UpGuard Reviews & Product Details

I like the scores that it gives and the reports. The ability to take the reports to senior management and show them the score going from red to green is a big selling point. It is easy to resolve issues when given clear reasons why certain software or machines could be compromised if we do not implement fixes. Review collected by and hosted on G2.com.

I wish there were ways to dismiss certain machines that are not affected by the internet or don't interact with our network. There are some machines that are 3rd party that we are not in control of that decrease our score and we would like a way to remove them from our reports. Review collected by and hosted on G2.com.

Using UpGuard is easy and very user friendly. Similar to any form eg: Google or MS form.

The vendor risk assessment has been made easy with its implementation which was very easy as well.

Usage is very frequent to regularly check for associated IT, data risks which are being processed with Third party vendors, ease of integration of this tool with vendors IT subsystems makes it soothing for both ends.

It has AI, collaboration features and auto save which makes it easy for Vendors to collect the responses before submission. Review collected by and hosted on G2.com.

The autofill of SOC2 and related fields are captured incorrectly, while AI implementation is fantastic this was a pain point identified. It consumes a lot of time and still was unable to do anything.

Tried chat for customer support however it was just another version of AI answering. Review collected by and hosted on G2.com.

One new aspect I really like about UpGuard is its continuous attack surface monitoring, which provides real-time visibility into exposed assets across the internet. Instead of relying on periodic scans, UpGuard constantly tracks changes, alerting you the moment something becomes publicly visible — such as a misconfigured S3 bucket, expired SSL certificate, or exposed domain.

Another standout is the built-in data leak detection engine. UpGuard scans the web, dark web, GitHub, forums, and paste sites to identify leaked credentials or sensitive information related to your organisation — something traditional security tools often miss.

I also appreciate how UpGuard makes security questionnaires and vendor assessments extremely streamlined. Their questionnaire library, automation, and workflow tools eliminate the repetitive back-and-forth usually required with vendors, improving compliance and reducing friction.

Finally, the platform’s risk rating transparency is impressive. It provides clear, easy-to-understand explanations of every risk factor, how the score is calculated, and recommended fixes — making it easier for both security and non-security teams to take action quickly. Review collected by and hosted on G2.com.

Although UpGuard is a robust platform overall, there are a few areas where it could evolve further:

Greater pricing flexibility: The current pricing structure may pose a barrier for startups and smaller businesses. Offering scaled-down tiers or a modular pricing approach could broaden its accessibility.

Expanded platform customization: While the dashboards are effective, users often seek more in-depth customization options — especially for reporting, risk scoring, and automated workflows — to better align with their internal requirements.

Stronger integration capabilities: Some users face challenges when connecting UpGuard with older systems or specific SIEM/SOAR tools. Broadening its integration options, particularly with plug-and-play solutions, would streamline implementation.

More sophisticated analytics and predictive features: UpGuard delivers solid visibility, but adding advanced analytics — like predictive risk trends or proactive vendor assessments — could enhance strategic planning.

Easier onboarding for advanced features: Despite its intuitive design, some complex functionalities can be difficult to navigate. Embedding more in-product guidance, step-by-step walkthroughs, or interactive tutorials would improve the user experience. Review collected by and hosted on G2.com.

As a rapidly growing telecom company operating in a highly regulated and competitive industry, what we like best about UpGuard is its ability to provide real-time visibility into our third-party risk and external security posture without overwhelming our team.

Telecom environments involve complex vendor ecosystems—from infrastructure providers to cloud and software vendors—and UpGuard’s platform gives us a centralized, easy-to-understand view of each vendor’s cyber risk profile. The automated risk scoring and continuous monitoring allow our security team to stay proactive, which is critical as we scale operations and onboard new partners quickly.

Another standout is the BreachSight feature, which gives us a clear view of our own attack surface. This has been invaluable in identifying misconfigurations or data exposures that could have impacted customer trust or compliance efforts—especially as we expand into new regions and services.

Ultimately, UpGuard allows us to move fast without compromising on security, making it a strategic asset as we grow in a high-risk, high-demand sector. Review collected by and hosted on G2.com.

Limited Real-time Detection & Response

UpGuard is primarily a security ratings and risk posture management platform, not a full-fledged SIEM or EDR. Telecom environments require real-time threat detection and incident response, which UpGuard does not natively provide.

Surface-level Visibility for Internal Assets

While excellent at assessing external attack surfaces, it may not offer deep visibility into internal networks, devices, or telecom infrastructure (routers, switches, transmission elements, etc.) unless tightly integrated with other tools.

Customization Limitations

Telecom companies often have custom applications, configurations, and regulatory needs. UpGuard’s templated approach to vendor risk assessments and reports might lack flexibility in adapting to such unique use cases.

Dependency on Third-party Data

For threat intelligence and scoring, UpGuard often relies on external data sources. This can cause delays in reflecting newly discovered threats, which is risky in a dynamic telecom threat landscape.

Limited Native Integration with Telecom-specific Systems

UpGuard doesn’t offer strong out-of-the-box integrations with telecom OSS/BSS, AAA, NSP, or network probes, requiring additional effort or custom API development.

Licensing Costs Can Escalate

For a growing telecom company with hundreds of vendors and expanding infrastructure, costs can scale quickly, especially if trying to monitor third-party risks and internal asset posture extensively.

Not a One-stop Solution

While good for cyber hygiene, third-party risk management, and compliance checks, it still requires supplementary tools (like DNIF SIEM, PAM, EDR, etc.) to cover the entire cybersecurity framework.

