.jpg)
Vanta, a leading AI-powered trust management platform, announced the acquisition of Riskey on July 17, 2025, integrating its real-time third- and fourth-party risk monitoring technology into Vanta’s Vendor Risk Management (VRM) solution. This move transforms traditional vendor risk management by replacing static, point-in-time assessments with continuous, AI-driven risk intelligence, addressing the escalating challenges of third-party cybersecurity risks.
Vanta acquires Riskey to enhance VRM with continuous AI monitoring.
Replaces annual questionnaires with real-time risk alerts and insights.
Monitors vulnerabilities, breaches, misconfigurations, and subprocessors.
Saves IT teams 6+ hours weekly, with 526% ROI per IDC.
Supports 8,000+ global clients, including Atlassian and ZoomInfo.
Aligns with ISO 42001 and NIST AI RMF for responsible AI use.
With 45% of organizations facing increased business interruptions due to third-party cybersecurity incidents and vendor portfolios growing 9% annually, traditional risk assessments are inadequate. “The traditional model of vendor risk reviews—annual questionnaires and lagging scores—no longer meets the pace or scale of today’s threat landscape,” said Jeremy Epling, Vanta’s Chief Product Officer. Riskey’s technology enables Vanta to provide real-time monitoring, reducing the 6+ hours IT teams spend weekly on vendor reviews.
Co-founded by Koren Molcho, Yoav Dagan, and Eldar David, Riskey’s platform monitors vulnerabilities, breaches, misconfigurations, leaked credentials, and subprocessors. Its dynamic AI scoring model prioritizes actionable risks, cutting through data overload. “The pain in the current vendor risk market is deep and profound,” said Molcho, CEO of Riskey. “Combining Riskey’s monitoring technology into Vanta’s VRM offering is an absolute game changer.”
The integration empowers Vanta VRM customers to:
Conduct comprehensive first-, third-, and fourth-party risk assessments.
Automate evidence collection and risk scoring for streamlined workflows.
Receive real-time alerts with context, severity, and mitigation guidance.
Reduce noise by surfacing critical threats with AI-driven insights.
Vanta’s platform, serving over 8,000 clients like Atlassian and ZoomInfo, delivers a 526% ROI and saves $500K annually by automating audits and reducing third-party risks, according to IDC. “Vanta’s vendor risk monitoring is a great platform for both our CISO and CIO,” said Itay Yefet, CIO of Liberty Latin America. The acquisition aligns with Vanta’s ISO 42001 certification, reinforcing responsible AI use in compliance with frameworks like NIST AI RMF and the EU AI Act.
Vanta’s acquisition builds on its $150M Series C funding in July 2024, valuing the company at $2.45B. Its AI Agent, launched in June 2025, automates GRC workflows, saving teams 12+ hours weekly. With over 350 integrations, including AWS and Jira, Vanta supports 30+ frameworks, positioning it as a leader in the GRC market, recognized by Forbes Cloud 100 and IDC MarketScape.
Vanta’s acquisition of Riskey sets a new standard for vendor risk management, empowering organizations to proactively manage third- and fourth-party risks with AI-driven, real-time intelligence, ensuring security and compliance in a rapidly evolving threat landscape.
Vanta is the leading AI-powered trust management platform that helps simplify and centralize security for organizations of all sizes. Over 11,000 companies including Atlassian, Duolingo, Icelandair, Ramp and Synthesia rely on Vanta to build, maintain and demonstrate their trust—all in a way that's real-time and transparent. Founded in 2018, Vanta has customers in 58 countries with offices in Dublin, London, New York, San Francisco and Sydney.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.