Skip to main content
Security Scorecard

SecurityScorecard Receives U.S. Technology Patents for Measuring Systemic Risk and Automatically Detecting Third Party Vendors

Posted on March 5th, 2019

New York, NY, March 5, 2019 - SecurityScorecard, the leader in cybersecurity ratings, today announced the company was recently awarded two new patents (U.S. 10,217,071 B2 and U.S. Patent Application Publication No. 2017/0236078, soon to be formally issued) by the U.S. Patent and Trademark Office for Breach Insights and Automatic Vendor Detection. Offering the most extensive cybersecurity scoring data set in the industry, SecurityScorecard’s platform incorporates data from 175 countries and 17 major industries resulting in over 1 million companies rated to date.

“As the leader in cybersecurity ratings, SecurityScorecard continues to innovate ahead of the industry by providing its global customer-base with the most innovative features and tools on the market today,” said Sam Kassoumeh, co-founder and COO, SecurityScorecard. “Over 2018, our R&D team provided many new offerings to our customers with the laser focus to measuring systemic risk and increasing visibility into the vendor ecosystem.” Breach Insights measures an enterprise’s systemic risk by quantifying the likelihood of a breach (i.e. risk level) within customers’ vendor and partner portfolios by assessing both correlated and uncorrelated risk. Correlated risk identifies common attributes between companies in a portfolio and their relevance to breach risk. It then creates an overall risk factor by combining this correlated risk and the risk associated with individual company’s security ratings. Breach Insights displays of vulnerabilities ranked based on how they contribute to total risk offering clients a prescriptive capability. They now know which how to prioritize vulnerability remediation in order to have the most impact to reduce portfolio risk.

Automatic Vendor Detection (AVD™) is a module for the SecurityScorecard platform that enables reconnaissance on a company's third and fourth party cybersecurity attack vectors. Using AVD, you can automatically find and identify security vulnerabilities throughout your entire business ecosystem. This is done using non-intrusive methods that make it quick and easy to determine if any of your vendors are a security risk. Network access, penetration tests, and security forensics are invasive and are not required with the SecurityScorecard solution. Each vendor has an expanded view listing potential vulnerabilities that are noted. For each issue, SSC offers a checklist of items you or the vendor can do to resolve the issues.

To learn more about Breach Insights, please visit:

To learn more about Automated Vendor Detection, please visit:

About SecurityScorecard

Headquartered in the heart of New York City, SecurityScorecard's vision is to create a new language for measuring and communicating security risk. The company was founded in late 2013 by Dr. Aleksandr Yampolskiy and Sam Kassoumeh, two former cybersecurity practitioners who had served, respectively, as Chief Information Security Officer and Head of Security and Compliance. With cloud solutions becoming an increasingly integral part of the security technology stack Yampolskiy and Kassoumeh recognized the need to address third- and fourth-party risk as well as better understand the security capabilities of their business partners. Since its founding, the company has grown dramatically and now counts hundreds of leading brands as customers. SecurityScorecard is backed by leading venture capital investors including Sequoia Capital, Google Ventures, NGP Capital, Evolution Equity Partners, Boldstart Ventures, AXA Venture Partners among others. For more information, visit

Join us in making the world a safer place.