Computer Software*

[Read full review](https://www.g2.com/survey_responses/bitsight-review-12760320)

---


#### What Are G2 Users Discussing About Bitsight?

- [What does Bitsight Security Ratings do?](https://www.g2.com/discussions/what-does-bitsight-security-ratings-do)
- [How is BitSight calculated?](https://www.g2.com/discussions/how-is-bitsight-calculated)
- [What is a BitSight security rating?](https://www.g2.com/discussions/what-is-a-bitsight-security-rating)

### 14. [Scytale](https://www.g2.com/products/scytale-g2/reviews)
Scytale is the only AI GRC platform and human experts that drive real compliance outcomes - from getting compliant to staying compliant, and building trust across every framework. Trusted by 1,000+ companies worldwide, Scytale replaces fragmented testing with continuous control visibility, automating evidence, control cross-mapping, and risk management across 80+ security, privacy, and AI frameworks, including SOC 2, ISO 27001, GDPR, SOX ITGC, ISO 42001, and many more. Scytale is a full-scope trust and compliance platform with everything you need to run your GRC program in one central hub, including: an agentic GRC network, a Trust Center, AI-integrated offensive security and expert GRC services.


**Average Rating:** 4.8/5.0
**Total Reviews:** 680
**How Do G2 Users Rate Scytale?**

- **Ease of Admin:** 9.2/10 (Category avg: 9.0/10)
- **Risk Scoring:** 9.1/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 8.9/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 8.0/10 (Category avg: 7.9/10)

**Who Is the Company Behind Scytale?**

- **Seller:** [Scytale AI](https://www.g2.com/sellers/scytale-ai)
- **Company Website:** https://scytale.ai/
- **Year Founded:** 2021
- **HQ Location:** New York, US
- **Twitter:** @scytale_ai (76 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/scytale-ai/ (165 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CTO, CEO
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 73% Small-Business, 21% Mid-Market


#### What Are Scytale's Pros and Cons?

**Pros:**

- Helpful (146 reviews)
- Ease of Use (131 reviews)
- Compliance (87 reviews)
- Customer Support (85 reviews)
- Team Helpfulness (74 reviews)

**Cons:**

- Integration Issues (43 reviews)
- Limited Integrations (32 reviews)
- Evidence Collection (21 reviews)
- UX Improvement (19 reviews)
- Missing Features (18 reviews)


### What Do G2 Reviewers Say About Scytale?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **exceptional support** from Scytale, which simplifies compliance and enhances the overall experience significantly.
- Users appreciate the **ease of use** of Scytale, which simplifies the compliance process significantly and saves time.
- Users appreciate the **ease of use and central access** in Scytale, simplifying SOC compliance management effectively.
- Users praise Scytale for its **exceptional customer support** , noting the team&#39;s proactive and knowledgeable assistance throughout the compliance process.
- Users value the **exceptional support team** at Scytale, highlighting their dedication and assistance throughout the process.

**Cons:**

- Users experience **integration issues** with Scytale, facing complications and frustrations during the setup process.
- Users find the **limited integrations** of Scytale insufficient for flexibility and can complicate essential processes.
- Users express frustration with **limited configuration options** for evidence collection, leading to complications and inaccuracies.
- Users note that while **UX improvement is needed** in some areas, Scytale remains a highly usable platform.
- Users highlight the **missing features** in Scytale, limiting its effectiveness for comprehensive GRC practices and integrations.

#### What Are Recent G2 Reviews of Scytale?

**"[Accelerate time to market with feature-rich platform with outstanding, responsive support](https://www.g2.com/survey_responses/scytale-review-12943061)"**

**Rating:** 4.0/5.0 stars
*— Freek H.*

[Read full review](https://www.g2.com/survey_responses/scytale-review-12943061)

---

**"[Scytale Streamlined Our Compliance with Hands-On Implementation Support](https://www.g2.com/survey_responses/scytale-review-12911305)"**

**Rating:** 5.0/5.0 stars
*— Roy P.*

[Read full review](https://www.g2.com/survey_responses/scytale-review-12911305)

---



### 15. [Securiti](https://www.g2.com/products/securiti/reviews)
Securiti is the pioneer of the DataAI Command Center, a centralized platform that enables the safe use of data and GenAI. It provides unified data intelligence, controls and orchestration across hybrid multicloud environments. Large global enterprises rely on Securiti&#39;s Data Command Center for data security, privacy, governance, and compliance. Securiti has been recognized with numerous industry and analyst awards, including &quot;Most Innovative Startup&quot; by RSA, &quot;Top 25 Machine Learning Startups&quot; by Forbes, &quot;Most Innovative AI Companies&#39;&#39; by CB Insights, &quot;Cool Vendor in Data Security&quot; by Gartner, and &quot;Privacy Management Wave Leader&#39;&#39; by Forrester. For more information, please follow us on LinkedIn and visit Securiti.ai.


**Average Rating:** 4.7/5.0
**Total Reviews:** 88
**How Do G2 Users Rate Securiti?**

- **Ease of Admin:** 8.9/10 (Category avg: 9.0/10)
- **Risk Scoring:** 9.8/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 9.2/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 9.8/10 (Category avg: 7.9/10)

**Who Is the Company Behind Securiti?**

- **Seller:** [Veeam](https://www.g2.com/sellers/veeam)
- **Company Website:** https://www.veeam.com
- **Year Founded:** 2006
- **HQ Location:** Kirkland, WA
- **Twitter:** @veeam (51,541 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/veeam-software/ (7,174 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Banking
- **Company Size:** 64% Enterprise, 15% Mid-Market


#### What Are Securiti's Pros and Cons?

**Pros:**

- Ease of Use (38 reviews)
- Customer Support (26 reviews)
- Features (21 reviews)
- Helpful (20 reviews)
- Problem Solving (20 reviews)

**Cons:**

- Complexity (11 reviews)
- Learning Curve (10 reviews)
- Implementation Issues (9 reviews)
- Complexity Issues (8 reviews)
- Learning Difficulty (8 reviews)


### What Do G2 Reviewers Say About Securiti?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** with Securiti, appreciating its straightforward setup and intuitive interface.
- Users commend the **excellent customer support** of Securiti, highlighting professionalism and responsiveness from the account managers.
- Users appreciate the **user-friendly interface and comprehensive features** of Securiti, enabling seamless integration for privacy management.
- Users value the **responsive and helpful customer-focused team** , enhancing collaboration and efficiency across multiple markets.
- Users highlight the **robust automation** in Securiti, simplifying privacy tasks and ensuring compliance with ease.

