Web Cited Research

Zero of 600.

We tested 10 funded B2B compliance vendors for AI search visibility. Across 4 large language models (LLMs) and 600 buyer-research responses, none of them got cited even once.

Published May 15, 2026 · Compliance & Risk Management category
0 / 600 Target-brand mentions across 4 LLMs × 5 prompts × 3 trials × 10 brands. Match criteria: brand domain OR brand name (case-insensitive) anywhere in the response.

The finding in one paragraph

We picked 10 funded B2B compliance and risk-management software companies. We asked four leading LLMs (ChatGPT, Claude, Gemini, Perplexity) five buyer-research questions any compliance officer or VP of risk would plausibly type into an AI assistant. We ran each question 3 times per engine to account for response variance. That produced 600 distinct LLM responses, 296,329 characters of compliance recommendations. None of the 10 brands we measured appeared anywhere in any of those responses, by domain or by brand name. The category is being defined by a different set of brands entirely. Below: who got cited instead, what we measured, and what this means if your name is on the invisible list.

The Invisible 10

All 10 brands score 0 / 60 LLM responses. They were not ranked low. They were not in the conversation at all. The "Homepage fixes" column shows the per-brand count of fix recommendations detectable from a single homepage fetch; the range across the 10 brands is 3 to 15. The full Web Cited audit identifies additional fixes from deeper page-by-page analysis.

Brand Domain Category Score Homepage fixes
360factors360factors.comEnterprise GRC platform0 / 609
AssurXassurx.comQuality management for regulated industries0 / 603
EasyLlamaeasyllama.comWorkplace compliance training0 / 609
RadarFirstradarfirst.comPrivacy incident response and breach notification0 / 605
Evidentevidentid.comThird-party vendor risk and compliance0 / 6015
PreVeilpreveil.comCMMC and defense contractor compliance0 / 605
Famafama.ioBackground screening and candidate compliance0 / 608
Cranium AIcranium.aiAI security and governance0 / 605
Archive360archive360.comCompliance data archival and retention0 / 6011
F&I Sentinelfisentinel.comAuto dealer F&I compliance0 / 60n/a

"Homepage fixes" is the per-brand count of fix recommendations detectable from a single homepage fetch and the brand's robots.txt, llms.txt, and sitemap.xml endpoints. Roughly 25 distinct check categories: server-side rendering, structured-data JSON-LD presence (Organization, Product/Service, FAQPage, BreadcrumbList), OpenGraph + Twitter Card completeness, canonical + meta description + title + h1 health, alt-text coverage, mobile viewport, html lang attribute, robots.txt allow-list for AI crawlers (GPTBot, ClaudeBot, PerplexityBot, OAI-SearchBot, Google-Extended, anthropic-ai), and llms.txt + sitemap presence. The full Web Cited audit identifies additional fixes from deeper page-by-page analysis, schema validation, citation-footprint checks, and accessibility scans. "n/a" indicates the brand's homepage blocked our discovery user-agent (a fix in itself: AI crawlers may be blocked too).

Who LLMs cite instead

The same 600 responses cite the brands below by name, repeatedly. These are the companies that have entered the AI-search conversation for compliance buyer prompts. Even brands at the top of this list have remaining homepage fixes available; AI search visibility is rarely saturated.

  1. TalentLMS107 mentions3
  2. LogicGate73 mentions6
  3. AuditBoard69 mentions7
  4. Workiva67 mentionsn/a
  5. Absorb LMS64 mentions10
  6. ServiceNow63 mentionsn/a
  7. Drata62 mentionsn/a
  8. Domo56 mentionsn/a
  9. Vanta56 mentions10
  10. Secureframe49 mentions4
  11. OneTrust46 mentions6
  12. KnowBe442 mentions10
  13. Docebo38 mentions4
  14. MetricStream36 mentions8
  15. Compliance.ai33 mentions8
  16. VComply33 mentions5

Mention counts are bolded-product-name references across all 600 LLM responses. "Homepage fixes" is the per-brand count from the discovery audit described above. The leader on this list (TalentLMS) has only 3 homepage fixes detected; several Invisible 10 brands (Evident at 15, Archive360 at 11, 360factors at 9) have more homepage fixes than the brands LLMs already cite, so closing those gaps is a measurable opportunity. "n/a" indicates the brand's homepage blocked our discovery user-agent. Several of the top results (TalentLMS, Absorb LMS, Docebo) reflect citations for the "compliance training" buyer prompt specifically.

Methodology

This study was designed to be replicable. The exact prompts, models, settings, and matching logic are documented below. Anyone with API access to the four engines can re-run it.

