Threat intelligence provides valuable insight into contextual business risk. You can gain insight into threat actors targeting your industry or information from your organization located on the Dark Web. According to one report, 79% of security professionals find threat data feeds essential to their organization’s cybersecurity posture. Additionally, 63% of respondents noted that they use feeds to ensure a better defense. Problematically, the threat intelligence feeds often give organizations too much information, which makes it difficult to identify useful data.
SecurityScorecard’s threat intelligence partners, available to all SecurityScorecard customers, enrich your Scorecard data for even more effective monitoring and mitigation in one centralized place. Whether you’re in security operations, IT service management, compliance, or vendor risk management, integrating threat intelligence from our partners to your Scorecards brings you even more visibility into risk in your ecosystem, so you can stay ahead of threats and drive cyber resilience in your organization.
Better Together: SecurityScorecard + Threat Intelligence
SecurityScorecard is the only security ratings provider partnering with leading digital risk intelligence partners. These partner signals enrich Scorecards by integrating timely and actionable data about your organization and third parties to help mitigate risk without impacting your score. This data is available to all SecurityScorecard users from our Integrate360° Marketplace and can be deployed in seconds, bringing you even more data alongside Ratings at your fingertips.
SecurityScorecard’s growing list of threat intelligence partnerships integrate the following data types into your Scorecards and those you follow as informational or positive signals:
- Exposed Credentials
- Exposed Documents
- DARKINT Exposure Scores
- Hacker Reports
- Registrar Classifications
- HackNotice Reports
- Supply Chain Risk Reports
- IP and Domain Signals
- Privacy Risk Scores
- Financial and Credit Scores
- Threat Intelligence
- Leaked Information
Below, you can learn more about each of our digital risk intelligence partners and why the combination SecurityScorecard Ratings and partner signals are better together.
SecurityScorecard + CSC
The recent surge in COVID-19 related domain fraud highlights the need for an enterprise-class domain registration and monitoring solution. The most damaging attacks today such as ransomware, business email compromise (BEC), impersonation fraud, and network breaches start with phishing attacks that often leverage a compromised domain name via a domain registrar breach, a fraudulent look-alike domain, spoofing of email headers or an email account take over. SecurityScorecard’s partnership with CSC, the leading domain name registrar, gives organizations better insight into domain-based fraud threats. CSC’s data gives you visibility into domain security and domain registrar risks that can lead to phishing attacks and brand abuse.
CSC data is integrated into Scorecards under DNS Health as an information signal. This brings you visibility into Domain Name System (DNS) manipulation risks by monitoring and mitigating risks associated with:
Domain name
Subdomain hijacking
Domain spoofing
Domain shadowing
SecurityScorecard + CybelAngel
Nearly 60% of businesses have experienced a major data breach caused by a third party. Root causes are diverse: leaking data from misconfigured cloud buckets, PII records on unprotected file servers, source code on unsecured public repositories, or credentials exposed on the dark web. In all cases, when critical information is breached your business, brand and reputation are damaged. SecurityScorecard’s partnership with CybelAngel gives organizations insight into data exposed from across their ecosystems. CybelAngel’s data gives you an aggregated view of exposed, publicly available information across various layers of the internet and their team works with you to take charge of leaked data before it gets into the wrong hands.
When available, CybelAngel data is available as an informational signal on your organization’s Scorecard under the Information Leak Factor. This gives you unparalleled visibility into exposed confidential documents and credentials, including exposed logins and API keys, by scanning instances of:
MySQL
PostgreSQL
MongoDB
MariaDB
ElasticSearch
Additionally, the integration provides unparalleled visibility into digital risks across the clear, deep, and dark web so you can take instant action to protect sensitive data.
SecurityScorecard + DarkOwl
Every day, cybercriminals turn to the darknet for all types of compromised information. Yet, accessing the darknet is a challenge —it is purposefully hidden and designed for anonymity, accessible only via special tools or software, and contains an unknown percentage of content on the internet. SecurityScorecard’s partnership with DarkOwl gives organizations insight into activities occurring on the darknet, arming them with the tools to continuously improve their cyber defenses.
