Cybersecurity white papers, data sheets, webinars, videos and more

March 20, 2024

Harnessing the Power of Artificial Intelligence: A closer look at the European Union’s new landmark legislation

Ethical implications of AI, where and how to use the technology, and understandability demand careful consideration and regulatory oversight to ensure fairness, accountability, and transparency. Against this backdrop, last week lawmakers in the European Union approved a first-of-its-kind law that will govern how businesses and organizations in the EU use artificial intelligence (AI). \r\n

Executive Viewpoint

Public Sector

March 19, 2024

Celebrating Cybersecurity Excellence: Forbes Most Cybersecure Banks, 2024

Explore Forbes’ 2024 list of top consumer banks for cybersecurity, led by elite CISOs. Dive into their strategies for a safer digital world.

Security Ratings

March 18, 2024

What are Security Ratings?

Security ratings provide a comprehensive view of a company’s security performance. Learn more about what security ratings are and common use cases.

Tech Center

March 13, 2024

Third-party Cybersecurity Incident Response Readiness Plan

Explore essential strategies for third-party cybersecurity incident response readiness, minimizing supply chain vulnerabilities.

Third-Party Risk Management

March 12, 2024

Infosys McCamish Systems Third-Party Breach: Possible Attack Vectors and Infrastructure

In response to the identification of Infosys McCamish Systems (IMS) as the point of origin for a third-party data breach claimed by the LockBit ransomware group, SecurityScorecard researchers reviewed findings on the security hygiene of IMS.

Cyber Threat Intelligence

March 12, 2024

Forrester Includes SecurityScorecard in Cybersecurity Risk Ratings (CRR) Landscape Report

To help sift through the ever-growing field of cybersecurity ratings, Forrester recently published The Cybersecurity Risk Ratings Platforms Landscape, Q1 2024. SecurityScorecard is proud to be included in this landscape, in the company of other notable vendors in the field. Once a misunderstood technology, Cybersecurity Risk Ratings platforms (CRRs) have earned their place in the spotlight in the last several years.

Security Ratings

March 8, 2024

Choosing Your Code Repository: Navigating the Security Landscape of Bitbucket vs GitHub

Which code repository is more secure for enterprises—GitHub or Bitbucket? Compare their security features, risks, and third-party controls in 2025 to choose the right platform.

Tech Center

March 8, 2024

Defender for Endpoint: Transforming Endpoint Security with Advanced Threat Protection

Explore how Microsoft’s Sentinel transforms cybersecurity with AI, offering advanced threat detection and automated responses.

Tech Center

March 7, 2024

What is Domain Hijacking and How Do I Prevent it?

Your domain name is not just a web address; it represents your brand, your reputation, and often, your livelihood. However, with the increasing value of domain names, they have become targets for cybercriminals seeking to exploit vulnerabilities for their gain. One such threat is domain hijacking – a serious issue that can have significant repercussions if not addressed promptly. Here, we’ll delve into what domain hijacking entails and explore practical steps to prevent it from happening to you.\r\n

Tech Center

March 6, 2024

What is Sentinel? Harnessing the Power of Cloud-Native SIEM for Modern Cybersecurity Challenges

Explore how Microsoft’s Sentinel SIEM solution transforms cybersecurity with AI, offering advanced threat detection and automated responses.

Tech Center

March 6, 2024

SMB Port Numbers: A Guide to Optimizing and Securing Your Network

Explore SMB port security and optimization for your network, including risks and best practices for safeguarding your digital infrastructure.

Tech Center

March 6, 2024

New Malware Attributed to Russian Hacking Group APT28

Late last year, the Computer Emergency Response Team of Ukraine (CERT-UA) released an advisory that reported cyberattacks targeting Ukrainian state organizations attributed to the Kremlin-backed nation-state group APT28, aka Fancy Bear/Sofacy. The advisory listed the use of a new backdoor named “OCEANMAP,” detailed in this whitepaper. \r\n

Cyber Threat Intelligence

March 5, 2024

Remediation vs Mitigation in Cybersecurity: Understanding the distinctions and strategic applications

While remediation and mitigation might seem similar, understanding their distinctions and strategic applications is paramount for building robust defense mechanisms against cyber threats.\r\n

Tech Center

March 4, 2024

Leveraging SIEM Splunk for Enhanced Cybersecurity: A Comprehensive Guide

In this comprehensive guide, we’ll delve into the world of SIEM Splunk and explore how organizations can leverage it to enhance their cybersecurity posture.\r\n

Tech Center

March 4, 2024

Analyzing FERPA Violation Examples to Strengthen Data Privacy in Education

The Family Educational Rights and Privacy Act (FERPA) is a crucial piece of legislation designed to safeguard students’ educational records. Despite its importance, FERPA violations still occur, highlighting the need for continuous vigilance and proactive measures to strengthen data privacy in education.

Tech Center

March 4, 2024

What Are Proactive Ransomware Prevention Strategies for 2025?

Ransomware threats are evolving fast. This guide explores the most effective prevention strategies for 2025, from zero trust to supply chain resilience.

Attack Surface Management

Tech Center

February 28, 2024

SecurityScorecard 2024 Global Third-Party Cybersecurity Breach Report: Software supply chain is top target for ransomware groups

The SecurityScorecard Global Third-Party Breach Report uses the world’s largest proprietary risk and threat dataset to provide unique insights into the intricate web of supply chain vulnerabilities exploited by ransomware groups.\r\n

Cyber Threat Intelligence

Supply Chain Cyber Risk

February 23, 2024

Implementing Non-Repudiation in Your Security Strategy: Best Practices and Techniques

Explore best practices for implementing non-repudiation in security strategies to ensure transaction authenticity and protect against fraud.

Tech Center

February 23, 2024

The Essential Guide to SMB Port Configuration for Enhanced Network Security

Master SMB port configuration for network security with our guide. Learn to protect against cyber threats and enhance operational safety efficiently

Tech Center

February 23, 2024

Port 445: Understanding Its Role in Cyber Attacks and Strategies for Defense

Explore how to secure Port 445 against cyber threats. This guide covers the role of Port 445 in cyber attacks and outlines defense strategies to protect your network.

Tech Center

February 23, 2024

Enhancing Your Cyber Defense: A Comprehensive Comparison of IDS vs IPS Technologies

Businesses and individuals alike must employ robust security measures to protect their sensitive data and networks. Two key technologies in the realm of cybersecurity are Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). While both are crucial components of a comprehensive security strategy, understanding their differences is key for effective implementation and a robust cybersecurity posture. Here, we’ll delve into the intricacies of IDS and IPS technologies, comparing their features, functionalities, and applications.\r\n

Tech Center