RiskRecon company logo

The profile is currenly unclaimed by the seller. All information is provided by CB Insights.


Founded Year



Acquired | Acquired

Total Raised


About RiskRecon

RiskRecon provides a SaaS platform that helps organizations more effectively manage the risk reality of increasingly interconnected IT ecosystems by delivering frequent, comprehensive and security performance measurements. Using proprietary data gathering techniques, RiskRecon creates a 360-degree risk profile of an enterprise's public IT footprint. Based on that footprint and a detailed analysis, a RiskRecon rating and report is generated providing detailed information with context.On December 23, 2019, RiskRecon was acquired by Mastercard. The terms of the transaction were not disclosed.

RiskRecon Headquarter Location

560 West 200 South

Salt Lake City, Utah, 84111,

United States


Predict your next investment

The CB Insights tech market intelligence platform analyzes millions of data points on venture capital, startups, patents , partnerships and news mentions to help you see tomorrow's opportunities, today.

Research containing RiskRecon

Get data-driven expert analysis from the CB Insights Intelligence Unit.

CB Insights Intelligence Analysts have mentioned RiskRecon in 1 CB Insights research brief, most recently on Nov 20, 2019.

Expert Collections containing RiskRecon

Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.

RiskRecon is included in 2 Expert Collections, including Conference Exhibitors.


Conference Exhibitors

5,302 items



4,937 items

RiskRecon Patents

RiskRecon has filed 2 patents.

The 3 most popular patent topics include:

  • Computer network security
  • Computer security
  • Actuarial science
patents chart

Application Date

Grant Date


Related Topics




Computer network security, Computer security, System administration, Network protocols, Data security


Application Date


Grant Date



Related Topics

Computer network security, Computer security, System administration, Network protocols, Data security



Latest RiskRecon News

New Whistic/RiskRecon Report Finds 60% of Companies Are Spending More on Vendor Security and Cyber Risk Management

Jun 1, 2022

Survey of 500+ infosec practitioners shows most take “trust but verify” approach to vendors June 01, 2022 07:04 AM Eastern Daylight Time SALT LAKE CITY--( BUSINESS WIRE )--Whistic and RiskRecon, a Mastercard company, today announced the release of a joint research report showing three out of five companies are increasing spending on cyber risk management to “trust but verify” vendors. The research in “The Modernization of Cybersecurity | How Technology is Changing the Way Businesses View Vendor Assessment and Cybersecurity” report looks at how recent investments in technology have impacted vendor security and cyber risk management. “Vendor security and cyber risk practitioners are the first line of defense against potential security incidents and without a continued investment in technology, they are fighting a losing battle,” said Nick Sorensen, CEO of Whistic. “That’s why we were encouraged to see more and more businesses are prioritizing these programs with not only technology spend, but executive visibility into how they are run and what response and remediation strategies should be.” More than 500 cyber risk and infosec practitioners were surveyed for the report. Key findings include: Cyber risk and vendor security management are top priorities. The survey shows 80% of respondents have cyber risk and vendor security programs in place and 60% report they have incorporated more technology into their programs over the past five years. Additionally, as the threat of third-party security incidents continues to increase, the issue is a top concern even at the highest levels of companies as 71% of respondents report program metrics to internal leadership outside of security business functions. Investment in technology results in increased program maturity. Overall, 64% of respondents indicate their cyber risk and vendor security programs are either mature or advanced. However, program maturity depends heavily on the size of the organization as 66% of enterprises have advanced stage programs, while just six percent of startups are at that level and 64% have early to non-existent programs. Trust but verify is still a staple in the industry. When it comes to security questionnaires, 53% of respondents say they trust what their vendors send them. Despite that trust, 61% of respondents say they still verify vendor responses using a third-party validation tool. "The reliance on third parties is only increasing, and organizations must understand the threats coming from their vendor ecosystem,” said Kelly White, founder, RiskRecon, a Mastercard Company. “We have seen too many large-scale cyber incidents in the past few years for firms to overlook proper third-party risk management. Your organization is only as secure as the vendors you work with." You can access the full findings of the report here . About Whistic Located in the heart of the Silicon Slopes in Utah, Whistic is the network for assessing, publishing and sharing vendor security information. The Whistic Vendor Security Network accelerates the vendor assessment process by enabling businesses to access and evaluate a vendor’s Whistic Profile and create trusted connections that last well beyond the initial assessment. Make security your competitive advantage and join businesses like Airbnb, Okta, Betterment, and Qualtrics who are leveraging Whistic to modernize their vendor security programs. For more information, visit https://www.whistic.com/ . About RiskRecon RiskRecon, a Mastercard Company, enables you to achieve better risk outcomes for your enterprise and your digital supply chain. RiskRecon’s cybersecurity ratings and assessments make it easy for you to understand and act on your risks, delivering accurate, risk-prioritized action plans custom-tuned to match your risk priorities. Learn more about RiskRecon and request a demo at www.riskrecon.com . Contacts