Engines tested
OpenAI ChatGPT (gpt-4o-mini)
Anthropic Claude (claude-haiku-4-5-20251001)
Google Gemini (gemini-2.5-flash-lite)
Perplexity (sonar)
Settings (all engines)
temperature 0.2
max_tokens 800
N = 3 trials per (engine, prompt)
Total LLM calls
600
10 brands × 4 engines × 5 prompts × 3 trials
Match criteria
case-insensitive substring match of brand domain OR brand name anywhere in the LLM response, including any cited URLs
Brand selection
curated from industry knowledge plus LLM-assisted candidate suggestions; each company independently verified via direct homepage fetch to exist, operate in the compliance and risk-management category, and disclose funding. List frozen before any buyer-prompt testing began.

The five standardized buyer prompts

  1. "What is the best compliance management software for a mid-market company in healthcare or finance?"
  2. "How do enterprises automate SOC 2 and ISO 27001 audit preparation?"
  3. "What tools do compliance teams use to track regulatory changes and manage policy drift?"
  4. "What is a good employee compliance training platform for a remote workforce?"
  5. "How do companies manage vendor compliance and third-party risk at scale?"

The same five prompts were applied to every brand audit. This is the only way to make a category comparison defensible: if each brand got its own custom prompts, the rankings would reflect the prompt selection, not the brand visibility.

Enumeration control

One challenge any "AI doesn't surface these brands" study has to answer: are these brands missing because LLMs don't know them at all, or because LLMs know them but choose not to recommend them when buyers ask? To distinguish, we ran a separate enumeration prompt against all four engines: List 10 funded B2B compliance and risk-management software companies in the United States. Include both well-known names and smaller / less-well-known funded vendors. One prompt, four engines (OpenAI, Anthropic, Google, Perplexity), three trials each. Same temperature and max-tokens settings as the main study. 12 enumeration responses total.

Zero of the 10 brands on the Invisible list appeared in any of those 12 enumeration responses. The same ~20 brands took the slots: LogicGate, OneTrust, ComplyAdvantage, ZenGRC, TrustArc, SAI Global, Resolver, Workiva, AuditBoard, Vanta, Drata, MetricStream, Mitratech, Diligent, RiskLens, Convercent, RiskWatch, Hyperproof, and a handful of others. The Invisible 10 never made the cut at any tier - not even from Perplexity, which has live web grounding and could in principle have surfaced any of them from a recently indexed page. The 0-of-600 buyer-prompt result is corroborated by 0-of-12 enumeration responses: these brands are absent from AI category awareness, not just from buyer-recommendation responses.

Known limitations of this methodology. Substring matching can miss paraphrased mentions where the LLM references a product without naming the company or domain ("the Predict360 platform" rather than "360factors" or "360factors.com"). LLM responses vary between calls; N = 3 trials per prompt reduces but does not eliminate variance. Buyer prompts evolve; this set reflects May 2026 category language. LLM training data has a knowledge cutoff that may not include recently-launched brands or recent rebrands. None of these limitations explain the 0-of-600 result in this study: it would require a paraphrase miss across every one of 600 distinct responses, which independent inspection of the responses rules out, and the Enumeration Control above (0 of 12 enumeration responses surfaced any of the 10 brands) corroborates the buyer-prompt result independently.

What this means if your brand is on the invisible list

Most B2B compliance vendors have not entered the AI-search conversation. They built websites for SEO and email-driven demand, not for LLMs. When a CMO or compliance officer types a category question into ChatGPT, the answer comes back with a different set of brands: the ones that show up in Wikipedia, in long-form analyst writeups, in third-party comparison content, in podcast transcripts, in YouTube reviews. The dominant set is not necessarily better software. It is the set the LLMs have read about most often.

The fix is mechanical. There are specific patterns that earn LLM citations: structured FAQ content matching exact buyer-prompt phrasing, schema-marked product pages, citation footprints on third-party sites the LLMs already index, and content that answers the "vs" and "alternatives to" queries directly. Brands at the top of the cited list above have done some combination of these things, intentionally or not.

The cost of being invisible scales with the share of buyer research that moves from Google to AI assistants. By Gartner's projection, 25% of traditional search volume migrates by year-end. For a B2B SaaS where pipeline starts with category research, an invisible brand loses pipeline that never knew it existed.

Want to know if your brand is invisible?

Web Cited runs the same measurement against your domain, your category, and your top buyer prompts. Citation Monitor reads those prompts every week and ships a click-to-copy Playbook your engineers ship from in the next sprint, from $49/mo.

Start monitoring