Agent-based research
VendexLabs gathers vendor intelligence from public sources using a combination of large language models and live web search, then structures the results into the profile that powers scoring:- Multi-source research — language-model research (Perplexity, OpenAI) is combined with live web search to assemble a dossier across security, privacy, operations, and business signals.
- Evidence and citations — factual fields are tracked back to their sources. Each domain’s analysis on the GRC Posture tab links out to the pages the research drew from, so a score is never a black box.
- Confidence, stated honestly — each domain carries an evidence badge (for example, Strong evidence or Moderate evidence) describing how much the research had to work with. Where the public record is thin, VendexLabs says so rather than inventing certainty.
Enrichment covers distinct sections — company basics, security posture, privacy controls, operational and business maturity, logo, and GRC scores. New custom vendors run the full pipeline; existing vendors are refreshed on a schedule so the picture stays current.
From evidence to a score
The research feeds the five-domain risk score: Compliance, Privacy, Breach & threat track record, Operational maturity, and Business & financial stability. Scoring is a deterministic rollup of the evidence — the same inputs always produce the same score — which keeps results explainable and reproducible.AI assessment comments
When you write up an assessment, VendexLabs can draft the review comments for you. Based on the vendor’s evidence, it can suggest a security-risk comment and a compliance-review comment, and flag a short list of open items — genuine evidence gaps worth verifying before you sign off.Suggestions are a starting point, not the decision. If you provide a draft, VendexLabs refines it rather than replacing your words — you stay the author, and the audit log records what you approved.
Continuous, not point-in-time
Because enrichment refreshes over time and monitoring watches for new incidents, a vendor’s profile keeps pace with reality. This is the core idea behind VendexLabs: turning static security documentation into live vendor intelligence you can make decisions on.Risk scoring
See exactly how the researched evidence becomes a score and a recommendation.
