Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

UpGuard: You Can’t Patch What You Don’t See

Truth in IT
05/05/2025
2 (100%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


Hi Mike Matchett Small World Big Data. We are here at RSAC 2025 and there are lots and lots of people still hanging around. There's thousands and thousands of people. There are over 600 security vendors here, but we are talking with some of the best. We've got Upguard here today. Welcome to our show. Thank you. Good to be here. Good to be here, sir. So I think our folks want to know, first of all, what role does Upguard play in the cybersecurity space? Yeah, Upguard plays a pretty big role in the cybersecurity space. We help organizations assess their third party vendors by way of daily scans, security questionnaires, security documentation. And we put that all together in a risk assessment. So organizations have a more cohesive process when it comes to reducing risk across their vendor supply chain, as well as looking at their own attack surface management and reducing risk there. So it's a collaborative measure, and we're working with our customers to help reduce risk in cybersecurity. All right. So this is is this a kind of posture looking at that or a compliance kind of role. Or is this more of an active seem kind of SOC kind of role. It's a little bit of both. I think, you know, we're reducing risk, which is number one. And then the second part is making sure that us and our vendors are compliant in the space. So everyone's kind of working together. I like to call it the good guys are teaming up against the bad guys, and that's what we're all about here at Upguard. So just just for the audience, what's one of the risks of not having a good idea of a good understanding of what the vulnerability is of one of your upstream vendors? Yeah. I mean, if you think about like an organization that's hosting employee data, right? They have Social Security numbers, they have banking information, and you're outsourcing it to another organization. You don't know how that vendor is performing from a security perspective without upguard, if you don't have someone like us, you you have to do it manually. You have to gather that information, and we put it all together and make you feel comfortable. And you can sleep at night knowing your vendors are doing what they can to protect your data. What if someone doesn't really understand their supply chain? Do you guys help them figure that out? Yeah, I mean, we are a pretty dynamic solution. We work with organizations that have tens of thousands of vendors, and we work with companies who have no they don't have a process in place, and they need to upgrade to kind of help them understand what they need to do, and then we help them get there. Is this a long process or something someone can implement in a shorter project? It's a subjective process to the organization and their vendor ecosystem, but it's pretty easy to stand up. We're we're web based. We can bulk import all your vendors in one instance. Um, so, you know, you can take it from my customers. It's a pretty easy process and they enjoy it. All right. And this definitely helps improve compliance and regulation and governance. Right. Yeah. Yeah that's exactly what we do. We help organizations make their vendors adhere to specific compliance. Yeah okay. If someone is looking around at this show and saying, oh, there's lots of security problems to attack and there's lots of things going on, what have you noticed as a theme that you particularly think upgrade would be a good solution for upgrades? Good for anyone? Honestly, you know, walking around here, I see a lot of vendors. The the main driver in the space. And what I'm seeing is everyone's worried about their vendors. Over 60% of data breaches come from third party vendors. You know, if you're not assessing them, you're not sleeping well at night. So that's really where Upguard comes in and where we support our customers. All right. And if someone wants to find out a little bit more information from Upguard, you've got some stuff on your website, no doubt. Where would you recommend they start? Give me a call. My cell phone. No, I mean, yeah, our website's great. We're very transparent with everything. Everything's up there. But our team is also very easy to work with so they can shoot me an email if they want to schedule a call. I'm happy to talk about it more in person. All right. Thank you very much. Supply chain. Secure it. Take care. Bye.
Upguard monitors your entire supply chain for cybersecurity risk, providing automated assessments of third- and fourth-party vendors. With attack surfaces constantly shifting, they give security teams the intel to prioritize fixes, flag exposures, and hold partners accountable—before those weaknesses become headlines.
Categories:
  • » Cybersecurity » Data Security
  • » Cybersecurity » Application Security
  • » Small World Big Data
  • » Cybersecurity
Channels:
  • Mike Matchett: Small World Big Data
News:
Events:
Tags:
  • rsac2025
  • cybersecurity
  • matchett
  • upguard
  • supply
  • chain
  • risk
  • third-party
  • vendors
  • cyber
  • risk
  • security
  • assessments
  • attack
  • surface
  • vendor
  • risk
  • security
  • automation
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: UpGuard: You Can’t Patch What You Don’t See

