FortifyData Revolutionizes Third-Party Risk Management with AI Auditor and AI Workflow Automation

New capabilities accelerate vendor due diligence, reduce manual review time of SOC 2 and other reports, and strengthen continuous monitoring amid rising supply chain threats

ATLANTA, Jan. 6, 2026 /PRNewswire/ -- FortifyData, a leading cyber risk management platform, today announced significant AI enhancements to its Third-Party Risk Management (TPRM) application, including its AI Auditor that analyzes reports —soft-launched in late Q3 2025—and a preview of AI workflow automation features designed to streamline the vendor lifecycle process.

As organizations increasingly rely on third-party vendors, the attack surface expands dramatically. According to the 2025 Verizon DBIR, "30% of breaches were linked to third-party involvement, twice as much as last year, and driven in part by vulnerability exploitation of all breaches" (up from 15% the prior year). FortifyData's TPRM application already addresses this growing threat head-on with continuous monitoring powered by direct assessments supplemented with questionnaires, and with new advancements of the AI Auditor and vendor AI workflow automation FortifyData provides comprehensive visibility into vendor cyber risk that takes less time without compromising risk accuracy.

TPRM AI Auditor
The new AI Auditor enables TPRM teams to upload common vendor security reports—such as SOC 2, HECVAT, SIG, or other industry-specific documents—and receive an intelligent audit against selected frameworks (e.g., NIST, ISO 27001, CIS Controls). The AI generates an intuitive dashboard highlighting gaps, control deficiencies, and compliance status, complete with page-specific citations from the original report. This eliminates hours of manual review, allowing teams to evaluate more vendors faster while making more informed risk decisions.
https://fortifydata.com/video/ai-powered-soc-2-hecvat-third-party-report-audit-analysis/ 

"Manual review of vendor reports has long been a bottleneck for TPRM programs," said Victor Gamra, CEO at FortifyData. "Our AI Auditor delivers immediate value by automating analysis with precision and transparency, helping clients scale their vendor oversight without sacrificing accuracy. Even I was surprised at some of the gaps it highlighted when evaluating our own SOC 2 report."

TPRM AI Workflow
Looking ahead, FortifyData will also release AI workflow capabilities that will autonomously communicate with vendors— guiding them through platform onboarding steps, requesting missing or additional documentation/evidence, highlighting non-compliance and sending status reminders. These features will further reduce administrative burden and accelerate vendor lifecycle management.

FortifyData's TPRM application combines these AI innovations with its core strengths: ongoing risk monitoring through external attack surface assessments, vulnerability intelligence, and questionnaire-based insights—delivering a complete, proactive approach to third-party cyber risk.

Join an upcoming live session: Improve Your TPRM Program in 45 Days, on January 13, 2026 – 1:00pm ET, where examples of how AI helps TPRM will be presented.

About FortifyData
FortifyData empowers organizations to proactively manage and mitigate cybersecurity risks through its intelligent and automated Cyber GRC platform. Delivering actionable insights and streamlined workflows for risk assessment, vendor risk management, compliance automation, and continuous monitoring, FortifyData provides a unified view of security posture and risk management. Recognized with multiple industry awards for its innovative approach, FortifyData enables businesses to make informed decisions, strengthen their defenses, and build resilience against evolving cyber threats. Learn more at the FortifyData website.

Media Contact:
Marshall England
[email protected]
202-505-2974

SOURCE FortifyData