Skip to content

Third-party cyber risk intelligence

Stop managing questionnaires.Start verifying trust.

NetRisk helps you discover vendors, verify security evidence, map attack surface, trace attack paths, and quantify third-party cyber risk with guided workflows that make every next step clear.

Create free accountExplore sample workspace
See sample vendor journey

No sales call required. Start with sample data or add your first vendor.

netrisk / verification-graphsample workflow
unknown vendornorthwind.ai
AI researchsources found
evidenceSOC 2 / ISO / DPA
attack surfaceassets + exposure
attack pathasset to impact
EUR risk420k-1.8M ALE
next actionMFA proof
monitoredcontinuous trust

Evidence first

Verify before you ask

Exposure aware

Attack surface + paths

Quantified

Risk in euros

Guided action

Every risk has a next step

Continuous

Trust stays alive

Connected to the systems your teams already use

MicrosoftMicrosoft
AWSAWS
JiraJira
Google WorkspaceGoogle Workspace
SlackSlack
Entra IDEntra ID

The state of TPRM

Vendor risk is still managed backwards.

Most tools start with a questionnaire and hope the answers are true. NetRisk starts with reality: public evidence, real exposure, and what an attacker can already see.

Traditional tools collect answers

slow loop
1Ask
2Wait
3Review PDFs
4Static score
5Annual reassessment

The old model waits for answers, stores evidence as files, and turns uncertainty into a static color.

NetRisk connects proof to risk

living graph
01Add vendor
02Verify evidence
03Map exposure
04Trace path
05Quantify risk
06Ask gaps
07Act
08Monitor

Questionnaire first

Evidence before questions

Static score

Exposure before scoring

Severity color

Financial impact before priority

Annual review

Continuous monitoring after approval

Start in 3 minutes

Start your first vendor review in minutes.

30 seconds

Create workspace

Register, choose sample data, or start with your own vendor. No sales call required.

1 minute

Add a vendor

Enter a vendor name or domain. NetRisk begins research, evidence discovery, and exposure mapping.

guided workflow

Follow guided next steps

Review evidence, ask only missing questions, create tasks, and track risk continuously.

One vendor. One continuous story.

From unknown vendor to verified, quantified risk.

Watch Northwind AI, a new GenAI SaaS, travel through NetRisk as you scroll. The vendor is asked only after evidence, exposure, and attack paths are understood.

01Discovered

A vendor appears before anyone files a ticket.

Northwind AI shows up in SSO logs, an expense line, procurement intake, and email-domain signals. NetRisk dedupes the noise into one vendor profile.

NetRisk does

Detects the vendor across 8 intake sources and assigns one profile.

You decide

Confirm ownership and business criticality.

netrisk / discoveredsample data
SSOOkta sign-in detected - northwind.aishadow IT
$Expense line - Northwind AI ProSaaS usage
INProcurement intake form #4192request
@Email domain - @northwind.aidiscovery

Deduped to

Northwind AI

1 profile
02Researched

AI turns a name into verified risk context.

A research agent finds the domain, product category, trust center, compliance claims, subprocessors, public breach signals, and source confidence.

NetRisk does

Pulls public sources into an evidence inbox with citations.

You decide

Review only when confidence is high enough.

netrisk / researchedsample data
AI
research
Trust center
SOC 2
Subprocessors
Breach news
DPA
03Evidenced

Proof is collected before a single question is sent.

SOC 2, ISO 27001, DPA, subprocessor lists, and pen-test summaries are gathered first, so the eventual assessment starts with what is already provable.

NetRisk does

Extracts claims from each document automatically.

You decide

Flag sources that need first-party proof.

netrisk / evidencedsample data
NetRisk evidence dashboard

SOC 2 Type II

trust center
Found

ISO 27001 cert

public
Found

DPA + subprocessors

legal page
Found

Penetration test

on request
Gap
04Verified

Evidence is useful only when it is traceable.

Every claim carries authority, freshness, expiry, and confidence. Contradictions and missing proof are escalated for human review.

NetRisk does

Scores confidence and flags an expired pen test.

You decide

Approve verified claims and request the rest.

netrisk / verifiedsample data

Encryption at rest - AES-256

verified
Confidence
SOC 2 - 3mo

SSO + MFA enforced

verified
Confidence
trust center

Pen test recency

expired 14mo
Confidence
needs review

Incident response evidence

missing
Confidence
must ask
05Exposed

See what an attacker sees first.

NetRisk maps external domains, IPs, cloud assets, certificates, technologies, open ports, and known vulnerabilities before the vendor answers anything.

NetRisk does

Finds an exposed admin panel and a critical CVE.

You decide

Decide whether exposure blocks onboarding.

netrisk / exposedsample data
northwind.ai
app.northwind.ai - TLS 1.3
api.northwind.ai
admin.northwind.ai - exposed
CVE-2025-3211 - critical
mail - SPF soft-fail
cdn - 14 assets
06Connected

Risk is a path, not a color.

