Skip to main content
The Vendor Summary provides a comprehensive, AI-generated analysis of any vendor’s security posture. This page helps both technical and non-technical stakeholders understand vendor risk at a glance.

Vendor profile

At the top, you will see the vendor’s logo, domain, overall security score (0–1000), tier, portfolio, and business label. You can edit any of these classifications directly.

Score trend

A month-over-month chart shows how the vendor’s security score has changed over time. DSALTA refreshes scores approximately once per week.

Compliance certifications

The summary displays which certifications the vendor holds — such as ISO 27001, SOC 2, or GDPR compliance — so you can quickly assess regulatory alignment.

10 security assessment categories

DSALTA evaluates every vendor by scanning their domains and IP addresses across 10 categories:

Application Security

Web application protections, secure headers, and app-level vulnerabilities.

Network Security

Open ports, firewall configuration, and network exposure.

Endpoint & OS Security

OS patching, endpoint protection, and device security.

IP Reputation

Blocklist presence and IP address reputation.

DNS & Email Security

SPF, DKIM, DMARC configuration strength.

Information Leakage

Exposed credentials, misconfigured storage, data leaks.

Vulnerability Exploitation

Known exploited vulnerabilities and unpatched systems.

Dark Web & Chatter

Mentions on dark web forums, breach databases, paste sites.

Security Best Practices

HTTPS enforcement, certificate validity, security hygiene.

Social Engineering

Susceptibility to phishing and impersonation attacks.
Each category receives a weighted score that contributes to the overall 0–1000 rating.
Share the vendor summary with procurement or leadership teams — the AI-generated narrative makes vendor risk understandable without requiring security expertise.