COBRA

​Vendor risk management Platform

An End-to-End service on a unique platform operated by security specialists to target your vendor risks

Balance local accountability for decision making with centralised oversight

Take action based on the results of advanced analytics and relevant reports

Drive efficiency in an otherwise labour intensive and complex risk process

Compare vendor data with intelligence from a variety of open sources

Implement a full Vendor Risk Management program 

It takes the heavy work off your hands, leaving you to manage risk at the strategic level based on the most up to date, relevant information available.

1

User Interface & Navigation

Full Profile management with dashboards for up to the minute view of risk status and programme implementation. 


  • Easy & Intuitive
  • Access & User Controls
  • Browser Accessible
  • Help functionality
  • Search Capabilities
  • Analytics & reports
  • Customer Branding


Easy Reporting of risk data as part of an organisation wide VRM program 

2

Comprehensive Assessment

Categorise vendors into risk tiers, including customisable capabilities to support detailed assessment of risks.


  • Vendor self-service to complete assessment
  • Configurable surveys and questionnaires
  • Intuitive questions automatically checked for quality of completion
  • Templates to support specific regulatory mandates
SubmissionQuestionnaire

3

Independent Verification

Continuously monitored, automatic Open Source Intelligence driven independent verification of each vendor's risk landscape to qualify and inform the validity of the vendor's internal assessment and prioritise risks for visibility:
  • Configuration
  • Attack Surface
  • Data Leakage
  • Social Vulnerabilities
OSINT overview and risk indicators

4

Workflows & Collaboration to assess, validate and monitor controls

Cross-organisation collaboration for automated decision making and escalation


  • Assess the effectiveness of controls
  • Workflow process management
  • Immediate visibility of anomalies
  • Vendor risk modelling
  • Tracking against historic risk changes

5

Remediation and Exception Management 

Manage vendor risk exceptions in relation to ongoing control requirements:


  • Issue and exception logging
  • Remediation and clarification actions
  • Address approved and non-approved exceptions
  • Follow up process for re-evaluating exception conditions