Blog - SecurityScorecard

Blog
SecurityScorecard Acquires HyperComply
September 15, 2025
SecurityScorecard acquires HyperComply to reduce manual security questionnaire work by 92% and accelerate vendor onboarding 10x.
More Details
SecurityScorecard
Blog, Learning Center
What is Cyber Threat Hunting?
September 12, 2025
Master cyber threat hunting with expert techniques and tools to find hidden threats before they cause data breaches.
More Details
Steve Cobb
Cyber Threat Intelligence, Tech Center
Blog, Learning Center
What is SOC 2 Compliance? A Complete Guide for Security Leaders
September 12, 2025
What is SOC 2 compliance? This guide explains the audit, the five trust services, and how to get a SOC 2 report for your service organization.
More Details
Steve Cobb
Tech Center
Blog, Learning Center
What is Data Exfiltration and How to Prevent It
September 12, 2025
Discover what data exfiltration is, the methods attackers use, and the best solutions to prevent data loss, protect devices, and enhance data security.
More Details
Steve Cobb
Tech Center
Blog, Learning Center
What is HIPAA Compliance? A Complete Guide
September 12, 2025
What is HIPAA compliance? Learn essential requirements, common violations, and best practices for healthcare data protection and security.
More Details
Steve Cobb
Tech Center
Blog, Learning Center
What is a Cybersecurity Posture and How Can You Evaluate It?
September 12, 2025
Organizations across industries struggle to maintain robust security postures. While tremendous strides have been made in security technology, the fundamentals of establishing and maintaining a strong cybersecurity posture remain elusive for many organizations.
More Details
Steve Cobb
Tech Center
Blog, Learning Center, STRIKE
When SaaS Trust Becomes a Threat: Insights from the Salesloft Drift Compromise
September 10, 2025
The STRIKE team has been analyzing the Salesloft Drift breach that spread into Salesforce environments. Discover what the breach tells us about supply chain security, how attackers abused OAuth tokens, what data is exposed, and defensive actions to take next.
More Details
Ryan Sherstobitoff
STRIKE Team
Blog
Now You Can See European Union Vulnerability Database (EUVD) IDs in the SecurityScorecard Platform
September 8, 2025
Third-party risk management is complex as teams often struggle to track vulnerabilities across different data sources and standards. This can be especially challenging when working with vendors in the European Union, who may rely on a different set of databases with naming standards that don’t always align with U.S. standards.
More Details
Blog
Scorecarder Spotlight: John Gonzalez
August 26, 2025
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.
More Details
Scorecarder Spotlight
Blog
How to Communicate Third-Party Risk to the Board
August 26, 2025
Learn effective strategies for presenting third-party cyber risks to your board. Expert insights on simplifying complex security data for executive decision-making.
More Details
Blog
NVD Database Crisis of 2024: What We Learned?
August 18, 2025
NVD database issues in 2024 left organizations vulnerable. Discover how CVEDetails offers superior vulnerability intelligence and reliable data.
More Details
Serkan Ozkan, Distinguished Engineer, R&D
Services
Blog
FTP Security Risks, Vulnerabilities & Best Practices Guide
August 18, 2025
Learn about FTP security vulnerabilities, risks of unencrypted file transfers, and best practices for secure data transmission alternatives like SFTP.
More Details