Unveiling TITAN AI: A New Era of Threat-Informed Third-Party Risk Management
Request a demo Get started for free

Resources

Cybersecurity white papers, data sheets, webinars, videos and more

Resource Library

Clear filters

What Is Nmap and How Can It Help Identify Network Vulnerabilities?

June 24, 2025

What Is Nmap and How Can It Help Identify Network Vulnerabilities?
As organizations around the globe constantly shift infrastructure, visibility into your attack surface is everything. That’s why Nmap remains a mainstay for defenders in 2025—trusted for its flexibility, precision, and speed. Nmap (short for Network Mapper) is an open-source tool used by cybersecurity professionals to discover hosts,… Read More
What Is HTTPS and Why Is It Still Essential for Cybersecurity in 2025?

June 24, 2025

What Is HTTPS and Why Is It Still Essential for Cybersecurity in 2025?
As organizations shift toward cloud-first and API-centric infrastructure, secure web browsing and HTTPS encryption must remain top priorities. HTTPS, or Hypertext Transfer Protocol Secure, continues to serve as the backbone of encrypted web communications. Despite widespread adoption, many implementations remain flawed. Misconfigurations, expired… Read More
Threat-Informed TPRM
What Is a Web Application Firewall and Do You Need One?

June 24, 2025

What Is a Web Application Firewall and Do You Need One?
In 2025, organizations depend on web applications for everything from customer engagement to internal systems. Web apps are now business-critical—but they are increasingly under attack. Unlike network-layer attacks, which focus on brute force or protocol-level flaws, application-layer attacks exploit business logic and user interactions. These attacks are… Read More
How Do You Stay FERPA Compliant? A Cybersecurity Guide for IT Leaders

June 24, 2025

How Do You Stay FERPA Compliant? A Cybersecurity Guide for IT Leaders
What Is FERPA and Why It Matters to IT Leaders Bridging compliance and cybersecurity in the education sector The Family Educational Rights and Privacy Act (FERPA) is a U.S. federal law enacted in 1974 to safeguard student education records. It applies to all… Read More
What Is CIFS and How Does It Impact Enterprise File System Security?

June 24, 2025

What Is CIFS and How Does It Impact Enterprise File System Security?
The Common Internet File System (CIFS) was once a vital component of file-sharing in Windows environments. Developed by Microsoft in the 1990s, CIFS enabled network-based access to files, printers, and other shared resources—revolutionizing distributed computing at the time. Today, however, it poses a growing risk to… Read More
What Are Lessons Learned from the Biggest Financial Sector Cyber Breaches?

June 24, 2025

What Are Lessons Learned from the Biggest Financial Sector Cyber Breaches?
Why the Financial Sector Remains a Top Target An industry under constant threat from ransomware, supply chain compromise, and cloud misconfiguration Financial institutions store high-value data and underpin global economic activity. In 2025, this makes them a continuous target for cyberattacks. From multinational banks to… Read More
Top Free Port Scanner Tools for IT and Cybersecurity Teams

June 24, 2025

Top Free Port Scanner Tools for IT and Cybersecurity Teams
Why Port Scanners Still Matter in 2025 A foundational tool in defending modern attack surfaces Port scanners remain essential to cybersecurity workflows, even as organizations adopt zero trust models and cloud-native tooling. In 2025, attackers still rely on port scanning to… Read More
Threat-Informed TPRM
Unmasking A New China-Linked Covert ORB Network: Inside the LapDogs Campaign

June 23, 2025

Unmasking A New China-Linked Covert ORB Network: Inside the LapDogs Campaign
LapDogs: China-Linked ORB Network Revealed in Global Espionage Campaign   SecurityScorecard’s STRIKE team has identified a previously unreported Operational Relay Box (ORB) Network—LapDogs—a novel and prolonged espionage infrastructure campaign that marks yet another instance of China-Nexus cyber actors leveraging ORB Networks.   Key Takeaways… Read More
STRIKE Team
Understanding Third-Party Risk: Identifying and Mitigating External Threats

June 23, 2025

Understanding Third-Party Risk: Identifying and Mitigating External Threats
Why Third-Party Risk Is Critical Businesses are increasingly dependent on an ever-expanding ecosystem of vendors, software platforms, and service providers. These relationships power everything from invoicing and authentication to cloud storage and customer engagement—but every connection expands the attack surface, and bad actors know… Read More
What Does the Gramm-Leach-Bliley Act (GLBA) Require?

