TrustRadius

KnowBe4 KCM GRC Platform (discontinued) vs. Rencore Code (SPCAF)

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
KCM GRC Platform
Score 7.3 out of 10
N/A
KnowBe4 headquartered in Clearwater offers their governance, risk, compliance platform, the KCM GRC Platform.N/A
Rencore Code (SPCAF)
Score 8.8 out of 10
Enterprise companies (1,001+ employees)
Many organizations that use Office 365 are exposed to security risks that they are unaware of. As they extend SharePoint to meet their business needs, they build applications using technologies that range from end-user Microsoft Flow to developer-focused SharePoint Framework. Unfortunately, all of these custom applications are capable of circumventing the security measures organizations have in place exposing the organization and its data to security…N/A
Pricing
KnowBe4 KCM GRC Platform (discontinued)Rencore Code (SPCAF)
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
KCM GRC PlatformRencore Code (SPCAF)
Free Trial
NoYes
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoYes
Entry-level Setup FeeNo setup feeOptional
Additional Details
More Pricing Information
Community Pulse
KnowBe4 KCM GRC Platform (discontinued)Rencore Code (SPCAF)
Features
KnowBe4 KCM GRC Platform (discontinued)Rencore Code (SPCAF)
Governance, Risk & Compliance
Comparison of Governance, Risk & Compliance features of Product A and Product B
KnowBe4 KCM GRC Platform (discontinued)
9.3
1 Ratings
21% above category average
Rencore Code (SPCAF)
-
Ratings
Common repository of GRC items10.01 Ratings00 Ratings
Risk management10.01 Ratings00 Ratings
GRC policy management8.01 Ratings00 Ratings
Best Alternatives
KnowBe4 KCM GRC Platform (discontinued)Rencore Code (SPCAF)
Small Businesses
Egnyte
Egnyte
Score 9.5 out of 10
GitLab
GitLab
Score 8.7 out of 10
Medium-sized Companies
Forcepoint DLP
Forcepoint DLP
Score 7.9 out of 10
Veracode
Veracode
Score 9.1 out of 10
Enterprises
Forcepoint DLP
Forcepoint DLP
Score 7.9 out of 10
Veracode
Veracode
Score 9.1 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
KnowBe4 KCM GRC Platform (discontinued)Rencore Code (SPCAF)
Likelihood to Recommend
8.0
(1 ratings)
8.8
(11 ratings)
Support Rating
10.0
(1 ratings)
9.1
(2 ratings)
User Testimonials
KnowBe4 KCM GRC Platform (discontinued)Rencore Code (SPCAF)
Likelihood to Recommend
Discontinued Products
KnowBe4 KCM GRC Platform is well suited for a company that knows what they're doing compliance wise and needs to save time doing it. It won't be something you can spend a few hours on and then put on autopilot. It was made to create a rhythm within your own team, and you'll need to have the buy-in. It's useful for IT and Legal teams that already have a vendor risk management process, but want to have a better handle on it. Giving an outside auditor read-only access to a scope is also a huge time saver.
Randy Munroe | TrustRadius Reviewer
Randy Munroe
Information Security Analyst
Read full review
Rencore
For Microsoft shops that are doing custom development on the Microsoft cloud platform in Office 365 and Azure, the Rencore toolset is an absolute must, especially if you are involved in converting farm solutions to cloud, or just moving into cloud development for the first time.
Paul Hunt | TrustRadius Reviewer
Paul Hunt
Business Productivity Practice Lead
Read full review
Pros
Discontinued Products
  • Mapping controls across different compliance frameworks. It saves you a ton of time and energy!
  • Performing risk assessments at the granularity that you prefer, splitting assessments across departments and teams if you wish.
Randy Munroe | TrustRadius Reviewer
Randy Munroe
Information Security Analyst
Read full review
Rencore
  • Unique expert knowledge of their target platforms. Not many companies have such a unique position in their target market. Their employees have a deep understanding of SharePoint, Office 365 and Azure and also regularly advise Microsoft on these matters.
  • Community involvement and contribution to open source projects. Key employees at Rencore are considered thought leaders in their area of expertise and contribute to high profile Microsoft open source initiatives.
  • Rencore's unique position when it comes to code quality analysis in the SharePoint space sets it apart. There's really no alternative.
  • Platform governance is another Rencore strength. No other product provides the insights into your SharePoint Online environment with full auditing of not only configuration changes but also who changed which code where and when. Again no alternatives exist.
Thomas Vochten | TrustRadius Reviewer
Thomas Vochten
Solution architect Office 365 & SharePoint | Microsoft MVP
Read full review
Cons
Discontinued Products
  • Vendor management has a few kinks to work out. We want to be able to do internal questionnaires for vendors as a compliance checklist before we sign off on a contract. Nothing in the works yet, but there are a few workarounds.
  • The navigation between different tasks in scope is clunky, and it's easy to lose your place, and it forces you back to the main page of the scope to retrace your steps.
Randy Munroe | TrustRadius Reviewer
Randy Munroe
Information Security Analyst
Read full review
Rencore
  • Rencore's product line is of course still a bit of a niche: SharePoint code quality is not something every organization on the planet is concerned with - although Rencore does much more than that.
  • We feel Rencore's marketing efforts are mainly targeted at technologists. There's a lot of other potential, especially for their platform governance product.
Thomas Vochten | TrustRadius Reviewer
Thomas Vochten
Solution architect Office 365 & SharePoint | Microsoft MVP
Read full review
Support Rating
Discontinued Products
Support from KnowBe4 KCM GRC Platform is always great. It's always in-house localized support, with excellent response times, and dedicated Customer Success Managers to answer the bulk of your questions or take your suggestions and make them a feature request. They will also reach out at least quarterly and do health checks to make sure you're using the platform to the best of your ability.
Randy Munroe | TrustRadius Reviewer
Randy Munroe
Information Security Analyst
Read full review
Rencore
Rencore support is unbeatable
Ralph Rivas | TrustRadius Reviewer
Ralph Rivas
Principal Consultant
Read full review
Alternatives Considered
Discontinued Products
Quantivate and Fusion were the other two options we checked out. The quantity was high, and a good bit more expensive, but it was the best performing with its platform. They also had more modules that each cost extra to add to your subscription. KnowBe4 KCM GRC Platform was all-in-one and a little less mature, but the better buy. Fusion was hard to follow in the demo, and I was not overly impressed. I may have made my decision early enough in the demo to not pay much more attention to it.
Randy Munroe | TrustRadius Reviewer
Randy Munroe
Information Security Analyst
Read full review
Rencore
I don't know of any products that compete in the space and if there were any, they would not stand a chance against Rencore. Behind any good product is a team of highly skilled individuals, who all have the same goal, who are passionate what they do and lastly, are in it for the betterment of where they started; As Developers themselves. You can't buy that
Alistair Pugin | TrustRadius Reviewer
Alistair Pugin
Solutions Architect
Read full review
Return on Investment
Discontinued Products
  • Just having the capacity to do things the right way, and formally, has driven some of our compliance efforts.
  • Due to licensing limitations, we likely overspent on seats to the platform that we didn't need but also didn't want to miss out on.
Randy Munroe | TrustRadius Reviewer
Randy Munroe
Information Security Analyst
Read full review
Rencore
  • The clear impact was the amount of time saved code reviewing or going through lines of code marked off by other tools that are not relevant. We cannot put a number on it since the project started off with the tool in place but based on the rules applied it could be as high as 20% of the project time.
Ralph Rivas | TrustRadius Reviewer
Ralph Rivas
Principal Consultant
Read full review
ScreenShots

