Magnitude has come out of stealth with $10m in seed funding from Ballistic Ventures, betting that artificial intelligence can take much of the labour out of third-party risk management at a time when vendor ecosystems are becoming more complex and more exposed.
The San Francisco-based company was founded by a team with backgrounds at Amazon, Abnormal AI, Proofpoint and Pandora. It says its platform is intended to act as an autonomous workforce for third-party risk teams, using ...
Continue Reading This Article
Enjoy this article as well as all of our content, including reports, news, tips and more.
By registering or signing into your SRM Today account, you agree to SRM Today's Terms of Use and consent to the processing of your personal information as described in our Privacy Policy.
AI agents to collect and check evidence, assess vendors, make governance decisions and push remediation work forward without constant human intervention.
Chief executive and founder Rami Habal argued that conventional third-party risk programmes were built for a slower, less interconnected world. As businesses increasingly depend on vendors, downstream suppliers and AI-enabled services, he said, the old model of periodic review is no longer enough to keep pace with what he described as autonomous offence.
Ballistic Ventures co-founder Jake Seid said the firm backed Magnitude because security tools now need to help companies move faster as well as stay safer. He also pointed to the widening attack surface created when vendors add AI features and when attackers themselves use AI to scale operations.
Magnitude is entering an already busy field. Bitsight, Vanta, 3rdRisk and others have all pushed automated and AI-assisted tools for monitoring suppliers, accelerating assessments and surfacing risk across fourth-party and wider supply chains. KPMG, meanwhile, has stressed that third-party security programmes now have to account for expanding regulatory pressure, cloud reliance and AI-linked exposure.
What Magnitude is promising is a more hands-off model than traditional workflow automation: one in which risk agents do not merely route tasks, but learn how an organisation makes decisions and apply those standards continuously across its external dependencies. The company says that over time the system improves its reasoning, with the aim of turning third-party oversight into a standing defence capability rather than a periodic compliance exercise.
Source: Noah Wire Services