**Cons:**

- Users find the **complexity** of Securiti can make setup and navigation challenging, requiring significant expertise and training.
- Users face a **steep learning curve** with Securiti, requiring thorough training to harness its complex features effectively.
- Users find **implementation issues** with Securiti, requiring extensive time and expertise for successful integration across systems.
- Users find the **complexity issues** of Securiti challenging, particularly in configuring rules and implementing workflows.
- Users find the **steep learning curve** of Securiti challenging, making it hard to build and modify workflows independently.

#### What Are Recent G2 Reviews of Securiti?

**"[Innovative Unified Platform for Secure, Responsible AI and Data Governance](https://www.g2.com/survey_responses/securiti-review-13108938)"**

**Rating:** 4.5/5.0 stars
*— Verified User in Computer &amp; Network Security*

[Read full review](https://www.g2.com/survey_responses/securiti-review-13108938)

---

**"[Accurate Multicloud Data Discovery That Makes GDPR Compliance Easier](https://www.g2.com/survey_responses/securiti-review-13103173)"**

**Rating:** 4.5/5.0 stars
*— Adham A.*

[Read full review](https://www.g2.com/survey_responses/securiti-review-13103173)

---


#### What Are G2 Users Discussing About Securiti?

- [What are the examples of security software?](https://www.g2.com/discussions/what-are-the-examples-of-security-software)
- [What security features mean?](https://www.g2.com/discussions/what-security-features-mean)
- [What does a security software do?](https://www.g2.com/discussions/what-does-a-security-software-do)
- [What are examples of security features?](https://www.g2.com/discussions/what-are-examples-of-security-features)

### 16. [Whistic](https://www.g2.com/products/whistic/reviews)
Whistic is the fastest and most efficient way to exchange, evaluate, and manage security information — whether you’re assessing third-party vendors or responding to customer questionnaires. Designed for today’s fast-moving security and compliance teams, Whistic helps organizations build trust faster, reduce manual work, and move at the speed of business. Unlike other TPRM solutions that focus on just one side of the process, Whistic bridges both. Our platform combines AI-powered automation with the Trust Center Exchange™, a dynamic network where companies proactively publish and share their security posture. This eliminates repetitive back-and-forth communication, accelerates due diligence, and ensures transparency across the entire vendor ecosystem. With Whistic Assessment AI, teams can automate up to 90% of manual tasks, cut assessment time from weeks to minutes, and refocus valuable resources on high-impact security initiatives — all without increasing headcount. The result is a modern, scalable Third-Party Risk Management (TPRM) program that strengthens trust, enhances visibility, and transforms risk management from a roadblock into a competitive advantage.


**Average Rating:** 4.5/5.0
**Total Reviews:** 53
**How Do G2 Users Rate Whistic?**

- **Ease of Admin:** 9.1/10 (Category avg: 9.0/10)
- **Risk Scoring:** 8.6/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 8.9/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 7.6/10 (Category avg: 7.9/10)

**Who Is the Company Behind Whistic?**

- **Seller:** [Whistic](https://www.g2.com/sellers/whistic)
- **Company Website:** https://www.whistic.com
- **Year Founded:** 2015
- **HQ Location:** Pleasant Grove, Utah
- **Twitter:** @Whistic_Inc (1,210 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/6611250/ (48 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 47% Mid-Market, 34% Enterprise


#### What Are Whistic's Pros and Cons?

**Pros:**

- Ease of Use (6 reviews)
- Vendor Management (6 reviews)
- Customer Support (4 reviews)
- Documentation (4 reviews)
- Efficiency (4 reviews)

**Cons:**

- Non-Intuitive Features (4 reviews)
- Improvement Needed (3 reviews)
- Not Intuitive (3 reviews)
- UX Improvement (3 reviews)
- Inefficient Risk Management (2 reviews)


### What Do G2 Reviewers Say About Whistic?
*AI-generated summary from verified user reviews*

**Pros:**

- Users praise the **ease of use** of Whistic, finding it helpful for managing and evaluating vendors swiftly.
- Users appreciate the **efficient vendor management** features of Whistic, enhancing collaboration and saving time in evaluations.
- Users appreciate the **top-tier customer support** from Whistic, noting their personable and efficient service in resolving issues.
- Users value the **thorough documentation** provided by Whistic, simplifying interactions with vendors and customers effectively.
- Users value the **efficiency** of Whistic, enabling faster risk assessments and streamlined vendor management processes.

**Cons:**

- Users find Whistic&#39;s **non-intuitive features** and confusing UI negatively impact their overall experience and efficiency.
- Users feel that Whistic needs **improvement in user-friendliness and organization** to enhance overall experience and ease of use.
- Users find Whistic&#39;s interface **not intuitive** , leading to confusion and a challenging learning curve for effective usage.
- Users feel the **UI/UX needs improvement** , finding it unintuitive and challenging to navigate effectively.
- Users find the **inefficient risk management** process in Whistic cumbersome, leading to manual errors and limited analysis capabilities.

