Panorays: Helping Organizations Manage Their Vendor Risk Effectively

By Amit Chowdhry • Jan 8, 2024

Panorays is a leading provider of innovative third-party security risk management solutions, helping organizations worldwide manage their vendor risk effectively and efficiently. Pulse 2.0 interviewed Panorays CEO and co-founder Matan Or-El to learn more about the company.

Matan Or-El’s Background

Or-El’s journey started in the Israeli Air Force, where he immersed himself in a vibrant hub of cybersecurity expertise. It was there that Or-El forged bonds with fellow cybersecurity experts and made connections that would later sow the seeds of entrepreneurship. 

In 2009, Or-El started his first venture called Mikarov, a location-based service for mobile devices. A year later, he started working at Imperva, where his commitment to cybersecurity deepened as he climbed from an R&D role to a Team Leader. Fueled by passion and vision, Or-El co-founded Panorays, where he now leads as CEO.

Co-founding Panorays enables Or-El to merge his passion for cybersecurity with his expertise as a serial entrepreneur. And he has built a strong team at Panorays which continues to support customers across the globe with the most comprehensive third-party risk management solution available on the market.

Formation Of Panorays

“Panorays emerged in response to the ongoing challenges in third-party security. The dynamic cybersecurity landscape, marked by notable incidents such as the MGM hack, has underscored the intricate and interconnected nature of the contemporary digital world. These sophisticated attacks not only pose a threat to individual entities but can also spread across multiple interconnected partners, emphasizing the critical role of third-party security.

Our primary responsibility at Panorays is to bolster the bridge between companies, with a keen focus on smaller vendors, to amplify their third-party risk management and security processes. Our platform provides a unique solution that aims to expedite and secure the vendor onboarding process, a traditionally tedious procedure which often takes months due to regulatory constraints and bureaucratic hold-ups.”

Favorite Memory

What has been your favorite memory working for the company so far?

“Working at Panorays, my proudest memory revolves around our transformative approach to the evolving cybersecurity landscape. In an era where threats have grown in complexity, our AI-driven system has been a game-changing innovation.”

Our clients often express astonishment at our platform’s efficiency and depth. But for me, the true highlight is Panorays’ mission: acting as a nexus for businesses globally, ensuring a safer digital commerce landscape across sectors, from healthcare to tech. It’s this collective journey and impact that remains my fondest memory.”

Core Products

What are the company’s core products and features?

“Panorays focuses on cybersecurity, specifically third-party risk management. We assess the security of our customers’ external partners, including indirect connections like subcontractors. A distinguishing feature at Panorays is our use of AI to simplify tasks such as processing security questionnaires and quickly detecting threats. Using Smart Match, we’ve streamlined the traditionally lengthy security questionnaire process by automatically answering a majority of repetitive queries, transforming vendor onboarding. 

Beyond this, our AI’s capability to predict risks, pinpoint supply chain vulnerabilities, and catch nuanced threats has been groundbreaking. Using our platform, customers can routinely check for vulnerabilities and integrate advanced technologies like intrusion detection, encryption, and multi-factor authentication to strengthen their security stance.”

Evolution Of Panoray’s Technology

How has the company’s technology evolved since launching?

“Since Panorays’ inception, our goal has been to use AI to simplify and enhance cybersecurity. Our Supply Chain Discovery tool automatically maps an organization’s digital relationships, shedding light on connections between vendors. We realized that many security teams lacked insight into their digital connections, which led to vulnerabilities. Our tool addresses this by offering detailed assessments for each vendor, helping businesses make informed decisions.

To complement this, we launched our Risk Insights and Response Portal. This platform provides real-time alerts about security incidents, ensuring businesses are always informed. In essence, we continuously innovate to meet the changing needs of the digital world.”

Challenges Faced

What challenges did you face in building the company?

