FortifyData Transforms Third-Party Risk Management with AI Automation

FortifyData, a leading cyber risk management platform, announced significant AI enhancements to its Third-Party Risk Management (TPRM) application, including its AI Auditor that analyzes reports —soft-launched in late Q3 2025—and a preview of AI workflow automation features designed to streamline the vendor lifecycle process.

As organizations increasingly rely on third-party vendors, the attack surface expands dramatically. According to the 2025 Verizon DBIR, “30% of breaches were linked to third-party involvement, twice as much as last year, and driven in part by vulnerability exploitation of all breaches” (up from 15% the prior year). FortifyData’s TPRM application already addresses this growing threat head-on with continuous monitoring powered by direct assessments supplemented with questionnaires, and with new advancements of the AI Auditor and vendor AI workflow automation FortifyData provides comprehensive visibility into vendor cyber risk that takes less time without compromising risk accuracy.

Cyber Technology Insights : Trend Micro Unveils Comprehensive Enterprise AI Risk Management

TPRM AI Auditor

The new AI Auditor enables TPRM teams to upload common vendor security reports—such as SOC 2, HECVAT, SIG, or other industry-specific documents—and receive an intelligent audit against selected frameworks (e.g., NIST, ISO 27001, CIS Controls). The AI generates an intuitive dashboard highlighting gaps, control deficiencies, and compliance status, complete with page-specific citations from the original report. This eliminates hours of manual review, allowing teams to evaluate more vendors faster while making more informed risk decisions.

“Manual review of vendor reports has long been a bottleneck for TPRM programs,” said Victor Gamra, CEO at FortifyData. “Our AI Auditor delivers immediate value by automating analysis with precision and transparency, helping clients scale their vendor oversight without sacrificing accuracy. Even I was surprised at some of the gaps it highlighted when evaluating our own SOC 2 report.”

Cyber Technology Insights : Black Kite and Carahsoft Partner to Deliver Third-Party Risk Management

TPRM AI Workflow

Looking ahead, FortifyData will also release AI workflow capabilities that will autonomously communicate with vendors— guiding them through platform onboarding steps, requesting missing or additional documentation/evidence, highlighting non-compliance and sending status reminders. These features will further reduce administrative burden and accelerate vendor lifecycle management.

FortifyData’s TPRM application combines these AI innovations with its core strengths: ongoing risk monitoring through external attack surface assessments, vulnerability intelligence, and questionnaire-based insights—delivering a complete, proactive approach to third-party cyber risk.

Cyber Technology Insights : Meditology Services Acquires CORL Technologies to Boost Third-Party Risk Management

Source: PR Newswire

To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com