#### What Are Recent G2 Reviews of Whistic?

**"[Simple Overview of Supplier Documentation](https://www.g2.com/survey_responses/whistic-review-12291639)"**

**Rating:** 4.5/5.0 stars
*— Kino V.*

[Read full review](https://www.g2.com/survey_responses/whistic-review-12291639)

---

**"[Streamlined Vendor Assessments with Time-Saving Features](https://www.g2.com/survey_responses/whistic-review-12966187)"**

**Rating:** 4.0/5.0 stars
*— Korey K.*

[Read full review](https://www.g2.com/survey_responses/whistic-review-12966187)

---


#### What Are G2 Users Discussing About Whistic?

- [What does Whistic do?](https://www.g2.com/discussions/what-does-whistic-do)
- [How much does Whistic cost?](https://www.g2.com/discussions/how-much-does-whistic-cost)
- [How does risk recon work?](https://www.g2.com/discussions/how-does-risk-recon-work)
- [Who owns Whistic?](https://www.g2.com/discussions/who-owns-whistic)

### 17. [Loopio](https://www.g2.com/products/loopio/reviews)
Loopio is a response management software designed to assist enterprise businesses in streamlining their response processes for Requests for Proposals (RFPs), Requests for Information (RFIs), Security Questionnaires, and other similar documents. This innovative solution leverages advanced machine learning technology, specifically its proprietary Response Intelligence™, to enhance the efficiency and effectiveness of the response process. By providing actionable insights and recommendations, Loopio enables users to work smarter, ultimately leading to the creation of more compelling proposals. Loopio caters to a diverse range of industries, including technology, finance, healthcare, and professional services. With Loopio, users can significantly reduce the time and effort spent on crafting responses, allowing them to focus on strategic initiatives and other critical business activities. Key features of Loopio include its intuitive user interface, a comprehensive content library, and robust collaboration tools. The content library allows users to store and organize previously used responses, making it easy to retrieve and adapt them for new proposals. Collaboration tools enable team members to work together seamlessly, ensuring that all stakeholders can contribute their expertise and insights. Additionally, the software&#39;s analytics capabilities provide valuable metrics on response performance, helping teams identify areas for improvement and optimize their approach over time. The benefits of using Loopio extend beyond mere time savings. Organizations that implement this software often experience a significant increase in the number of RFP responses completed, with some reporting up to a 51% improvement. Furthermore, users can save up to 42% in time spent on the response process, allowing them to allocate resources more effectively. Most notably, businesses leveraging Loopio have reported an 85% increase in their success rate for winning new business, underscoring the software&#39;s impact on overall performance and competitiveness in the market. With over 1,700 companies relying on Loopio to enhance their response capabilities, the software has established itself as a trusted solution in the realm of response management. By combining advanced technology with user-friendly features, Loopio empowers organizations to respond faster, improve the quality of their submissions, and ultimately secure more business opportunities.


**Average Rating:** 4.6/5.0
**Total Reviews:** 803
**How Do G2 Users Rate Loopio?**

- **Ease of Admin:** 9.1/10 (Category avg: 9.0/10)
- **Risk Scoring:** 7.7/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 8.8/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 7.3/10 (Category avg: 7.9/10)

**Who Is the Company Behind Loopio?**

- **Seller:** [Loopio Inc.](https://www.g2.com/sellers/loopio-inc)
- **Company Website:** https://www.loopio.com
- **Year Founded:** 2014
- **HQ Location:** Toronto
- **Twitter:** @loopioinc (1,664 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/5020707/ (301 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Proposal Manager, Bid Manager
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 51% Mid-Market, 34% Enterprise


#### What Are Loopio's Pros and Cons?

**Pros:**

- Ease of Use (235 reviews)
- Efficiency (146 reviews)
- Time-saving (143 reviews)
- Features (121 reviews)
- Intuitive (112 reviews)

**Cons:**

- Missing Features (48 reviews)
- Limitations (41 reviews)
- Formatting Issues (39 reviews)
- Export Issues (35 reviews)
- Limited Features (35 reviews)


### What Do G2 Reviewers Say About Loopio?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use** of Loopio, which simplifies RFP responses and enhances team collaboration effortlessly.
- Users value Loopio&#39;s **efficiency** due to its user-friendly search and seamless setup for managing proposals effectively.
- Users value Loopio for its **time-saving features** , enabling quick access to information and efficient proposal management.
- Users value Loopio&#39;s **user-friendly search engine** and efficient collaboration features, enhancing proposal management and team communication.
- Users find Loopio&#39;s **intuitive design** and user-friendly search engine greatly enhance their efficiency and collaboration.

**Cons:**

- Users point out the **missing features** in Loopio, particularly with Word mapping and translation options.
- Users face **search limitations** and challenges with importing responses, affecting the overall efficiency of Loopio.
- Users struggle with **formatting issues** in Loopio, particularly when exporting projects and accessing completed questions.
- Users find the **export issues** in Loopio frustrating, citing clunky processes and a need for enhanced functionality.
- Users find Loopio&#39;s **limited features** hinder usability, particularly in proposal building and managing content libraries effectively.

#### What Are Recent G2 Reviews of Loopio?

**"[Intuitive, User-Friendly Interface with Strong Collaboration](https://www.g2.com/survey_responses/loopio-review-13115393)"**

**Rating:** 4.0/5.0 stars
*— Verified User in Information Technology and Services*

[Read full review](https://www.g2.com/survey_responses/loopio-review-13115393)

---

**"[Streamlines RFP Responses with Ease](https://www.g2.com/survey_responses/loopio-review-11972599)"**

**Rating:** 4.0/5.0 stars
*— madeleine h.*

[Read full review](https://www.g2.com/survey_responses/loopio-review-11972599)

---


#### What Are G2 Users Discussing About Loopio?

- [What is Loopio used for?](https://www.g2.com/discussions/what-is-loopio-used-for) - 1 comment
- [What is Avnio RFx used for?](https://www.g2.com/discussions/what-is-avnio-rfx-used-for)
- [What is Avnio Tables used for?](https://www.g2.com/discussions/what-is-avnio-tables-used-for)

### 18. [Apptega](https://www.g2.com/products/apptega/reviews)
Tired of spreadsheets that don’t scale and require too much manual effort? Hampered by overly complex IT GRC systems that have you working for them? Apptega is the cybersecurity and compliance management platform that makes it easy to assess, build, manage, and report your cybersecurity and compliance program. Organizations in all industries and MSSPs rely on Apptega to meet the challenges of cybersecurity and compliance more efficiently and cost-effectively than with any other approach. Featuring 25+ frameworks, including SOC 2, NIST, CMMC, ISO, CIS, PCI, GDPR, HIPAA and more, and manage your program with: - Multi-Tenant - Assessments - Compliance Scoring - Risk Management - Vendor Risk Management - Audit Management - Reporting - Integrations


