Posted On: Jul 26, 2022
AWS Marketplace Vendor Insights helps streamline the complex third-party software risk assessment process by enabling sellers to make security and compliance information available through AWS Marketplace. A unified web-based dashboard gives governance, risk, and compliance (GRC) teams access to security and compliance information, such as data privacy and residency, application security, and access control. The dashboard also provides evidence backed by AWS Config and AWS Audit Manager assessments, external audit reports (such as ISO 27001 and SOC2 Type 2), and software vendor self-assessments. Vendor Insights serves buyers who need help to efficiently validate that third-party software meets their business compliance needs. Vendor Insights also serves sellers who want to showcase their strong security posture, while reducing the operational burden from responding to buyer requests for risk assessment information.
Using Vendor Insights can help buyers reduce assessment lead time to a few hours by allowing buyers to access the vendor’s validated security profile, saving months of effort from questionnaires and back-and-forth with vendors. Using Vendor Insights notifications also helps buyers remove the need for periodic reassessments. Vendor Insights provides ongoing visibility and alerts about the vendor’s security hygiene, such as if a compliance certification expires.
Vendor Insights is available in all public AWS Regions.