Cybersecurity white papers, data sheets, webinars, videos and more

April 15, 2026

A Guide to Building Your Core Third-Party Risk Management Program

Learn more in this resource.

March 18, 2026

The TPRM Evolution: From Checkbox to Continuous Intelligence

Learn more in this resource.

June 16, 2025

Regulatory Compliance: Bridging Compliance and Cybersecurity A Comprehensive Approach to Third-Party Risk Management

Organizations are under mounting pressure to improve their cybersecurity posture and keep pace with evolving regulations and an ever-expanding network of third-party suppliers in 2025. Government and oversight bodies continue to expand the scope and specificity of regulations aimed at safeguarding sensitive information and critical infrastructure. Yet despite significant focus and investment, many enterprises struggle to keep pace.

March 25, 2025

Simplify and Automate APRA Prudential Standard CPS 230 TPRM Requirements with SecurityScorecard

Learn more in this resource.

April 26, 2024

Outcome-Driven Metrics for Supply Chain Cyber Risk Management

Discover how to create outcome-driven metrics that allow CISOs to demonstrate the benefits of cybersecurity investment by measuring metrics against threats that could impact revenue.

Supply Chain Cyber Risk

April 9, 2024

Applying Machine Learning to Optimize the Correlation of SecurityScorecard Scores with Relative Likelihood of Breach

SecurityScorecard ratings provide a means for objectively monitoring the cybersecurity hygiene of organizations (including their vendors) and gauging whether their security posture is improving or deteriorating over time.

Security Ratings

April 9, 2024

SecurityScorecard’s Scoring Methodology 3.0

Take a deep dive into SecurityScorecard’s scoring methodology.

Security Ratings

March 5, 2024

A technical analysis of the APT28’s backdoor called OCEANMAP

Late last year, the Computer Emergency Response Team of Ukraine (CERT-UA) released an advisory that reported cyberattacks targeting state organizations attributed to the Russian espionage group APT28, aka Fancy Bear/Sofacy. The advisory listed the use of a new backdoor named “OCEANMAP.” Download this whitepaper to explore a technical analysis of APT28’s tactics, techniques, and procedures.

Cyber Threat Intelligence

Enterprise Cyber Risk

Supply Chain Cyber Risk

January 12, 2024

DORA and Cyber Risk: A New Framework for Third-Party Risk in the European Union

DORA is an effort to build resilience within the financial service sector by requiring financial services organizations to establish and monitor networks of trust amongst themselves and their ICT vendors. However, trust requires verification through monitoring and transparency.

Attack Surface Management

Cyber Threat Intelligence

DORA

January 9, 2024

Security Ratings: A New Horizon

Unveiling a new Security Ratings methodology for Telecommunications, Internet Service Providers, and Cloud Providers

Attack Surface Management

Cyber Threat Intelligence

Enterprise Cyber Risk

October 20, 2023

Cactus Ransomware

Learn more in this resource.

Attack Surface Management

Cyber Insurance

Cyber Threat Intelligence

February 28, 2023

Expand Your Vendor Intelligence To Identify Active Threats

Research by Ponemon Institute reports that 59% of survey respondents haveconfirmed that their organization has experienced a data breach caused byone of their third parties, with 54% of the incidents occurring in the past12 months. What is more alarming is that only 34% of organizations areconfident their suppliers would notify them of a breach that couldput their business at risk. As the global attack surface continuesto expand, it’s more important than ever to tighten and matureThird- Party Risk Management (TPRM) programs, alsoreferred to as Vendor Risk Management. Staying ahead ofweaponized vulnerabilities and threat actors targetingyour vendors’ assets decreases the chances of acyber disruption to your organization.

Attack Surface Management

Cyber Threat Intelligence

Enterprise Cyber Risk

November 10, 2022

A Look Under The Hood: Data Powering Attack Surface Intelligence

In this white paper, understand how we collect the data that powers Attack Surface Intelligence and the tools we use.

Attack Surface Management

September 14, 2022

A Detailed Analysis Of The Quantum Ransomware

Learn more in this resource.

Attack Surface Management

Cyber Insurance

Cyber Threat Intelligence

July 12, 2022

How To Increase The Value Of Your GRC Platform With Risk Identification And Quantification

Learn more in this resource.

Attack Surface Management

Enterprise Cyber Risk

Security Ratings

March 12, 2022

SecurityScorecardの データ収集方法

Learn more in this resource.

Japanese

January 6, 2021

How To Manage Third-Party Digital Risk

Addressing data breaches outside your company is vital to managing your third-party digital risk. Download this white paper and learn about the implication of third-party data leaks, how to prevent and manage data leaks, and more.

Attack Surface Management

Enterprise Cyber Risk

Security Ratings

October 15, 2020

Applying Machine Learning To Optimize The Correlation Of Securityscorecard Scores With Relative Likelihood Of Breach

We conducted a study, investigating the use of Machine Learning (ML) to tune the weighting of each of the risk factors so that the total score is optimally correlated with the relative likelihood of incurring a data breach. Download the white paper to learn more.

Security Ratings

October 8, 2019

Explanation Of Our Data

This white paper provides detail on the active and passive collection methods and signal types that are in use by the SecurityScorecard solution. The breadth and depth of the security data discussed is the foundation from which SecurityScorecard can deliver the most comprehensive cybersecurity ratings in the industry.

Attack Surface Management

Enterprise Cyber Risk

Security Ratings