Blog - SecurityScorecard

Blog
Why Continuous Monitoring Is Replacing Point-in-Time Audits for Compliance
July 9, 2025More Details
Compliance
Blog
Scorecarder Spotlight: Isabella Dorado Burbano
July 1, 2025
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.
More Details
Scorecarder Spotlight
Blog
What is DNSSEC and Why Is It Important?
June 30, 2025
Understand how DNSSEC secures the domain name system with cryptographic methods to verify the authenticity of DNS records and boost DNS security.
More Details
Blog
What is a Whaling Attack in Cybersecurity?
June 30, 2025
What is a whaling attack? See how phishing attacks aimed at executives and whaling attacks work, and how cybercriminals steal sensitive information.
More Details
Blog
What is a Cyber Attack? Types and Preventive Measures
June 30, 2025
Learn what is a cyber attack, explore common types like ransomware and phishing, understand financial impacts, and discover prevention strategies.
More Details
Blog, Learning Center, STRIKE
Unmasking A New China-Linked Covert ORB Network: Inside the LapDogs Campaign
June 23, 2025
SecurityScorecard’s STRIKE team uncovered a new China-Nexus ORB Network targeting the United States and Southeast Asia. Read the report to gain an in-depth look at the LapDogs ORB network, its custom malware, and its role in cyberespionage.
More Details
STRIKE Team
Blog, Learning Center
What Are Proactive Ransomware Prevention Strategies for 2025?
June 3, 2025
Ransomware threats are evolving fast. This guide explores the most effective prevention strategies for 2025, from zero trust to supply chain resilience.
More Details
Attack Surface Management, Tech Center
Blog
Scorecarder Spotlight: Guillermo Garcia Granda
June 2, 2025
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.
More Details
Scorecarder Spotlight
Blog
Securing the Supply Chain, One API Call at a Time: Inside the SecurityScorecard API Hackathon
June 2, 2025
Earlier this month, SecurityScorecard hosted its first-ever API Hackathon, bringing together developers, cybersecurity professionals, and third-party risk managers from around the world to solve real-world security challenges, one API call at a time.
More Details
Blog, Learning Center
Choosing Your Code Repository: Navigating the Security Landscape of Bitbucket vs GitHub
May 26, 2025
Which code repository is more secure for enterprises—GitHub or Bitbucket? Compare their security features, risks, and third-party controls in 2025 to choose the right platform.
More Details
Tech Center
Blog, Learning Center
What is a Third-Party Vendor? Tips for Managing Vendor Risk
May 13, 2025
Third-party vendors play a critical role in cybersecurity exposure. Learn how to define, classify, and manage third-party relationships effectively.
More Details
Attack Surface Management, Tech Center
Blog, Learning Center
What is the CIA Triad? Definition, Importance, & Examples
May 12, 2025
What is the CIA Triad? Definition, Importance, & Examples to guide an organization’s security procedures and policies. Learn more below!
More Details
Tech Center