Unveiling TITAN AI: A New Era of Threat-Informed Third-Party Risk Management
Request a demo Get started for free

Resources

Cybersecurity white papers, data sheets, webinars, videos and more

Resource Library

Clear filters

What is a Cybersecurity Posture and How Can You Evaluate It?

September 12, 2025

What is a Cybersecurity Posture and How Can You Evaluate It?
Organizations across industries struggle to maintain robust security postures. While tremendous strides have been made in security technology, the fundamentals of establishing and maintaining a strong cybersecurity posture remain elusive for many organizations. Security leaders often feel frustrated. They struggle with outdated tools that are meant… Read More
Tech Center
What is HIPAA Compliance? A Complete Guide

September 12, 2025

What is HIPAA Compliance? A Complete Guide
Healthcare organizations handle massive amounts of sensitive patient data daily. From electronic health records in hospital systems to prescription data in pharmacy systems, protecting this information requires more than good intentions. It demands a comprehensive understanding and implementation of HIPAA compliance requirements. The Health Insurance Portability… Read More
Tech Center
What is Data Exfiltration and How to Prevent It

September 12, 2025

What is Data Exfiltration and How to Prevent It
Data exfiltration has become one of the most damaging threats organizations face. Cybercriminals are no longer just targeting systems to cause disruption. They want your sensitive information, whether it’s customer records, intellectual property, or financial data stored across your network of vendors and devices. When this information gets… Read More
Tech Center
What is SOC 2 Compliance? A Complete Guide for Security Leaders

September 12, 2025

What is SOC 2 Compliance? A Complete Guide for Security Leaders
What is Threat Intelligence in Cybersecurity? A Comprehensive 2025 Overview The cybersecurity landscape has dramatically shifted since 2024, with threat actors becoming increasingly sophisticated, leveraging advanced AI capabilities to orchestrate attacks. As we navigate 2025, proactive threat intelligence has become more critical than ever for organizations seeking to… Read More
Tech Center
When SaaS Trust Becomes a Threat: Insights from the Salesloft Drift Compromise

September 10, 2025

When SaaS Trust Becomes a Threat: Insights from the Salesloft Drift Compromise
A recent breach at Salesloft shows how attackers can use trusted tools against the very companies that rely on them. Attackers used OAuth tokens for the “Drift” chat agent integration with Salesforce to gain access to sensitive customer data in recent days. The series of incidents highlights how… Read More
STRIKE Team
Now You Can See European Union Vulnerability Database (EUVD) IDs in the SecurityScorecard Platform

September 8, 2025

Now You Can See European Union Vulnerability Database (EUVD) IDs in the SecurityScorecard Platform
Third-party risk management is complex as teams often struggle to track vulnerabilities across different data sources and standards. This can be especially challenging when working with vendors in the European Union, who may rely on a different set of databases with naming standards that don’t always align with… Read More
Importance of Reputational Risk Monitoring & Management

September 3, 2025

Importance of Reputational Risk Monitoring & Management
News headlines about data breaches have increased customer awareness and concern around data privacy and security. Today, customers – both in business-to-business or business-to-customer situations – make their purchasing decisions based on cybersecurity. Now, particularly, as customers do more business online, thanks to the COVID-19 pandemic, organizations are under more… Read More
How to Communicate Third-Party Risk to the Board

August 26, 2025

How to Communicate Third-Party Risk to the Board
Board communication remains one of the most challenging aspects of cybersecurity leadership, particularly when discussing third-party risks. Through our extensive work with organizations across industries, we’ve seen how complex this challenge can be. Board members are intelligent business leaders, but many lack significant cyber experience and… Read More
Scorecarder Spotlight: John Gonzalez

August 26, 2025

Scorecarder Spotlight: John Gonzalez
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.    Name: John Gonzalez Role: Staff Infrastructure Services Engineer   Tell us a little… Read More
Scorecarder Spotlight
Red Team Cybersecurity: Complete Guide to Red Team Testing

August 18, 2025

Red Team Cybersecurity: Complete Guide to Red Team Testing
What is Red Teaming in Cybersecurity? Red team cybersecurity represents one of the most comprehensive approaches to testing an organization’s security defenses. Unlike traditional security assessments, red teaming simulates real-world attack scenarios to identify vulnerabilities across people, processes, and technology. This methodology provides organizations with actionable insights into… Read More
SQL Injection in Cyber Security Prevention Guide

August 18, 2025

SQL Injection in Cyber Security Prevention Guide
SQL injection attacks represent one of the most persistent and dangerous threats facing web applications today. This vulnerability allows attackers to manipulate SQL statements and gain unauthorized access to sensitive data stored in your backend database.  For security professionals managing third-party vendor relationships and enterprise risk… Read More
What is Residual Risk in Cybersecurity?

