VendorSentry

VendorSentry is a web app (with optional Slack/Teams alerts) that continuously monitors third-party compliance posture and evidence freshness for SOC 2, ISO 27001, HIPAA, and PCI-adjacent requirements. Instead of collecting PDFs once a year, it tracks what actually changes: vendor security pages, trust centers, status pages, breach disclosures, certificate expirations, and key control attestations. You set minimum requirements per vendor tier (critical, high, medium), and the app flags drift, missing artifacts, and upcoming expirations with a clear “what to ask for” checklist. It also maintains an audit-ready timeline of requests, received evidence, and reviewer notes. This is a combination traditional + AI app: AI is used to extract structured claims from documents and web pages and to detect inconsistencies, but the workflow remains human-verified to avoid hallucination-driven compliance mistakes.