Okta is the system of record for workforce identity, SSO, and application assignments at most enterprises.

Coverbase Inspect ingests Okta apps, users, group assignments, and system logs to discover which SaaS vendors are in use and who has access to them.

Entra ID (formerly Azure AD) governs identity and access for the Microsoft-centric enterprise.

Coverbase reads enterprise applications, sign-in activity, and assignments to map your real SaaS footprint and surface shadow IT for review.

Google Workspace is the identity and collaboration backbone for many organizations.

Coverbase uses OAuth app grants and directory data to detect third-party apps connected to your tenant and bring them into the vendor inventory.

IAM Identity Center centralizes SSO and account access across the AWS estate.

Coverbase ingests application assignments and access data to understand which vendors and internal systems are entitled to your cloud.

OneLogin provides unified access management and SSO for cloud and on-prem apps.

Coverbase pulls connected applications and user assignments to keep the discovered vendor list and access map current.

Ping secures identity and access for large, regulated enterprises.

Coverbase ingests application catalog and assignment data to reconcile sanctioned vendors against what employees actually use.

JumpCloud delivers a cloud directory unifying identity, device, and access management.

Coverbase reads application and user data to discover SaaS vendors and feed access context into risk reviews.

Duo handles MFA and secure access to the applications your workforce relies on.

Coverbase uses application and authentication context to corroborate which vendors are in active use across the organization.

Auth0 is a widely used identity platform for applications and APIs.

Coverbase ingests connected applications and tenant data to extend vendor discovery beyond the sanctioned catalog.

CyberArk secures privileged identities and the most sensitive access in the enterprise.

Coverbase incorporates privileged-access context so high-risk vendor connections are flagged and prioritized in assessments.

SailPoint governs identity lifecycle, access certifications, and entitlements at scale.

Coverbase aligns vendor access entitlements with governance data to keep the access map and risk profile accurate.

Adaptive Shield, now CrowdStrike FalconShield, is a leading SSPM platform for securing SaaS configurations and identities.

Coverbase enriches vendor records with SaaS posture findings so configuration and identity risk feed directly into due-diligence reviews.

AppOmni provides deep posture management for business-critical SaaS applications.

Coverbase ingests posture and exposure signals to keep continuous monitoring grounded in the live state of each SaaS vendor.

Grip discovers SaaS identity risk and shadow IT across the full application estate.

Coverbase uses Grip's SaaS discovery to surface unmanaged vendors and bring them under formal risk oversight.

Obsidian detects SaaS threats by analyzing identity and activity across cloud apps.

Coverbase incorporates Obsidian's activity-based risk signals into the vendor fact sheet and monitoring alerts.

Valence remediates SaaS misconfigurations, risky integrations, and third-party access.

Coverbase ingests Valence findings so third-party integration risk is reflected in assessments and ongoing monitoring.

Shodan maps internet-exposed hosts, open ports, and services worldwide.

Coverbase queries Shodan to surface a vendor's external attack surface directly on the fact sheet, highlighting exposed services and outside-in risk.

Censys continuously enumerates internet-exposed hosts and services with high fidelity.

Coverbase enriches the fact sheet with Censys attack-surface intelligence to corroborate and expand outside-in exposure data.

Have I Been Pwned tracks domains and accounts exposed in known data breaches.

Coverbase checks vendor domains against breach data to flag leaked-credential exposure as part of continuous monitoring.

Bitsight delivers security ratings and continuous risk monitoring across the attack surface.

Coverbase pulls Bitsight ratings into vendor scoring so security performance benchmarks inform tiering and review cadence.

SecurityScorecard provides easy-to-read security ratings and continuous monitoring.

Coverbase ingests scorecards to drive risk tiering and trigger re-assessments when a vendor's posture degrades.

UpGuard combines attack-surface management with vendor risk scoring.

Coverbase uses UpGuard data to continuously score vendors and feed exposure signals into the supplier data fabric.

