📌 Overview
The Supplier Page centralizes all relevant information about a supplier, including their security profile, questionnaires, remediation plans, findings, and risk ratings.
🔍 How to View a Supplier Page
After logging in to Panorays, you can access a supplier page in one of the following ways:
From the Overview Page, click any supplier in the Suppliers in Review widget
Hover over the Suppliers (handshake) icon on the left-hand menu, navigate to Suppliers, and select the relevant supplier
📈 Risk & Scoring Widgets
📈 Cyber Posture Rating
This widget displays:
The supplier’s current Cyber Posture Rating
The weight of the Cyber Posture Rating in the overall risk calculation
Whether the assessment is continuous (runs every 72 hours) or bi-annual (runs every 180 days)
💡 Tip
For more information on Cyber Posture Ratings, refer to the dedicated article.
📈 Questionnaire Rating
Shows:
The supplier’s current Questionnaire Rating
The weight of the questionnaire in the overall risk score
⚡ Additional Factors
This widget includes factors that impact the overall risk rating beyond Cyber Posture and Questionnaire results:
Expired questionnaire: A 10-point deduction is applied if the questionnaire expires and restored upon submission
Important questions: Evaluator-designated questions that carry additional weight
Critical findings: The most severe findings identified in the Cyber Posture Assessment
Custom factors: Any additional customized factors that were added. More details available in this article.
📊 Combined Score
Displays how the supplier’s score is calculated, combining:
Questionnaire Rating
Cyber Posture Rating
Additional Factors
⚙️ Business Impact
Shows the Business Impact (criticality) level selected when the supplier was added to the platform.
❗ Risk Rating
The overall risk rating is determined by combining the supplier’s score and Business Impact.
❗ Important
Suppliers with Severe Business Impact cannot achieve an Excellent risk rating (maximum is Good)
Suppliers with Minor Business Impact cannot receive a Bad rating (minimum is Poor)
The risk rating can be customized to fit your risk appetite.
✏️ Override Risk
You can manually override a supplier’s risk rating at any time:
Click Override Risk in the Risk Rating widget
Select a new risk rating
Provide the required justification
Click Save
🔄 To revert to the original rating, hover over Overridden Risk and select Revert.
🧾 Supplier Insights & Intelligence
🧾 Business Snapshot
Provides high-level business details, including:
Industry
Location
Number of employees
Social media links
Certifications and auto-discovered compliance data
📊 Industry Range
Displays how the supplier’s Cyber Posture Rating compares to other organizations in the same industry.
🛠️ Remediation Tasks
📌 Overview
The Remediation Tasks widget allows you to quickly view all open remediation tasks associated with the supplier.
💡 What You Can Do
Monitor outstanding remediation actions
Track progress toward mitigating identified findings
Stay aligned on what still requires attention
🔍 Assets
Panorays automatically discovers and maps organizations’ digital attack surface, including:
Domains and subdomains
IPs and IP ranges
📈 Rating History
Shows how the supplier’s Cyber Posture Rating has changed over time.
📰 Cyber News & Data Breaches
Provides a log of public news mentions related to:
Data breaches
Cybersecurity incidents
📋 Note
This feature uses publicly available information only.
⚠️ Dark Web Mentions
Displays the number of times the supplier or related assets were mentioned on the Dark Web in the past 30 days, helping identify potential trends or exposure.
🌐 Supply Chain Discovery
Automatically uncovers your extended supplier network, provides cyber posture insights, and helps add new suppliers to your TPRM program.
📂 Tabs & Actions
❗ Findings
View all open findings identified for the supplier.
For more details, refer to the dedicated Findings article.
🔍 Assets
Panorays automatically discovers and maps organizations’ digital attack surface, including: Domains and subdomains, IPs and IP ranges
You can:
Click the asset map to view the full asset list
Filter by asset type or geolocation
Review findings and asset status
💡 Note
Assets may include publicly facing systems that are not directly related to services provided to you.
You can find out more about your company’s assets here.
🌐 Supply Chain
The Supply Chain Discovery feature gives visibility into your extended attack surface, automatically identifying direct and indirect technological relationships with potential suppliers.
💡 Key Benefits
You can easily add discovered suppliers to your inventory
Provides supporting evidence, cyber posture ratings, and commonality scores
Helps mitigate risk by including suppliers in your TPRM program
📋 Questionnaires
View all questionnaires that were sent to the supplier and their current status.
🛠️ Remediation & Tasks
The Remediation & Tasks tab displays all remediation requests received from your clients, allowing you to track and manage actions required to mitigate identified findings.
💡 How It Works
View all open and resolved remediation requests in one place
Track progress on mitigation efforts directly from the Supplier Page
Maintain clear communication and accountability with your clients
📌 Learn More
To learn more about creating and managing remediation plans, refer to the dedicated Panorays Remediation Plansarticle.
✏️ Info
Edit a supplier’s business information, impact settings, tags, assessment types, and contacts directly from the Info tab.
📌 Approval Snapshot
Tracks all changes to a supplier’s approval status, including dates, status updates, and a snapshot of their Cyber Posture Rating, Questionnaire Rating, Additional Factors, and Risk Rating at each recorded point.
📎 Documents & Files
Access all documents and files:
Attached to questionnaires
Uploaded via the supplier’s Notes section
🔄 Activity
The Activity Center provides a complete audit trail of events across the Panorays platform, giving you full visibility into supplier activity and vendor management actions.
💡 What You Can See
Historical actions and changes across the platform
Who performed each action and when it occurred
Supplier communications and status updates
📌 Why It Matters
The Activity Center helps you track accountability, understand past actions, and maintain a clear record of supplier-related activity—all in one place.
For more details, refer to the dedicated article.
🔝 Supplier Page Menu Icons
The icons in the top-right corner of the Supplier Page menu give you quick access to key features for managing and reviewing suppliers.
📂 Segments
Assess a specific subset of a supplier’s assets to provide a more focused and accurate risk and cyber posture rating. Ideal for suppliers with multiple domains, environments, or business units that require separate evaluation.
📝 Notes
Document your internal assessment process and any supplier-specific information directly on the Supplier Page. You can also collaborate with colleagues by tagging them in notes.
💡 How to Tag Someone
To tag a user in a note:
Type "@" in the body of the note
Begin typing the user’s name or email
Select the user you’d like to tag
Tagged users will receive an email notification.
📥 Download Assessment Report
Download a PDF report containing:
Supplier information
Cyber Posture Ratings (overall and per category)
Industry Range
Findings
Important Questions
