Unveiling TITAN AI: A New Era of Threat-Informed Third-Party Risk Management
Request a demo Get started for free

Resources

Cybersecurity white papers, data sheets, webinars, videos and more

Resource Library

Clear filters

Inside a North Korean Phishing Operation Targeting DevOps Employees

October 30, 2024

Inside a North Korean Phishing Operation Targeting DevOps Employees
Interested in the personal story behind the attack? Read the firsthand account here Sophisticated threat actors are increasingly targeting organizations with tailored phishing campaigns. Recently, SecurityScorecard detected a similar attempt against our team—and stopped it in its tracks. We’re sharing our findings to support the InfoSec community… Read More
Nation State Actors
Phishing
STRIKE Team
The Job Offer That Wasn’t: How We Stopped an Espionage Plot

October 30, 2024

The Job Offer That Wasn’t: How We Stopped an Espionage Plot
In cybersecurity, transparency matters—because none of us are immune. Increasingly, we’re seeing threat actors hone in on specific organizations. When we detected the recent “Contagious Interview” campaign targeting one of our own, our team acted fast to stop it in its tracks. We’re sharing this story so others… Read More
STRIKE Team
Complete Third-Party Risk Management (TPRM) Guide for 2025

October 16, 2024

Complete Third-Party Risk Management (TPRM) Guide for 2025
Third-party risk management (TPRM) is the structured process of identifying, assessing, and mitigating cybersecurity risks posed by external vendors, suppliers, and service providers. These risks can include cyber threats, data breaches, regulatory violations, and financial instability, all of which can severely impact your organization’s security and compliance posture. Read More
Third-Party Risk Management
Scorecarder Spotlight: Segev Eliezer & David Mound

October 10, 2024

Scorecarder Spotlight: Segev Eliezer & David Mound
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.  This month, we’re highlighting two Scorecarder’s who both attended DEFCON at the end of the summer!    … Read More
The Road Taken: Pathways to Better Compliance

September 30, 2024

The Road Taken: Pathways to Better Compliance
Ralph Waldo Emerson, the renowned American writer, lecturer and philosopher, is often credited with the phrase “It’s not the destination, it’s the journey.” Legal, Compliance, Risk and Security professionals would be wise to consider Emerson’s wise words and philosophy. The path to optimal compliance outcomes and… Read More
How the U.S. Department of Justice Can Improve Its Approach to Combat Ransomware Attacks

September 28, 2024

How the U.S. Department of Justice Can Improve Its Approach to Combat Ransomware Attacks
Earlier this month, the U.S. Department of Justice’s Office of the Inspector General released a report on how the Department could improve its approach to combat ransomware attacks. The report included an audit and evaluated the Department’s strategy to respond and counter ransomware… Read More
Public Sector
Supply Chain Cyber Risk
Women in Cyber 2024: Key Themes from AT&T’s Inaugural Conference

September 26, 2024

Women in Cyber 2024: Key Themes from AT&T’s Inaugural Conference
Earlier this week, SecurityScorecard had the pleasure of sponsoring AT&T’s inaugural Women in Cyber conference. From folks earlier on in their career to more seasoned professionals with 20+ years under their belt, there was a diverse group of 750+ attendees who were all interested in learning more about… Read More
Scorecarder Spotlight: David Mound

September 18, 2024

Scorecarder Spotlight: David Mound
Our series “Scorecarder Spotlight” showcases our talented employees and the incredible work they do.    Name: David Mound Job: Senior Penetration Tester Location: UK   Where do you live, and what do you do in your free time?  I was… Read More
Scorecarder Spotlight: Anna Livingston

September 11, 2024

Scorecarder Spotlight: Anna Livingston
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.    Name: Anna Livingston Role: Senior Solutions Architect   Tell us a… Read More
Billington 2024: Key Cybersecurity Takeaways from the AI Age

September 9, 2024

Billington 2024: Key Cybersecurity Takeaways from the AI Age
SecurityScorecard had the pleasure of participating in the 15th Annual Billington CyberSecurity Conference—a key convening of policymakers and industry thought leaders in our Nation’s Capital. This year’s edition—Advancing Cybersecurity in the AI Age—included over 4,000 registrants and 200 speakers participating in… Read More
Public Sector
Supply Chain Cyber Risk
CISA’s Secure By Design: A Year Later

