Additional Info

Company size (employees)100 to 499
Type of solutionSoftware


CyberGRX was designed with the goal of helping enterprises replace the antiquated and ineffective tools used to identify and address third-party cyber risks with a modern, data-first approach that scales with the digital economy. To accomplish this, CyberGRX offers a Global Risk Exchange platform that empowers enterprises to leverage third-party data and advanced analytics to appropriately manage, monitor and mitigate risk in their vendor ecosystems. Instead of having to rely on extensive Excel spreadsheets and labor intensive self assessments, organizations are able to harness the power of standardized assessment data and machine learning through Predictive Risk Profiles which allow members to view, analyze, and share dynamic cyber risk data. As a result, enterprises spend more time increasing the effectiveness of their security procedures.

CyberGRX has unparalleled depth and breadth of data with more than 130,000 companies on the Exchange and over 10,000 completed assessments. This means that more than 80% of the top 500 companies requested by customers are already on the Exchange.

Using innovative features such as Framework Mapper and Threat Profiles, customers can identify their third parties’ control gaps typically exploited in common and recent attacks as well as map controls to standard and custom frameworks. With threat intelligence, breach monitoring and breach alerting built into the Exchange, customers have a near-real-time view of how well prepared their third parties are to defend against attacks and breaches. Other features, like Attack Scenario Analytics, provides data and additional context to risk findings so that enterprise customers and third parties can make faster, better-informed decisions regarding risk remediations. Because CyberGRX was built using a standardized data set, something that no other third-party risk exchange has, CyberGRX is able to apply advanced machine learning to derive actionable insights, enabling informed decision making across an organization’s entire portfolio.

How we are different

Unparalleled Portfolio Insights: By leveraging machine learning, CyberGRX can provide comprehensive and contextual insights—almost immediately—across an entire third-party ecosystem. CyberGRX’s comprehensive cyber risk data is regularly updated to always show a third-party’s most current security posture. CyberGRX’s scalable approach accommodates the entire—and rapidly growing—third-party ecosystem.

Revolutionizing how company’s approach third-party risk: CyberGRX has developed revolutionary features that enhance third-party risk management programs. Features such as the Predictive Risk Profile enable customers to have visibility into the potential likelihood that each vendor will have a cyber incident and are continuously monitored based on the domain cyber hygiene and industry intelligence gleaned from technology partners. Customers are empowered to create a prioritized risk management strategy.

Actually reduce cyber risk: CyberGRX’s validated data sets are integrated with threat intelligence and real-world attack scenarios based on the MITRE ATT&CK framework to apply advanced analytics and gather actionable insights to identify vulnerabilities, mitigate risk and enhance security postures. Users know where to focus their efforts in near-real time.