CyberVadis Automated Risk Insights is a SaaS-based third-party cyber risk assessment tool that provides automated, zero-touch vendor risk insights without requiring direct interaction with vendors. The platform centralizes vendor and supply-chain cyber risk data in a single interface, enabling organizations to manage vendor portfolios with associated cyber-related information including tiering, relationships, regulatory mapping (NIS2/DORA), and contractual details. Key capabilities include: - Automatic detection of publicly available vendor certifications (ISO 27001, TISAX, SOC 2 Type 2) without needing to request them from vendors directly. - External Attack Surface Management (EASM) that performs passive, read-only scans of a vendor's external-facing assets across four domains: Application, Network, DNS, and Patching. - Transparent, easy-to-read reports designed for both technical and non-technical users, covering high-level external risk exposure. The tool is designed as an initial screening step in a two-stage vendor risk assessment workflow, determining whether a vendor requires a deeper, evidence-based assessment. It integrates with other supply chain and third-party risk management tools via APIs, and connects with business processes such as procurement workflows. The EASM component follows a strictly passive approach, only performing external requests and not interacting with vendor internal systems.