September 5, 2024

CISA’s Secure By Design: A Year Later
In April this year, the CISA Secure By Design initiative turned one. The initiative calls for the public and private sectors to work together to challenge and encourage software manufacturing companies to adopt principles to ensure their software is developed and produced as… Read More
Supply Chain Cyber Risk
Reimagining Supply Chain Cybersecurity

August 28, 2024

Reimagining Supply Chain Cybersecurity
From ransomware attacks to data breaches, the threats lurking within supply chains are more pervasive than you might realize. Many security teams aren’t aware of the various supply chain cyber risks lurking within their network, most of which are difficult to detect, manage, and mitigate. Let’s explore how… Read More
Supply Chain Cyber Risk
Third-Party Risk Management
Building a Resilient Supply Chain in the Face of Cyber Threats

August 27, 2024

Building a Resilient Supply Chain in the Face of Cyber Threats
Supply chain resilience has never been more critical. Recent cyber outages have underscored a harsh reality—supply chains are vulnerable, and disruptions can have far-reaching impacts. But what does it mean to be supply chain resilient, especially in the context of cyber threats? In this post, we will explore… Read More
Professional Services
Supply Chain Cyber Risk
Third-Party Risk Management
Continuous Accountability: Leveraging Contracts to Secure your Supply Chain

August 14, 2024

Continuous Accountability: Leveraging Contracts to Secure your Supply Chain
A critical problem for security and legal professionals who manage supply chain risk is that cybersecurity risks are dynamic and always shifting. You have done your due diligence and selected a vendor with strong cybersecurity controls – but how can you guarantee that your vendor maintains this type of… Read More
SecurityScorecard is now part of AWS OMNIA

August 14, 2024

SecurityScorecard is now part of AWS OMNIA
SecurityScorecard is excited to announce that we are now an AWS OMNIA partner. This unlocks a critical opportunity for the 90,000 buying organizations that make up the OMNIA partner network to reduce and manage Supply Chain Cyber Risks. The third party attack surface is a fast… Read More
AWS
SecurityScorecard and ServiceNow Expand Partnership with New Capabilities for TPRM and Security Incident Response (SIR)

August 8, 2024

SecurityScorecard and ServiceNow Expand Partnership with New Capabilities for TPRM and Security Incident Response (SIR)
ServiceNow and SecurityScorecard have been longtime strategic partners, helping mutual customers measure and manage cyber risk. Today we’re highlighting the next phase of our partnership and innovation to help customers tackle the complex challenges associated with managing cyber risk in the third party ecosystem. Organizations struggle with… Read More
“More Money, More Problems:” Supply Chain Cyber Risk in the Forbes Global 2000

August 8, 2024

“More Money, More Problems:” Supply Chain Cyber Risk in the Forbes Global 2000
SecurityScorecard and its partner Cyentia recently released our joint case study of third-party cyber risk in the Forbes Global 2000 group of the world’s financially largest companies. On one hand, large companies have the advantage of greater financial and human resources to invest in security programs. Security… Read More
“What’s our number?”: Responding To Your Exposure to CrowdStrike Outage Event

August 7, 2024

“What’s our number?”: Responding To Your Exposure to CrowdStrike Outage Event
Is cyber risk insurable? That question is often at the heart of the debate about the future of the cyber insurance industry. One of the primary drivers of that question is the insurance industry’s challenges when managing systemic cyber risk since many believe that systemic cyber risk has… Read More
SecurityScorecard and AWS Help Make Secure Software Procurement Faster and Easier

August 5, 2024

SecurityScorecard and AWS Help Make Secure Software Procurement Faster and Easier
Organizations increasingly rely on third parties for business operations, and as a result are working with more digital suppliers than ever. According to Gartner, 60% of organizations work with more than 1,000 third parties and this number will grow. High-profile vulnerabilities such as Log4Shell are a constant… Read More
AWS
Up Level Your Amazon Security Lake with Attack Surface Intelligence

August 5, 2024

Up Level Your Amazon Security Lake with Attack Surface Intelligence
As global network infrastructure expands to include devices without traditional compute power, every organization’s attack surface becomes increasingly complex. Parallel to the increased complexity in the threat landscape is the increased scale and complexity of the signals and data necessary to produce meaningful cybersecurity insights. At its core, cybersecurity… Read More
Scorecarder Spotlight: Catarina Horta

August 2, 2024

Scorecarder Spotlight: Catarina Horta
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners. Name: Catarina Horta Role: Business Development Manager, LATAM & EMEA   Tell us a little… Read More
Scorecarder Spotlight