This video provides a comprehensive introduction to the UpGuard platform, helping new users navigate the core modules for internal and external security monitoring. You will learn how to effectively manage your organization’s security posture and streamline third-party risk assessments.

What you’ll learn:

• A guided walkthrough of the dashboard and primary navigation tools.
• How to monitor your own attack surface and identify potential vulnerabilities.
• Techniques for evaluating third-party security ratings and automating risk assessments.
• Using Trust Pages to simplify security document sharing and build transparency.
• How to generate and customize reports for stakeholder communication.

Duration: 60m

This workshop provides comprehensive training on managing your internal attack surface to improve and maintain a high security rating. It is designed for administrators and security teams who need to establish sustainable processes for internal risk management.

What you’ll learn:

• Confirming domains and organizing assets using portfolios and labels.
• Navigating the workflow to identify, remediate, or waive security risks.
• Configuring critical notifications for proactive monitoring of your attack surface.
• Utilizing advanced tools for typosquatting detection and identity breach management.
• Establishing competitor monitoring to benchmark your Breach Risk against peers.

Duration: 43m 50s

This video demonstrates how to create and manage a Trust Page to automate vendor questionnaire responses and reduce manual workloads. It is a practical guide for security and compliance teams looking to scale their document sharing and improve efficiency.

What you’ll learn:

• Setting up a centralized Trust Page with custom branding and compliance badges.
• Building a content library to house frequently requested security documents.
• Tracking real-time access and downloads to monitor vendor engagement.
• Managing questionnaire tasks and configuring custom domains for your page.
• Implementing strategies to reduce Breach Risk through transparent documentation.

Duration: 4m 31s

This video guides administrators through the account settings menu to customize platform functionality and manage internal user permissions. It helps team leads configure their environment to match specific organizational workflows and security requirements.

What you’ll learn:

• Managing user accounts, API keys, and group sharing permissions.
• Setting up co-branding for external emails and generated reports.
• Configuring custom notification alerts and default message fields.
• Organizing assets and portfolios using internal labels and tools.
• Utilizing control templates and document types within the content library to mitigate Breach Risk.

Duration: 5m 20s

In this interactive product tour, we'll take you through the steps to configure the Vendor Onboarding Portal.

What you'll learn:

• How to enable the portal
• Customize your onboarding form
• Automate vendor requests through a secure, standardized intake workflow

Duration: 2m

This video provides a high-level overview of the platform's core features to help new users navigate their dashboard and manage vendor data. It is designed for administrators and analysts looking to streamline their daily workflow.

What you’ll learn:

• Navigating account activity and announcements on the home page.
• Tracking major updates through the My Tasks tab.
• Generating and scheduling customizable reports based on vendor assessments.
• Sharing reports via email and utilizing the support chat for inquiries.
• Monitoring overall Breach Risk and security trends.

Duration: 6m 54s

This webinar introduces the Security Profile feature, offering a strategic framework to transition from traditional questionnaires to evidence-based vendor evaluations. It helps risk professionals automate document analysis and focus on high-impact security gaps.

What you’ll learn:

• Automating document analysis for SOC 2 reports and security policies.
• Leveraging automated scanning to instantly satisfy up to 26 security controls.
• Deploying targeted gap questionnaires to reduce vendor assessment fatigue.
• Mapping findings to ISO 27001 and NIST frameworks for compliance.
• Managing document classification and AI-generated assessments to lower Breach Risk.

Duration: 60m

This video explains how the platform identifies and monitors an organization's attack surface through automated scanning and security ratings. It is a vital resource for security teams looking to identify vulnerabilities, remediate risks, and benchmark their performance against competitors.

What you’ll learn:

• Evaluating security posture through automated scans and numeric risk ratings. 
• Remediating or waiving discovered vulnerabilities to improve your score. 
• Monitoring competitor risk profiles and benchmarking your Breach Risk. 
• Generating historical reports to track security improvements over time. 
• Managing breach notifications and identifying third-party vulnerabilities.

Duration: 21m 37s

This video outlines a structured approach to vendor risk management by utilizing tiering and AI-driven assessments to prioritize high-impact relationships. It helps risk managers and procurement teams efficiently evaluate vendor security postures and manage remediation.

What you’ll learn:

• Implementing vendor tiering to focus resources on the highest Breach Risk areas.
• Using AI to automate initial assessments and streamline information gathering.
• Deploying gap questionnaires to target specific security weaknesses.
• Managing remediation requests and tracking vendor ratings over time.
• Navigating the dashboard for a comprehensive view of organizational risk analysis.

Duration: 17m 28s

This video explains the concept of vendor tiering and how to categorize business partners based on their data access and organizational criticality. It helps security and compliance teams streamline their vendor risk assessments by matching the evaluation rigor to each vendor's risk level. 

What you’ll learn:

• How to define vendor tiering and its role in risk management.
• The difference in assessing high-access systems versus low-risk software.
• Why data sensitivity determines the depth of a vendor evaluation.
• How to use a structured framework to categorize your organization's vendors.