Exposure, weak controls, and data access connect into a reasoned attack path from an internet-facing asset to quantified business impact.

NetRisk does

Chains exposure to weak control to business impact.

You decide

Accept, mitigate, or escalate the path.

netrisk / connectedsample data

Exposure

admin.northwind.ai reachable from internet

Weak control

No MFA evidence on admin plane

Data access

Processes customer PII + prompts

Impact

Account takeover to EU PII exfiltration

07Quantified

Technical exposure is translated into money.

A FAIR-style model turns the path into probable annualized loss exposure with confidence, evidence links, an owner, and a treatment plan.

NetRisk does

Computes EUR 420k-EUR 1.8M ALE with linked evidence.

You decide

Approve, request remediation, or reject.

netrisk / quantifiedsample data
1

Exposed admin panel

no MFA evidence

2

Weak IR evidence

expired pen test

3

Critical data access

EU customer PII

Probable annualized loss exposure

EUR 420k-EUR 1.8M

Loss event frequency 0.18/yr. Single-loss EUR 2.4M-EUR 9.6M. FAIR-style model with linked evidence.

Confidence

Medium

Evidence

3 claims

Owner

A. Reyes

08Targeted

The assessment shrinks to what evidence cannot answer.

Verified evidence removes repeat questions, while expired, missing, or contradictory controls become targeted follow-ups.

NetRisk does

Compresses 312 questions into 47 targeted questions.

You decide

Send only the missing questions.

netrisk / targetedsample data

Assessment compression

312

47

targeted questions remain after verified evidence fills the rest.

Security governance

80% verified

Data protection

60% verified

Subprocessors

verified

Pen test

expired

Incident response

missing

AI governance

missing

09Actioned

Every risk receives a next best action.

The draft risk becomes an owned remediation or evidence request with due date, expected residual-risk reduction, and escalation state.

NetRisk does

Creates task, due date, owner, and expected impact.

You decide

Assign the task or request vendor follow-up.

netrisk / actionedsample data

Risk

Admin-panel takeover

EUR 420k-EUR 1.8M

Evidence

Expired pen test + missing IR proof

confidence medium

Action

Request remediation evidence

due in 14 days

Next best action

Request admin-plane MFA evidence before approval.

OwnerSecurity
Vendor contactNorthwind AI trust team
Expected residual riskdown 71% after proof
10Continuously verified

Trust is not approved once. It is kept alive.

Evidence expiry, new exposed assets, fresh CVEs, trust-center changes, and control drift trigger reassessment long after approval.

NetRisk does

Watches change and reopens risk when it moves.

You decide

Act on triggers and track remediation to closure.

netrisk / continuously-verifiedsample data

Mar 02

SOC 2 + ISO evidence verified - approved with conditions

Apr 18

Pen-test evidence expiring in 30 days - reassessment queued

May 09

New subdomain + critical CVE detected - risk reopened

May 21

Remediation task assigned - evidence requested

May 28

Fix verified - residual risk reduced 71%

Ask only what is missing

A 312-question assessment, compressed.

When most answers are already public and verified, sending a giant form is theatre. NetRisk fills assessment sections from evidence and generates only the questions that remain.

312questions remaining

Security governance

80% verified

Data protection

60% verified

Subprocessors

verified

Pen test

expired

Incident response

missing

AI governance

missing

The risk-in-euros moment

Three technical findings. One business decision.

NetRisk composes technical findings into a probable financial loss range a board can act on.

1

Exposed admin panel

admin.northwind.ai - no MFA evidence

risk
2

Weak incident-response evidence

no IR runbook - expired pen test

warn
3

Critical data access

processes EU customer PII + prompts

ai

Probable annualized loss exposure

EUR 420k-EUR 1.8M

Loss event frequency 0.18/yr. Single-loss EUR 2.4M-EUR 9.6M. FAIR-style model with confidence, owner, evidence links, and next action.

Confidence

Medium

Evidence

3 linked claims

Owner

A. Reyes

Recommended: request remediation evidence before approval.

The signature concept

The NetRisk Verification Graph.

Vendors, products, domains, evidence, claims, assets, controls, exposures, attack paths, risks, tasks, and owners connect in one model.

netrisk / living-verification-graphsample model
1

Vendor

Northwind AI

2

Product

GenAI SaaS

3

Domain

northwind.ai

4

Evidence

SOC 2 / DPA / ISO

5

Claims

MFA, IR, encryption

6

Assets

apps, APIs, mail

7

Controls

verified + missing

8

Exposures

admin + CVE

9

Attack Path

asset to impact

10

Risk

EUR 420k-1.8M

11

Task

request MFA proof

12

Owner

Security

One connected model

Evidence, exposure, attack path, risk, task, and owner stay linked as trust changes.

