Technology Adapters in BeyondRisk are software interfaces that allow the platform to connect and interact with various other systems and services via API integrations. They provide a means of automating mappings against framework controls and enable continuous controls monitoring.

An Adapter Configuration refers to the setup process that allows BeyondRisk's Technology Adapters to interface with a particular system or service. Each configuration is a unique set of connection details and settings that enable communication and data exchange between BeyondRisk and the specific system. For each adapter, you can have multiple configurations. This can be necessary if you have more than one instance of the same system in your environment, or if you need to connect to different services or APIs within the same system.

Active Directory is a commonly used service in many organizations for managing users and resources. Providing a free Active Directory Configuration enables BeyondRisk to provide value to many users right out of the box. It allows you to automate mappings against Active Directory framework controls and enable continuous control monitoring without incurring additional cost.

In the Free tier, BeyondRisk offers '1 x Adapter Configuration of choice.' This means, apart from the included Active Directory Configuration, you are permitted to choose and configure one additional API adapter that best aligns with your organization's needs, be it cloud-based or on-premise. This feature allows you to experience the value of BeyondRisk tailored to your specific requirements, all at no extra cost.

While you are free to update and edit the configuration of your chosen adapter as many times as you want, once you have selected a specific adapter as your 'Adapter of choice' for the free configuration, you cannot change to a different adapter. The selection of the adapter is fixed, though the details of its configuration remain flexible.

When subscribing to the Technology Adapters, you have two billing options. You can choose to be billed annually, which means you'll pay for a full year of service upfront at a discounted rate. Alternatively, you can opt for on-demand monthly billing, where you pay for the service month by month at a slightly higher rate. This provides flexibility for your budgeting and cash flow management.

If you no longer need a specific adapter configuration, you can deactivate it at any time. If you're on the monthly on-demand billing plan, changes will take effect in the next billing cycle. If you've chosen annual billing, the change will take effect at the end of the annual period.

There is no intrinsic limit to the number of adapter configurations you can have in the API Integration Adapters tier. The tier is designed to scale with your organization's needs.

BeyondRisk is committed to ensuring the security of your data. All connections made via the API Integration Adapters use secure protocols, and any data transmitted is encrypted. Moreover, BeyondRisk follows industry best practices for data security and privacy.

Automating mappings against framework controls is an immense time-saver for your organization. It effectively replaces manual, point-in-time assessments, eliminating the chance for human error and freeing your resources to focus on more strategic work. Beyond that, this automation ensures your control mappings are continuously updated, providing a real-time, accurate representation of your organization's compliance posture against various frameworks. The continuous aspect is crucial as it transforms the traditionally static compliance assessments into a dynamic and ongoing process, enhancing your ability to react to changes and maintain compliance.

BeyondRisk's Technology Adapters facilitate continuous control monitoring by consistently assessing the configuration and status of your diverse systems and services against your specified framework controls. The sophisticated risk scoring engine underpins this feature. This engine combines both industry-standard risk frameworks and our unique internal scoring methodologies, providing a holistic and precise evaluation.

BeyondRisk's Technology Adapters operate through three core layers. First, they collate and relate data from various systems and services, offering a complete view of your asset landscape for enhanced risk and compliance insights. Next, our advanced risk scoring engine analyzes this data using both industry-standard risk frameworks and our unique methodologies, ensuring precise risk evaluations. Finally, we automate the mapping of this correlated data and risk findings to your compliance frameworks. This process not only significantly conserves time and resources but also enables continuous control monitoring and updates.

Yes, you can have multiple adapter configurations for the same system or service. Each configuration is billed separately as they each represent a unique setup and data exchange. This provides the flexibility to tailor your integrations according to specific needs, such as different departments or regions within your organization.

Setting up an Adapter Configuration involves specifying the connection details for the system or service you wish to integrate with BeyondRisk. This typically involves entering details like the system's API endpoint, authentication details, and any necessary parameters. Our platform provides guided prompts to make the process straightforward.

Yes, you can modify your adapter configuration after it's set up to reflect changes in your systems or services, or to adjust the data you're monitoring. This includes changing the polling intervals to control how frequently the adapter checks and updates information from the connected system or service.

Yes, as long as your custom systems or services support API connections, you can use BeyondRisk's Technology Adapters to interface with them. This allows you to extend BeyondRisk's continuous control monitoring capabilities to virtually any part of your IT environment.