KCM GRC Platform Screenshots

Screenshot of View All Compliance Requirements: View all your compliance requirements with details, descriptions, status, scope, and controls for each requirement.Screenshot of View All Compliance Tasks: The “My Dashboard” view narrows focus to tasks assigned to an individual end user, allowing your entire organization to work together towards compliance.Screenshot of View by Scope and Scope Status Report: Scopes enable you to track multiple projects in one place simultaneously allowing you to provide granular user permissions across each project.Screenshot of View Policy Campaign: See all campaign details and easily keep track of your policy campaign completion percentage and user acknowledgments.Screenshot of View Risk Breakdown and Risk Categories: The Risk Dashboard gives you high-level details on your risk categories and risk score associated with these categories.Screenshot of Easily Add Risks: The Risk Wizard makes it easy for you to create unique organizational risks or import risks from existing spreadsheets to your risk register.

Rencore Code (SPCAF) Screenshots

Screenshot of Using third party libraries allows you to build your SharePoint and Office 365 applications faster and focus on functionality specific for your organization. But regularly, security vulnerabilities are discovered in these external dependencies. If left unpatched, they become a security risk for your organization and its data. Rencore automatically warns you when any of the third-party libraries used in your applications has known vulnerabilities that could be exploited to hack your environment.Screenshot of Third-party libraries are regularly updated to improve performance and stability. Many organizations however don’t know when a new version of the library they use in their SharePoint and Office 365 applications is released and they keep using the old versions which exposes them not only to bugs but also to security risks. Rencore automatically warns you when a new version of a library that you use is available allowing you to verify the contents and the impact of the upgrade.Screenshot of Without proper tooling, it’s impossible to successfully enforce an application governance plan in SharePoint and Office 365. The number of ways in which users could possibly extend SharePoint combined with the thousands of pages and hundreds of settings that can be configured, make it impossible to continuously monitor for alignment with the organizational policies. Rencore helps you understand the configuration of your tenant as well as discover the different SharePoint and Office 365 applications used in your organization. With Rencore you will easily understand how these applications are built, which dependencies they have and which possible risks they expose your organization to.Screenshot of Your organization tailors SharePoint and Office 365 to its specific needs to get more value of its investment in the platform. But each organization has different needs and is subject to different laws and regulations. Rencore allows you to configure what policies you want to enforce in your tenant. Each violation gets reported so that you can take corrective action and successfully enforce your organization’s application governance plan.Screenshot of As you start discovering issues in your SharePoint and Office 365 environment, you will be taking corrective actions to mitigate the risks. Rencore helps you track these issues and the related tasks so that you can easily follow up on the status of each issue and control that your organization is improving over time.Screenshot of It’s not enough to have your SharePoint and Office 365 applications verified for compliancy with your organization’s policies before using them in production. As your applications evolve, they will require changes and each change exposes you to a number of risks. Rencore helps you track how your applications change over time, even if these applications don’t follow centralized deployment and are managed by power-users. Each change is assessed for potential risks that it could expose your organization to.