Cybersecurity risk assessment and management platform.
UpGuard delivers an AI-powered platform for Cyber Risk Posture Management (CRPM), offering unified, actionable insights into cybersecurity risk. It integrates vendor, attack surface, and human risk management modules, leveraging continuous monitoring and automation to identify and remediate cyber threats across client supply chains and operations. The platform provides a centralized view for comprehensive risk management.
Mike Baukes and Kaushik Sen founded UpGuard in 2012, recognizing businesses' need for visibility and control over cyber risk. Their initial focus on configuration management broadened into a comprehensive solution for external and internal vulnerabilities. This understanding drives its development of integrated cybersecurity tools that simplify complex challenges for users.
The platform serves a diverse global customer base across financial services, technology, and healthcare. UpGuard’s mission is to protect the world's data by empowering security teams to manage cyber risk with confidence. It strives to deliver an integrated solution, enabling organizations to measure and improve security across all exposure points.
This company has completed 7 funding rounds. Current round is highlighted.
Total Raised
$196.1M
Top Valuation
-
UpGuard raised $75M in a Late Stage Venture round.
The round was led by Springcoast Capital Partners.
UpGuard is a cybersecurity company that builds an AI-powered platform for cyber risk posture management, unifying third-party risk (TPRM), attack surface monitoring, data leak detection, and human workforce risk across vendor supply chains, digital footprints, and trust relationships.[1][2][5] It serves global organizations in sectors like financial services, technology, healthcare, and telecommunications, solving critical problems such as preventing data breaches, continuously monitoring vendor security postures, automating risk assessments, and enabling compliance with regulatory standards through real-time alerts, security ratings, and remediation workflows.[1][3][4][5][6] The platform's growth momentum is evident in its expansion from vendor risk tools to holistic solutions like User Risk (launched recently for workforce visibility) and adoption by enterprises for mission-critical supply chain insights, with 82 U.S.-based employees and offices in Mountain View, CA; Hobart; and Sydney.[1][5][7][8]
UpGuard was founded in 2012 in Australia as ScriptRock, initially focused on IT management and configuration profiling, before evolving into a full cyber risk management leader under the UpGuard name.[1][4][7] Headquartered in Hobart with U.S. expansion to Mountain View, California, the company pivoted to address growing third-party and supply chain risks, building on early traction in vulnerability management and security ratings.[1][4] Key pivotal moments include developing proprietary data leak detection across the surface, deep, and dark web, and recent innovations like the Virtual Risk Operations Center (vROC) and User Risk module, which provide 360-degree cyber risk views amid rising global breach concerns.[1][2][5][7]
UpGuard rides the surging demand for third-party risk management amid escalating supply chain attacks, data breaches, and regulatory pressures like GDPR and cyber insurance mandates, where traditional manual processes fail against sophisticated threats.[1][2][5][6] Its timing aligns with AI adoption in cybersecurity and the shift to cloud-first operations, providing external visibility into vendors' postures that internal tools overlook, influencing the ecosystem by enabling safer vendor ecosystems for tech giants and telcos like Superloop.[1][4][6] By automating 360-degree assessments and human risk monitoring, UpGuard helps organizations strengthen resilience in a landscape where fourth-party risks and dark web leaks amplify exposures across finance, healthcare, and beyond.[1][5][7]
UpGuard is poised to dominate cyber risk posture management as AI enhancements and integrations (e.g., APIs for risk stacks) drive faster detection and orchestration in an era of pervasive supply chain vulnerabilities and workforce AI risks.[5][7] Trends like real-time compliance automation and dark web proliferation will fuel expansion, potentially through deeper enterprise penetration and acquisitions mirroring its ScriptRock evolution. Its influence may evolve from vendor monitoring specialist to indispensable platform for holistic cyber resilience, empowering organizations to outpace attackers while building trust at scale—cementing its role as the unified shield for digital assets in a breach-prone world.[1][2][5]