Yes, absolutely. If there is an adapter you need that we currently do not support, we welcome your request. We are committed to meeting our customers' needs and will add your request to our development queue. The upcoming adapter will be displayed in the list of adapters on our platform, along with an estimated release date. And the best part? We will build it for free as part of our commitment to deliver value to our customers.

BeyondRisk's development team continuously tracks and updates our technology adapters to account for changes in their associated APIs. We strive to ensure seamless integration, even when underlying systems or services evolve. In the event of an API change, we aim to update our adapters promptly to minimize any disruption to your continuous controls monitoring.

The type of data collected by the Technology Adapters depends on the specific system or service they are configured to connect with. In general, they can collect configuration data, system status, security settings, and other relevant data. This data is then used to perform risk assessments, automate mappings against framework controls, and enable continuous controls monitoring.

The free tier provides you with one Active Directory Configuration and one Adapter Configuration of your choice. If you wish to monitor more systems or services, you can opt for additional Adapter Configurations available in the API Integration Adapters tier. Each additional Adapter Configuration in this tier is charged at a rate of $70 per configuration per month when billed annually, or $84 per configuration per month if you choose the on-demand monthly option.

Compliance Frameworks in BeyondRisk refer to a set of industry-leading guidelines that help streamline your organization's maturity planning and strengthen its compliance efforts. These frameworks encompass both regulatory and best practice standards, offering a comprehensive approach to governance, risk, and compliance (GRC). BeyondRisk supports multiple frameworks, giving you the flexibility to select the ones that best suit your organization's needs, whether they're industry-specific regulations or universally acknowledged best practices.

The 'Spreadsheet Replacer' tier is the entry-level, free tier of our Compliance Frameworks. Designed to replace manual spreadsheet tracking, it allows you to transition your compliance efforts into the BeyondRisk platform seamlessly. This tier provides a host of features including 5GB free storage for an evidence dataroom, the ability to create unlimited custom manual controls, automatic cross-mapping of these controls across various frameworks, and access to mappings for free adapters. What's more, you can enjoy the benefits of team collaboration within the platform! The goal with this tier is to completely eliminate the need for spreadsheets in your compliance processes.

'Frameworks cross mapping' is a feature that automatically maps your compliance controls across different frameworks. If a control fulfills a requirement in one framework, BeyondRisk will identify where that control can fulfill requirements in other frameworks. This saves you the effort of manual mapping, enhancing efficiency and consistency in your compliance efforts.

'Custom Controls' refers to manual controls that you, as a user, create and define within BeyondRisk according to your specific needs. These can be used to address unique compliance requirements or processes specific to your organization that aren't covered by the pre-mapped System Controls provided by BeyondRisk.

Absolutely! That's precisely the goal of our 'Spreadsheet Replacer' tier. You can certainly shift all your manual work from spreadsheets to BeyondRisk's free tier. This includes features like 5GB of storage for your evidence dataroom, unlimited creation of custom manual controls, and team collaboration capabilities. All these features enable you to centralize and streamline your compliance work within the BeyondRisk platform without the need for auto-mapped system controls.

The 'Automation Pioneer' tier includes all the features of the 'Spreadsheet Replacer' tier, with the addition of Auto-mapped system controls.' These are pre-mapped controls provided by BeyondRisk that map directly to your systems and services for an automated compliance process.

'Auto-mapped system controls' refers to pre-defined controls provided by BeyondRisk that are automatically mapped to specific systems, services, products, and tools via API integrations. We also include mappings for various policies and processes. These auto-mapped controls streamline the compliance process, providing a consistent and accurate basis for compliance monitoring and reporting. By reducing the need for manual mapping, they help eliminate human error and save significant time.

The 'Automation Warrior' tier is the most advanced automation tier for Compliance Frameworks. It includes all the features of the 'Automation Pioneer' tier, plus Policy Templates and Evidence Auto-Generation. These features provide additional resources to support your compliance efforts, from ready-made policy templates to automated generation of compliance evidence.

'Policies Templates' are pre-formatted templates for various industry-standard policies that you can use as a starting point for creating your organization's policies. These templates cover a wide range of areas such as cybersecurity, privacy, operations, and more. They are designed to save you time and ensure that your policies align with best practices and regulatory requirements.

'Evidence Auto-Generation' is a feature that leverages our API adapters to automatically generate and organize evidence of compliance. This is based on your control mappings and system configurations. By automatically compiling proof of your organization's adherence to various compliance requirements, this feature simplifies the audit process and readily provides the necessary documentation to demonstrate your compliance status, saving you considerable time and effort.

