UpGuard

Mountain View, CA, USA
2012
  |  By Edward Kost
Cyber supply chain risk management (C-SCRM) is the process of identifying, assessing, and mitigating cybersecurity risks associated with an organization’s supply chain. Supply chains comprise multiple attack vectors, ranging from procurement tools to suppliers, developers, and third-party services. The complexity of this attack surface warrants a risk management strategy focused on supply chain risks as an extension to an existing third-party risk management program.
  |  By UpGuard Team
The Common UNIX Printing System (CUPS) is a widely used printing system on Unix-like operating systems, but recent vulnerabilities have exposed significant risks. The most critical is CVE-2024-47176, which affects the cups-browsed service by binding to the IP address INADDR_ANY:631. This configuration flaw causes it to trust all incoming packets, leading to potential remote code execution when interacting with malicious printers. This vulnerability is part of a chain of exploits, including.
  |  By Nicholas Sollitto
If you’re on the frontlines of your organization’s cybersecurity department, you’ve likely found yourself burdened by security questionnaires. Whether you’re in charge of evaluating vendor responses or completing questionnaires yourself, it’s no secret these requests can be time-consuming for everyone involved. Well, what if this didn’t have to be the case?
  |  By Edward Kost
Third-party monitoring is a critical aspect of Third-Party Risk Management as it keeps security teams informed of the organization's evolving third-party risk exposure. To learn the importance of third-party monitoring and why it should be emphasized in your TPRM program, read on.
  |  By Kyle Chin
UpGuard is excited to announce the latest addition to our Vendor Risk Questionnaire Library: the DORA (Digital Operational Resilience Act) questionnaire! The addition of DORA to the Questionnaire Library reflects UpGuard’s ongoing commitment to providing our customers with the necessary tools to navigate today’s evolving regulatory standards.
  |  By Nicholas Sollitto
In an era where data breaches and privacy concerns dominate headlines, regulatory frameworks like India’s Digital Personal Data Protection Act, 2023 (DPDP) have become indispensable. The DPDP Act safeguards the privacy of individuals by regulating how organizations operating in India can collect, process, and store personal data. Landmark regulations like the DPDP Act are essential for enhancing data security.
  |  By Nicholas Sollitto
Each year, we revisit our risk rating system to ensure it best reflects the needs of security practitioners safeguarding their organizations and supply chains. For our 2024 update, we’ve made two closely related changes: we’ve recategorized some of our existing findings to make an organization’s risk profile more understandable and recalibrated our scoring algorithm to more clearly illustrate the impact of specific risks.
  |  By Edward Kost
The rapid expansion of the digital landscape adds increasing complexity to cybersecurity, especially for enterprises that could have up to 100,000 vendors in their supply chain. Addressing these challenges requires implementing an Attack Surface Management (ASM) strategy tailored to enterprise businesses' unique risk profiles. This post outlines the importance of ASM for enterprises and offers a strategy for ensuring its effective implementation.
  |  By Edward Kost
A third-party monitoring solution is essential for providing a level of risk visibility required by a successful Third-Party Risk Management (TPRM) program. This post ranks the top third-party monitoring services in the market.
  |  By Edward Kost
‍The Australian Prudential Regulation Authority (APRA) has introduced Prudential Standard CPS 230 to enhance the operational resilience of financial institutions and protect the broader financial system from disruptions. APRA CPS 230 details the crucial requirements for managing operational risks, ensuring business continuity, and overseeing third-party service providers.
  |  By UpGuard
Join Jess Aiken, Growth Executive at UpGuard, who will be discussing the impacts of Infostealer malware and how organizations can best defend themselves.
  |  By UpGuard
Join Jeff Farinich, CISO & SVP Technology at New American Funding, who will be presenting a keynote focusing on navigating cloud security and third-party risk management.
  |  By UpGuard
Join Letecia Allen, Senior Product Marketing Manager at UpGuard, who along with two of our customers will share some insights on how UpGuard can help mitigate procurement risk in your organization.
  |  By UpGuard
Join Toby Roger, our Director of Product Marketing at UpGuard, who will share what's new at UpGuard and what we have in store over the coming months.
  |  By UpGuard
In today's interconnected financial landscape, businesses face increasing risks from third-party vendors, making effective cyber risk management essential. Significant data breach costs and stringent regulatory requirements place further burden on this sector. In response, UpGuard offers a Vendor Risk Management solution to help institutions manage these risks and maintain compliance. Learn more at upguard.com/fsi.
  |  By UpGuard
