IT Brief Australia - Technology news for CIOs & IT decision-makers
Australia
Strike Graph launches Trust Chain for supplier risk
Data Protection DevOps Supply Chain

Strike Graph launches Trust Chain for supplier risk

Wed, 6th May 2026 (Yesterday)
Sofiah Nichole Salivio
SOFIAH NICHOLE SALIVIO News Editor

Strike Graph has launched Trust Chain, a third-party risk management product for existing customers.

The launch addresses a common approach to vendor assessments, in which companies rely on suppliers to complete security questionnaires and provide self-reported information about their controls. Trust Chain instead asks vendors to submit compliance documents such as security audits, penetration tests and breach response procedures. Those documents are then checked against specific requirements using Strike Graph's Verify AI system.

The product is built into Strike Graph's broader compliance platform, allowing vendor risk information to sit alongside a customer's compliance programmes, framework controls and audit evidence. That removes the need for a separate workflow or standalone tool for supplier assessments.

How it works

Trust Chain has three main elements. The first is a set of evidence request libraries that lets customers define which documents each vendor must provide, either from a standard set or from existing questionnaire formats converted into evidence requests.

The second is AI-based evidence validation. The system tests vendor submissions against the requirements they are meant to satisfy and identifies gaps without manual review.

The third is ongoing supply chain monitoring. Customers can set expiry schedules for evidence so refreshed documents are requested automatically, rather than waiting for the next annual assessment cycle.

Strike Graph is positioning the product at larger organisations managing compliance across multiple subsidiaries and supplier networks. Teams can publish and synchronise controls across subsidiary workspaces while setting vendor requirements that differ by entity.

That structure is designed to reduce the administrative burden on companies running separate compliance processes across multiple business units. Vendors can submit existing documentation once, after which the system handles the validation work.

Justin Beals outlined the company's view of the problem Trust Chain is intended to solve.

"The question every compliance team is really asking when they run a vendor assessment is: does this vendor actually have the controls they say they have, or are they just telling us what we want to hear? Every generation of tools has made it easier to collect vendor attestations and self-reported documentation. But that just measures how well a vendor describes their compliance posture. Trust Chain is built to verify the evidence behind the description-at the scale and accuracy modern compliance programs actually require. That's not a faster questionnaire review. It's a fundamentally different answer to the same question," said Justin Beals, Chief Executive Officer and Co-founder of Strike Graph.

Pilot results

Strike Graph cited results from a pilot programme for the new product. Vendor assessment completion rates were more than twice as high as those seen with questionnaire-based tools, while customer time spent on third-party risk management fell by 92%, according to the company.

Those figures point to two longstanding issues in supplier risk reviews: low response rates from vendors, and the time compliance teams spend chasing information, reviewing documents and following up on missing material. In many organisations, those delays can leave assessments incomplete for long periods and create a backlog of annual reviews.

Chris Steffen, an analyst at Enterprise Management Associates, said the change lies in what is being tested during the review process.

"Organisations have been measuring compliance claims for decades and calling it third-party risk management. The problem isn't the questionnaire - it's the assumption that self-reported answers reflect reality. What Strike Graph has built with Trust Chain is architecturally different: rather than asking vendors what their controls look like, it validates whether the evidence they submit actually demonstrates those controls. That's the shift the market needs, and it's the right direction for TPRM to move," said Chris Steffen, Vice President of Research at Enterprise Management Associates.

Pricing

Pricing starts at USD $7,500 for 25 vendors. An unlimited vendor option costs USD $30,000.

Strike Graph positions that pricing against the cost of standalone third-party risk management products and larger governance, risk and compliance systems. Trust Chain is available now to current customers of the Strike Graph platform.

Founded in 2020, Strike Graph sells compliance management software and says its platform supports more than 30 compliance frameworks. It also says it hosts its own AI models rather than relying on external AI services.

Related stories
API attacks surge as AI exposure raises cyber risk
AI flaws & supply-chain risks top new pentesting report
Thales launches Imperva for Google Cloud in controlled availability
Custom AI to drive half of cyber incidents by 2028
AI ambitions collide with legacy integration problems
Top stories
ICANN opens new domain ending applications for 2026
AI linked to 83% of security breaches, Gigamon says
FourKites launches Booking Connect for ocean freight
TechDay unveils major redesign across global network
Origin partners ServiceNow to embed benefits answers