For the Spreadsheet Replacer and Automation Pioneer tiers, BeyondRisk provides 5GB of storage space for evidence in the data room. However, for the Automation Warrior tier, we offer unlimited storage space, accommodating organizations with more extensive evidence storage needs. This allows you to securely store and manage all your compliance evidence within BeyondRisk, irrespective of the volume.

Yes, you can switch between tiers to match your changing compliance needs. Upgrading your tier will provide you with immediate access to the additional features. Downgrading your tier will take effect at the end of your current billing cycle.

When subscribing to the Compliance Frameworks, you have two billing options. You can choose to be billed annually, which means you'll pay for a full year of service upfront at a discounted rate. Alternatively, you can opt for on-demand monthly billing, where you pay for the service month by month at a slightly higher rate. This provides flexibility for your budgeting and cash flow management.

Absolutely, working on multiple Compliance Frameworks simultaneously is not only possible but is a key feature of BeyondRisk. Our platform is designed to simplify and streamline your compliance efforts by allowing you to fulfill a requirement in one framework and automatically mapping it to corresponding requirements in other frameworks. This 'fulfill once, fulfill all' approach significantly reduces redundancy and ensures your organization can readily adhere to various industry and regulatory standards, all while saving considerable time and effort.

At BeyondRisk, our commitment is to stay abreast of the latest versions of all supported Compliance Frameworks. When a new version of a framework is released, our team updates the relevant mappings and controls in BeyondRisk to reflect these changes. The beauty of this is that it happens seamlessly, without any manual intervention required from your end. This guarantees that your compliance processes are always aligned with the most current standards. Furthermore, any cross-mappings affected by the update are automatically adjusted, ensuring the integrity and accuracy of your compliance efforts.

Breach Intelligence is a feature that keeps you informed about potential security breaches. It provides information on compromised email addresses or domains, along with the source of exposure, allowing you to proactively respond and secure your organization's information.

External Surface Scan continuously discovers and monitors your organization's public online assets, open ports, domains, networks, and cloud resources. It scans your organization’s domains and IP addresses found on the internet for security exposures, vulnerabilities, and misconfigured access points.

Monthly and Weekly updates refer to the frequency at which BeyondRisk conducts its security scans and updates your risk information. For Free users, these scans are run and information is updated once a month. For Enhanced users, these security scans are conducted and information is updated every week. This offers a more dynamic and current view of your security posture, allowing for prompt identification and response to potential threats or vulnerabilities.

"Breach Intel" goes a step further than standard security measures by actively monitoring the internet for any compromised data related to your organization. This could be leaked email addresses, breached passwords, or other exposed sensitive data. This proactive measure provides you with the opportunity to respond swiftly to potential threats and breaches.

While BeyondRisk provides detailed insights into your digital security profile and highlights any potential vulnerabilities, it does not directly fix these issues. Our reports provide you with all the necessary information to understand the vulnerability and guidance on steps you could take to rectify the issues, enabling your technical team to take action promptly.

Currently, BeyondRisk offers weekly updates on the Enhanced tier. We have designed this frequency to provide a balance between timely insights and efficiency. However, we're always open to feedback and may consider more customization options in the future based on user needs.

Managing non-relevant or non-critical domains or IPs is important for maintaining an accurate view of your risk profile. By excluding these from your security score, you ensure that your score truly reflects the security posture of your critical digital assets, allowing you to focus on the areas that matter most to your organization's security.

BeyondRisk's External Surface Scan is designed to detect a wide range of vulnerabilities in your organization's publicly exposed digital assets. This includes, but is not limited to vulnerabilities such as open ports, exposed databases, and misconfigured settings.

Regardless of the geographical spread of your organization, BeyondRisk can analyze all your publicly exposed digital assets. Our External Surface Scan and Breach Intel features work on a global scale, allowing you to monitor the digital security posture of your entire organization, no matter where your assets are located.

Yes, BeyondRisk stores your historical risk score data and scan results, allowing you to track your progress over time. This historical data can help you identify trends, track the effectiveness of your security measures, and predict potential future risks.

The Enhanced Tier is designed for organizations that require more frequent updates and insights into their digital security profile. This could include businesses with a larger digital footprint, organizations operating in industries with heightened security requirements, or companies that simply wish to take a proactive approach to their digital security.

When subscribing to the Enhanced tier, you have two billing options. You can choose to be billed annually, which means you'll pay for a full year of service upfront at a discounted rate. Alternatively, you can opt for on-demand monthly billing, where you pay for the service month by month at a slightly higher rate. This provides flexibility for your budgeting and cash flow management.