In this quarter's UpGuard Summit, we’re continuing our focus on scaling your Third-Party Risk Management (TPRM) program. Hear how you can eliminate manual work, harness automation and keep up to date with emerging threats. You’ll also learn how security leaders have evolved their TPRM function and the lessons they’ve learnt along the way.
  |  By UpGuard
In this quarter's UpGuard Summit, we’re continuing our focus on scaling your Third-Party Risk Management (TPRM) program. Hear how you can eliminate manual work, harness automation and keep up to date with emerging threats. You’ll also learn how security leaders have evolved their TPRM function and the lessons they’ve learnt along the way. Interested in finding out more about UpGuard?
  |  By UpGuard
Join our CISO, Phil Ross, and Head of Talent Acquisition, Ian Chaplin, as they discuss the evolution of the cybersecurity professional and share actionable insights on how to hire the right talent today.
  |  By UpGuard
Join UpGuard's Chief Product Officer, Dan Bradbury, as he shines a spotlight on all of the groundbreaking product releases from the last quarter and the exciting releases coming soon.
  |  By UpGuard
Join Jess Hooper, our Senior Product Manager, as she outlines how UpGuard is launching a suite of new features that together represent the next step in the evolution of trust management.
  |  By UpGuard
You understand the risks that third party vendors pose to your business, and you're ready to do something about it. What are the capabilities you need to understand your cyber risk, manage your vendors, and avoid data breaches?
  |  By UpGuard
Perhaps your organization is looking to make a transition from traditional IT operations and development practices to DevOps, or you're looking to realign your career path with DevOps to position yourself more favorably to future opportunities. Whatever your motivations are, this eBook will provide you with foundation knowledge for boosting your career with DevOps.
  |  By UpGuard
The fact that one has to "make a case" for Microsoft in the DevOps sphere puts them at a disadvantage, especially competing against major open source options with large community bases and proven performance. But, moving forward, one can expect the gap between Microsoft and other tools to close further, as they continue pressing their business in this direction.
  |  By UpGuard
Cybersecurity is officially dead. Worldwide spending on security-related hardware, software and services rose to $73.7 billion in 2016 from $68.2 billion a year earlier, according to researcher IDC. This number is expected to approach $90 billion in 2018.
  |  By UpGuard
ServiceNow® customers optimizing their IT service delivery and management processes require deeper context and detail level behind IT asset changes--information the leading help desk automation and incident reporting platform does not provide. In this report you'll learn how UpGuard fills this visibility and awareness gap, keeping ServiceNow® in line with the true state of your environment.
  |  By UpGuard
DevOps and ITIL should be compared with an eye towards the problem you're trying to solve, with a focus on the tangible benefits you and your team would see from using each.
  |  By UpGuard
Selecting a security provider is no easy feat-it includes months of designing a company's security strategy, evaluating different solutions, budgeting accordingly, and assuring stakeholders the investment will pay off by keeping their business safe.
  |  By UpGuard
With the enterprise so dependent on technology and digitized assets, how can it prevent data-related disasters from sinking the business? The answer is by taking a new approach to managing cyber risk as a function of business risk at large. McKinsey calls this "Digital Resilience", but it can simply be thought of as conducting business safely in today's connected environments.
  |  By UpGuard
Software engineering is changing and DevOps is at the heart of it. An organization's ability to be responsive to the business requires better collaboration, communication, and integration across IT.
  |  By UpGuard
There is no doubt that the DevOps movement has gone mainstream. When even IBM and HP are dedicating sites to it there is no longer any question. If we were to place it on the Gartner Hype Cycle even the most devoted proponents would have to admit that it's rapidly approaching the "Peak of Inflated Expectations".

A better, smarter way to protect your data and prevent breaches. Our products help security, risk and vendor management teams take control of cyber risk and move faster with confidence.

UpGuard gathers complete information across every digital surface, stores it in a single, searchable repository, and provides continuous validation and insightful visualizations so companies can make informed decisions.

UpGuard then aggregates this information into an industry standard cyber risk score called CSTAR. The CSTAR score is a single, easy-to-understand value representing an organization's aptitude in monitoring compliance, tracking unwanted change, and detecting vulnerabilities in their infrastructure.

Businesses depend on trust, but breaches and outages erode that trust. UpGuard is the world’s first cyber resilience platform, designed to proactively assess and manage the business risks posed by technology.