  • When was RiskRecon founded?

    RiskRecon was founded in 2013.

  • Where is RiskRecon's headquarters?

    RiskRecon's headquarters is located at 560 West 200 South, Salt Lake City.

  • What is RiskRecon's latest funding round?

    RiskRecon's latest funding round is Acquired.

  • How much did RiskRecon raise?

    RiskRecon raised a total of $40M.

  • Who are the investors of RiskRecon?

    Investors of RiskRecon include Mastercard, General Catalyst, Paul Sagan, Mickey Boodaei, Rakesh Loonkar and 6 more.

  • Who are RiskRecon's competitors?

    Competitors of RiskRecon include BitSight Technologies and 3 more.

You May Also Like

SureCloud Logo

SureCloud provides Governance, Risk and Compliance solutions for enterprises. The company's Integrated Risk Management approach assists with managing basic regulatory compliance drivers, as well as with diagnostic dashboards.

Ostendio Logo

Ostendio's MyVCM™ streamlines the way companies build, manage, and demonstrate their information security framework. The MyVCM platform provides an enterprise view of an organization's cybersecurity program. MyVCM's bottom-up security approach provides a workflow solution that engages every employee and manages all aspects of security and compliance, which allows organizations to easily report their security posture to internal and external stakeholders.

MetricStream Logo

MetricStream specializes in enterprise and cloud applications for Governance, Risk, Compliance, and Quality Management. MetricStream's applications and solutions improve business performance by strengthening risk management, corporate governance, regulatory compliance, vendor governance, and quality management for users across many industries, including Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government, Hi-Tech and Manufacturing. MetricStream is headquartered in Palo Alto, California, maintains operations and research and development (R&D) center in Bangalore, India, and conducts sales and operational support through offices in cities spanning the globe.

RSA Security Logo
RSA Security

RSA Security manufactures and markets products to protect and manage access to computer-based information resources. It is also a provider of public-key encryption toolkits. RSA was founded in 1984 and is based in Bedford, Massachusetts.

SecurityScorecard Logo

SecurityScorecard is an information security company focusing on third party management and IT risk management. SecurityScorecard provides a platform designed to rate cybersecurity postures of corporate entities through the scored analysis of cyber threat intelligence signals.

ProcessUnity Logo

ProcessUnity is a provider of cloud-based applications for risk management and service delivery management. The company's software as a service (SaaS) platform gives organizations the control to assess, measure, and mitigate risk and to ensure the optimal performance of key business processes. For public companies and regulated industries, ProcessUnity Risk Suite delivers effective governance and control, vendor risk mitigation, and regulatory compliance. For benefit plan administrators and other financial service firms, ProcessUnity Offer Management controls complex product offerings and strengthens client service experience.

Discover the right solution for your team

The CB Insights tech market intelligence platform analyzes millions of data points on vendors, products, partnerships, and patents to help your team find their next technology solution.

Request a demo

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.