For the monthly on-demand billing, you can cancel your subscription at any time. For annual billing, the contract period is one year, and cancellation will be applicable at the end of your annual term. For more details, we recommend reviewing our terms of service or contacting our support team.

BeyondRisk adheres to stringent data privacy protocols, with encryption used for data both in transit and at rest. The data we analyze for External Surface and Breach Intel is sourced from public-facing digital assets; we do not intrude into or analyze your internal systems. All information is used solely for the purpose of providing you with security insights and is not shared with any third parties. Our commitment to your privacy and security underpins everything we do at BeyondRisk.

The Enhanced tier offers several benefits over the Free tier. These include weekly updates on your security status for better risk management, and the upcoming feature of monitoring and managing your organization's domains and IP addresses from a central dashboard.

Once released, the Domains and IPs Management feature will allow you to map application and group names to domains and IP addresses, making management easier. It's designed to provide a streamlined, centralized system for monitoring and managing your digital assets, enhancing your organization's overall digital security profile. You will also be able to manage non-relevant or non-critical domains or IPs so these entities won't negatively impact your security score, allowing for a more accurate reflection of your true risk level.

Yes, you can switch from monthly to annual billing at any time. If you choose to switch to annual billing, the remaining balance of your monthly subscription will be prorated towards the annual cost.

When the Domains and IPs Management feature is released, it will be automatically included in the Enhanced tier at no additional cost. This new feature is part of our ongoing commitment to providing the best possible value and service to our users.

The Historical Data Analyzer in BeyondRisk is a tool designed to monitor and track your security maturity and compliance progress over time. By capturing and analyzing historical data, this module provides insights into your organization's compliance journey, highlighting trends, gaps, and areas for improvement.

Accessing historical data allows you to identify patterns, trends, and improvements or setbacks in your security maturity and compliance over time. This valuable information can guide decision-making, inform strategic planning, and help you demonstrate your progress to stakeholders.

Both Enhanced and Premium tiers offer extended access to historical data and corresponding trend charts. The Enhanced tier provides access to 12 months of historical data and trend charts, while the Premium tier extends this to 36 months. The Premium tier is ideal for organizations wanting to analyze longer-term trends and patterns in their security maturity and compliance progress.

Yes, you can upgrade your Historical Data Analyzer tier at any time to gain access to additional historical data and trend charts. The cost will depend on the tier you choose.

If you downgrade your Historical Data Analyzer tier, you will lose access to some of your historical data and trend charts based on the limits of your new tier. However, BeyondRisk will continue to store your data, and it will become accessible again if you decide to upgrade in the future.

BeyondRisk implements robust security measures to protect your data. These include data encryption, strict access controls, and regular security audits. We are committed to ensuring that your data remains confidential, integral, and available only to authorized users.

Yes, BeyondRisk allows you to export your historical data and trend charts. This feature can be particularly useful for reporting and presentations, or if you need to share the data with external stakeholders.

The 'Free' tier allows users to create and manage up to 15 tasks, making it a perfect option for those looking to start with task orchestration and tracking for vulnerabilities, misconfigurations, and compliance deviations.

The 'Enhanced' tier provides the capacity to create up to 50 tasks. It's designed for organizations or teams with a broader scope of security and compliance tasks that need more extensive task management capabilities.

The 'Premium' tier offers the most comprehensive set of features. Users get the ability to create an unlimited number of tasks. Additionally, this tier provides integration with ticketing systems, automated task reminders, email notifications, and upcoming features like chat collaboration and a Kanban Board view.

Yes, integration with external ticketing systems is a feature exclusively available for our 'Premium' users. This ensures seamless tracking and coordination between different platforms.

We are continuously working to enhance our offerings. Soon, 'Premium' users will have access to a chat collaboration feature, perfect for real-time task discussions, as well as a Kanban Board view for a more visual representation of task progression.

Automated task reminders, available in the 'Premium' tier, are notifications sent to users about upcoming or overdue tasks. This helps ensure timely completion and enhances the overall task management process.

Email notifications are alerts sent to users' registered email addresses about various task-related activities, such as task assignment, updates, completions, or reminders. These notifications help teams stay updated on task statuses and progress.

Absolutely! You can adjust your subscription level based on your organization's needs at any point. If you choose to upgrade, you'll instantly get access to the additional features and capacities of your chosen tier.

Data security is our top priority. All information inputted into Task Manager is stored securely, with stringent encryption practices for data both at rest and in transit.

