Logo of Whistic

Whistic

Website LinkedIn Twitter

Last updated on

Company health

Employee growth
11% decrease in the last year
Web traffic
25% decrease in the last quarter
Financing
February 2022 - $51M

Ratings

G2
4.6/5
(46)
Glassdoor
4.5/5
(46)

Whistic description

Whistic is a software platform designed to manage the security risks of working with third-party vendors. It helps businesses assess the security posture of their vendors and share their own security information with customers. Whistic offers automated assessments, a centralized hub for security documentation (a "Trust Center"), and access to a network of vendors already using the platform. Its AI-powered features aim to streamline the vendor risk assessment process, saving time and resources for both vendors and their customers.

Who is Whistic best for

Whistic centralizes vendor security data, automating assessments and questionnaires. Users praise its time-saving automation and proactive security posture management. However, some find the UI/UX complex and desire more customization options. Whistic is best for medium to large businesses prioritizing streamlined vendor risk management.

  • Best fit for medium to large businesses needing robust vendor security management.

  • Ideal for businesses in software/IT, finance, and healthcare handling sensitive data.

Whistic features

Type in the name of the feature or in your own words tell us what you need
Supported

Whistic supports assigning and conducting risk assessments using CIS controls and AI.
Supported

Whistic automates security questionnaire responses using AI and existing documentation.
Supported

Whistic supports storing and managing vendor-related documentation.
Supported

Whistic offers a centralized platform called "Whistic Profile" to manage and share security documentation.
Qualities

We evaluate the sentiment that users express about non-functional aspects of the software

Ease of Use

Rather positive
+0.33

Whistic reviews

We've summarised 45 Whistic reviews (Whistic G2 reviews) and summarised the main points below.

Pros of Whistic
  • Centralized platform for security documentation and automated assessments.
  • Streamlines vendor risk assessment process, saving time and resources.
  • Easy to use and share security profiles with prospects.
  • Facilitates proactive sharing of security posture, reducing the number of questionnaires.
  • Provides deeper insights into vendors in a shorter time frame.
  • Seamless integration of features like issues, trust catalog, and reporting.
  • Improves communication with vendors via clarification requests.
  • Simplifies vendor management and reduces manual effort.
  • Excellent customer support.
  • Customizable questionnaires are helpful for various compliance needs.
  • Offers valuable data for informed decision-making about vendors.
  • Provides a robust trust catalog with pre-filled questionnaires and certifications.
  • Helps achieve compliance obligations with automated tools.
  • Reduces the volume and size of security questionnaires received.
Cons of Whistic
  • The UI/UX needs improvement and isn't intuitive.
  • The learning curve is steep, and the help menu lacks detail.
  • Limited customization for Whistic profiles and confusing usage.
  • SAML implementation can be difficult and requires support.
  • Bulk download of policies and questionnaire responses is not possible.
  • Inability to export questions with replies for bulk updates.
  • Lack of threat monitoring and intelligence reporting.
  • New UI changes require time to adjust to.
  • No customizable fields when issuing an NDA.
  • Loading time of the portal can be slow.
  • Tricky to consolidate information for audits and inter-process use.
  • Limited integration capabilities out of the box.
  • Vendor reassessment process is not well-defined.
  • No way to customize admin notifications, leading to email spam.
  • Intake forms can be quirky and difficult to work with.
  • Profiles sometimes don't make it through firewalls.

Whistic pricing

The commentary is based on 3 reviews from Whistic G2 reviews.

Whistic's pricing information isn't available in these reviews. However, users highlight significant time and resource savings due to streamlined security questionnaires and vendor risk management, suggesting a potential return on investment regardless of cost.

See the Whistic pricing page.

Whistic alternatives

  • Logo of NAVEX One
    NAVEX One
    Better suited for broader governance, risk, and compliance needs beyond vendor security. Has more momentum based on employee growth. Lower ratings on Glassdoor and G2. Some users mention high cost and complex interface as downsides.
    Read more
  • Logo of Venminder
    Venminder
    Better for contract and vendor lifecycle management. A centralized dashboard is helpful for vendor and contract management, especially for regulatory compliance. More established, with a larger user base and more reviews, but has a steeper learning curve.
    Read more
  • Logo of IT Glue
    IT Glue
    Better for internal IT documentation and password management. More suitable for IT professionals and MSPs. Rated higher by users on G2 and Capterra.
    Read more
  • Logo of ProcessBolt
    ProcessBolt
    Better ease of use. Higher rated by users. Has more momentum based on employee growth. More cost-effective.
    Read more

Whistic FAQ

  • What is Whistic and what does Whistic do?

    Whistic is a vendor risk management platform that streamlines the security assessment process. It offers a centralized hub for security documentation, automated assessments, and AI-powered features to save time and resources. This helps businesses efficiently manage third-party security risks and share their own security posture with customers.

  • How does Whistic integrate with other tools?

    Whistic integrates with other tools via API. However, users have noted limited out-of-the-box integrations and difficulties with SAML implementation. For specific integration capabilities, contacting Whistic directly is recommended.

  • What the main competitors of Whistic?

    Whistic competitors include Venminder, Certa, ProcessBolt, and AuditBoard. These alternatives offer similar vendor risk management features, including automated assessments, centralized platforms, and compliance tools.

  • Is Whistic legit?

    Yes, Whistic is a legitimate vendor risk management platform. It's known for its centralized security documentation hub and automated assessments. User reviews highlight streamlined workflows and time savings, confirming Whistic's safe and effective approach to vendor risk management.

  • How much does Whistic cost?

    Whistic doesn't publicly disclose its pricing. Contact their sales team for a customized quote based on your specific needs and to determine if Whistic is worth the investment for your business.

  • Is Whistic customer service good?

    Customers praise Whistic's excellent customer support, highlighting its responsiveness and efficiency in resolving issues, particularly with SAML implementation. While some users found the SAML setup challenging, they appreciated the helpful support provided.

Reviewed by

MK
Michal Kaczor
CEO at Gralio

Michal has worked at startups for many years and writes about topics relating to software selection and IT management. As a former consultant for Bain, a business advisory company, he also knows how to understand needs of any business and find solutions to its problems.

TT
Tymon Terlikiewicz
CTO at Gralio

Tymon is a seasoned CTO who loves finding the perfect tools for any task. He recently headed up the tech department at Batmaid, a well-known Swiss company, where he managed about 60 software purchases, including CX, HR, Payroll, Marketing automation and various developer tools.