UpGuard Vendor Risk

What is Upguard Vendor Risk? #

UpGuard Vendor Risk (formerly UpGuard CyberRisk) is a vendor risk management software that discovers cyber risks from third-party vendors, prevents third-party data breaches, and complies with regulations. UpGuard Vendor Risk combines security ratings, security questionnaires, data leak detection, security profiles, and risk assessment workflows to provide a complete view of your vendors’ security posture.

Why Should You Use the Upguard Vendor Risk Connector? #

The Upguard Vendor Risk connector provides visibility into the assets and vulnerabilities in your environment. You can use this visibility to:

• ensure assets are managed per your security policies
• ensure user are managed per your security policies
• derive relationships between assets, users, applications, and data

How Does This Connector Work? #

Meridian executes read-only requests to the Upguard Vendor Risk REST API and ingests only meta-data about Upguard Vendor Risk devices. Meridian does not retrieve any data stored on your assets.

Configuring the Connector in Meridian #

Parameters #

• URL (required): The URL of the UpGuard Vendor Risk API, for example, https://cyber-risk.upguard.com

• API Key (required): UpGuard Vendor Risk API key

• Verify SSL (optional, default is false): Verify the SSL certificate or not

Source Documentation #

Creating Credentials #

To create an API Token:

https://help.upguard.com/en/articles/8060003-how-to-authenticate-with-your-upguard-api-key

Select Vendor Risk and User Risk when creating the API Token.

Required Permissions #

The Upguard Vendor Risk token must include permission for Vendor Risk and User Risk.

https://support.kandji.io/kb/kandji-api#inspect-or-modify-a-token

API Documentation #

https://help.upguard.com/en/collections/2248373-upguard-api

https://cyber-risk.upguard.com/api/docs