Vendor Data Leaks is a managed service offered by UpGuard that gives you access to the team of world class security researchers who built our proprietary data leak detection engine. We pair machine learning algorithms with experienced analysts who review each potential exposure and provide timely, accurate, and actionable insights.

As you may be aware, UpGuard’s research has been published in The New York Times, The New Yorker, The Washington Post, TechCrunch, Bloomberg, Gizmodo, Engadget, Forbes, ZDNet, and The Guardian.

Vendor Data Leaks takes what we have learned from offering first-party data leak detection to our customers, and extends these capabilities to the monitoring of third party data leaks.

Before a vendor data leak is published to your account, one of our analysts will review the data for authenticity and severity to ensure that only real exposures are published to your account. Once a vendor leak is published, you’ll see it as an Open leak in your Vendor Data Leaks. In the screenshot below, you can see this account has two Open and one Closed leak.

As part of onboarding, we’ll ask for your vendor's contact information. This allows us to notify your vendors in the event of a high or critical severity leak. When a high or critical severity leak is published, we’ll work directly with the vendor to remediate the issue and notify you in the platform and via email when it’s resolved. You’ll also see the status of the leak move from Open to Closed to indicate that the data is no longer publicly accessible.

There’s nothing you need to do beyond providing someone at the vendor for us to talk to. Our analysts will handle the rest.

If you want more information about a particular leak, click on its row and you’ll be taken to a secondary screen that shows the source of the leak, its implication, the significance, and a description, as well as important dates. While this information will never disclose the location of the leak (like its URL or IP address), it can help you understand the risk to the vendor’s overall security.

Did this answer your question?