**Average Rating:** 4.7/5.0
**Total Reviews:** 153
**How Do G2 Users Rate Apptega?**

- **Ease of Admin:** 9.3/10 (Category avg: 9.0/10)
- **Risk Scoring:** 9.3/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 9.1/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 7.6/10 (Category avg: 7.9/10)

**Who Is the Company Behind Apptega?**

- **Seller:** [Apptega](https://www.g2.com/sellers/apptega)
- **Company Website:** https://www.apptega.com
- **HQ Location:** Atlanta Junction, Georgia, United States
- **Twitter:** @apptega (288 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/19418228/ (55 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Chief Information Security Officer
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 42% Mid-Market, 41% Small-Business


#### What Are Apptega's Pros and Cons?

**Pros:**

- Ease of Use (38 reviews)
- Compliance Management (30 reviews)
- Compliance (29 reviews)
- Features (22 reviews)
- Security (22 reviews)

**Cons:**

- Improvements Needed (12 reviews)
- Limited Functionality (11 reviews)
- Missing Features (8 reviews)
- Limitations (7 reviews)
- Limited Customization (7 reviews)


### What Do G2 Reviewers Say About Apptega?
*AI-generated summary from verified user reviews*

**Pros:**

- Users laud the **ease of use** of Apptega, appreciating its streamlined, all-in-one compliance management platform.
- Users value the **efficient compliance management** offered by Apptega, aiding in organization and task optimization.
- Users benefit from Apptega’s **streamlined compliance management** , enhancing efficiency and clarity in cybersecurity efforts.
- Users value Apptega&#39;s **streamlined management** of cybersecurity and compliance, enhancing visibility and collaboration across teams.
- Users appreciate the **security automation** of Apptega, which simplifies compliance efforts and reduces manual workload significantly.

**Cons:**

- Users note several **improvements needed** in functionalities, reporting, support response time, and feature delivery in Apptega.
- Users find the **limited functionality** of Apptega restricts options for specific frameworks and standards needed.
- Users often experience **missing features** and delays in new requests, impacting overall satisfaction with Apptega.
- Users note **limited functionality** in Apptega, particularly in integration and reporting features, impacting overall usability.
- Users feel that Apptega has **limited customization options** , which may not meet all organizational needs effectively.

#### What Are Recent G2 Reviews of Apptega?

**"[Streamlined Compliance and Cybersecurity Made Effortless with Apptega](https://www.g2.com/survey_responses/apptega-review-12166378)"**

**Rating:** 5.0/5.0 stars
*— Katie J.*

[Read full review](https://www.g2.com/survey_responses/apptega-review-12166378)

---

**"[Clear Security Framework Control Breakdown](https://www.g2.com/survey_responses/apptega-review-12488443)"**

**Rating:** 4.0/5.0 stars
*— Kyle I.*

[Read full review](https://www.g2.com/survey_responses/apptega-review-12488443)

---


#### What Are G2 Users Discussing About Apptega?

- [What is Apptega used for?](https://www.g2.com/discussions/what-is-apptega-used-for)

### 19. [Copla](https://www.g2.com/products/copla/reviews)
Copla offers an advanced cybersecurity compliance platform for financial institutions, focusing on DORA while also supporting a range of other industry frameworks. Our platform simplifies compliance with predefined and customizable workflows that eliminate manual tasks. Employees are engaged in real-time compliance checks and evidence gathering via our chatbot Copla Stream, reducing bottlenecks and streamlining the process. Compliance evidence is automatically stored in a central location, making audits faster and always regulator-ready. Features like data extraction, risk assessment, vulnerability scanning, penetration testing, and continuous monitoring ensure businesses stay secure and compliant. We also provide business continuity planning and awareness training to strengthen security posture. Copla includes fractional CISO services, offering expert guidance and strategic leadership to help organizations navigate complex compliance and risk management challenges. With fully guided DORA implementation, compliance analysis, and robust risk management workflows, our platform empowers financial institutions to reduce compliance workloads by up to 80% and save over 60K EUR, ensuring efficient and secure operations.


**Average Rating:** 4.9/5.0
**Total Reviews:** 97
**How Do G2 Users Rate Copla?**

- **Ease of Admin:** 9.3/10 (Category avg: 9.0/10)
- **Risk Scoring:** 9.4/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 9.4/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 9.6/10 (Category avg: 7.9/10)

**Who Is the Company Behind Copla?**

- **Seller:** [Copla](https://www.g2.com/sellers/copla)
- **Company Website:** https://www.copla.com
- **Year Founded:** 2023
- **HQ Location:** N/A
- **LinkedIn® Page:** https://www.linkedin.com/company/cyber-upgrade/ (45 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Financial Services, Information Technology and Services
- **Company Size:** 69% Small-Business, 37% Mid-Market


#### What Are Copla's Pros and Cons?

**Pros:**

- Compliance (42 reviews)
- Ease of Use (42 reviews)
- Time-saving (30 reviews)
- Auditing (29 reviews)
- Evidence Collection (27 reviews)

**Cons:**

- Difficult Setup (12 reviews)
- Integration Issues (11 reviews)
- Complex Setup (9 reviews)
- UX Improvement (9 reviews)
- Learning Curve (8 reviews)


### What Do G2 Reviewers Say About Copla?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **streamlined compliance process** of Copla, making regulatory obligations manageable and less stressful.
- Users appreciate the **ease of use** of Copla, significantly reducing compliance workload and simplifying regulatory tasks.
- Users appreciate the **time-saving automated workflows** of Copla, streamlining compliance efforts efficiently on one platform.
- Users value the **streamlined auditing process** of Copla, making compliance management straightforward and stress-free.
- Users appreciate the **automated evidence collection** features of Copla, simplifying compliance and making audits stress-free.

**Cons:**

- Users find the **difficult setup** requires significant time for adjustments, which can be frustrating before realizing the platform&#39;s value.
- Users find the **integration issues** with third-party services challenging, requiring additional support for setup.
- Users find the **complex setup** process time-consuming, needing significant effort for initial configurations and adjustments.
- Users note that while there are improvements, the **UX could still be enhanced** for better navigation and clarity.
- Users experience a **learning curve** with Copla as the initial setup and feature acclimation take time.

