Close
Blog June 2, 2025 Reading Time: 3 minutes

Securing the Supply Chain, One API Call at a Time: Inside the SecurityScorecard API Hackathon

Earlier this month, SecurityScorecard hosted its first-ever API Hackathon, bringing together developers, cybersecurity professionals, and third-party risk managers from around the world to solve real-world security challenges, one API call at a time.

This wasn’t just about writing code. It was about building automation, accelerating security workflows, and reimagining how we manage supply chain risk with APIs.

A Global Community of Builders

With participants joining from the U.S., India, the Philippines, the U.K., and beyond, the Hackathon reflected the global nature of today’s threat landscape and the community working to secure it.

Over 50% of participants were new to APIs, and 80% had never used the SecurityScorecard API before. Still, in just a few hours, they shipped working prototypes, collaborated in live workshops, and discovered new ways to integrate SecurityScorecard data into tools they already use – from Slack and Jira to Power BI and Google Sheets.

Projects that Delivered Real Value

Participants submitted projects all grounded in real-world needs and powered by the SecurityScorecard API. Details on some of the featured projects can be found here. A few standout examples included:

  • Product Usage Search Tool: A tool to quickly identify which vendors use a specific product, helping teams respond faster when major vulnerabilities (like Log4j) hit the supply chain.
  • Breach Impact on Stock Price: A project that analyzed the correlation between security incidents and market value – an innovative way to quantify cyber risk.
  • SecurityScorecard Portfolio Visualization: An interactive visualization of portfolio data that made hidden risk connections easy to spot.
  • TPRM in Sheets: A no-code dashboard to view vendor scores directly in Google Sheets – simple, visual, and highly accessible.

Project Spotlight: Product Usage Search Tool

This Jupyter notebook-based tool helps security teams rapidly identify which vendors in their portfolio may be impacted by newly discovered vulnerabilities, outages, or breaches tied to specific software or hardware products. Built with performance and usability in mind, it features multi-threaded processing, in-memory caching, and real-time progress tracking – making it both fast and scalable. By leveraging the SecurityScorecard API, the tool enables instant searches across vendor-product relationships, helping teams proactively assess risk, streamline vendor questionnaires, and accelerate third-party onboarding.

“Quickly learning and applying the SecurityScorecard API helped me understand the potential of using it to get cyber risk signals quickly.”

— Kent Co, Cyber Rescue

From Workshops to Working Solutions

Participants had access to hands-on API workshops, beginner-friendly code templates, and real-time support. More than 75% of attendees cited automation as their primary goal and those who joined the workshops were five times more likely to submit a project.

The event confirmed a strong and growing demand for beginner-oriented API documentation and tutorials that make it easier to get started quickly. Participants expressed a clear interest in customizable templates and real-world use cases they could adapt to their own environments. There was also significant enthusiasm for integrating SecurityScorecard data into the tools teams already rely on, such as Google Sheets, Power BI, and Slack to make risk data more actionable and accessible across different roles.

“I found it incredibly easy to use. Without easy-to-use documentation and well-structured responses, I wouldn’t have been able to complete my project.”

— Keith Bretana, Cyber Rescue

What’s Next?

SecurityScorecard is already working on:

  • New developer resources and live API walkthroughs
  • Additional developer events to help users learn how to use the API more effectively
  • A community showcase series to highlight customer-built tools
  • Deeper documentation, starter kits, and integration guides for non-technical users

We’re also exploring more flexible, asynchronous event formats to support builders across more time zones and workflows.

Want to get involved?

Join the SecurityScorecard API Developer Community to:

  • Get early access to tutorials and templates
  • Share your own API use case
  • Be first in line for our next hackathon or live workshop

Together, we’re building smarter cybersecurity—one integration at a time.