Black Kite delivers cyber risk intelligence and third-party cyber risk assessment.

Coverbase incorporates Black Kite ratings and financial-impact estimates into vendor risk profiles.

Panorays automates third-party security assessment and continuous monitoring.

Coverbase aligns Panorays findings with internal assessments so external and self-reported posture are reconciled in one view.

RiskRecon, a Mastercard company, provides continuous cyber risk assessment across vendor portfolios.

Coverbase ingests RiskRecon network intelligence and risk signals to inform due diligence and portfolio monitoring.

CyberGRX operates a cyber risk exchange for shared third-party assessments.

Coverbase consumes CyberGRX exchange data to accelerate assessments where a vendor has already been evaluated.

Recorded Future provides real-time threat intelligence on emerging cyber risks.

Coverbase blends threat-intel signals into Supplier Radar alerts so emerging vendor threats trigger proactive review.

Axio quantifies cyber risk in financial terms to prioritize investment.

Coverbase uses cyber-risk quantification to help teams prioritize remediation and vendor follow-ups by potential impact.

RSA Archer is a leading integrated risk management platform for enterprise GRC programs.

Coverbase syncs vendor, assessment, and finding data with Archer so third-party risk rolls up into your enterprise risk register.

AuditBoard is a connected platform for audit, risk, compliance, and ESG.

Coverbase pushes findings and evidence into AuditBoard to keep audit and compliance workstreams synchronized with vendor reviews.

Diligent delivers modern governance, risk, and compliance for boards and leadership.

Coverbase shares vendor risk posture so board- and executive-level reporting reflects live third-party exposure.

Fusion covers business continuity, IT disaster recovery, and operational resilience.

Coverbase feeds vendor criticality and concentration data into resilience and continuity planning.

LogicGate Risk Cloud is a flexible platform for building and automating risk programs.

Coverbase exchanges vendor and finding data with LogicGate so third-party risk drives your custom workflows.

LogicManager is an enterprise risk management platform for risk and compliance.

Coverbase syncs assessments and findings to keep ERM scoring and reporting aligned with vendor reviews.

MetricStream provides a unified GRC platform for risk, compliance, audit, and policy.

Coverbase integrates vendor risk data so it rolls into MetricStream's enterprise GRC reporting.

NAVEX offers integrated risk and compliance management including policy and incident workflows.

Coverbase shares third-party findings and incidents so compliance teams act on a single source of truth.

OneTrust spans privacy, security, and data governance compliance.

Coverbase exchanges vendor and assessment data to align third-party privacy and security obligations with OneTrust.

Prevalent provides third-party risk assessment and monitoring solutions.

Coverbase reconciles Prevalent assessment data with its own so historical vendor risk carries forward.

ProcessUnity is a widely deployed vendor and third-party risk platform.

Coverbase runs a bi-directional sync that imports assessments and pushes scores, comments, and issues back, so it can operate alongside ProcessUnity as a system of record.

Riskonnect delivers integrated risk management for enterprise risk and resilience.

Coverbase shares vendor risk data so it consolidates into Riskonnect's enterprise risk view.

Resolver provides GRC software for risk, compliance, audit, and incident management.

Coverbase syncs findings and assessments so third-party risk feeds Resolver's incident and risk programs.

SAI360 delivers ethics, compliance, and risk management for global organizations.

Coverbase integrates vendor risk results into SAI360's compliance and risk workflows.

ServiceNow GRC automates governance, risk, and compliance on the ServiceNow platform.

Coverbase connects vendor risk to ServiceNow so third-party exposure links directly to business operations and remediation tasks.

Vendor Insight delivers continuous vendor risk monitoring and assessment workflows.

Coverbase reconciles Vendor Insight monitoring data with its own continuous-monitoring signals.

Vendor Risk provides automated third-party risk management and assessment.

Coverbase imports existing vendor assessments so prior diligence is preserved when teams migrate.

