Resources
Cybersecurity white papers, data sheets, webinars, videos and more
Resource Library
Resources
What’s next after crowdstrike fallout?
Learn more in this resource.
STRIKE News
Resources
97 FTSE 100 firms exposed to supply chain breaches
Learn more in this resource.
STRIKE News
Resources
End-of-life Cisco routers targeted by China’s Volt Typhoon group
Learn more in this resource.
STRIKE News
Webinars
The Philanthropist’s Take: Bolstering Cyber Civil Defense
Learn more in this resource.
Resources
US Energy Sector Vulnerable to Supply Chain Attacks
Learn more in this resource.
STRIKE News
Resources
North Korean hackers impersonated recruiters to steal credentials from over 1,500 developer systems
Learn more in this resource.
STRIKE News
Blog
Third-Party Risk Management Regulations: What You Should Know
Third-party risk management regulations may seem like red tape nuisance at first, but these regulations ultimately reduce your organization’s risk as well. Learn more.
Resources
New Lazarus Group campaign sees North Korean hackers spreading undetectable malware through GitHub and open source packages
Learn more in this resource.
STRIKE News
Press
保険業界に影響を及ぼす侵害の59%はサードパーティへの攻撃ベクトルに起因
Learn more in this resource.
Japanese
Blog
Lazarus Group Targets Developers Through NPM Packages and Supply Chain Attacks
North Korea’s Lazarus Group is evolving its tactics again. The latest campaign, dubbed Operation Marstech Mayhem, introduces an advanced implant named “Marstech1.”
STRIKE Team
Research
Lazarus Group is Infecting Open-Source Code. Are You at Risk?
North Korea’s Lazarus Group is hiding malware inside GitHub repositories and NPM packages, compromising developers and cryptocurrency platforms. Their targets: your code, your wallets, your users.
STRIKE Team
Webinars
Breaking Silos with SCDR: How SOCs & TPRM Teams Drive Integrated Cyber Strategies
Learn more in this resource.
Threat-Informed TPRM
Press
SecurityScorecard Reaffirms FedRAMP and Achieves StateRAMP Ready Status
U.S. federal, state and local agencies to adopt SecurityScorecard SCDR to secure supply chains with confidence
Blog
A Deep Peek at DeepSeek
DeepSeek’s rapid ascent in the AI space has made it impossible to ignore. Its sophisticated models and AI assistant have captured global attention. And, while headlines focus on DeepSeek’s capabilities, STRIKE research exposes critical security flaws, hidden data flows, and unanswered questions about who has access to the data and why.
STRIKE Team
Research
Insurance Carriers Face Unprecedented Supply Chain Cyber Threats
SecurityScorecard’s analysis of 150 leading insurance companies exposes a critical weakness: even carriers with robust security are being compromised through their supply chain partners. Our data reveals that threat actors are deliberately exploiting lower-scoring vendors to breach otherwise well-defended insurance organizations.
Press
SecurityScorecard Report: 59% of Breaches Impacting Insurance Sector Caused by Third-Party Attack Vectors
Report highlights need to address third-party risks as cybersecurity gaps threaten critical services and policyholder trust.
メディア掲載
ScanNetSecurity: 「SecurityScorecard」が自らを ASM と名乗らない理由
Learn more in this resource.
Japanese
Resources
Max Data Processing Agreement
Learn more in this resource.
Blog
Third-Party Risk Management Framework: How to Select the Right One
Third parties come with significant cyber security risks. Learn how to select the right risk management framework.
Blog
Beyond the Perimeter: Why CISOs Need Threat-Informed TPRM
Organizations rely heavily on external vendors and suppliers, creating complex supply chains vital for operations. However, this introduces a new dimension of risk: supply chain attacks move fast. While standard TPRM focuses on compliance, Threat-Informed TPRM is a proactive, data-first defense engine designed to stop attacks… Read More
Supply Chain Cyber Risk
Threat-Informed TPRM
Case Studies
Verdane
How Verdane improved investment decisions and portfolio company cyber support using SecurityScorecard.