#### What Are Recent G2 Reviews of Copla?

**"[All Compliance Information in One Place for Clearer Reporting](https://www.g2.com/survey_responses/copla-review-13058605)"**

**Rating:** 5.0/5.0 stars
*— Sofia T.*

[Read full review](https://www.g2.com/survey_responses/copla-review-13058605)

---

**"[Copla Unified Our Compliance: One Source of Truth for Risks, Controls, and Evidence](https://www.g2.com/survey_responses/copla-review-13070875)"**

**Rating:** 5.0/5.0 stars
*— Quinn R.*

[Read full review](https://www.g2.com/survey_responses/copla-review-13070875)

---



### 20. [SecurityScorecard](https://www.g2.com/products/securityscorecard/reviews)
Stopping sophisticated cyberattacks requires visibility beyond your organization. Security teams need a complete understanding of their attack surface and business ecosystem risk—including partners, contractors, third- and fourth-party vendors, and supply chains. As the industry leader in security ratings, SecurityScorecard provides actionable insights for over 12 million organizations so you can quantify trustworthiness, quickly respond to cyber risks, and strengthen cyber defenses. SecurityScorecard is a security ratings, response, and resilience company. As the industry leader in security ratings, we provide actionable insights so you can make fast, informed decisions that improve your defenses. SecurityScorecard offers the world’s most comprehensive platform for quantifying and reducing risk, so you can instantly know whether an organization deserves your trust and show others that you deserve theirs. With SecurityScorecard, you can quantify trustworthiness and instantly know the cyber risk of any company worldwide, including your business, competitors, vendors, and downstream suppliers. You can strengthen cyber defenses by accessing a stream of risk intelligence that pinpoints vulnerabilities, prioritizes next steps, and clarifies remediation plans. And you can verify vendor readiness by identifying cyber-risks posed by vendors and sub-tier suppliers throughout your ecosystem– and take action to ensure their problems don’t become your problems. What we offer: Supply Chain Cyber Risk: Your supply chain consists of your third and fourth parties as well as Nth parties that are all connected to your business. Vulnerabilities and threats in your supply chain can pose risks to your business operations. With SecurityScorecard, you can significantly reduce or eliminate the risk of compromise from a vendor or business partner. Offerings include: Third-Party Cyber Risk Management, Automatic Vendor Detection, Supply Chain Risk Intelligence, and Security Questionnaires. Threat Landscape: Go outside the wire to identify threats facing your organization and your supply chain. Leverage terabytes of data and AI-driven analytics to identify the threats that put your business at risk. Offerings include: Attack Surface Intelligence, Intelligence Feeds, and Vulnerability Intelligence. Security and Risk Operations: SecurityScorecard enables companies to see what a hacker sees across their own external attack surface so they can identify threats and take action before the bad guys have a chance to exploit critical vulnerabilities. Offerings include: External Attack Surface Management and Cyber Risk Quantification. Services: A focus on expert-led continuous improvement, actionable insights, and tailored strategies positions SecurityScorecard as a trusted partner in achieving and maintaining a robust cybersecurity posture. Offerings include: Digital Forensics &amp; Incident Response, Advisory Services, Penetration Testing, Red Team, and Tabletop Exercises. MAX: SecurityScorecard MAX is a technology-enabled supply chain cyber risk managed service. Organizations leverage SecurityScorecard&#39;s technology, expertise, and partner ecosystem to minimize supply chain risk and gain tangible business outcomes.


**Average Rating:** 4.3/5.0
**Total Reviews:** 87
**How Do G2 Users Rate SecurityScorecard?**

- **Ease of Admin:** 8.7/10 (Category avg: 9.0/10)
- **Risk Scoring:** 8.6/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 7.7/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 7.7/10 (Category avg: 7.9/10)

**Who Is the Company Behind SecurityScorecard?**

- **Seller:** [SecurityScorecard](https://www.g2.com/sellers/securityscorecard)
- **Company Website:** https://securityscorecard.com
- **Year Founded:** 2013
- **HQ Location:** New York, New York
- **Twitter:** @security_score (8,115 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/5054644/ (616 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services, Computer &amp; Network Security
- **Company Size:** 47% Enterprise, 36% Mid-Market


#### What Are SecurityScorecard's Pros and Cons?

**Pros:**

- Security (24 reviews)
- Ease of Use (17 reviews)
- Insights (10 reviews)
- Customer Support (9 reviews)
- Intuitive (8 reviews)

**Cons:**

- Lack of Clarity (4 reviews)
- Limited Reporting (4 reviews)
- Scoring Issues (4 reviews)
- Improvement Needed (3 reviews)
- Inefficient Risk Management (3 reviews)


### What Do G2 Reviewers Say About SecurityScorecard?
*AI-generated summary from verified user reviews*

**Pros:**

- Users value the **ease of use and depth** of SecurityScorecard for enhancing public security posture effectively.
- Users value the **ease of use** in SecurityScorecard, appreciating its intuitive interface and insightful dashboards.
- Users value the **insightful interface and likelihood reports** of SecurityScorecard, aiding in proactive customer protection against attacks.
- Users commend the **unmatchable customer service** of SecurityScorecard, addressing concerns promptly and efficiently.
- Users find SecurityScorecard **intuitive and easy to use** , enhancing their ability to monitor security effectively.

**Cons:**

- Users experience a **lack of clarity** in score changes, making it difficult to understand risk assessments.
- Users find the **reporting capabilities limited** , lacking flexibility for customized executive presentations and audits.
- Users face **scoring issues** with varying scores and false positives that complicate their assessment and prioritization.
- Users highlight the need for **improvement in automated reporting** due to false positives affecting vendor validation.
- Users are concerned about **inefficient risk management** due to false positives and subjective scoring criteria from SecurityScorecard.

