> ## Documentation Index
> Fetch the complete documentation index at: https://docs.vendexlabs.com/llms.txt
> Use this file to discover all available pages before exploring further.

# VendexLabs documentation

> Track vendors, run security and compliance assessments, and monitor your third-party risk posture from one place.

VendexLabs is a third-party risk management (TPRM) platform. It gives security, compliance, and procurement teams a single place to inventory their vendors, assess each vendor's security and privacy posture, track approvals, and watch for incidents that change the picture.

The core idea is simple: **risk is vendor posture multiplied by how you use the vendor.** A SOC 2 report tells you something about a vendor, but not how deeply that vendor sits in *your* environment. VendexLabs pairs **agent-based research** — evidence-backed vendor intelligence gathered continuously from public sources — with the context you add (dependency tier, data collected, use case) to produce a decision you can defend. It's the shift from check-the-box compliance to continuous, operational trust.

<img src="https://mintcdn.com/vendex-labs/qbmiIJ0Lp2Wc8Dsw/images/dashboard.svg?fit=max&auto=format&n=qbmiIJ0Lp2Wc8Dsw&q=85&s=43f5b09265bc35d3a9e4e49509e27d3a" alt="VendexLabs dashboard showing tier-weighted score, approvals, active tasks, assessment status, and score trend" width="1200" height="660" data-path="images/dashboard.svg" />

## Start here

<CardGroup cols={2}>
  <Card title="Quickstart" icon="rocket" href="/quickstart">
    Go from an empty account to a scored, tracked vendor portfolio in a few minutes.
  </Card>

  <Card title="How VendexLabs works" icon="diagram-project" href="/concepts/how-it-works">
    The moving parts — vendors, tiers, scoring, and assessments — and how they fit together.
  </Card>

  <Card title="Run an assessment" icon="clipboard-check" href="/guides/run-an-assessment">
    Record a compliance decision, set an approval status, and attach evidence.
  </Card>

  <Card title="Security & Trust" icon="shield-check" href="/trust/security">
    How VendexLabs protects your data, and how we handle privacy and compliance.
  </Card>
</CardGroup>

## What you can do

<Columns cols={2}>
  <Card title="Inventory every vendor" icon="table-list" href="/guides/add-vendors">
    Add vendors one at a time or import a whole list by CSV. New vendors are automatically enriched from public sources.
  </Card>

  <Card title="Score posture across five domains" icon="chart-simple" href="/concepts/risk-scoring">
    Compliance, privacy, breach history, operational maturity, and financial stability roll up into one aggregate score.
  </Card>

  <Card title="Track approvals over time" icon="circle-check" href="/concepts/assessments">
    Every vendor moves through a clear approval lifecycle with a full audit log of who changed what.
  </Card>

  <Card title="Monitor incidents" icon="triangle-exclamation" href="/guides/recent-events">
    When a vendor shows up in the news for a breach or vulnerability, it lands in your triage queue, ranked by severity.
  </Card>

  <Card title="Enrich automatically" icon="wand-magic-sparkles" href="/concepts/enrichment">
    Agent-based research builds a current, cited profile for every vendor — and can even draft your review comments.
  </Card>

  <Card title="Collect answers from vendors" icon="clipboard-list" href="/guides/questionnaires">
    Send a secure, self-service questionnaire; vendors verify by one-time code and upload evidence directly.
  </Card>
</Columns>

## For developers

VendexLabs is API-first. Everything in the product — vendors, lists, assessments, and portfolio metrics — is available over a REST API secured with your organization's tokens.

<Card title="API reference" icon="code" href="/api/introduction">
  Authentication, endpoints, roles, and data models for building on top of VendexLabs.
</Card>

<Note>
  Not sure where to begin? If you manage a vendor program, start with the [Quickstart](/quickstart). If you're integrating VendexLabs with your own systems, jump to the [API introduction](/api/introduction).
</Note>