SecurityScorecard includes this data as Informational signals for Hacker Chatter factor when it is available for Scorecards you follow. DarkOwl’s Enterprise DARKINT Exposure Score enables visibility into potentially harmful, publicly available darknet intelligence. Our integration with DarkOwl gives you visibility into compromised data found by:
Monitoring darknet pages from Tor, I2P, and Zeronet
Scraping and indexing pages of DARKINT every hour
Searching pages from the deep web, including transitory sites
SecurityScorecard + HackerOne
Hacker-powered security plays the role of the ‘Internet immune system’, helping organizations achieve security and compliance objectives by discovering critical vulnerabilities quickly while providing a clear path to remediation. SecurityScorecard’s partnership with HackerOne brings a positive signal to Scorecards by showcasing bug bounty reports for your organization and followed third parties. gives organizations better insight into the impact that bug bounty patching cadence has on their security rating. HackerOne’s reports provide visibility into responsible vulnerability disclosures from bug bounty programs. Unlike CVEs, these vulnerabilities usually have something to do with business logic, like workflows or session management.
SecurityScorecard includes this information as positive signals because they help create a healthy feedback loop, showing proactive monitoring, processes, and practices. Our integration with HackerOne gives you visibility into:
- Non-CVE risks unique to the organization
- Vulnerabilities within your attack surface
- Risk implications across your ecosystem
- Organizations risk mitigation processes and practices
SecurityScorecard + HackNotice
Cybercrime has been on the rise for decades, evolving into a digital economy for criminals that profit from selling and sharing user data on the dark web every day. Modern threat intelligence has also evolved beyond passive credential monitoring to a more proactive approach: researchers gain entry into hacker forums, make relationships with hackers, and access a large collection of coveted data. Once a researcher has access to data, they can analyze where the data came from and use proprietary machine-learning tagging to mark any stolen data.
SecurityScorecard’s partnership with HackNotice, a provider of real-time threat intelligence alerts, helps users protect their digital identities with around-the-clock monitoring of a quarter of a billion records each day. HackNotice scours the dark web to alert employees of vulnerabilities, compromised information, and data breaches in real-time. By activating the integration, you will see 50 recent results for your domain right in your organization’s scorecard.
SecurityScorecard includes this information as an informational signal under Information Leak, providing visibility into leaked information that hackers may use to specifically target employees, such as:
- Leaked email addresses
- Leaked passwords
- Leaked PII
- Leaked phone numbers
- Leaked IP addresses
SecurityScorecard + Source Defense
Client-side threats such as JavaScript vulnerabilities leading to website data breaches are on the rise, including website skimming, digital skimming, and magecart and formjacking attacks via supply chain attacks. This means effective threat mitigation needs to go beyond your traditional WAF and bot mitigation solutions. SecurityScorecard’s partnership with Source Defense gives organizations better insight into automated attacks and client-side threats that impact your third-party risk posture. Source Defense’s data gives you the ability to monitor unmanaged services on websites that can impact risk.
Source Defense data is embedded into Scorecards as informational signals under Application Security, giving you visibility into risks arising from:
- Code written to perform a function as opposed to being secure
- Incremental code that needs to be written to prevent an attack
- Potential source code with known vulnerabilities
SecurityScorecard: Enriched Monitoring with Threat Intelligence
SecurityScorecard is proud to be the only security ratings platform that partners with other security intelligence providers to bring you more actionable and timely data right into Scorecards. SecurityScorecard’s outside-in ratings provide a wealth of information and breadth into the cybersecurity posture of any organization. Partner signals provide additional data about your organization and third parties to help mitigate risk and take further action from Scorecard and with our partners. This type of data, and growing, is what security teams need to be looking out for.
Threat intelligence gives you the visibility necessary to stay ahead of threats and drive resilience. The more information you collect and add to your security monitoring, the better you understand your overarching risk profile.
SecurityScorecard customers can access and install these partnerships from our Integrate 360° Marketplace.
