Cybersecurity white papers, data sheets, webinars, videos and more

Blog

What Is a Web Application Firewall and Do You Need One?

Web application firewalls help protect your digital infrastructure from attacks like SQL injection and cross-site scripting. Learn what a WAF is, how it works, and whether your organization needs one in 2025.

STRIKE

Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability (CVE-2025-32433) Added to CISA KEV

Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability (CVE-2025-32433)

STRIKE Alert

Blog

What Are the Best Tools and Techniques to Recover from Ransomware in 2025?

Explore top tools and proven recovery techniques to respond to ransomware in 2025. Learn how to restore operations quickly and minimize long-term damage.

Blog

How Does Role-Based Access Control (RBAC) Improve Organizational Security?

Role-Based Access Control (RBAC) minimizes risk by assigning permissions based on roles. Learn how RBAC improves enterprise security, compliance, and operational efficiency.

Blog

How Do You Stay FERPA Compliant? A Cybersecurity Guide for IT Leaders

Learn how to maintain FERPA compliance in 2025 with this cybersecurity guide for IT leaders. Understand key requirements, common risks, and practical steps to protect student data.

Blog

What Is Doxing and How Can You Prevent It?

Doxing is the malicious exposure of private information online. Learn how it works, the risks it poses to individuals and enterprises, and how to prevent it.

Blog

What Are Must-Do Security Steps When Setting Up a New Server?

Setting up a new server? Follow this essential security checklist to harden your system, avoid misconfigurations, and defend against common threats from the start.

Blog

What Is CIFS and How Does It Impact Enterprise File System Security?

CIFS is an aging file-sharing protocol still found in enterprise environments. Learn what CIFS is, the security risks it introduces, and how to manage those risks in 2025.

Blog

Kerberos vs. LDAP: Choosing the Right Enterprise Protocol

Kerberos and LDAP serve different roles in enterprise security. This guide compares their features, use cases, and integration with modern access control strategies.

Blog

What Are Lessons Learned from the Biggest Financial Sector Cyber Breaches?

Explore the biggest cybersecurity breaches in the financial industry and learn the critical lessons organizations must apply to prevent similar incidents in 2025.

Blog

OAuth vs. SAML: Identity Federation Showdown

Explore the key differences between OAuth and SAML for identity federation. Understand their architectures, use cases, and which is better for secure access management.

Cybersecurity

Blog

Top Free Port Scanner Tools for IT and Cybersecurity Teams

Explore the best free port scanner tools available in 2025 for IT and cybersecurity teams. Learn how these tools help discover open ports, identify vulnerabilities, and secure your network.

Threat-Informed TPRM

Blog

What Is Fourth-Party Visibility and Why It’s Critical for TPRM

Fourth-party visibility gives organizations insight into the risks buried inside their vendors’ networks. Learn why it’s the missing piece in third-party risk management and how to uncover hidden exposure.

Cybersecurity

Blog

What Is Risk Quantification in Cybersecurity and Why It Matters

Cyber risk quantification translates technical vulnerabilities into financial risk—giving boards and CISOs a shared language. Learn how to use quantification models to drive smarter decisions.

Cybersecurity

Research

The Cybersecurity of Europe’s Top 100 Financial Institutions 2025

SecurityScorecard has released its second Europe Financial Cybersecurity Report in two years, revealing that nearly every major financial institution across Europe has been impacted by third-party and fourth-party cyber breaches in the past year.

Blog

Understanding CASB: Securing Cloud Access at Scale

CASBs help organizations secure SaaS usage, enforce data protection policies, and reduce third-party risk. Learn how Cloud Access Security Brokers work and why they’re vital for enterprise cloud security.

Cybersecurity

Webinars

A CISO’s Guide to Mastering Cyber Incident Response: Are Your Vendors Your Weakest Link?

Learn more in this resource.

MAX

Threat-Informed TPRM

Blog

Securing the Supply Chain, One API Call at a Time: Inside the SecurityScorecard API Hackathon

Earlier this month, SecurityScorecard hosted its first-ever API Hackathon, bringing together developers, cybersecurity professionals, and third-party risk managers from around the world to solve real-world security challenges, one API call at a time.

Blog

Scorecarder Spotlight: Guillermo Garcia Granda

Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.

Scorecarder Spotlight

Blog

What Does FISMA Require for Cybersecurity Governance?

The Federal Information Security Modernization Act (FISMA) mandates key cybersecurity practices for U.S. agencies and contractors. Learn what FISMA requires and how to implement its governance standards in 2025.

Cybersecurity

メディア掲載

EnterpriseZine: 取引先のサイバーリスクまで評価する時代

Learn more in this resource.

Japanese