Third Party Risk Manager
Monitoring
Continuous monitoring of vendor security posture
Monitoring
Enable continuous monitoring of your vendors' security posture with automated alerts and periodic re-assessment.
Continuous Monitoring
What's Monitored
- New vulnerabilities affecting vendor SBOMs
- Vulnerability severity changes
- Exploit availability updates
- CISA KEV additions
- Component health changes
Alert Configuration
Configure alerts in Settings → Monitoring:
| Alert Type | Trigger |
|---|---|
| Critical Vuln | New critical CVE discovered |
| Exploited | CVE added to CISA KEV |
| Risk Change | Score drops below threshold |
| SBOM Expiry | SBOM older than threshold |
Scheduled Re-assessment
Automatic Re-scans
Configure periodic SBOM re-analysis:
- Daily (for critical vendors)
- Weekly
- Monthly
- Quarterly
Re-assessment Triggers
Trigger re-assessment on:
- New vulnerability disclosures
- Major version updates
- Contract renewals
- Security incidents
Vendor Dashboard
Monitor all vendors at a glance:
- Aggregate risk metrics
- Vendors requiring attention
- Recent score changes
- Upcoming SBOM expirations
Trend Analysis
Track vendor risk over time:
- Risk score trends
- Vulnerability count trends
- Remediation velocity
- Compliance improvements
Reporting
Scheduled Reports
Automatic reports delivered:
- Weekly summary
- Monthly vendor review
- Quarterly risk assessment
- Annual vendor audit
Ad-hoc Reports
Generate reports on demand:
- Select date range and vendors
- Choose report type
- Export as PDF or Excel
Integration Alerts
Send alerts to:
- Slack
- Microsoft Teams
- PagerDuty
- Webhook (custom)