June 20, 2025

What Does the Gramm-Leach-Bliley Act (GLBA) Require?
What Is the GLBA and Why Was It Enacted? The Gramm-Leach-Bliley Act (GLBA), passed in 1999, reshaped the U.S. financial industry by allowing institutions to offer banking, securities, and insurance services under one roof. But with expanded financial services came increased exposure of sensitive customer data. Read More
What’s the Difference Between Authenticity and Non-Repudiation in Cybersecurity?

June 19, 2025

What’s the Difference Between Authenticity and Non-Repudiation in Cybersecurity?
Why Identity Assurance Requires More Than Authentication Verifying identity in digital environments is essential, but proving who took a specific action—and holding them accountable—is a distinct and equally critical challenge. Many organizations treat authentication as the end of the identity verification process. But truly… Read More
Spear Phishing vs. Phishing: What’s the Difference?

June 18, 2025

Spear Phishing vs. Phishing: What’s the Difference?
Why Email-Based Attacks Still Work Despite years of investment in email security and user training, email-based attacks remain the most successful initial compromise method. Bad actors rely on phishing and spear phishing email-based attacks because they… Read More
Phishing
Threat-Informed TPRM
How Does an Intrusion Detection System (IDS) Work?

June 17, 2025

How Does an Intrusion Detection System (IDS) Work?
What is an Intrusion Detection System & How Does It Work? An Intrusion Detection System (IDS) monitors your network or host activity to identify potential threats and policy violations across your security ecosystem. Unlike next-generation firewalls that actively block malicious activity, IDS tools generate alerts for security personnel… Read More
How File Transfer Software Became the #1 Third-Party Breach Vector

June 11, 2025

How File Transfer Software Became the #1 Third-Party Breach Vector
Why File Transfer Software Is a Growing Target File transfer tools are essential for business operations. They enable organizations to exchange data securely with vendors, partners, and customers. But their growing complexity—and their position at the intersection of multiple networks—makes them a prime target for attackers. Read More
Cybersecurity
What Is HSTS and How Does It Strengthen HTTPS Security?

June 11, 2025

What Is HSTS and How Does It Strengthen HTTPS Security?
What is HSTS? HTTP Strict Transport Security (HSTS) is a browser-enforced policy that requires web applications to load only over HTTPS. Once a browser receives a valid HSTS header, it refuses to connect to that domain with HTTP—even if the user manually types… Read More
Cybersecurity
OAuth vs. SAML: Identity Federation Showdown

June 5, 2025

OAuth vs. SAML: Identity Federation Showdown
As organizations adopt hybrid infrastructure and cloud-native applications, the need for secure and scalable identity federation is critical. Protocols like OAuth 2.0 and SAML authentication allow users to log in across platforms without sharing credentials repeatedly, reducing risk of credential exposure while supporting productivity. Read More
Cybersecurity
What Is Fourth-Party Visibility and Why It’s Critical for TPRM

June 4, 2025

What Is Fourth-Party Visibility and Why It’s Critical for TPRM
Why Fourth-Party Visibility Now Matters More Than Ever Modern businesses depend on hundreds and sometimes thousands of third-party vendors. But many of those vendors, too, rely on their own suppliers, tools, and service providers. These are your fourth parties, and many… Read More
Cybersecurity
What Is Risk Quantification in Cybersecurity and Why It Matters

June 4, 2025

What Is Risk Quantification in Cybersecurity and Why It Matters
Why Cyber Risk Quantification Is Key to Security Strategy Cybersecurity leaders often face a familiar challenge: Translating technical cybersecurity risk into language that resonates in the boardroom. When threats are framed with technical jargon or vague terms that don’t translate risk, cybersecurity leaders… Read More
Cybersecurity
Understanding CASB: Securing Cloud Access at Scale

June 3, 2025

Understanding CASB: Securing Cloud Access at Scale
A Cloud Access Security Broker (CASB) is a purpose-built security enforcement point that governs data flows between cloud service users and applications. In 2025, with enterprises relying on a multitude of Software-as-a-Service (SaaS) security platforms like Microsoft 365, Zoom, Box, Salesforce, and more, CASBs are indispensable for enforcing… Read More
Cybersecurity
What Does FISMA Require for Cybersecurity Governance?

June 2, 2025

What Does FISMA Require for Cybersecurity Governance?
The Federal Information Security Modernization Act., commonly known as FISMA, is the backbone of federal cybersecurity standards in the United States. Enacted in 2002 and amended in 2014, the law defines how government agencies… Read More
Cybersecurity