Built by Spot Cloud B.V.

A focused tool for teams who have to prove, not just claim, that their third-party risk is under control.

What VendorGuard is

VendorGuard tracks every third-party vendor an organisation relies on, runs risk assessments against DORA, NIS2, and ISO 27001:2022 supplier controls, and keeps a working register of information alongside incidents, contracts, and follow-up tasks. It is built for the people who own vendor risk day to day — not a generic GRC platform retrofitted for the job.

Part of the Spot Suite

VendorGuard is one product in the Spot Suite, a set of focused applications from Spot Cloud B.V. for teams that answer to auditors, regulators, and contractual security clauses. Each Spot Suite product runs on Cloudflare's edge network — Workers, D1, and R2 — with a dedicated environment per customer rather than a shared multi-tenant database.

Where we are

VendorGuard is in active development. Sign-in currently runs through a development login while the Spot Suite single sign-on integration is finished; production customers will authenticate through their organisation's Spot Suite identity. We would rather say that plainly than imply a maturity the product has not reached yet.

Spot Cloud B.V.

Spot Cloud B.V. is based in the Netherlands and designs, builds, and operates the Spot Suite directly — no reseller layer, no white-label middleman. Questions about how VendorGuard stores or processes data go straight to the team that runs it; see the contact page.