Yes, Task Manager is designed to facilitate team collaboration. Invite team members to view, edit, or comment on a particular task, promoting real-time collaboration and ensuring effective task completion.

Yes, if you're subscribed to the 'Premium' tier, all new features, including those labeled "coming soon," will be made available to you immediately upon release.

Task Manager provides intuitive dashboards and detailed logs for each task. Users can easily monitor the status, track changes, and view the progression timeline of tasks.

Once you reach your task limit, you'll receive a notification. To add more tasks, you'll need to either delete existing tasks or consider upgrading to a higher tier for a larger task limit.

Yes, tasks can be tagged with different priority levels, enabling users to tackle urgent issues first and manage their workload efficiently.

Absolutely. You can set deadlines for tasks, ensuring timely completion and effective time management across your teams.

Yes, data can be easily exported in multiple formats, facilitating integration with your reporting tools and ensuring you have all the necessary data at your fingertips.

For our free users, we offer a variety of self-service resources. This includes access to our online forum, where you can connect with other users and share knowledge, as well as a range of online resources such as guides, tutorials, and FAQ sections on our website.

The 'Basic' Support Plan provides you the ability to submit a ticket for any issues you may have, with a response SLA of 12 business hours based on the Eastern Time zone (9am-5pm). This plan also offers access to online chat support during these business hours.

With our 'Premium' Support Plan, we commit to a response SLA (Service Level Agreement) of 4 business hours. You can submit a ticket or use online chat for immediate assistance. The chat support is available 24/7 to ensure you receive timely help when you need it.

'Business hours' refers to the hours during which our support services are actively available. For the 'Basic' Support Plan, business hours are 9-5pm Eastern Time. For the 'Premium' Support Plan, we provide support 24x7, so you can reach us at any time.

Yes, you can upgrade your support plan at any time. The changes will take effect from the next billing cycle. If you need immediate assistance or have high-priority issues, we recommend upgrading to our 'Premium' Support Plan for faster response times and 24/7 availability.

You can submit a support ticket directly from your BeyondRisk platform. Simply click on 'Submit a ticket'. You'll need to provide some information about the issue you're experiencing so that our support team can assist you effectively. If you're on the 'Basic' or 'Premium' support plans, you can also use our online chat for immediate assistance.

As of now, BeyondRisk primarily provides support through online channels - ticket submission, online chat, and resources available on our forum. We believe this allows us to provide timely and efficient assistance to our customers. We continuously evaluate our support offerings based on customer feedback and needs.

Our SLA defines the timeframe in which our support team is committed to initiating a response to your issue, not the time to full resolution. Complex issues might necessitate a longer resolution time. However, we ensure that our support team is in constant communication with you, providing updates and working diligently towards a swift and effective resolution.

Currently, BeyondRisk's customer service provides support in English. We are constantly expanding our support offerings and might include more languages in the future.

Our online chat support allows you to connect with our support team in real-time. Simply click on the Chat with us icon to start a conversation. You can ask questions, report issues, or seek guidance on using our platform. The chat feature is available during business hours for the Basic Support Plan, and 24x7 for the Premium Support Plan.

The 'BeyondRisk Dedicated Tenant' tier provides your organization with a single-tenant dedicated instance in our cloud environment. It offers the same features as our multi-tenant environment but with the added benefits of isolation and individual customization. This allows for enhanced privacy and control over your data while enjoying the full benefits of BeyondRisk's features.

The 'BeyondRisk Customer-Hosted Cloud' tier enables BeyondRisk to be deployed in your private cloud environment. While your data stays in your control within your cloud, you still benefit from the regular updates and improvements provided by our team. This provides a higher level of data security, more control over data locality, and facilitates compliance with stringent data governance and regulatory requirements.

Private SaaS deployment provides several benefits including greater control over your data, increased data privacy and security, improved compliance with data governance and regulations, and the ability to customize the environment to suit your specific needs. It's particularly beneficial for organizations with strict compliance and data security requirements.

Yes, BeyondRisk supports data migration between a private SaaS deployment and a multi-tenant environment. However, this is a complex process that requires careful planning and coordination. Please reach out to our support team to discuss the specifics and potential costs of such a migration.

Both deployment options, whether it be a private SaaS deployment or a multi-tenant environment, provide access to the same BeyondRisk features. The difference lies mainly in the level of data control, privacy, and customization available.

Even though the 'BeyondRisk Customer-Hosted Cloud' tier is deployed in your private cloud, BeyondRisk is responsible for system updates. Our team will ensure your system remains updated with the latest features and security updates while your data remains within your control.