Screen Entities Against Sanctions Lists
Check individuals and companies against OFAC, UN, EU, and other global sanctions lists before onboarding or transacting.
Vendor Security Vetting
Screen vendor compliance, scan domain security, check email authentication, and compile a risk-rated vetting report.
Vendors represent some of the most significant and underappreciated security risks for organizations. A supplier with poor email authentication can be used to phish your employees, and one with sanctions exposure can create regulatory liability. Standard procurement processes rarely include systematic security and compliance checks.
This workflow screens the vendor for compliance flags including sanctions and adverse media. Assesses the vendor's domain and web security posture. Checks their email authentication configuration for spoofing vulnerability. Then compiles everything into a risk-rated report with recommendations.
Used by procurement teams, information security departments, and compliance officers vetting new suppliers. Output is a formatted vendor security report ready for the procurement record.
Steps
1
Screen Vendor Entity
Run a compliance screening on the vendor to check for sanctions, watchlist hits, adverse media, and regulatory enforcement actions.
Input: Vendor company name, country of incorporation, and key identifiers
Output: Compliance screening results with sanctions status, watchlist matches, and adverse media findings
2
Scan Vendor Domain Security
Assess the vendor's domain and web security posture including SSL configuration, security headers, and exposed services.
Input: Vendor's primary domain
Output: Domain security assessment with SSL status, security headers, and vulnerability indicators
3
Check Email Authentication
Verify the vendor's email authentication configuration (SPF, DKIM, DMARC) to assess susceptibility to spoofing and phishing.
Input: Vendor's primary email domain
Output: Email authentication assessment with SPF, DKIM, and DMARC configuration status
4
Compile Vendor Security Report
Consolidate all findings into a structured vendor security vetting report with risk rating and recommended actions.
Input: Compliance screening, domain security, and email authentication results
Output: Formatted vendor security vetting report with overall risk rating and recommendations
Benefits
- Catch sanctions and compliance issues before onboarding vendors
- Assess vendor domain security without manual scanning
- Identify email authentication gaps that enable spoofing attacks
- Document vendor risk in a structured report for procurement records
Related Use Cases
Conduct Enhanced Due Diligence
Run enhanced due diligence checks combining PEP screening, adverse media, and ownership investigation for high-risk relationships.
Check URLs Before Clicking
Scan suspicious links against threat intelligence feeds before opening them or sharing them with colleagues.
Investigate Suspicious IP Addresses
Check IP addresses against abuse databases and threat feeds to assess risk before allowing traffic into your network.
Triage Suspicious Emails
Analyze a suspicious email's headers, links, and content to quickly determine whether it is a phishing attempt before taking any action.
Detect Executive Impersonation Attempts
Identify business email compromise attacks where fraudsters impersonate executives to request wire transfers or sensitive data.
Generate Formatted Word Documents
Create a properly formatted .docx file from a prompt, structured content, or raw text.
Write Business Reports and Documents
Draft reports, memos, policies, and business documents with proper formatting in Word.
Related Workflows
Third-Party Risk Assessment
Assess third-party vendor security through identity verification, external security probing, attack surface analysis, and breach history.
Compliance Security Audit
Audit systems against compliance frameworks using automated scanning, vulnerability checks, auth testing, and research.
