Activate your access
Paste the invitation token your customer's CISO sent you. Tokens are single-use and time-bound. After activation you receive a vendor JWT and land on your submissions dashboard.
What is the VAPT Vendor Portal?
URIP customers invite their pentest / VAPT vendors here so findings land directly in their unified risk register. Every finding you submit is automatically enriched with EPSS exploit probability, CISA KEV status and remediation steps before the customer's IT team sees it.
Why a single-use token?
Invitation tokens act as your credential — single-use makes a leaked link useless. After activation, your session is JWT-based. If you switch devices, ask the customer's CISO for a fresh token.