Vanta Third Party Risk Management is a platform designed to automate and streamline vendor security assessments and ongoing third-party risk monitoring. The product enables organizations to evaluate vendor security posture through automated evidence collection, questionnaires, and analysis of security documentation including SOC 2 reports and Data Processing Agreements. The platform incorporates AI capabilities to extract relevant information from vendor documentation and accelerate the assessment process. It features automated vendor discovery to identify shadow IT, continuous monitoring of vendor attack surfaces and subprocessors, and real-time alerts for security issues with contextual severity information. Organizations can customize risk scoring using inherent and residual risk rubrics or leverage out-of-the-box templates. The system includes automated evidence requests to vendors with follow-up management, and can pull documentation directly from external Trust Centers. Assessment workflows integrate findings into a unified risk program view. The product offers pre-built questionnaire templates and supports custom questionnaire creation. It provides procurement system integration capabilities to align vendor risk management with procurement workflows. Vanta acquired Riskey to enhance continuous vendor risk monitoring capabilities within the platform.