Signup for upcoming webinar on applying GRC engineering to 3rd party risk management
Platform
Forensic AI Assessment
Blast Radius Monitoring
Agentic Risk Engineering
Resources
Blog
Learning Center
About
Join the Team
Get a Demo
Home
/
Blog
The Gap in AICPA Peer Review for New CPA Firms
Learn about the AICPA peer review gap where new CPA firms appear compliant to the SOC 2 market before their initial review is due.
Shahar Pearlman
Learn about the AICPA peer review gap where new CPA firms appear compliant to the SOC 2 market before their initial review is due.
Shahar Pearlman
|
May 4, 2026
What Vendor Risk Teams Can Learn from the Vercel Breach
What the Vercel breach reveals about shadow IT, fourth-party risk, and OAuth scope drift, and what TPRM programs need to address today.
Read More
How to Detect a Fraudulent SOC 2 Report
SOC 2 reports can be fabricated. Learn four concrete red flags — from unverifiable auditors to mismatched infrastructure — that distinguish a real audit from a fake one.
Read More
Training AI to Think Like an Attacker: The Red Team Approach to Risk Engineering
A guide to evolving TPRM using AI that simulates attacker behavior to identify vulnerabilities and architect secure vendor connections rather than relying on audits.
Read More
Checkbox TPRM is Dead. Start Engineering Risk
Traditional TPRM fails with vendor sprawl. Discover why compliance theater must stop and how Risk Engineers analyze real threats instead of checking boxes.
Read More
What is a Risk Engineer?
I've spent my career as an elite security researcher hunting vulnerabilities. My job has always been to think like an attacker: find the gaps and exploit the loopholes.
Read More
Building Agentic TPRM: A Guide
Learn the real architecture behind forensic risk engines — orchestration, risk graphs, adversarial agents, and continuous vendor risk monitoring.
Read More
.png)
.png)
.avif)