Cybersecurity white papers, data sheets, webinars, videos and more

Resources

Stealth China-linked ORB network gaining footholds in US, East Asia

Learn more in this resource.

STRIKE News

Blog

How Does Wireshark Improve Network Security Through Packet Analysis?

Wireshark is one of the most powerful tools in a security analyst’s toolkit. Learn how it enables deep packet inspection, threat detection, and enhanced network visibility to protect your organization.

Cybersecurity

Blog

What Are the CIS Controls and How Can They Improve Your Cybersecurity?

Learn how the CIS Controls framework works, why it matters in 2025, and how implementing its prioritized safeguards can help organizations prevent cyberattacks and reduce risk.

Compliance

Press

SecurityScorecard MAX Now Available for Purchase in CrowdStrike Marketplace

Leading Supply Chain Detection and Response solution now available via CrowdStrike Marketplace, empowering organizations to proactively manage cybersecurity risks across entire supplier ecosystem.

Blog

What Should Security Leaders Know About FCRA?

Understand the Fair Credit Reporting Act (FCRA), how it applies to cybersecurity practices, and what security leaders can do to ensure compliance when handling consumer data or engaging in vendor monitoring.

Compliance

Blog

What Is a Cache and Why Can It Be a Hidden Security Risk?

Learn what a cache is, how it works, and why improper cache management can expose organizations to data leaks, session hijacking, and performance-driven vulnerabilities.

Cybersecurity

Blog

15 Top Ways To Reduce Organizational Cyber Risk in 2025

Discover 15 methods to reduce cyber risk across your organization in 2025, from vendor security and asset visibility to training, automation, and continuous monitoring.

Cybersecurity

メディア掲載

TechTargetジャパン: 医療データセキュリティとリスク管理【第1回】攻撃者にとって格好の標的「医療データ」をどう守る？　5つの脅威と対策

Learn more in this resource.

Japanese

Ebook

Securing the Supply Chain: Building Cyber Resilience in the Modern Era

In this guide, we’ll walk you through the process of building out your organization’s supply chain incident response capabilities with SCDR to enhance its supply chain cyber resilience.

Supply Chain Cyber Risk

Third-Party Risk Management

Threat-Informed TPRM

Case Studies

Truist

“SecurityScorecard has helped us focus on what really matters—both to our organization and our vendor ecosystem. It’s allowed for more targeted engagements with vendors instead of broad, ineffective outreach. Now, I can sleep better knowing we are engaging with the right vendors for the right reasons.”

Case Studies

Hershey

“SecurityScorecard has absolutely helped us mature our third-party risk management program. We now get some level of cyber insight for 100% of the third parties that come through our risk management process, regardless of whether we’re doing continuous monitoring or sending a survey.”

Case Studies

New York Life

“We brought in SecurityScorecard as part of the conversation and talked through some of the potential root causes, and there were about three or four that they had to work through. Ultimately, the score was cleaned up, and it just promoted a pretty transparent dialogue with the prospective third party.”

Case Studies

Altair

“SecurityScorecard has helped my program mature, you know, dramatically in actually several different ways. By looking directly at our score improvements and where we’ve been deficient, we’ve been able to very quickly see specifically where those problems are and then very quickly be able to reach out to our DevOps team or our IT team and say, can you please fix this?”

Blog

Cybersecurity for Small Businesses: 10 Essential Steps to Protect Your Company in 2025

Explore 10 critical cybersecurity practices small businesses should implement in 2025 to protect against ransomware, phishing, and data breaches while building customer trust and compliance.

Cybersecurity

Blog

What Is CUI (Controlled Unclassified Information)?

Learn what Controlled Unclassified Information (CUI) is, how it’s regulated, and the cybersecurity best practices and frameworks required for federal contractors and partners to safeguard it.

Cybersecurity

Blog

What Is Security Posture and How Do You Manage External Attack Risks in 2025?

Learn what cybersecurity posture means in today’s threat landscape and explore best practices for managing external attack surface risks across your digital and third-party ecosystems.

Cybersecurity

Blog

NIST CSF vs. ISO 27001 vs. SOC 2: Which Cybersecurity Framework Fits Your Organization?

Discover how NIST CSF, ISO 27001, and SOC 2 differ in scope, structure, and application, and learn how to choose the right cybersecurity framework for your organization’s needs.

Cybersecurity

メディア掲載

DIGITAL X: ステップ1：サプライチェーンにおけるサイバーリスクを可視化する

Learn more in this resource.

Japanese

Blog

How STRIKE Helped Identify Qakbot’s Alleged Operator and Support a $24M Asset Seizure

SecurityScorecard’s STRIKE team supported U.S. law enforcement in an investigation into Qakbot, a malware platform linked to some of the most widespread ransomware activity in recent history. On May 22, 2025, the Department of Justice unsealed an indictment against Russian national… Read More

Blog

What Is Zero Trust Security and Why Does It Matter in 2025?

Explore the Zero Trust security model, its real-world applications, and why adopting a “never trust, always verify” approach is essential for protecting today’s hybrid enterprises.

Cybersecurity

Blog

Best Practices for Configuring a Web Application Firewall

Explore essential best practices for configuring Web Application Firewalls (WAFs) to protect against OWASP Top 10 threats, reduce false positives, and defend web applications at scale.

Cybersecurity