HECVAT CBI

The Community Broker Index (CBI) provides an up-to-date list of vendors who are willing to share their completed HECVAT. Security assessors at colleges and universities can utilize the posted assessment, saving time for both security assessors and service providers.

The CBI is also building a list of vendors/SPs who have incorporated HECVAT into their cloud, third party, or vendor risk management tool or services.

If you’d like to have your company added or see a vendor added to either list, please contact us and provide us with the vendor name, product name, and contact information.

All completed assessments shown here have been provided to us by the vendor.

Vendor	Product Assessed	Date of Assessment	Vendor Site
AppointmentPlus	AppointmentPlus Scheduling Solution	6/12/2020	https://www.appointmentplus.com/
Astrum U	Astrum U	8/12/2019	https://www.astrumu.com
Aviso Retention	Aviso Enterprise Student Success Platform	6/4/2018	https://avisoretention.com
Bluefin Payments	Payconex & Decryptx	12/31/2019	https://www.bluefin.com/
Box	Box Cloud Content Management	3/06/2019	https://box.com
Casino Vision, Inc.	VALT (Video Audio Learning Tool	3/4/2018	https://www.cvisecurity.com
Choice Entertainment Technologies	Choice CRM	3/31/2019	https://choiceticketing.com
Clarivate	Metacore	4/16/20	https://clarivate.com
Clone Systems, Inc.	Clone Guard	6/22/3030	http://Clone-Systems.com
Cocentric Sky	Badgr for Canvas LTI	9/17/2018	https://www.concentricsky.com
Code42 Software	Code42	3/9/2020	https://code42.com
Concept 3D	Concept 3D	5/11/2018	https://www.concept3D.com
Conclusive Systems, LLC	Advisor	6/17/2020	https://www.conclusivesystems.com
Degree Analytics	EnGauge	4/10/2018	https://degreeanalytics.com
Exxat, LLC	STEPS	6/26/2019	http://exxat.com
Gallup, Inc.	Employee Engagement	2/24/2020	https://www.gallup.com/education/194321/higher-education-employee-engagement.aspx
Gallup, Inc.	CliftonStrengths for Students	2/6/2020	https://www.strengthsquest.com/home.aspx
Google	Google Cloud Platform	5/1/2019	https://edu.google.com/higher-ed-solutions/
Google	G Suite	5/1/2019	https://edu.google.com/higher-ed-solutions/
i-Sight	i-Sight	4/1/2020	https://i-sight.com/
Ivy.ai, Inc	Ivy.ai, Inc	12/10/2018	https://ivy.ai.com
Kivuto	Kivuto Cloud	4/1/2019	https://kivuto.com
LastPass	LastPass Enterprise	3/10/2020	https://www.lastpass.com/education
LearningMate Solutions Inc.	FROST	3/6/2020	https://www.learningmate.com/frost/
Lorensbergs Ltd	Connect2	2/14/2020	https://www.connect2software.com/
Maxient	Conduct Manager	3/20/2020	https://maxient.com
Maxxess Systems	InSite	6/4/2020	https://insite.maxxess-systems.com/
Othot, Inc.	Othot Platform	5/19/2020	https://othot.com/
Ovrture, Inc.	Ovrture	6/1/2019	https://ovrture.com/security/
Proctorio	Proctorio	4/1/2018	https://proctorio.com
Prophix	Prophix Budgeting, Forecasting, and Financial Reporting Solution	3/29/2019	https://www.prophix.com/industry-higher-education/
Rhinogram, LLC	Rhinogram	4/22/2020	https://www.rhinogram.com/
Slack Technologies, Inc.	Slack	3/1/2020	https://slack.com/
Sona Systems	Participant Pool Management Software	1/6/2019	https://www.sona-systems.com
Splunk, Inc.	Splunk Cloud	6/15/2020	https://www.splunk.com/en_us/software/splunk-cloud/splunk-cloud.html
Stoelting Co.	OptoDrum: Automated Measurement of Optomotor Reflex, Rat	4/17/2020	https://www.stoeltingco.com/optodrum-automated-measurement-of-the-optomotor-reflex-6826.html
Symplicity	Accommodate	6/4/2018	https://symplicity.com
Symplicity	Advocate	6/4/2018	https://symplicity.com
Symplicity	Career Services Manager	6/4/2018	https://symplicity.com
Symplicity	Horizons	6/4/2018	https://symplicity.com
Symplicity	Insight	6/4/2018	https://symplicity.com
Symplicity	Residence	6/4/2018	https://symplicity.com
Ucroo	Campus	10/17/2019	https://campus.app/
Wasabi Technologies	Wasabi Hot Cloud Storage	2/28/2019	https://wasabi.com/

Vendor	Product Name	Date of Inclusion	Vendor Site
Advantiv Solutions	DecisionDirector for HECVAT	October 30, 2018	https://advantiv.com
GreyCastle Security	GreyCastle Vendor Risk Management	April 17, 2017	https://greycastlesecurity.com/company/
Privva	Privva VSA	June 1, 2019	https://privva.com
ProcessBolt	ProcessBolt	May 1, 2019	https://processbolt.com/hecvat/
Salty Cloud, PBC	Isora	May 8, 2019	https://saltycloud.com
Swivl, Inc	Swivl Cloud	March 1, 2019	https://cloud.swivl.com
ThirdPartyTrust	ThirdPartyTrust	April 1, 2019	https://thirdpartytrust.com
Whistic	OnePlatform	May 9, 2019	https://whistic.com

Information regarding HECVAT participation is provided to HECVAT users for the goal of accurately assessing the security and privacy of third party and cloud services in good faith with no explicit or implied guarantees or warranties. The participating provider is responsible for maintaining the accuracy of the information to the best of their ability.

A security risk assessment is but one part of an institution's procurement process. Action taken by institutions based on the completed HECVAT questionnaires must be informed by local technical expertise and applied as appropriate to the local technical, functional, and cultural environments." Participating service providers and the REN-ISAC, its sponsoring organizations, and members accept no responsibility for negative impacts of any sort that results from local actions taken on information supplied through the HECVAT process outlined herein.

HECVAT participation is not intended to introduce a legal liability on participants or on the REN-ISAC organization, its host and sponsoring organizations, or officers.

HECVAT CBI

Completed Assessments

Vendors Using HECVAT in their Products

REN-ISAC social media channels

Research & Education Networks Information Sharing & Analysis Center