Blog - SecurityScorecard

Blog
What is DNSSEC and Why Is It Important?
June 30, 2025
Understand how DNSSEC secures the domain name system with cryptographic methods to verify the authenticity of DNS records and boost DNS security.
More Details
Blog
What is a Whaling Attack in Cybersecurity?
June 30, 2025
What is a whaling attack? See how phishing attacks aimed at executives and whaling attacks work, and how cybercriminals steal sensitive information.
More Details
Blog
What is a Cyber Attack? Types and Preventive Measures
June 30, 2025
Learn what is a cyber attack, explore common types like ransomware and phishing, understand financial impacts, and discover prevention strategies.
More Details
Blog, Learning Center, STRIKE
Unmasking A New China-Linked Covert ORB Network: Inside the LapDogs Campaign
June 23, 2025
SecurityScorecard’s STRIKE team uncovered a new China-Nexus ORB Network targeting the United States and Southeast Asia. Read the report to gain an in-depth look at the LapDogs ORB network, its custom malware, and its role in cyberespionage.
More Details
STRIKE Team
Blog, Learning Center
What Are Proactive Ransomware Prevention Strategies for 2025?
June 3, 2025
Ransomware threats are evolving fast. This guide explores the most effective prevention strategies for 2025, from zero trust to supply chain resilience.
More Details
Attack Surface Management, Tech Center
Blog
Scorecarder Spotlight: Guillermo Garcia Granda
June 2, 2025
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.
More Details
Scorecarder Spotlight
Blog
Securing the Supply Chain, One API Call at a Time: Inside the SecurityScorecard API Hackathon
June 2, 2025
Earlier this month, SecurityScorecard hosted its first-ever API Hackathon, bringing together developers, cybersecurity professionals, and third-party risk managers from around the world to solve real-world security challenges, one API call at a time.
More Details
Blog, Learning Center
Choosing Your Code Repository: Navigating the Security Landscape of Bitbucket vs GitHub
May 26, 2025
Which code repository is more secure for enterprises—GitHub or Bitbucket? Compare their security features, risks, and third-party controls in 2025 to choose the right platform.
More Details
Tech Center
Blog, Learning Center
What is a Third-Party Vendor? Tips for Managing Vendor Risk
May 13, 2025
Third-party vendors play a critical role in cybersecurity exposure. Learn how to define, classify, and manage third-party relationships effectively.
More Details
Attack Surface Management, Tech Center
Blog, Learning Center
What is the CIA Triad? Definition, Importance, & Examples
May 12, 2025
What is the CIA Triad? Definition, Importance, & Examples to guide an organization’s security procedures and policies. Learn more below!
More Details
Tech Center
Blog, Learning Center
What Is a Cybersecurity Audit and Why Does it Matter?
May 12, 2025
A cybersecurity audit is essential to protecting your organization. Learn key steps, tools, and considerations to perform an effective audit in 2025.
More Details
Tech Center
Blog
What Is a Supply Chain Attack?
May 8, 2025
Learn how a supply chain attack works, why it's so dangerous, and what security measures can help protect your organization from hidden threats.
More Details
SCDR, Supply Chain Cyber Risk