NormShield Cyber Risk Rating System

A Platform Built From a Hacker’s Perspective

NormShield’s platform was built to provide full visibility into a vendor’s cyber position. It enables enterprises to continuously monitor third-party risks, assigns a letter grade to each vendor, correlates findings with industry standards to inform compliance requirements, and determines the financial impact if a third-party experiences a breach.

The high-quality data platform communicates risk in qualitative, quantitative and easy-to-understand business terms for executives, and allows IT-security teams to drill down to the technical details in each risk category.


3D Vendor Risk @ Scale®

Technical Grade

Technical Score

Financial Impact

Financial Impact




NormShield identifies your cyber risk using three dimensions.


Normshield Contact Us

Technical Report

NormShield uses Open-Source Intelligence (OSINT) and non-intrusive cyber scans to identify and mitigate potential security risks. The platform points out vulnerabilities and attack patterns using 20 categories and more than 400 controls, without ever touching the target customer. Each vendor in your ecosystem is assigned a letter grade based on their cyber risk posture, giving you the tools to make better risk-based business decisions.   Learn More link arrow

Financial Impact Report

NormShield is the only cyber risk rating system that calculates the probable financial loss(risk) in the case of a cyber breach. Most security issues get “lost in translation” when reported to upper-level executives. By translating the ” security language” to “business language”, the Financial Impact Report has been a game-changer in security-reporting.

Open FAIRTM is the only international standard Value at Risk (VaR) model for cybersecurity and operational risk. Platform users can leverage Open FAIRTM results in prioritization of financial resource allocation.   Learn More link arrow

Compliance Report

NormShield correlates platform findings to industry standards and best practices. The cross-correlation capability measures the compliance level of a target company based on the standard input, saving time and effort for both the company and vendor. The classification allows you to measure the compliance level of any company for different regulations and standards including NIST 800-53, ISO27001, PCI-DSS, HIPAA, GDPR, and Shared Assessments.  

About Normshield

See What Hackers See

NormShield uses the same open-source intelligence tools and techniques hackers use – data collectors, crawlers, honeypots, etc. – to continuously collect information from internet-wide scanner databases, reputation sites, cyber events, hacker shares, and known vulnerability databases.

Continuously Monitor Your Third-Parties

What if your home surveillance system only monitored your house at one point in time? What? We feel the same way. Especially when it comes to your vendors and suppliers. It’s critical to know who poses the highest risk to your organization on an ongoing basis. What gets measured is what gets managed, so we make sure every third party in your ecosystem is taken care of at all times.

Receive a free cyber risk rating and discuss your cyber risk with one of our experienced analysts.
Get your free cyber risk rating now!
Learn More