August 18, 2025

What is Residual Risk in Cybersecurity?
Residual Risk in Cybersecurity: Definition and Examples Every cybersecurity professional must face the reality that there is no such thing as perfect security. Organizations are still vulnerable to possible threats even after implementing strong security controls, monitoring systems, and thorough risk management frameworks.  The residual risk… Read More
FTP Security Risks, Vulnerabilities & Best Practices Guide

August 18, 2025

FTP Security Risks, Vulnerabilities & Best Practices Guide
File Transfer Protocol (FTP) remains one of the most widely used methods for transferring files across networks, yet many organizations overlook the significant risks associated with FTP implementations. As cyber threats become increasingly sophisticated, understanding FTP vulnerabilities and implementing proper protective measures has become critical for protecting sensitive… Read More
From the Depths of the Shadows: IRGC and Hacker Collectives Of The 12-Day War

August 5, 2025

From the Depths of the Shadows: IRGC and Hacker Collectives Of The 12-Day War
In June 2025, during the 12-day conflict between Israel and Iran, a network of Iran-linked hackers launched a flurry of cyber-operations aligned with the war. As air strikes crossed borders, a vast array of hacking groups began working to sway public opinion, disrupt businesses, and intimidate and undermine… Read More
STRIKE Team
SecurityScorecard Discovers new botnet, ‘Zhadnost,’ responsible for Ukraine DDoS attacks

August 1, 2025

SecurityScorecard Discovers new botnet, ‘Zhadnost,’ responsible for Ukraine DDoS attacks
Executive Summary SecurityScorecard (SSC) has identified three separate DDoS attacks which all targeted Ukrainian government and financial websites leading up to and during Russia’s invasion of Ukraine. Details of these DDoS attacks have not yet been publicly identified. SSC discovered a botnet of more than 3,000 unique IP addresses, across… Read More
Scorecarder Spotlight: Minh Pham

August 1, 2025

Scorecarder Spotlight: Minh Pham
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners. Name: Minh Pham Role: Senior Customer Success Manager   Tell… Read More
Scorecarder Spotlight
Why Continuous Monitoring Is Replacing Point-in-Time Audits for Compliance

July 9, 2025

Why Continuous Monitoring Is Replacing Point-in-Time Audits for Compliance
Keeping pace with cybersecurity regulations in 2025 isn’t just about annual audits. It’s about real-time visibility across your entire supply chain. And that’s not just a fringe expectation for some industries. It’s increasingly a requirement across sectors as compliance frameworks and regulations evolve to meet present-day threats and attackers… Read More
Compliance
Scorecarder Spotlight: Isabella Dorado Burbano

July 1, 2025

Scorecarder Spotlight: Isabella Dorado Burbano
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.   Name: Isabella Dorado Burbano… Read More
Scorecarder Spotlight
What is a Cyber Attack? Types and Preventive Measures

June 30, 2025

What is a Cyber Attack? Types and Preventive Measures
Cyber attacks have progressed from mere technical annoyances to business-critical threats that require immediate attention. Recent examples include ransomware that has shut down healthcare systems and supply chain attacks that have exposed millions of records. As we become more dependent on technology, cyberattacks will… Read More
What is a Whaling Attack in Cybersecurity?

June 30, 2025

What is a Whaling Attack in Cybersecurity?
A whaling attack is a sophisticated form of phishing designed to target high-ranking individuals within an organization, typically executives like CEOs or CFOs. If you’re wondering what is whaling in cyber security, it refers to a specific type of phishing attack that mimics high-level communications to deceive… Read More