Cybersecurity white papers, data sheets, webinars, videos and more

September 15, 2025

SecurityScorecard Acquires HyperComply

SecurityScorecard acquires HyperComply to reduce manual security questionnaire work by 92% and accelerate vendor onboarding 10x.

September 12, 2025

What is a Cybersecurity Posture and How Can You Evaluate It?

Organizations across industries struggle to maintain robust security postures. While tremendous strides have been made in security technology, the fundamentals of establishing and maintaining a strong cybersecurity posture remain elusive for many organizations.

Tech Center

September 12, 2025

What is HIPAA Compliance? A Complete Guide

What is HIPAA compliance? Learn essential requirements, common violations, and best practices for healthcare data protection and security.

Tech Center

September 12, 2025

What is Data Exfiltration and How to Prevent It

Discover what data exfiltration is, the methods attackers use, and the best solutions to prevent data loss, protect devices, and enhance data security.

Tech Center

September 12, 2025

What is SOC 2 Compliance? A Complete Guide for Security Leaders

What is SOC 2 compliance? This guide explains the audit, the five trust services, and how to get a SOC 2 report for your service organization.

Tech Center

September 12, 2025

What is Ransomware?

Learn what ransomware is, how it works, types, and protection strategies. Comprehensive guide to ransomware prevention and recovery for businesses.

Tech Center

September 10, 2025

When SaaS Trust Becomes a Threat: Insights from the Salesloft Drift Compromise

The STRIKE team has been analyzing the Salesloft Drift breach that spread into Salesforce environments. Discover what the breach tells us about supply chain security, how attackers abused OAuth tokens, what data is exposed, and defensive actions to take next.

STRIKE Team

September 8, 2025

Now You Can See European Union Vulnerability Database (EUVD) IDs in the SecurityScorecard Platform

Third-party risk management is complex as teams often struggle to track vulnerabilities across different data sources and standards. This can be especially challenging when working with vendors in the European Union, who may rely on a different set of databases with naming standards that don’t always align with U.S. standards.

August 26, 2025

How to Communicate Third-Party Risk to the Board

Learn effective strategies for presenting third-party cyber risks to your board. Expert insights on simplifying complex security data for executive decision-making.

August 26, 2025

Scorecarder Spotlight: John Gonzalez

Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.

Scorecarder Spotlight

August 18, 2025

Red Team Cybersecurity: Complete Guide to Red Team Testing

Learn what red teaming is, methodology, process, and importance in cybersecurity. Expert insights on red team testing and exercises.

August 18, 2025

SQL Injection in Cyber Security Prevention Guide

Learn how SQL injection in cyber security threatens your data. Discover prevention strategies, attack types, and best practices to secure web applications.

August 18, 2025

What is Residual Risk in Cybersecurity?

Why perfect security is impossible. Understand residual risk cybersecurity and learn to manage what remains after all controls are in place.

August 18, 2025

FTP Security Risks, Vulnerabilities & Best Practices Guide

Learn about FTP security vulnerabilities, risks of unencrypted file transfers, and best practices for secure data transmission alternatives like SFTP.

August 5, 2025

From the Depths of the Shadows: IRGC and Hacker Collectives Of The 12-Day War

From reconnaissance to propaganda to payloads, this is how Iran’s digital foot soldiers mobilized across borders and platforms during the war with Israel in June 2025.

STRIKE Team

August 1, 2025

SecurityScorecard Discovers new botnet, ‘Zhadnost,’ responsible for Ukraine DDoS attacks

SecurityScorecard (SSC) has identified three separate DDoS attacks which all targeted Ukrainian government and financial websites leading up to and during Russia’s invasion of Ukraine. Details of these DDoS attacks have not yet been publicly identified.

August 1, 2025

Scorecarder Spotlight: Minh Pham

Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.

Scorecarder Spotlight

July 9, 2025

Why Continuous Monitoring Is Replacing Point-in-Time Audits for Compliance

Keeping pace with cybersecurity regulations in 2025 isn’t just about annual audits. It’s about real-time visibility across your entire supply chain. And that’s not just a fringe expectation for some industries. It’s increasingly a requirement across sectors as compliance frameworks and regulations evolve to meet present-day threats and attackers… Read More

Compliance

July 2, 2025

SecurityScorecard In The News Q2 2025

Catch up on SecurityScorecard press coverage from Q2 2025, including coverage of STRIKE Threat Intelligence team’s LapDogs ORB report, global media coverage, executive commentary, and company news.

July 1, 2025

Scorecarder Spotlight: Isabella Dorado Burbano

Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.

Scorecarder Spotlight

June 30, 2025

What is a Cyber Attack? Types and Preventive Measures

Learn what is a cyber attack, explore common types like ransomware and phishing, understand financial impacts, and discover prevention strategies.