#### What Are Recent G2 Reviews of SecurityScorecard?

**"[Essential for Third-Party Risk Management](https://www.g2.com/survey_responses/securityscorecard-review-11546891)"**

**Rating:** 5.0/5.0 stars
*— Tim U.*

[Read full review](https://www.g2.com/survey_responses/securityscorecard-review-11546891)

---

**"[External Vulnerability Management External Attack Surface](https://www.g2.com/survey_responses/securityscorecard-review-11547186)"**

**Rating:** 5.0/5.0 stars
*— Chris L.*

[Read full review](https://www.g2.com/survey_responses/securityscorecard-review-11547186)

---


#### What Are G2 Users Discussing About SecurityScorecard?

- [What is SecurityScorecard used for?](https://www.g2.com/discussions/what-is-securityscorecard-used-for) - 1 comment
- [How much does BitSight cost?](https://www.g2.com/discussions/how-much-does-bitsight-cost) - 1 comment
- [What is IBM Watson used for?](https://www.g2.com/discussions/what-is-ibm-watson-used-for)
- [Why SecurityScorecard?](https://www.g2.com/discussions/why-securityscorecard) - 1 comment
- [What is SecurityScorecard?](https://www.g2.com/discussions/what-is-securityscorecard)

### 21. [Conveyor](https://www.g2.com/products/conveyor-conveyor/reviews)
Conveyor is the market-leading AI security review automation platform that helps infosec &amp; presales teams automate the entire security review -- from security questionnaire completion and sharing security documentation like a SOC 2 in one-click. With AI so accurate, you can even pass most of your security review workflows to our new AI Agent for Customer Trust. Why teams love Conveyor: 1. The only trust center to offer an upload questionnaire for instant answers experience along with all the bells &amp; whistles to share security documentation at scale 2. Plus, AI-questionnaire response to auto-generate 95%+ accurate answers to entire questionnaires so you can speed through review.


**Average Rating:** 4.6/5.0
**Total Reviews:** 150
**How Do G2 Users Rate Conveyor?**

- **Ease of Admin:** 9.2/10 (Category avg: 9.0/10)
- **Risk Scoring:** 7.5/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 8.0/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 7.5/10 (Category avg: 7.9/10)

**Who Is the Company Behind Conveyor?**

- **Seller:** [Conveyor](https://www.g2.com/sellers/conveyor-5e432251-cc59-40a2-a9dd-cff110558d40)
- **Company Website:** https://www.conveyor.com
- **Year Founded:** 2021
- **HQ Location:** San Francisco, US
- **Twitter:** @conveyor (379 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/conveyorhq (64 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** Account Executive
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 59% Mid-Market, 27% Enterprise


#### What Are Conveyor's Pros and Cons?

**Pros:**

- Ease of Use (46 reviews)
- Efficiency (34 reviews)
- Time-saving (30 reviews)
- Intuitive (23 reviews)
- Artificial Intelligence (17 reviews)

**Cons:**

- Missing Features (9 reviews)
- Inaccurate Responses (6 reviews)
- Poor Interface Design (6 reviews)
- Lack of Clarity (5 reviews)
- Limited Customization (5 reviews)


### What Do G2 Reviewers Say About Conveyor?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Conveyor remarkably **easy to use** , with intuitive navigation and effective document management capabilities.
- Users value Conveyor for its **efficiency in automating security questionnaires** , significantly improving workflows and reducing manual effort.
- Users value the **time-saving features** of Conveyor, enabling efficient compliance management and streamlined workflows.
- Users highly value Conveyor for its **intuitive automation** that simplifies security questionnaires and enhances workflow communication.
- Users value the **ease of maintaining documentation** and the extensive AI capabilities of Conveyor for compliance management.

**Cons:**

- Users feel the **missing features** in Conveyor, particularly the lack of bulk downloads and unclear Trust Center direction.
- Users find the **inaccurate responses** from Conveyor inconsistent, although customer support remains excellent throughout.
- Users find the **poor interface design** of Conveyor challenging, which complicates navigation and usability.
- Users find the **lack of clarity** in Conveyor&#39;s functionality and roadmap leaves them feeling uncertain and lost.
- Users find the **limited customization** of the Conveyor tool restricts its effectiveness for specific needs and workflows.

#### What Are Recent G2 Reviews of Conveyor?

**"[Conveyor Streamlines Security Questionnaires, But Needs Google Doc Support](https://www.g2.com/survey_responses/conveyor-review-11874357)"**

**Rating:** 4.0/5.0 stars
*— Abe P.*

[Read full review](https://www.g2.com/survey_responses/conveyor-review-11874357)

---

**"[Streamlined Security Reviews with Minor Customization Gaps](https://www.g2.com/survey_responses/conveyor-review-11882453)"**

**Rating:** 4.0/5.0 stars
*— Gregorio P.*

[Read full review](https://www.g2.com/survey_responses/conveyor-review-11882453)

---



### 22. [LAMP](https://www.g2.com/products/lamp/reviews)
LAMP is our industry-leading cloud-based platform and your point of convergence for all activities surrounding technology information management.


**Average Rating:** 4.7/5.0
**Total Reviews:** 13
**How Do G2 Users Rate LAMP?**

- **Ease of Admin:** 8.1/10 (Category avg: 9.0/10)
- **Risk Scoring:** 7.9/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 7.2/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 7.2/10 (Category avg: 7.9/10)

**Who Is the Company Behind LAMP?**

- **Seller:** [LaSalle Solutions,](https://www.g2.com/sellers/lasalle-solutions)
- **Year Founded:** 1980
- **HQ Location:** Rosemont, IL
- **Twitter:** @ManageSMARTnet (330 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/lasalle-solutions/ (30 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Information Technology and Services
- **Company Size:** 67% Small-Business, 33% Mid-Market



#### What Are Recent G2 Reviews of LAMP?

**"[A best software stack model](https://www.g2.com/survey_responses/lamp-review-5431044)"**

**Rating:** 5.0/5.0 stars
*— Dimitrios T.*

[Read full review](https://www.g2.com/survey_responses/lamp-review-5431044)

---

**"[Best solution for risk mitigation, management, reporting  and decision making](https://www.g2.com/survey_responses/lamp-review-4829320)"**

**Rating:** 5.0/5.0 stars
*— Hossain Mohammad S.*

[Read full review](https://www.g2.com/survey_responses/lamp-review-4829320)