“In our sector, we’ve definitely encountered some customer bottlenecks. Understanding the full scope of third-party relationships can be a challenge. And, many organizations struggle to identify and catalog all their third-party vendors and their associated risks, so that’s where Panorays can help.”

Organizations often have resource constraints as adequately assessing and monitoring third-party security requires time, expertise, and resources. Many of these businesses face limitations which can leave them vulnerable to cyber attacks. Conducting comprehensive security assessments of third parties can also be time-consuming and resource-intensive. 

As such, assessing the security posture of each vendor can be complex and create a bottleneck. Not all third parties pose the same level of risk. Therefore, prioritizing which vendors to assess and monitor can be challenging, leading to inefficiencies.”

Significant Milestones

What have been some of the company’s most significant milestones?

“Panorays has achieved several milestones that showcase our commitment to cybersecurity. One of our initial feats was creating a vast dataset of security questions and answers. This foundation allowed us to effectively utilize AI to simplify third-party security questionnaires. We also launched our Supply Chain Discovery tool, providing businesses a clear view of their entire digital supply chain and potential weak points.

Alongside this, our Risk Insights and Response Portal offers real-time alerts on security risks, helping businesses stay informed and react promptly. Additionally, our AI capabilities enable us to predict third-party risks by connecting company ratings with known security incidents. These achievements highlight our continuous efforts to provide innovative and efficient cybersecurity solutions.”

Customer Success Stories

Can you highlight a success story from one of your customers and how they utilized your solutions?

“Taylor Rose, a UK law firm, faced challenges with time-intensive manual vendor risk assessments. After implementing Panorays, the company centralized and automated vendor management, cutting assessment time by 75%. 

This shift transformed its third-party risk approach, ensuring comprehensive security evaluations while drastically improving efficiency. The partnership between Taylor Rose and Panorays highlights the power of modern tech solutions in addressing complex cybersecurity challenges.”

Total Addressable Market

What total addressable market (TAM) size is the company pursuing?

“Panorays aims to serve a large and diverse market, including various regions and industries. The increasing complexity of supply chains has led to a growing need for strong third-party security. 

Sectors like finance and healthcare, with strict rules, require comprehensive solutions, but understanding and managing supply chain cyber risks is vital for businesses across the board. As supply chains change and cyber threats grow, the company’s solutions apply to a wide and expanding market.”

Differentiation From The Competition

What differentiates the company from its competition?

“Panorays sets itself apart through a combination of advanced AI tools and human expertise. Our extensive dataset of security questions and answers allows for swift and accurate AI-driven solutions like the Supply Chain Discovery tool. 

However, we also recognize the limitations of technology. While our AI identifies and predicts risks, it’s our human team that adds depth and context to those findings. In an industry often leaning toward full automation or complete manual processes, our balanced approach ensures efficient and comprehensive cybersecurity solutions.”

Future Goals

What are some of the company’s future company goals?

“Our company aims to further refine and expand our digital tools, ensuring businesses have a clearer view of their digital security relationships and potential risks. We plan to enhance real-time alerts, helping companies stay updated and respond quickly to any security concerns. 

We’re also focusing on strengthening the collaboration between our AI capabilities and human expertise, ensuring that our solutions remain efficient yet deeply insightful. Overall, we aspire to continue innovating and providing comprehensive, easy-to-understand solutions for businesses’ cybersecurity needs.”

Additional Thoughts

Any other topics to discuss?

“One area I think warrants further exploration is the challenge posed by fourth-party suppliers in the digital supply chain. As these entities, like subcontractors or affiliates, often indirectly connect with primary suppliers, they might access critical systems without a direct contractual obligation. Their potential to compromise security can’t be underestimated. 

Furthermore, as we’re delving deeper into AI’s role in third-party cyber risk management, I’d like to highlight its potential in both understanding security questionnaires and detecting threats. The way AI, especially techniques like Natural Language Processing, is reshaping risk evaluation and response is a topic ripe for deeper discussion.”