Capterra’s researchers use a mix of verified reviews, independent research and objective methodologies to bring you selection and ranking information you can trust. While we may earn a referral fee when you visit a provider through our links or speak to an advisor, this has no influence on our research or methodology.
Capterra carefully verified over 2 million reviews to bring you authentic software and services experiences from real users. Our human moderators verify that reviewers are real people and that reviews are authentic. They use leading tech to analyze text quality and to detect plagiarism and generative AI. Learn more.
Capterra lists all providers across its website—not just those that pay us—so that users can make informed purchase decisions. Capterra is free for users. Software and service providers pay us for sponsored profiles to receive web traffic and sales opportunities. Sponsored profiles include a link-out icon that takes users to the provider’s website. Learn more.
CyberGRX has the #1 third-party risk management platform that automates self-assessments and their validation for third-party suppliers. Identify risks, reduce costs, scale your ecosystem, and get access to advanced analytics that'll save countless hours of manually assessing risk.
Provider
CyberGRX
Located In
United States
Foundation
2015
Open API
Unverified
Deployment
Cloud, SaaS, Web-Based
Training
Videos, Webinars, Live Online, Documentation
Support
Email/Help Desk, Phone Support, FAQs/Forum, Knowledge Base
Whether you are an Enterprise or Third-Party, CyberGRX is a force multiplier for your team. Our Global Risk Exchange and Risk Assessments-as-a-service eliminate waste and redundancies.
Content Source: CyberGRX
Based on other buyer's searches, these are the products that could be a good fit for you.
A product’s price can vary greatly based on features needed, support or training required, and customization requests. Some vendors want a chance to talk to you before being ruled out for pricing. When you find a product that fits your needs, you should talk to the vendor to figure out what they can offer.
CyberGRX Reviews
Pros
Great user interface, generally intuitive and user-friendly and very easy to figure out.
Durable record of our security posture. Also like the reuse and easy distribution of our findings.
My experience with CyberGRX was positive overall and I think this can be an important assessment tool for an organization when used in conjunction with a technical requirements questionnaire.
As a vendor that is responding to customer due diligence requests, I like how seamless and efficient it makes the vendor response and update process.
Cons
Overly aggressive Assessment Coordinator. You should never contact a mutual client and relay derogatory comments about response time.
Allowing somewhat weaker passwords would be more convenient and shouldn't present any real security risks.
There was no overview of the process that warned about being prevented from retracing previous answers to adjust once further questions helped illuminate the previous ones that were confusing.
It was a one-way process and if it was possible to redo anything, there was no apparent way to do this. These elements of the software were extremely frustrating.
"CyberGRX makes Security Assessments easy and painless"
Pros: Structured response to work in for responding to an assessment.
Cons: A lot of documentation verification requests.
Vendor Response
"CyberGRX from the user side"
Overall: My experience with CyberGRX was positive overall and I think this can be an important assessment tool for an organization when used in conjunction with a technical requirements questionnaire.
Pros: I initially used CyberGRX earlier in 2019 as part of a security assessment request from one of our clients and now my organization uses CyberGRX to do some of our own assessments. Cyber GRX was easy to use and understand. I liked that the multiple-choice format was easier to complete than an opened ended comment form. The questions are consistent and I would definitely say that it is thorough and covers all aspects of a security function.
Cons: The CyberGRX questionnaire was VERY long. While an organization with a mature security program will often have many individuals with specific roles and responsibilities I think the questionnaire could combine some of the questions which seem to get redundant. The questionnaire asks about education and experience for the personnel responsible for each aspect of security and therefore there are many similar questions.
Vendor Response
"Long winded and too detailed for smaller companys"
Pros: Very detailed reporting, easy to log on and create users
Cons: Takes too long to go through all the questions. If you are a small company a lot of what is asked is not appropriate. If you say yes to a section then when you get into it you should have said no, there is no way to go back and change the answer. Very long winded with not enough explanation on the sections being completed.
Vendor Response
"CyberGRX Review"
Overall: Overall CyberGRX was extremely professional and very attentive to detail, deadlines, etc. They communicated very effectively and respectfully and were genuinely interested in helping our teams succeed. They were a little hobbled in my opinion by the quality of the tools they were forced to use, but as staff and company, were exceptional.
Pros: It was very professional. The high level overview of the categories and graphs provided a good outline of the overall objectives. They were repeated a lot, but did add some value.
Cons: The structure of the questions and explanations were non-intuitive and didn't provide enough detail to correctly understand what was being asked in order to provide a satisfactory response. There was no overview of the process that warned about being prevented from retracing previous answers to adjust once further questions helped illuminate the previous ones that were confusing. It was a one-way process and if it was possible to redo anything, there was no apparent way to do this. These elements of the software were extremely frustrating.
Vendor Response
"CyberGRX review"
Overall: I wouldn't recommend this product as an audit solution due to the recent experience with your Assessment Coordinator
Pros: Last year's answers are self populating, you only have to change or confirm no change to the selected status.
Cons: Overly aggressive Assessment Coordinator. You should never contact a mutual client and relay derogatory comments about response time.
Vendor Response