VendorSentry

VendorSentry is a web app (with optional lightweight desktop agent) for SMBs that need practical third‑party risk management without enterprise overhead. It inventories SaaS vendors automatically via email and SSO logs, then scores each vendor’s risk using a mix of public signals (breach history, domain security posture, certificate hygiene) and questionnaire responses. The app generates plain‑English remediation tasks: tighten SSO settings, remove unused integrations, enforce MFA, and flag vendors handling sensitive data without adequate controls. For managed security providers, it offers a multi-tenant console, recurring review workflows, and client-ready reports that don’t read like legal boilerplate. This is a combination traditional + AI app: AI drafts questionnaires, summarizes vendor security docs, and turns findings into prioritized action lists. It won’t replace a full GRC platform, but it covers the 80% SMBs actually execute.