Venminder offers vendor risk management and due diligence for regulated industries.

Coverbase incorporates Venminder due-diligence artifacts and control assessments into vendor records.

Workiva streamlines audit, risk, ESG, and financial reporting workflows.

Coverbase feeds vendor risk and evidence data into Workiva for connected reporting and disclosures.

SAP Ariba is a leading procurement and supply-chain collaboration network.

Coverbase syncs supplier records and intake requests so risk reviews are triggered automatically inside the procurement flow.

Coupa is a business spend management platform for procurement, invoicing, and expenses.

Coverbase connects to Coupa to unify the supplier master and launch due diligence from purchase intake.

GEP SMART is a unified source-to-pay and supplier management platform.

Coverbase reconciles GEP supplier data into the data fabric and orchestrates risk gates within sourcing workflows.

Ivalua is a comprehensive source-to-pay platform for procurement and spend.

Coverbase syncs supplier and contract data so vendor risk status flows back into Ivalua approvals.

Jaggaer provides intelligent procurement for direct and indirect spend.

Coverbase unifies Jaggaer supplier records and triggers diligence as new suppliers enter the pipeline.

Levelpath is an AI-powered procurement platform for sourcing, contracts, and supplier risk.

Coverbase exchanges supplier and risk data so intake and sourcing decisions reflect live vendor risk.

Lio is a multi-agent AI system automating purchasing, sourcing, and supplier onboarding.

Coverbase orchestrates risk checks within Lio's onboarding agents so new suppliers are vetted automatically.

Oracle NetSuite is a cloud ERP spanning procurement, financials, supply chain, and vendor management.

Coverbase syncs the NetSuite vendor master and spend data to anchor the supplier record and prioritize reviews by spend.

Omnea is an AI-native procurement orchestration platform for intake and approvals.

Coverbase plugs into Omnea's intake and approval workflows to insert automated risk gates.

ORO Labs coordinates people, processes, and systems for enterprise procurement.

Coverbase orchestrates third-party risk steps within ORO's procurement processes.

Zip is an AI procurement orchestration platform covering intake-to-procure and procure-to-pay.

Coverbase embeds risk and diligence checks into Zip intake so every purchase request is screened before approval.

Ironclad is a leading digital contracting platform for the full agreement lifecycle.

Coverbase syncs Ironclad contracts, metadata, and renewal dates so obligations and key dates drive vendor risk and monitoring.

Conga (formerly Apttus) delivers enterprise CLM across the quote-to-cash and contract lifecycle.

Coverbase ingests Conga contract data and obligations so commercial terms are reflected in the vendor record.

Icertis is an enterprise contract intelligence platform used by large, regulated organizations.

Coverbase pulls Icertis contract metadata, clauses, and obligations to keep vendor risk grounded in contractual commitments.

Agiloft is a no-code contract lifecycle management platform.

Coverbase syncs Agiloft CLM data so contract terms, renewals, and obligations inform vendor risk and monitoring.

Sirion is an AI-native CLM platform focused on contract performance and supplier obligations.

Coverbase ingests Sirion obligations and performance data so contract risk feeds vendor reviews.

Evisort applies AI to extract and manage contract data at scale.

Coverbase uses Evisort clause and metadata extraction to surface obligations and renewal risk on the vendor record.

ContractPodAi is an AI-powered legal and contract management platform.

Coverbase syncs ContractPodAi data so contract obligations and renewals inform third-party risk.

LinkSquares is an AI-driven contract management platform for in-house legal teams.

Coverbase ingests LinkSquares contract metadata and key dates to drive renewal and obligation tracking.

Malbek is a modern, AI-enabled CLM platform.

Coverbase syncs Malbek contracts and obligations into the supplier record for risk and renewal visibility.

Gatekeeper combines contract and vendor lifecycle management with spend visibility.

Coverbase reconciles Gatekeeper contract and vendor data into the supplier data fabric.

