SecurityScorecard Blog
Read the latest blog posts published weekly.
-
Blog, Learning CenterWhat is Cyber Threat Hunting?
September 12, 2025Master cyber threat hunting with expert techniques and tools to find hidden threats before they cause data breaches.
More DetailsSteve Cobb
Cyber Threat Intelligence, Tech Center -
Blog, Learning CenterWhat is SOC 2 Compliance? A Complete Guide for Security Leaders
September 12, 2025What is SOC 2 compliance? This guide explains the audit, the five trust services, and how to get a SOC 2 report for your service organization.
More DetailsSteve Cobb
Tech Center -
Blog, Learning CenterWhat is Data Exfiltration and How to Prevent It
September 12, 2025Discover what data exfiltration is, the methods attackers use, and the best solutions to prevent data loss, protect devices, and enhance data security.
More DetailsSteve Cobb
Tech Center -
Blog, Learning CenterWhat is HIPAA Compliance? A Complete Guide
September 12, 2025What is HIPAA compliance? Learn essential requirements, common violations, and best practices for healthcare data protection and security.
More DetailsSteve Cobb
Tech Center -
Blog, Learning CenterWhat is a Cybersecurity Posture and How Can You Evaluate It?
September 12, 2025Organizations across industries struggle to maintain robust security postures. While tremendous strides have been made in security technology, the fundamentals of establishing and maintaining a strong cybersecurity posture remain elusive for many organizations.
More DetailsSteve Cobb
Tech Center -
Blog, Learning Center, STRIKEWhen SaaS Trust Becomes a Threat: Insights from the Salesloft Drift Compromise
September 10, 2025The STRIKE team has been analyzing the Salesloft Drift breach that spread into Salesforce environments. Discover what the breach tells us about supply chain security, how attackers abused OAuth tokens, what data is exposed, and defensive actions to take next.
More DetailsRyan Sherstobitoff
STRIKE Team -
BlogNow You Can See European Union Vulnerability Database (EUVD) IDs in the SecurityScorecard Platform
September 8, 2025Third-party risk management is complex as teams often struggle to track vulnerabilities across different data sources and standards. This can be especially challenging when working with vendors in the European Union, who may rely on a different set of databases with naming standards that don’t always align with U.S. standards.
More Details -
BlogScorecarder Spotlight: John Gonzalez
August 26, 2025Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.
More DetailsScorecarder Spotlight -
BlogHow to Communicate Third-Party Risk to the Board
August 26, 2025Learn effective strategies for presenting third-party cyber risks to your board. Expert insights on simplifying complex security data for executive decision-making.
More Details -
BlogNVD Database Crisis of 2024: What We Learned?
August 18, 2025NVD database issues in 2024 left organizations vulnerable. Discover how CVEDetails offers superior vulnerability intelligence and reliable data.
More DetailsSerkan Ozkan, Distinguished Engineer, R&D
Services -
BlogFTP Security Risks, Vulnerabilities & Best Practices Guide
August 18, 2025Learn about FTP security vulnerabilities, risks of unencrypted file transfers, and best practices for secure data transmission alternatives like SFTP.
More Details -
BlogWhat is Residual Risk in Cybersecurity?
August 18, 2025Why perfect security is impossible. Understand residual risk cybersecurity and learn to manage what remains after all controls are in place.
More Details