From story to operating system

A product workspace that tells you what changed and what to do next.

netrisk / northwind-ai workspacesample data

Vendor review

Northwind AI

GenAI SaaS

Evidence

8 found

Exposure

2 open

Risk

EUR 1.8M

Evidence review

Vendor Review Workspace

sample

Found

SOC 2 Type II, DPA, ISO certificate

Missing

Incident-response proof and recent pen test

Decision

Approve evidence or request missing proof

What changed?

Northwind AI profile was enriched with verified public evidence.

Why it matters

Evidence can answer repeat questionnaire sections before the vendor is asked.

Evidence

SOC 2, DPA, ISO 27001, trust center, subprocessor list

Risk impact

312 questions reduced before outreach

What you can do immediately

Plain product actions, not abstract platform modules.

01

Add vendor

Enter a vendor name or domain and start a guided review.

Add vendor

02

Run AI research

Find public sources, trust centers, security docs, and vendor claims.

Run AI research

03

Review evidence

See what is found, missing, expired, or contradictory.

Review evidence

04

Map attack surface

Open public-facing domains, technologies, exposures, and risk signals.

Map attack surface

05

Generate first risk

Convert evidence and exposure into a draft risk scenario.

Generate first risk

06

Ask missing questions

Send a targeted questionnaire only for gaps.

Ask missing questions

07

Create tasks

Assign remediation or evidence follow-up.

Create tasks

08

Monitor continuously

Track expiry, new vulnerabilities, trust-center changes, and control drift.

Monitor continuously

One platform. The whole journey.

Capabilities that explain why risk changed.

Vendor Intelligence

Discovers vendors from shadow IT, SaaS usage, procurement, and email signals, then dedupes to one profile.

Decides Who actually has access to our data?

AI Research

Builds a sourced vendor profile with domain, category, trust center, claims, subprocessors, and breach signals.

Decides What do we already know before we ask?

Evidence Verification

Extracts claims from SOC 2, ISO, DPAs, and pen tests with authority, freshness, expiry, and confidence.

Decides Which claims are provable?

Attack Surface

Maps domains, cloud assets, certificates, technologies, open ports, and known vulnerabilities.

Decides What can an attacker see right now?

Attack Paths

Connects exposure, weak controls, and data access into paths from asset to business impact.

Decides How does exposure become a breach?

Risk Register

Explains why risk changed, which evidence supports it, what action reduces it, and who owns it.

Decides Which vendors create real business risk?

Built for the whole decision

One graph, five points of view.

CISO

Know which vendors create real business risk and prove it to the board.

Financial exposure, portfolio trend, and defensible prioritization.

Continuous verification

Trust is verified continuously, not once.

Approval is the start of monitoring. Evidence expiry, trust-center edits, new assets, fresh CVEs, and control drift reopen risk when the facts change.

netrisk / continuous-verificationalways on

Current signal

Trust center changed

Monitoring

Monitoring inputs

Evidence expiry
Trust-center edit
New asset
Fresh CVE
Control drift

Always on

trust model watching

Risk state

5 signals

Task routing

Queued if material

Residual risk

Awaiting proof

Your first NetRisk workspace

Know exactly what happens after you register.

Start with sample data, then add real vendors when you are ready. NetRisk guides the first review from evidence to risk to action.

Create workspace
Choose sample data or add first vendor
Confirm vendor owner
Review found evidence
5Review draft risk
6Send missing questions
7Assign next action
8Enable monitoring

Use cases

Product-led use cases that start from a real trigger.

Review a new SaaS vendor

TriggerNew procurement request

NetRisk actionVerify evidence and quantify onboarding risk

OutputApprove with conditions

Check a shadow IT vendor

TriggerSSO or expense signal

NetRisk actionResearch, dedupe, and map exposure

OutputCreate owner review

Reassess a critical vendor

TriggerEvidence expiry or new CVE

NetRisk actionReopen trust and update residual risk

OutputAssign remediation

Reduce questionnaire workload

TriggerLarge vendor review queue

NetRisk actionReuse verified evidence and ask gaps only

Output47 targeted questions

Prepare evidence for audit

TriggerCompliance review

NetRisk actionExport evidence, claims, owners, and decisions

OutputTraceable proof

Turn exposure into financial risk

TriggerTechnical finding

NetRisk actionConnect attack path to business impact

OutputEUR risk range

Trust, security, and AI governance

AI accelerates the work. Evidence and human review create the trust.

NetRisk AI proposes. Humans approve. Evidence proves.

AI proposes

Suggested claims, missing evidence, and risk scenarios are clearly labelled.

Evidence used / Confidence / Freshness / Source / Required approval

Humans approve

Material claims and risk changes require review where confidence matters.

Evidence used / Confidence / Freshness / Source / Required approval

Evidence proves

Every claim shows source, date, freshness, confidence, and impact if accepted.

Evidence used / Confidence / Freshness / Source / Required approval

Start verifying vendor trust today

Create a workspace, explore a sample vendor journey, or add your first vendor.

Create free accountExplore sample workspace

Start with sample data. Add real vendors when you are ready.