Press February 28, 2023

SecurityScorecard Added to the Department of Homeland Security’s Continuous Diagnostics and Mitigation Program’s Approved Products List (CDM APL)

SecurityScorecard’s Attack Surface Intelligence Solution Now Available to Federal Agencies Looking to Enhance Threat Monitoring and Detection.

NEW YORK – February 28, 2023 – SecurityScorecard, the global leader in cybersecurity ratings, today announced that its Attack Surface Intelligence solution has been added to the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) Program’s approved products list (APL). 

The Cybersecurity and Infrastructure Security Agency’s (CISA) CDM Program dynamically fortifies the cybersecurity of civilian Government networks and systems with real-time risk monitoring and defense. The CDM program provides cybersecurity tools, integration services, and dashboards to participating Federal agencies to support them in improving their respective security posture. 

SecurityScorecard’s addition to the Department of Homeland Security’s CDM-approved products list provides Government agencies with the ability to leverage SecurityScorecard’s Attack Surface Intelligence solution to identify, contextualize, and prioritize critical threats across their global attack surface. With SecurityScorecard, Government agencies will better understand the adversary’s next steps, confidently make informed decisions, and reduce disruption.

“It’s clear that continuous monitoring for cyber risk and supply chain risk is of paramount importance for the Federal Government in the wake of numerous supply chain attacks,” said Aleksandr Yampolskiy, CEO of SecurityScorecard. “It is critical that Federal agencies leverage industry-leading solutions to prioritize and efficiently address risk in their unique environments, at scale and in real-time. We’re proud to support the Federal Government with our security solutions to better monitor and defend their networks.”

The CDM program provides capabilities and tools that enable network administrators to monitor the state of their respective networks, identify dynamic cyber risks and threats, and mitigate flaws at near-network speed. DHS works with its interagency partners to deploy and maintain these capabilities and tools as listed in the functional areas. They also collaborate with these partners to present the information in an automated and continuously updated dashboard. 

“The addition of SecurityScorecard to the CDM APL provides immediate value to customers across the Federal Government who are looking for a more effective way to view and communicate risk,” said Brian O’Donnell, who leads the Cybersecurity practice at Carahsoft. “We are proud to continue our commitment to the Federal Government by offering a portfolio of innovative IT solutions through our reseller partners, and look forward to expanding our CDM offerings with SecurityScorecard’s leading security solutions.”

SecurityScorecard’s Attack Surface Intelligence is available through Carahsoft’s SEWP V contracts NNG15SC03B and NNG15SC27B, ITES-SW2 Contract W52P1J-20-D-0042, NCPA Contract NCPA001-86, NASPO ValuePoint AR2472,  E&I Carahsoft Cloud Solutions & Services Distributor Contract  EI00063~2021MA, and The Quilt Master Service Agreement Number MSA – 05012019F. For more information, visit

About SecurityScorecard

Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard’s patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard is the first cybersecurity ratings company to offer digital forensics and incident response services, providing a 360-degree approach to security prevention and response for its worldwide customer and partner base. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit or connect with us on LinkedIn.

Media Contact

Ashley Nakano
[email protected]