Cybersecurity white papers, data sheets, webinars, videos and more

June 5, 2025

Kerberos vs. LDAP: Choosing the Right Enterprise Protocol

Kerberos and LDAP serve different roles in enterprise security. This guide compares their features, use cases, and integration with modern access control strategies.

June 5, 2025

What Are Lessons Learned from the Biggest Financial Sector Cyber Breaches?

Explore the biggest cybersecurity breaches in the financial industry and learn the critical lessons organizations must apply to prevent similar incidents in 2025.

June 5, 2025

OAuth vs. SAML: Identity Federation Showdown

Explore the key differences between OAuth and SAML for identity federation. Understand their architectures, use cases, and which is better for secure access management.

Cybersecurity

June 4, 2025

Top Free Port Scanner Tools for IT and Cybersecurity Teams

Explore the best free port scanner tools available in 2025 for IT and cybersecurity teams. Learn how these tools help discover open ports, identify vulnerabilities, and secure your network.

Threat-Informed TPRM

June 4, 2025

What Is Fourth-Party Visibility and Why It’s Critical for TPRM

Fourth-party visibility gives organizations insight into the risks buried inside their vendors’ networks. Learn why it’s the missing piece in third-party risk management and how to uncover hidden exposure.

Cybersecurity

June 4, 2025

What Is Risk Quantification in Cybersecurity and Why It Matters

Cyber risk quantification translates technical vulnerabilities into financial risk—giving boards and CISOs a shared language. Learn how to use quantification models to drive smarter decisions.

Cybersecurity

June 3, 2025

Understanding CASB: Securing Cloud Access at Scale

CASBs help organizations secure SaaS usage, enforce data protection policies, and reduce third-party risk. Learn how Cloud Access Security Brokers work and why they’re vital for enterprise cloud security.

Cybersecurity

June 2, 2025

Securing the Supply Chain, One API Call at a Time: Inside the SecurityScorecard API Hackathon

Earlier this month, SecurityScorecard hosted its first-ever API Hackathon, bringing together developers, cybersecurity professionals, and third-party risk managers from around the world to solve real-world security challenges, one API call at a time.

June 2, 2025

Scorecarder Spotlight: Guillermo Garcia Granda

Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.

Scorecarder Spotlight

June 2, 2025

What Does FISMA Require for Cybersecurity Governance?

The Federal Information Security Modernization Act (FISMA) mandates key cybersecurity practices for U.S. agencies and contractors. Learn what FISMA requires and how to implement its governance standards in 2025.

Cybersecurity

May 30, 2025

How Does Wireshark Improve Network Security Through Packet Analysis?

Wireshark is one of the most powerful tools in a security analyst’s toolkit. Learn how it enables deep packet inspection, threat detection, and enhanced network visibility to protect your organization.

Cybersecurity

May 29, 2025

What Are the CIS Controls and How Can They Improve Your Cybersecurity?

Learn how the CIS Controls framework works, why it matters in 2025, and how implementing its prioritized safeguards can help organizations prevent cyberattacks and reduce risk.

Compliance

May 29, 2025

What Should Security Leaders Know About FCRA?

Understand the Fair Credit Reporting Act (FCRA), how it applies to cybersecurity practices, and what security leaders can do to ensure compliance when handling consumer data or engaging in vendor monitoring.

Compliance

May 28, 2025

What Is a Cache and Why Can It Be a Hidden Security Risk?

Learn what a cache is, how it works, and why improper cache management can expose organizations to data leaks, session hijacking, and performance-driven vulnerabilities.

Cybersecurity

May 28, 2025

15 Top Ways To Reduce Organizational Cyber Risk in 2025

Discover 15 methods to reduce cyber risk across your organization in 2025, from vendor security and asset visibility to training, automation, and continuous monitoring.

Cybersecurity

May 27, 2025

Cybersecurity for Small Businesses: 10 Essential Steps to Protect Your Company in 2025

Explore 10 critical cybersecurity practices small businesses should implement in 2025 to protect against ransomware, phishing, and data breaches while building customer trust and compliance.

Cybersecurity

May 27, 2025

What Is CUI (Controlled Unclassified Information)?

Learn what Controlled Unclassified Information (CUI) is, how it’s regulated, and the cybersecurity best practices and frameworks required for federal contractors and partners to safeguard it.

Cybersecurity

May 26, 2025

What Is Security Posture and How Do You Manage External Attack Risks in 2025?

Learn what cybersecurity posture means in today’s threat landscape and explore best practices for managing external attack surface risks across your digital and third-party ecosystems.

Cybersecurity

May 26, 2025

NIST CSF vs. ISO 27001 vs. SOC 2: Which Cybersecurity Framework Fits Your Organization?

Discover how NIST CSF, ISO 27001, and SOC 2 differ in scope, structure, and application, and learn how to choose the right cybersecurity framework for your organization’s needs.

Cybersecurity

May 23, 2025

How STRIKE Helped Identify Qakbot’s Alleged Operator and Support a $24M Asset Seizure

SecurityScorecard’s STRIKE team supported U.S. law enforcement in an investigation into Qakbot, a malware platform linked to some of the most widespread ransomware activity in recent history. On May 22, 2025, the Department of Justice unsealed an indictment against Russian national… Read More

May 23, 2025

What Is Zero Trust Security and Why Does It Matter in 2025?

Explore the Zero Trust security model, its real-world applications, and why adopting a “never trust, always verify” approach is essential for protecting today’s hybrid enterprises.

Cybersecurity