              Upcoming Webinar Calendar

              • 07/09/2026
                01:00 PM
                07/09/2026
                The HUMAN Experience: Empowering Agentic Trust in Practice
                https://www.truthinit.com/index.php/channel/2026/the-human-experience-empowering-agentic-trust-in-practice/
              • 07/14/2026
                01:00 PM
                07/14/2026
                Crafting an Elite Security Team to Achieve Championship-Level Defense
                https://www.truthinit.com/index.php/channel/2025/crafting-an-elite-security-team-to-achieve-championship-level-defense/
              • 07/14/2026
                02:00 PM
                07/14/2026
                Understanding the Crucial Role of Context in AI Data
                https://www.truthinit.com/index.php/channel/2037/understanding-the-crucial-role-of-context-in-ai-data/
              • 07/21/2026
                04:00 AM
                07/21/2026
                Strategies for Managing AI Governance and Securing App-to-LLM API Traffic
                https://www.truthinit.com/index.php/channel/1967/strategies-for-managing-ai-governance-and-securing-app-to-llm-api-traffic/
              • 07/21/2026
                01:00 PM
                07/21/2026
                HUMAN Dialogue: Insights from Attackers During the FIFA World Cup
                https://www.truthinit.com/index.php/channel/2029/human-dialogue-insights-from-attackers-during-the-fifa-world-cup/
              • 07/22/2026
                06:30 AM
                07/22/2026
                Insights and Strategies for Mastering the DPDP Framework
                https://www.truthinit.com/index.php/channel/2000/insights-and-strategies-for-mastering-the-dpdp-framework/
              • 07/28/2026
                01:00 PM
                07/28/2026
                Illumio + Netskope: Zero Trust in the Age of AI Autonomy
                https://www.truthinit.com/index.php/channel/2031/illumio-netskope-zero-trust-in-the-age-of-ai-autonomy/
              • 07/29/2026
                04:00 AM
                07/29/2026
                Real-Time Strategies for Safeguarding Against Prompt Injections
                https://www.truthinit.com/index.php/channel/1968/real-time-strategies-for-safeguarding-against-prompt-injections/
              • 08/19/2026
                12:00 PM
                08/19/2026
                Becoming Agent Ready: Insights from Cyera's Expertise
                https://www.truthinit.com/index.php/channel/2036/becoming-agent-ready-insights-from-cyeras-expertise/
              • 09/30/2026
                04:00 AM
                09/30/2026
                AI Command Center: Optimizing Visibility and Control in Your Operations
                https://www.truthinit.com/index.php/channel/2024/ai-command-center-optimizing-visibility-and-control-in-your-operations/

              Upcoming Events

              • Jul
                09

                The HUMAN Experience: Empowering Agentic Trust in Practice

                07/09/202601:00 PM ET
                • Jul
                  14

                  Crafting an Elite Security Team to Achieve Championship-Level Defense

                  07/14/202601:00 PM ET
                  • Jul
                    14

                    Understanding the Crucial Role of Context in AI Data

                    07/14/202602:00 PM ET
                    • Jul
                      21

                      Strategies for Managing AI Governance and Securing App-to-LLM API Traffic

                      07/21/202604:00 AM ET
                      • Jul
                        21

                        HUMAN Dialogue: Insights from Attackers During the FIFA World Cup

                        07/21/202601:00 PM ET
                        More events
                        Truth in IT
                        • Sponsor
                        • About Us
                        • Terms of Service
                        • Privacy Policy
                        • Contact Us
                        • Preference Management
                        Desktop version
                        Standard version