Duration: 1m 45s

This beginner-level workshop introduces the fundamentals of third-party risk management using the platform to establish a scalable vendor monitoring process. It is ideal for new users looking to configure their environment and initiate their first evidence-based assessments.

What you’ll learn:

• Configuring vendor tiering systems and portfolios for structured organization.
• Onboarding vendors and leveraging security profiles for initial monitoring.
• Implementing an evidence-first approach using existing documentation to reduce questionnaire volume.
• Using AI-powered analysis to map vendor security postures against ISO 27001 and NIST frameworks.
• Generating customized risk assessments to communicate Breach Risk to stakeholders.

Duration: 51m 35s

This training explains the ideal vendor onboarding workflow, helping security teams evaluate and mitigate third-party risks before signing contracts. It covers everything from the initial onboarding request to the final go or no-go decision, ensuring your organization avoids early contractual exposure. 

What you'll learn:

• How to submit and process a vendor onboarding request.
• Criteria for tiering vendors and conducting security evaluations in UpGuard.
• Methods for assessing Breach Risk to make informed go/no-go decisions.
• Procedures for managing risk waiving and remediation activities.

Duration: 2m

This training explains how to manage and assess vendors that are already in use without prior security evaluation. It helps security teams navigate retroactive tiering, evaluation, and the critical contract continuation or termination decisions required to mitigate existing third-party risk. 

What you'll learn:

• Sending onboarding requests to internal champions for existing vendors.
• Assessing active vendors based on specific tier requirements.
• Evaluating Breach Risk during the interim unassessed period.
• Making critical contract continuation or termination decisions.

Duration: 1m 16s

This training covers how to optimize and customize vendor onboarding questionnaires to improve completion rates and ensure effective vendor tiering. It helps security teams design targeted, purposeful assessments that gather essential information while preventing questionnaire fatigue. 

What you'll learn:

• Customizing default onboarding questionnaires and tiering guidelines.
• Identifying must-have requirements and essential information from internal teams.
• Removing unnecessary questions that do not provide valuable security insights.
• Structuring targeted questionnaires to streamline the vendor assessment process.

Duration: 50s

This tutorial covers how to implement conditional logic in forms to create dynamic, relevant user experiences. It helps administrators design concise forms that display specific questions based on a user's previous answers. 

What you'll learn:

• Configuring forms so questions appear dynamically based on previous selections.
• Showing specific data hosting questions when software options are selected.
• Triggering privacy control questions when users indicate access to PII.
• Streamlining the user experience by hiding irrelevant form sections.

Duration: 49s

This tutorial demonstrates how to create and configure automation rules to streamline vendor management. It helps security teams automatically assign vendor tiers, labels, portfolios, or custom attributes based on specific criteria. 

What you'll learn:

• Creating a new automation rule with titles and descriptions.
• Exploring automation options like portfolios, labels, and custom attributes.
• Setting up criteria to automatically tier vendors handling PII as critical.
• Testing and saving automation rules before activation.

Duration: 1m 14s

This training demonstrates how to use advanced automation with weighted scoring and formulas to swiftly categorize vendors. It helps risk management teams eliminate manual review by automatically placing vendors into tiers based on specific risk and security criteria. 

What you'll learn:

• Implementing weighted scoring and formulas for automated vendor tiering.
• Categorizing high-risk vendors handling sensitive data into Tier one.
• Using negative scoring factors like single sign-on utilization to trigger reviews.
• Streamlining vendor risk management by reducing manual evaluation processes.

Duration: 52s

This training explains the importance of establishing cross-team alignment with procurement during the vendor evaluation process. It helps security teams collaborate early with internal stakeholders to secure better vendor cooperation before contracts are signed. 

What you'll learn:

• Building cross-team alignment between security and procurement teams.
• Involving procurement early to increase vendor cooperation during evaluations.
• Navigating internal stakeholder dynamics before contract signatures.
• Implementing successful vendor onboarding strategies shared in organizational roundtables.

Duration: 58s

This training outlines a strategy for implementing a centralized request portal as an organization's sole intake method. It helps security and operations teams drive organizational behavior change and streamline internal requests. 

What you'll learn:

• Redirecting all Slack and email requests to a single portal link.
• Embedding the request link across signatures, channels, and purchase forms.
• Testing the intake workflow with a small internal pilot audience.
• Developing a documented internal process for request management.
• Partnering with IT and procurement champions to accelerate approval times.

Duration: 1m 20s

This training explains how to use outcome labels to enhance decision-making when finalizing requests. It helps businesses look beyond simple yes or no answers by aligning custom request designations with specific policy language. 

What you'll learn:

• Implementing structured outcome labels during request finalization.
• Creating specific designations like "Approved for a pilot" for clearer decision-making.
• Aligning custom request outcomes with internal policy language.
• Providing operational clarity to teams through structured data fields.

Duration: 50s