Vendor Intelligence Platform
FOR THE FIRST TIME: GTM INTELLIGENCE VENDORS CAN'T BUY
No quadrants. No waves. No pay-to-play. Just what vendors actually do vs. what they claim.
The Problem
Vendor compliance doesn't mean your compliance.
Your vendors claim SOC 2 certification, GDPR compliance, and privacy-first architecture. These claims describe their internal operations. They do not describe what their JavaScript does when it runs on your site, in your visitors' browsers, under your data controller obligations.
The gap between vendor claims and runtime behavior is where liability lives. Nobody was documenting that gap. Now someone is.
They Claim
"We only collect data after explicit consent has been provided."
Observed
Tracking scripts initiate cookie writes within 200ms of page load — before any consent interaction.
What BLACKOUT Does
Runtime evidence, not vendor promises.
We scan vendor code in live browser environments, document what it does, and surface the gaps between marketing claims and observed behavior.
Scan
Multi-vector browser analysis captures scripts, network requests, cookies, storage, and fingerprinting techniques as they execute in real-time.
15,480 IOC signatures across 600+ vendors
Document
Every finding is mapped to a proprietary threat taxonomy (BTI codes), cross-referenced against vendor claims, and rated by severity.
Claims vs. reality on every disclosure gap
Deliver
Intelligence briefings, IOC manifests, and evidence packs structured for the people who need them — legal, procurement, security, and leadership.
Role-specific actions, not generic recommendations
Vendor Database
See what we've found.
| Vendor | Category | Risk Score | Findings | Gaps | IOCs | |
|---|---|---|---|---|---|---|
| 6sense | ABM | 90 | 5 | 8 | 139 | View → |
| CHEQ | Visitor ID | 90 | 7 | 6 | 190 | View → |
| ZoomInfo | Visitor ID | 90 | 6 | 8 | 12 | View → |
| RB2B | Visitor ID | 85 | 5 | 7 | 31 | View → |
| Clay | Enrichment | 80 | 4 | 5 | 12 | View → |
The Revenue Problem
This isn't just a compliance problem.
It's a revenue problem.
Your vendors are siphoning pipeline intelligence, inflating attribution, and feeding your buyer data into shared pools your competitors can access.
| What You Think | What's Actually Happening | The Impact |
|---|---|---|
| "Our intent data gives us an edge" | Your competitors buy the same pool | Zero competitive advantage |
| "Our attribution is accurate" | 5 vendors claim the same conversion | CAC metrics are fiction |
| "We own our first-party data" | Vendors harvest and resell it | You're funding competitors |
| "Our pipeline is confidential" | Enrichment vendors see every lead | Commercial intel is leaking |
Your servers have Datadog.
Your network has firewalls.
Your endpoints have CrowdStrike.
Your customer's browser — where the transaction actually happens — is in a blackout.
We turn on the lights.
Who BLACKOUT Is For
Different problem. Same evidence.
Security & CISO
Your GTM stack is an unmonitored egress vector.
You monitor APIs, endpoints, and network traffic. BLACKOUT monitors the 40+ JavaScript vendors Marketing deployed without a security review.
Legal & GRC
Your DPAs are contracts. This is runtime evidence.
When you need to document what a vendor actually does — for a regulatory inquiry, an audit, or a contract negotiation — BLACKOUT provides timestamped findings.
RevOps & Marketing
Your vendors are selling your signals back to your competitors.
Your visitors cost $50+ each to acquire. Some of your tools feed those signals into shared data pools. We show you which ones.
Procurement
Walk into your next renewal knowing something they don't expect.
BLACKOUT gives you documented evidence of vendor behavior gaps. Use it to renegotiate terms, demand transparency, or justify cutting a vendor loose.
Positioning
This doesn't exist yet.
Existing tools cover pieces of the problem. None document the gap between what vendors claim and what their code does at runtime.
| Existing Tool | What They Do | What BLACKOUT Does |
|---|---|---|
| OneTrust / TrustArc | Consent management | We verify if vendors actually honor consent |
| SecurityScorecard | Outside-in risk ratings | We show runtime behavior from the inside |
| Cookiebot | Cookie scanning | We capture full runtime — scripts, network, evasion patterns |
| Manual pen tests | Point-in-time snapshots | We detect defeat devices that activate between audits |
See what your vendors are actually doing.
Browse 600+ vendor profiles. Free tier available. Evidence packs for when you need to act.