Juro is a collaborative contract automation platform for high-growth companies.

Coverbase syncs Juro agreements and metadata so contract terms inform vendor risk.

SpotDraft is an AI-powered CLM platform for end-to-end contract workflows.

Coverbase ingests SpotDraft contract data and obligations to keep the vendor record current.

Concord provides all-in-one contract management and e-signature.

Coverbase syncs Concord agreements and key dates into the supplier record for renewal and obligation tracking.

CobbleStone is a long-established CLM platform with AI-based contract analytics.

Coverbase ingests CobbleStone contract data so obligations and renewals inform vendor risk.

Onit delivers enterprise CLM and legal operations workflow automation.

Coverbase syncs Onit contract and obligation data into the vendor record.

Luminance applies legal-grade AI to contract analysis and negotiation.

Coverbase uses Luminance clause analysis to surface contractual risk on the vendor record.

Harvey is a domain-specific AI platform for legal and contract work.

Coverbase taps Harvey for AI-assisted contract review so legal risk and obligations feed into vendor assessments.

DocuSign is the standard for electronic signatures and agreement management.

Coverbase connects to DocuSign to send, track, and store vendor agreements and pull executed contracts into the vendor record.

Adobe Acrobat Sign provides enterprise e-signature and document workflows.

Coverbase routes vendor agreements through Acrobat Sign and links signed documents back to the supplier file.

Dropbox Sign (formerly HelloSign) offers simple, secure e-signature workflows.

Coverbase uses Dropbox Sign for lightweight agreement execution tied to the vendor record.

Jira is the de facto tracker for engineering and operations work.

Coverbase creates and syncs Jira tickets for findings and remediation tasks so vendor follow-ups land in existing team workflows.

ServiceNow ITSM manages incidents, problems, changes, and requests at enterprise scale.

Coverbase opens and tracks ServiceNow tickets for vendor remediation and ties them back to findings.

Freshservice is a modern ITSM solution with AI-powered service management.

Coverbase pushes remediation tasks into Freshservice and keeps status in sync with the vendor finding.

Workday is a leading HCM and finance platform for large enterprises.

Coverbase uses worker and org data to attribute vendor ownership and route reviews to the right business owners.

BambooHR is a popular HRIS for growing companies.

Coverbase reads org and role data to assign vendor owners and keep approval routing accurate.

ADP provides payroll and HR services across organizations of every size.

Coverbase uses workforce data to align vendor sponsorship and access reviews with current employment status.

UKG delivers HR, payroll, and workforce management.

Coverbase ingests org structure to attribute ownership and trigger access changes during reviews.

Rippling unifies HR, IT, and app management in one platform.

Coverbase uses Rippling's app and identity data to corroborate vendor usage and ownership.

Gusto provides payroll and HR for small and mid-sized businesses.

Coverbase reads workforce data to assign vendor owners and keep review routing accurate.

Paychex offers payroll and HR services across the SMB market.

Coverbase uses employment data to align vendor ownership and reviews with the current workforce.

Paycom provides a single-database HR and payroll platform.

Coverbase ingests org data to attribute vendor ownership and route approvals.

Namely is an HR platform for mid-sized companies.

Coverbase reads org and role data to keep vendor ownership and review routing current.

SAP SuccessFactors is an enterprise HCM suite.

Coverbase uses worker and org data to map vendor ownership and align reviews with workforce changes.

Oracle HCM Cloud manages the employee lifecycle for large enterprises.

Coverbase ingests org data to attribute vendor ownership and route reviews to accountable owners.

Dayforce delivers HCM, payroll, and workforce management.

Coverbase reads workforce data to align vendor sponsorship and access reviews.

HiBob (Bob) is a modern HRIS for fast-growing companies.

Coverbase uses org and role data to assign vendor owners and keep routing accurate.

Deel handles global payroll, contractors, and EOR.