---


#### What Are G2 Users Discussing About LAMP?

- [What is a LAMP server What are the advantages of using it?](https://www.g2.com/discussions/what-is-a-lamp-server-what-are-the-advantages-of-using-it)
- [What is LAMP in programming?](https://www.g2.com/discussions/what-is-lamp-in-programming)
- [What is LAMP server used for?](https://www.g2.com/discussions/what-is-lamp-server-used-for)
- [What are the features of LAMP?](https://www.g2.com/discussions/what-are-the-features-of-lamp)

### 23. [Secfix](https://www.g2.com/products/secfix/reviews)
Secfix is Europe&#39;s security and compliance automation platform made for SMBs and mid-market companies. The platform automates up to 90% of the effort to achieve ISO 27001, SOC 2, GDPR, NIS2 and other compliance frameworks through deep integrations to AWS cloud, SSO, ticketing and HR systems. With direct access to European auditors and multilingual support, Secfix makes the audit experience smooth and stress-free.


**Average Rating:** 4.8/5.0
**Total Reviews:** 104
**How Do G2 Users Rate Secfix?**

- **Ease of Admin:** 8.9/10 (Category avg: 9.0/10)
- **Risk Scoring:** 9.1/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 8.9/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 6.7/10 (Category avg: 7.9/10)

**Who Is the Company Behind Secfix?**

- **Seller:** [Secfix](https://www.g2.com/sellers/secfix)
- **Company Website:** https://secfix.com/
- **Year Founded:** 2021
- **HQ Location:** Munich, DE
- **LinkedIn® Page:** https://www.linkedin.com/company/secfix (37 employees on LinkedIn®)

**Who Uses This Product?**
- **Who Uses This:** CTO
- **Top Industries:** Computer Software, Information Technology and Services
- **Company Size:** 82% Small-Business, 18% Mid-Market


#### What Are Secfix's Pros and Cons?

**Pros:**

- Ease of Use (43 reviews)
- Customer Support (31 reviews)
- Helpful (26 reviews)
- Compliance (24 reviews)
- Guidance (24 reviews)

**Cons:**

- Integration Issues (11 reviews)
- Limited Integration (9 reviews)
- Limited Integrations (8 reviews)
- Missing Features (8 reviews)
- Limitations (7 reviews)


### What Do G2 Reviewers Say About Secfix?
*AI-generated summary from verified user reviews*

**Pros:**

- Users find Secfix&#39;s **ease of use** enhances compliance management with its intuitive interface and streamlined processes.
- Users praise the **helpful and competent customer support** from Secfix, ensuring quick resolutions and steady improvements.
- Users appreciate the **deep automation and seamless integrations** of Secfix, streamlining compliance and enhancing productivity effortlessly.
- Users appreciate the **easy navigation** of Secfix for efficient compliance management and tracking security progress.
- Users value the **exceptional guidance** from Secfix&#39;s support team, making the compliance journey smooth and efficient.

**Cons:**

- Users experience **integration issues** with smaller vendors, leading to reliance on manual processes for custom infrastructure.
- Users experience **limited integration** with custom setups, requiring manual workarounds for non-standard tools and smaller vendors.
- Users notice **limited integrations** for custom infrastructures, requiring manual workarounds for specific components and impacting ease of use.
- Users note the **lack of medical certifications** in Secfix, indicating areas for improvement in functionality and flexibility.
- Users note the **limitations in custom integration** , requiring manual workarounds for niche environments and certifications.

#### What Are Recent G2 Reviews of Secfix?

**"[Clear structure and great support on the way to ISO 27001](https://www.g2.com/survey_responses/secfix-review-13095680)"**

**Rating:** 5.0/5.0 stars
*— Bernhard K.*

[Read full review](https://www.g2.com/survey_responses/secfix-review-13095680)

---

**"[Great Platfrom and Outstanding SecFix CSM Support That Goes Above and Beyond](https://www.g2.com/survey_responses/secfix-review-13030257)"**

**Rating:** 5.0/5.0 stars
*— Ruween I.*

[Read full review](https://www.g2.com/survey_responses/secfix-review-13030257)

---



### 24. [CTM360](https://www.g2.com/products/ctm360-ctm360/reviews)
CTM360 is a consolidated external security platform that integrates External Attack Surface Management, Digital Risk Protection, Cyber Threat Intelligence, Brand Protection &amp; Anti-phishing, Surface, Deep, &amp; Dark Web Monitoring, Security Ratings, Third-party risk Management, and fully managed unlimited Takedowns. As a pioneer and innovator in preemptive security, CTM360 operates as an external CTEM technology platform outside an organization’s perimeter. Seamless and turn-key, CTM360 requires no configurations, installations or inputs from the end-user, with all data pre-populated and specific to your organization. All aspects are managed by CTM360.


**Average Rating:** 4.7/5.0
**Total Reviews:** 130
**How Do G2 Users Rate CTM360?**

- **Ease of Admin:** 9.6/10 (Category avg: 9.0/10)
- **Risk Scoring:** 9.4/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 8.6/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 8.8/10 (Category avg: 7.9/10)

**Who Is the Company Behind CTM360?**

- **Seller:** [CTM360](https://www.g2.com/sellers/ctm360)
- **Company Website:** https://www.ctm360.com/
- **Year Founded:** 2014
- **HQ Location:** Manama, BH
- **Twitter:** @teamCTM360 (999 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/ctm360/ (133 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Financial Services, Banking
- **Company Size:** 41% Mid-Market, 32% Enterprise


#### What Are CTM360's Pros and Cons?

**Pros:**

- Customer Support (48 reviews)
- Ease of Use (45 reviews)
- Features (31 reviews)
- Monitoring (28 reviews)
- Detection Efficiency (24 reviews)

**Cons:**

- Limited Features (9 reviews)
- Integration Issues (8 reviews)
- Lack of Features (5 reviews)
- Lack of Integration (5 reviews)
- Lack of Integrations (5 reviews)


### What Do G2 Reviewers Say About CTM360?
*AI-generated summary from verified user reviews*

**Pros:**

- Users praise the **top-notch customer support** of CTM360, highlighting responsiveness and professionalism in all interactions.
- Users commend CTM360 for its **ease of use** , featuring a user-friendly interface and quick implementation process.
- Users praise CTM360 for its **comprehensive platform** that offers deep visibility and exceptional support for cybersecurity.
- Users commend CTM360 for its **effective monitoring** , offering timely alerts and insights for proactive security management.
- Users value the **high detection efficiency** of CTM360, ensuring proactive identification of digital risks with minimal false positives.