Summary:

For an upcoming telecom company, UpGuard is great for vendor risk visibility and external posture, but falls short for internal network security, real-time monitoring, and telecom-specific integrations. It should be part of a broader security ecosystem, not the core. Review collected by and hosted on G2.com.

I really like UpGuard's UI and UX, which are top-notch and user-friendly, making answering customer questionnaires and RFPs a piece of cake. The tool's experience is amazing and eliminates the need for boring Excel sheets. The new AI feature is very good too. It helps answer questions based on previous responses, saving a lot of time and man hours. The initial setup was very easy, and a common person can do it effortlessly. Review collected by and hosted on G2.com.

I would like to see the AI Agent be more proactive and provide answers quickly based on the previously answered questions. Apart from this, I don't have any issue or problem currently. Review collected by and hosted on G2.com.

I switched from another well-known cybersecurity posture platform, and the difference with UpGuard was almost immediate. The interface is cleaner, faster, and the scan and rescan speed is impressive, usually under 5 minutes, which means we can make a change and immediately verify if the issue is resolved. I get real time visibility of our external posture, which helps validate fixes and vendor responses instantly. The AI recommendations are accurate and practical. The remediation process itself is smooth. If anything, I’d love more flexibility in custom reporting for compliance frameworks, but that’s a small trade-off compared to the value it delivers.

Another thing I like is the public risk waiver feature. You can submit a waiver for a finding, and others can review, accept, or reject it during risk scoring. Most competitors make you contact support just to dispute a finding, and even then they often deny it. UpGuard lets you handle it instantly and transparently.

Their onboarding team was excellent. Responsive, clear, and genuinely helpful. They walked us through the setup, made sure our domains were scanned properly, and helped tailor the platform to how we actually work.

You can tell the team behind it is active and focused. Updates roll out often, and the platform keeps getting better. UpGuard feels like a product that’s actually evolving with the industry — not just sitting still.

Overall, UpGuard feels modern and efficient. The AI features aren’t just hype, they genuinely help you strengthen your cybersecurity posture and manage vendor risks with clarity and confidence. Review collected by and hosted on G2.com.

Maybe Integration and API development improvements. Review collected by and hosted on G2.com.

I really like that UpGuard offers precise recommendations to solve security issues on my web domains. This feature is invaluable, as it provides me with information about vulnerabilities I was previously unaware of. I love UpGuard's ability to automatically detect domains registered under my company's name and offer detailed data such as the IPs of open ports. This eliminates the need to search for vulnerabilities one by one, as UpGuard automates the entire process, identifying potential issues and providing practical solutions that I can implement to mitigate risks and ensure that vulnerabilities do not remain active. Review collected by and hosted on G2.com.

It seemed to me that the application does not update as automatically as I expected. Sometimes it took a while to detect a problem that was already solved and also took a while to recognize and update my score. I think improving that aspect is very important. Review collected by and hosted on G2.com.

I find UpGuard very easy to use, with a workflow that feels natural and intuitive. It streamlines the process of initiating due diligence and collecting information, which makes vendor assessments more effective and helps me understand their threat vectors better. The tool's user-friendly design and logical flow are aspects I particularly appreciate, enhancing my overall experience and contributing to my willingness to recommend it with a score of seven or eight. Review collected by and hosted on G2.com.

I feel the security profile and the risk profile could be better updated. The vendor summary section feels fine but could use minor tweaks to make it more readable. As of now, the risk profile seems too much as it doesn't seem to be updated quite that often. Additionally, the risk details should be updated more frequently. It would also be really helpful if UpGuard could go back to the vendor to ask for a few remediation timelines or remediation statuses. Review collected by and hosted on G2.com.

UpGuard makes it incredibly easy to monitor vendor security and track changes over time. The Security Ratings feature gives quick visibility into potential risks, and the BreachSight module helps identify exposed data before it becomes a problem. The dashboards are intuitive, and the reporting saves a lot of manual effort. Review collected by and hosted on G2.com.

Honestly, I think UpGuard has a strong platform and mission, but one area that could improve is the user interface and navigation — sometimes it feels a bit complex for new users. That said, I appreciate that the company seems to be actively improving the UX over time. Review collected by and hosted on G2.com.

UpGuard’s cybersecurity platform has proven to be an invaluable asset to our organization.

The Threat Insights tool is exceptionally powerful, providing us with real-time detection of misconfigurations and a clear framework for prioritizing remediation. This ensures we focus our resources on the most critical risks instantly.

The data breach detection capabilities are truly best-in-class, delivering instant alerts the moment a corporate username or password is found on the dark web or similar external sources. This proactive monitoring is essential for minimizing exposure and accelerating our breach response.

Beyond its technical excellence, the product is highly intuitive and has been seamlessly incorporated into our daily workflow and security checks. Furthermore, the implementation and integration with our ServiceNow platform were flawless, ensuring real-time threat data is immediately fed into our primary management system. This powerful integration dramatically enhances our response efficiency.

Finally, the customer support is exemplary, characterized by prompt, expert responses that ensure any issue is resolved quickly. UpGuard isn't just a tool; it's a unified platform that delivers clarity, efficiency, and continuous control over our entire cyber risk posture. Review collected by and hosted on G2.com.

I wish UpGuard would provide either the plaintext password or the password hash when reporting a data breach. This would help us determine whether the password is still in use, allowing us to better prioritize which users need to be alerted to reset their passwords. Review collected by and hosted on G2.com.