Coverbase ingests workforce and contractor data to attribute ownership across distributed teams.

D&B provides global business data including DUNS numbers, credit scores, and company intelligence.

Coverbase resolves vendor identity by DUNS and pulls credit and firmographic data into the fact sheet and risk profile.

Bureau van Dijk (Moody's) offers Orbis, the most comprehensive private-company database.

Coverbase enriches vendor records with Orbis ownership, financials, and corporate structure for due diligence.

Moody's Analytics delivers credit ratings, financial intelligence, and risk tools.

Coverbase incorporates Moody's credit and financial-health data into vendor financial-risk scoring.

S&P Global provides credit ratings, market data, and risk analytics.

Coverbase ingests S&P financial intelligence to inform vendor financial stability assessments.

PitchBook covers private and public market financials, funding, and ownership.

Coverbase uses PitchBook data to assess funding stage, ownership changes, and going-concern risk for vendors.

Rapid Ratings provides financial-health ratings for companies worldwide.

Coverbase pulls financial-health scores to flag vendors at risk of distress in continuous monitoring.

Crunchbase delivers company data, funding rounds, and investor intelligence.

Coverbase uses Crunchbase to enrich vendor profiles with funding and company context during intake.

OFAC maintains U.S. sanctions lists and enforces economic sanctions.

Coverbase screens vendors and their owners against OFAC lists and re-screens continuously for new matches.

ComplyAdvantage delivers AI-driven AML risk data and sanctions screening.

Coverbase uses ComplyAdvantage for sanctions, PEP, and adverse-media screening during intake and monitoring.

Dow Jones provides sanctions, PEP, and adverse-media screening data.

Coverbase incorporates Dow Jones risk data into due-diligence screening and ongoing alerts.

FinCEN publishes enforcement actions on AML and financial crimes.

Coverbase monitors FinCEN actions to flag vendors implicated in financial-crime enforcement.

The CFPB publishes enforcement actions against financial-services companies.

Coverbase tracks CFPB actions to surface consumer-protection issues affecting vendors.

The FDIC publishes data on insured institutions and regulatory actions.

Coverbase uses FDIC data to validate banking partners and detect adverse regulatory events.

SEC EDGAR is the U.S. public filing and disclosure database.

Coverbase pulls EDGAR filings to verify public-company status and surface disclosed risks.

OpenCorporates is the largest open database of corporate entities worldwide.

Coverbase uses OpenCorporates to verify legal entities, jurisdictions, and corporate structure during onboarding.

GBG provides identity verification, fraud prevention, and compliance data.

Coverbase uses GBG to verify business and beneficial-owner identities in KYC workflows.

LSEG's World-Check is a benchmark risk-intelligence dataset for screening and due diligence.

Coverbase screens vendors and principals against World-Check for KYC, AML, and third-party diligence.

Kroll delivers due diligence, investigations, and risk intelligence services.

Coverbase incorporates Kroll intelligence into enhanced due diligence for higher-risk vendors.

LexisNexis provides legal, news, and business intelligence including risk data.

Coverbase uses LexisNexis for adverse-media and litigation screening in vendor diligence.

Trulioo provides global identity and business verification for KYC and AML.

Coverbase uses Trulioo to verify vendor identities and beneficial owners across jurisdictions.

EcoVadis provides sustainability ratings and intelligence for supply chains.

Coverbase pulls EcoVadis scorecards into the vendor profile so ESG performance informs supplier risk.

CyberVadis offers cybersecurity assessments for supply chains, complementing EcoVadis.

Coverbase ingests CyberVadis assessments to combine cyber and sustainability ratings in one view.

ISS ESG provides environmental, social, and governance data and ratings.

Coverbase incorporates ISS ESG ratings into vendor profiles for responsible-sourcing decisions.

Sustainalytics delivers ESG risk ratings and research.

Coverbase uses Sustainalytics ESG risk ratings to surface material sustainability risk on the vendor profile.