BlueVoyant Recognized in Gartner’s Market Guide for Third-Party Risk Management Technology Solutions

The recent publication of Gartner’s® Market Guide For Third-Party Risk Management Technology Solutions (1) is especially timely as the percentage of cyber breaches involving third parties doubled over the past year to 30% according to Verizon’s 2025 Data Breach Investigations Report.  

We believe BlueVoyant’s inclusion in the Gartner Market Guide reflects our unique approach to help commercial and government organizations accurately and efficiently identify — and most importantly reduce — risk within their third-party ecosystems. BlueVoyant’s solution is called Supply Chain Defense (SCD). 

According to BlueVoyant’s annual Third-Party Cyber Risk Management (TPRM) survey, 86% of organizations are increasing budgets for TPRM which seems appropriate given the increasingly exploited threat vector as well as expanding global regulatory mandates designed to strengthen focus on TPRM. Yet, a staggering 81% of organizations admit they have been negatively impacted by at least one cyber breach within their supplier ecosystem over the past twelve months. (2) These trends reflect the complexity of building TPRM programs that actively reduce risk.  

BlueVoyant’s SCD solution achieves third-party risk reduction via an end-to-end platform encompassing AI-driven assessment management, continuous monitoring, and BlueVoyant expert-led remediation support.  

Key features of SCD include:  

• Customizable, highly automated questionnaire management with AI-driven response analysis, document evaluations, and auto-scoring
• Multiple tiers of continuous third-party monitoring tuned to client-specific risk requirements with a 98% true positive rate for critical risk detections
• BlueVoyant-led remediation delivered by an in-house team of experts
• Rapid zero-day detection and alerting
• Numerous additional features such as fourth-party analytics, integrated third-party SBOM ingestion, vulnerability analysis and tracking, extensive M&A due diligence support, and non-cyber business risk alerting 

BlueVoyant SCD is Proven to Reduce Risk 

Unlike many TPRM solutions which merely illuminate and/or score risk, BlueVoyant SCD works with clients to reduce risk. BlueVoyant utilizes an in-house team of experts within our Risk Operations Center (ROC) who validate third-party risk and then work with our clients — and directly with their third parties — to remediate identified risk. Remediation actions are prescriptive with meaningful context to expedite action.    

The client benefits of SCD are substantial, as can be visualized in the graphic below. Even within as little as 5 days, BlueVoyant-led remediation helps our clients remediate 36% of their third parties' critical risk findings which is substantially higher than the 2% observed within the unassisted control group from more than one million organizations that BlueVoyant monitors. Within 90 days, BlueVoyant helps our clients close more than 80% of critical issues, a substantial reduction in the absolute level of third-party attack paths which bad actors could utilize to negatively impact our clients.

Third-Party Cyber Risk Management Becoming a Board Level Priority 

Given the findings from broad and authoritative analysis like the Verizon Data Breach Investigations Report, and high-profile cyber breaches executed by attackers exploiting the weakest link in many cybersecurity programs — i.e. third parties — it is no surprise that a growing number of corporate boards are increasing scrutiny on third-party cyber risk management program efficacy.  

According to Gartner: “by 2026, third-party cyber-risk program performance will be a standing agenda item for 50% of board committees globally.” (3)

Leaders responsible for TPRM can use BlueVoyant’s Supply Chain Defense solution to demonstrate to senior leaders and boards the risk posture and risk reduction achieved.

1. Gartner Market Guide For Third-Party Risk Management Technology Solutions; by Antonio Donaldson, et al., 5 May 2025.
2. Learn more about the full report: The State of Supply Chain Defense: Annual Global Insights Report 2024," including analysis across multiple countries and vertical sectors. 
3. Gartner Maximize The Value of Third-Party Cyber-Risk Management Technology; by Oscar Isaka, Alicia Booker-Carney, Christopher Mixter, Luke Ellery; 8 November 2024.  

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. 

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.