SecurityScorecard Announces New Release of Continuous Threatscape Benchmarking Service
NEW YORK, March 9, 2015 /PRNewswire/ -- SecurityScorecard™ (www.securityscorecard.com) today announced a new release of its continuous and non-intrusive Threatscape benchmarking service that will offer organizations of all sizes a deeper, more accurate and more thorough assessment of immediate and emerging threats to the IT systems of global partners and vendors as well as their own.
SecurityScorecard now monitors more than 150 risk indicators; the most of any automated risk grading service currently available. This new and unmatched level of threat signal detection means those who use the continuous monitoring service will have more granular insight into more risks, be able to more effectively collaborate with partners to identify security issues and then jointly remediate them – helping to prevent an ecosystem breach before it occurs. Threat signals and data sets are collected exclusively by SecurityScorecard ThreatMarket proprietary sensors. Organizations that have already taken advantage of SecurityScorecard's advantage include Fortune 500 companies, leaders in financial services, retail, healthcare and manufacturing sectors.
"A company's ability to take a pro-active posture in managing IT risk is a function of knowing as much as possible about all threats to its information ecosystem," said Alex Heid, SecurityScorecard's Chief Research Officer. "In security management knowledge truly is power. By knowing about every current threat, no matter its source or type, a CISO and his/her team can act decisively to manage the risks they face. The latest release of our Threatscape benchmarking service serves notice that SecurityScorecard continues to define how a risk benchmarking service should be designed and how it should perform."
This new release of the SecurityScorecard service significantly expands on its real-time risk detection and breach prevention capabilities. Among the advancements are:
- A refreshed User Interface and dashboard to better visualize and compare trends in a company's portfolio as well as individual partner systems.
- Expanded APIs for easier integration with existing risk management and security tools that, among other things, permits the piping of data from SecurityScorecard into a GRC dashboard, or to expand upon SecurityScorecard's scoring mechanism and to create one's own scores
- Improved passive DNS analyzer to better spot malicious domains in companies' computers
- More extensive crawling of DarkWeb hacker sites
- Upgraded software for network security to detect dozens of outdated or exposed Internet services, such as MySQL, PostrgreSQL, SQL server, among others.
- Detection of vulnerabilities within IDS/IPS systems and security devices that are designed to protect networks. These devices may have vulnerabilities that can act as a point of entry and may facilitate attacks instead of preventing them.
- TOR node monitoring – to check for any unsafe nodes operating in your infrastructure
- Monitoring if DKIM is properly configured to prevent email spoofing
- DDOS tracking to see if any of your computers were used to orchestrate denial-of-service attacks or being used for them
- Defacements of websites by hackers monitoring with auto-alerts to ensure vendors' and your company sites are protected
- Detection of booter shell backdoors that hackers leave behind to control an organization's computers
- Real-time SSH Brute Force detection if your infrastructure is under attack
- P2P and Torrent communication tracking – to spot any strange traffic emanating from a system
Better Performance, Better ROI
"The new release's heightened performance also means SecurityScorecard represents an even better return on investment, Heid said. "We looked at the cost to monitor key risks across an eco-system, detect vulnerabilities in real-time, conduct evaluations, like penetration tests, and deal with the aftermath of a breach. "We found the typical enterprise spends approximately $3 million to avoid or reduce costs associated with a breach that can total $9 million, the event itself plus the cost of staff and services to clean things up. Along with being an unparalleled benchmarking service, SecurityScorecard can cover nearly all its cost for one year – monitoring an unlimited number of partners – in just one month," Heid said.
About SecurityScorecard Threatscape Benchmarking Service
The SecurityScorecard service allows an organization to be continuously aware of all potential threats across an unlimited number of current and prospective partners—protecting revenue and brand integrity. By monitoring millions of signals through SecurityScorecard sensors, companies can non-intrusively gauge how prepared their partners are to deal with security challenges. Active and emerging threats can be addressed collaboratively to effectively remediate issues and lower collective security risks. The SecurityScorecard service also helps to optimize security spending for improved performance and cost-savings.
SecurityScorecard, Inc. provides precise global threat intelligence and risk awareness continuously and non-intrusively so businesses and their partners can collaboratively intervene on and remediate data security issues.
Security Scorecard Inc. is privately-held with headquarters in New York. Founded in 2013, Security Scorecard investors include Evolution Equity Partners, Boldstart Ventures, Atlas Ventures and others.