Resources
Cybersecurity white papers, data sheets, webinars, videos and more
Resource Library
Blog
OAuth vs. SAML: Identity Federation Showdown
Explore the key differences between OAuth and SAML for identity federation. Understand their architectures, use cases, and which is better for secure access management.
Cybersecurity
Blog
Top Free Port Scanner Tools for IT and Cybersecurity Teams
Explore the best free port scanner tools available in 2025 for IT and cybersecurity teams. Learn how these tools help discover open ports, identify vulnerabilities, and secure your network.
Threat-Informed TPRM
Blog
What Is Fourth-Party Visibility and Why It’s Critical for TPRM
Fourth-party visibility gives organizations insight into the risks buried inside their vendors’ networks. Learn why it’s the missing piece in third-party risk management and how to uncover hidden exposure.
Cybersecurity
Blog
What Is Risk Quantification in Cybersecurity and Why It Matters
Cyber risk quantification translates technical vulnerabilities into financial risk—giving boards and CISOs a shared language. Learn how to use quantification models to drive smarter decisions.
Cybersecurity
Research
The Cybersecurity of Europe’s Top 100 Financial Institutions 2025
SecurityScorecard has released its second Europe Financial Cybersecurity Report in two years, revealing that nearly every major financial institution across Europe has been impacted by third-party and fourth-party cyber breaches in the past year.
Blog
Understanding CASB: Securing Cloud Access at Scale
CASBs help organizations secure SaaS usage, enforce data protection policies, and reduce third-party risk. Learn how Cloud Access Security Brokers work and why they’re vital for enterprise cloud security.
Cybersecurity
Webinars
A CISO’s Guide to Mastering Cyber Incident Response: Are Your Vendors Your Weakest Link?
Learn more in this resource.
MAX
Threat-Informed TPRM
Blog
Securing the Supply Chain, One API Call at a Time: Inside the SecurityScorecard API Hackathon
Earlier this month, SecurityScorecard hosted its first-ever API Hackathon, bringing together developers, cybersecurity professionals, and third-party risk managers from around the world to solve real-world security challenges, one API call at a time.
Blog
Scorecarder Spotlight: Guillermo Garcia Granda
Our “Scorecarder Learning & Development Spotlight” series showcases our talented, driven employees, the incredible work they do, and their quest to continue their development as lifelong learners.
Scorecarder Spotlight
Blog
What Does FISMA Require for Cybersecurity Governance?
The Federal Information Security Modernization Act (FISMA) mandates key cybersecurity practices for U.S. agencies and contractors. Learn what FISMA requires and how to implement its governance standards in 2025.
Cybersecurity
メディア掲載
EnterpriseZine: 取引先のサイバーリスクまで評価する時代
Learn more in this resource.
Japanese
Resources
Stealth China-linked ORB network gaining footholds in US, East Asia
Learn more in this resource.
STRIKE News
Blog
How Does Wireshark Improve Network Security Through Packet Analysis?
Wireshark is one of the most powerful tools in a security analyst’s toolkit. Learn how it enables deep packet inspection, threat detection, and enhanced network visibility to protect your organization.
Cybersecurity
Blog
What Are the CIS Controls and How Can They Improve Your Cybersecurity?
Learn how the CIS Controls framework works, why it matters in 2025, and how implementing its prioritized safeguards can help organizations prevent cyberattacks and reduce risk.
Compliance
Press
SecurityScorecard MAX Now Available for Purchase in CrowdStrike Marketplace
Leading Supply Chain Detection and Response solution now available via CrowdStrike Marketplace, empowering organizations to proactively manage cybersecurity risks across entire supplier ecosystem.
Blog
What Should Security Leaders Know About FCRA?
Understand the Fair Credit Reporting Act (FCRA), how it applies to cybersecurity practices, and what security leaders can do to ensure compliance when handling consumer data or engaging in vendor monitoring.
Compliance
Blog
What Is a Cache and Why Can It Be a Hidden Security Risk?
Learn what a cache is, how it works, and why improper cache management can expose organizations to data leaks, session hijacking, and performance-driven vulnerabilities.
Cybersecurity
Blog
15 Top Ways To Reduce Organizational Cyber Risk in 2025
Discover 15 methods to reduce cyber risk across your organization in 2025, from vendor security and asset visibility to training, automation, and continuous monitoring.
Cybersecurity
メディア掲載
TechTargetジャパン: 医療データセキュリティとリスク管理【第1回】攻撃者にとって格好の標的「医療データ」をどう守る? 5つの脅威と対策
Learn more in this resource.
Japanese
Ebook
Securing the Supply Chain: Building Cyber Resilience in the Modern Era
In this guide, we’ll walk you through the process of building out your organization’s supply chain incident response capabilities with SCDR to enhance its supply chain cyber resilience.
Supply Chain Cyber Risk
Third-Party Risk Management
Threat-Informed TPRM
Case Studies
Truist
“SecurityScorecard has helped us focus on what really matters—both to our organization and our vendor ecosystem. It’s allowed for more targeted engagements with vendors instead of broad, ineffective outreach. Now, I can sleep better knowing we are engaging with the right vendors for the right reasons.”