**Cons:**

- Users feel that CTM360 has **limited features** compared to the web portal, impacting overall usability and experience.
- Users face **integration issues** with existing security infrastructure, hoping for improved connectivity with other tools in the future.
- Users find the **lack of features** in CTM360 limiting, especially compared to the web portal and community edition.
- Users note the **lack of integration** with existing security infrastructure, hindering automated security feeds and overall usability.
- Users highlight the **lack of integrations** with existing security tools, limiting automated security feeds and threat intelligence.

#### What Are Recent G2 Reviews of CTM360?

**"[Exceptional Cyber Threat Intelligence Platform That Delivers Actionable Security Insights](https://www.g2.com/survey_responses/ctm360-review-11298228)"**

**Rating:** 5.0/5.0 stars
*— Raghavendran K.*

[Read full review](https://www.g2.com/survey_responses/ctm360-review-11298228)

---

**"[CTM360 Delivers Powerful, Unified Visibility Into External Digital Risks](https://www.g2.com/survey_responses/ctm360-review-13088231)"**

**Rating:** 5.0/5.0 stars
*— Sachitha M.*

[Read full review](https://www.g2.com/survey_responses/ctm360-review-13088231)

---



### 25. [Ncontracts](https://www.g2.com/products/ncontracts-ncontracts/reviews)
Ncontracts is a leading provider of SaaS-based risk management and compliance solutions for financial services companies. Our GRC solutions help more than 5,000 banks, credit unions, mortgage companies, fintechs, and trusts achieve their risk management and compliance goals with a powerful combination of user-friendly, cloud-based software and expert services.


**Average Rating:** 4.7/5.0
**Total Reviews:** 178
**How Do G2 Users Rate Ncontracts?**

- **Ease of Admin:** 8.5/10 (Category avg: 9.0/10)
- **Risk Scoring:** 9.8/10 (Category avg: 8.8/10)
- **Questionnaire Templates:** 8.8/10 (Category avg: 8.6/10)
- **4th Party Assessments:** 7.9/10 (Category avg: 7.9/10)

**Who Is the Company Behind Ncontracts?**

- **Seller:** [Ncontracts](https://www.g2.com/sellers/ncontracts)
- **Company Website:** https://www.ncontracts.com/
- **Year Founded:** 2009
- **HQ Location:** Brentwood, TN
- **Twitter:** @Ncontracts (1,794 Twitter followers)
- **LinkedIn® Page:** https://www.linkedin.com/company/ncontracts/ (470 employees on LinkedIn®)

**Who Uses This Product?**
- **Top Industries:** Banking, Financial Services
- **Company Size:** 80% Mid-Market, 12% Small-Business


#### What Are Ncontracts's Pros and Cons?

**Pros:**

- Customer Support (18 reviews)
- Ease of Use (18 reviews)
- Compliance Management (13 reviews)
- Useful (13 reviews)
- Features (11 reviews)

**Cons:**

- Data Management Issues (5 reviews)
- Integration Issues (5 reviews)
- Import Issues (4 reviews)
- Inadequate Reporting (4 reviews)
- Limited Integration (4 reviews)


### What Do G2 Reviewers Say About Ncontracts?
*AI-generated summary from verified user reviews*

**Pros:**

- Users commend the **dedicated customer support** of Ncontracts, appreciating their attentiveness and commitment to improving user experience.
- Users find Ncontracts to be **user-friendly and easy to use** , streamlining vendor management and risk assessments effectively.
- Users appreciate the **ease of use and comprehensive compliance management** that Ncontracts provides, enhancing vendor management efficiency.
- Users appreciate the **streamlined processes** of Ncontracts, significantly enhancing efficiency and compliance management in their workflows.
- Users appreciate the **exceptional support and user-friendly features** of Ncontracts, making implementation and usage seamless.

**Cons:**

- Users face **data management issues** , struggling with complicated navigation, manual processes, and inadequate reporting in Ncontracts.
- Users find the **integration capabilities lacking** , limiting the full potential of Ncontracts&#39; offerings and creating sync issues.
- Users report significant **import issues** with Ncontracts, including challenges with data transfer and lack of automated workflows.
- Users find the **reporting capabilities inadequate** , leading to frustrations with manual processes and inefficient workflows.
- Users are frustrated by the **limited integration** capabilities of Ncontracts, hindering overall product effectiveness and data syncing.

#### What Are Recent G2 Reviews of Ncontracts?

**"[Centralized Contracts with User-Friendly Interface](https://www.g2.com/survey_responses/ncontracts-review-12432305)"**

**Rating:** 4.5/5.0 stars
*— Laciu .*

[Read full review](https://www.g2.com/survey_responses/ncontracts-review-12432305)

---

**"[Simplifies Compliance with Efficient Vendor Management](https://www.g2.com/survey_responses/ncontracts-review-12212319)"**

**Rating:** 4.5/5.0 stars
*— Sadaf S.*

[Read full review](https://www.g2.com/survey_responses/ncontracts-review-12212319)

---


#### What Are G2 Users Discussing About Ncontracts?

- [What is Ncontracts used for?](https://www.g2.com/discussions/what-is-ncontracts-used-for)


## What Is Vendor Security and Privacy Assessment Software?

[Risk Assessment Software](https://www.g2.com/categories/risk-assessment)

## What Software Categories Are Similar to Vendor Security and Privacy Assessment Software?

- [Audit Management Software](https://www.g2.com/categories/audit-management)
- [Third Party &amp; Supplier Risk Management Software](https://www.g2.com/categories/third-party-supplier-risk-management)
- [Security Compliance Software](https://www.g2.com/categories/security-compliance)



