Blog - SecurityScorecard

Blog, Learning Center, STRIKE
Unmasking A New China-Linked Covert ORB Network: Inside the LapDogs Campaign
June 23, 2025
SecurityScorecard’s STRIKE team uncovered a new China-Nexus ORB Network targeting the United States and Southeast Asia. Read the report to gain an in-depth look at the LapDogs ORB network, its custom malware, and its role in cyberespionage.
More Details
STRIKE Team
Blog, Learning Center
What Are Proactive Ransomware Prevention Strategies for 2025?
June 3, 2025
Ransomware threats are evolving fast. This guide explores the most effective prevention strategies for 2025, from zero trust to supply chain resilience.
More Details
Attack Surface Management, Tech Center
Blog
Scorecarder Spotlight: Guillermo Garcia Granda
June 2, 2025
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.
More Details
Scorecarder Spotlight
Blog
Securing the Supply Chain, One API Call at a Time: Inside the SecurityScorecard API Hackathon
June 2, 2025
Earlier this month, SecurityScorecard hosted its first-ever API Hackathon, bringing together developers, cybersecurity professionals, and third-party risk managers from around the world to solve real-world security challenges, one API call at a time.
More Details
Blog, Learning Center
Choosing Your Code Repository: Navigating the Security Landscape of Bitbucket vs GitHub
May 26, 2025
Which code repository is more secure for enterprises—GitHub or Bitbucket? Compare their security features, risks, and third-party controls in 2025 to choose the right platform.
More Details
Tech Center
Blog, Learning Center
What is a Third-Party Vendor? Tips for Managing Vendor Risk
May 13, 2025
Third-party vendors play a critical role in cybersecurity exposure. Learn how to define, classify, and manage third-party relationships effectively.
More Details
Attack Surface Management, Tech Center
Blog, Learning Center
What is the CIA Triad? Definition, Importance, & Examples
May 12, 2025
What is the CIA Triad? Definition, Importance, & Examples to guide an organization’s security procedures and policies. Learn more below!
More Details
Tech Center
Blog, Learning Center
What Is a Cybersecurity Audit and Why Does it Matter?
May 12, 2025
A cybersecurity audit is essential to protecting your organization. Learn key steps, tools, and considerations to perform an effective audit in 2025.
More Details
Tech Center
Blog
What Is a Supply Chain Attack?
May 8, 2025
Learn how a supply chain attack works, why it's so dangerous, and what security measures can help protect your organization from hidden threats.
More Details
SCDR, Supply Chain Cyber Risk
Blog
Safeguarding Against Subdomain Takeover
May 8, 2025
Learn what subdomain takeover is and how to prevent it with best practices and continuous monitoring.
More Details
Blog
Guide to Developing a Business Continuity Plan
May 8, 2025
Explore business continuity in cybersecurity. Learn how a continuity plan helps assess threats, reduce risk, and protect operations from attacks.
More Details
Blog, Learning Center
What Is Port 445 (SMB)? Strategies for Secure Network Communication
May 6, 2025
Port 445 enables SMB traffic but is a prime target for ransomware and wormable exploits. Learn what it is, why it’s risky, and how to secure it.
More Details
Tech Center