Apptega Enhances Platform with Third-Party Risk Manager, Enabling Enterprise-Grade Risk Management For All Organizations

ATLANTA, October 7, 2025 - Apptega, the leading security, compliance and risk platform for security providers, today announced the launch of its Third-Party Risk Manager module. The offering evolves Apptega’s Vendor Risk module, enabling enterprise-grade partner and vendor risk analysis for organizations and security of all sizes and maturity levels. Apptega's Third Party Risk Manager, in combination with its Risk Management module, allows businesses to create holistic views of risk across their entire attack surface, facilitating the identification of vulnerabilities and risk gaps, and ensuring a comprehensive assessment of third parties. This strengthens overall security and compliance efforts.

Apptega’s Third-Party Risk Manager gives security teams new leverage to enrich cybersecurity programs and improve end-to-end security postures by identifying and automatically tracking risks in external systems. This visibility enables security teams to contextually understand and close security gaps that could be highlighted in assessments and audits that dissect alignment with cybersecurity frameworks like CMMC, NIST, ISO or other standards. The solution streamlines tedious manual workflows that accompany creating, distributing and assessing vendor risk scoring questionnaires, and subsequently automates how risks are tracked and prioritized for remediation, connecting third-party risk directly with the broader risk register for a holistic view.

“According to recent research, 30% of all data breaches in 2024 resulted from vulnerabilities in third-party systems. Further, small businesses and mid-market enterprises become victims 4x more frequently than their large enterprise counterparts, evidencing a clear mandate has emerged that no organization should put themselves at risk by placing blind faith in partner organizations to be secure by default,” said Rahul Bakshi, Chief Product Officer at Apptega. “Apptega’s Third-Party Risk Manager introduces a flexible and comprehensive set of features that ensures that scores are meaningful, comparable and closely aligned with real risk priorities. By shortening the distance between vulnerability identification, risk register tracking and remediation prioritization ranking, we’re amplifying organizational confidence that vendors are being vetted proactively before an incident occurs, not after.”

Key Features in Apptega’s Third-Party Risk Manager include:

• Centralized Platform Management - Managing questionnaires and vendor outreach in one place helps teams respond faster and more consistently, while a unified audit trail simplifies third-party reviews and reporting.
• Comprehensive Visibility - By pinpointing vulnerabilities and risk gaps, security teams can instantly spot high-risk vendors, improve fidelity in recognizing inherent vs. residual risks and produce defensible risk assessments for audits and executive reporting.
• Custom Vendor Questionnaires and Scoring - IT and security teams gain flexibility to use their own questionnaires, set scoring logic, tweak response types, and add follow-up questions. Because each response is weighted to each team’s risk model, Third-Party Risk Manager cuts down on rounds of discussion by surfacing the exact verifications needed.
• Automatic Scoring and Assessment - Automatic scoring for each questionnaire accelerates how assessments are leveraged after collection, using objective, repeatable ratings to give stakeholders a clear, comparable view of vendor posture for reporting and service level agreements.
• Focused Remediation - Teams are equipped to determine specific elements within individual responses that contribute to elevated risk, with concrete steps to prioritize remediation of the highest-impact gaps before exploitation. By addressing root causes, not symptoms, organizations reduce repeat findings and overcome historically vague feedback, leading to stronger security postures.

Apptega’s Third-Party Risk Manager strengthens the service capabilities of MSPs and MSSPs, giving them the tools to proactively identify, monitor, and mitigate third-party risk on behalf of their clients. This empowers service providers to deliver more robust protections for companies lacking the internal resources to attain visibility and manage third-party risk on their own. By equipping MSPs and MSSPs with a centralized, automated and flexible platform, Apptega enables them to manage risk holistically, elevate their security and compliance offerings, and build deeper trust with the businesses they protect.

“Fortune 100 companies have had robust third-party risk programs for more than 20 years, especially in highly regulated industries like defense, healthcare and financial services, but mid-market organizations have struggled because the solutions were too expensive and complex,” said Rob Lanni, Director and CIO at managed service provider Vistrada. “As companies realize that cybersecurity must extend beyond their four walls, Apptega is meeting them by delivering the functionality they need at a price point they can manage. It’s their first realistic entry point into third-party risk management.”

To read more about how Vistrada partners with Apptega to bring enterprise-grade TPRM to its clients, read their case study.

For more information on Apptega’s Third-Party Risk Manager, visit apptega.com/platform/third-party-risk-manager

Originally published through Business Wire.