Resources

Cybersecurity white papers, data sheets, webinars, videos and more

Resource Library

What’s next after crowdstrike fallout?

Resources

What’s next after crowdstrike fallout?
Learn more in this resource.
STRIKE News
97 FTSE 100 firms exposed to supply chain breaches

Resources

97 FTSE 100 firms exposed to supply chain breaches
Learn more in this resource.
STRIKE News
End-of-life Cisco routers targeted by China’s Volt Typhoon group

Resources

End-of-life Cisco routers targeted by China’s Volt Typhoon group
Learn more in this resource.
STRIKE News
The Philanthropist’s Take: Bolstering Cyber Civil Defense

Webinars

The Philanthropist’s Take: Bolstering Cyber Civil Defense
Learn more in this resource.
US Energy Sector Vulnerable to Supply Chain Attacks

Resources

US Energy Sector Vulnerable to Supply Chain Attacks
Learn more in this resource.
STRIKE News
North Korean hackers impersonated recruiters to steal credentials from over 1,500 developer systems

Resources

North Korean hackers impersonated recruiters to steal credentials from over 1,500 developer systems
Learn more in this resource.
STRIKE News
Third-Party Risk Management Regulations: What You Should Know

Blog

Third-Party Risk Management Regulations: What You Should Know
Third-party risk management regulations may seem like red tape nuisance at first, but these regulations ultimately reduce your organization’s risk as well. Learn more.
New Lazarus Group campaign sees North Korean hackers spreading undetectable malware through GitHub and open source packages

Resources

New Lazarus Group campaign sees North Korean hackers spreading undetectable malware through GitHub and open source packages
Learn more in this resource.
STRIKE News
保険業界に影響を及ぼす侵害の59%はサードパーティへの攻撃ベクトルに起因

Press

保険業界に影響を及ぼす侵害の59%はサードパーティへの攻撃ベクトルに起因
Learn more in this resource.
Japanese
Lazarus Group Targets Developers Through NPM Packages and Supply Chain Attacks

Blog

Lazarus Group Targets Developers Through NPM Packages and Supply Chain Attacks
North Korea’s Lazarus Group is evolving its tactics again. The latest campaign, dubbed Operation Marstech Mayhem, introduces an advanced implant named “Marstech1.”
STRIKE Team
Lazarus Group is Infecting Open-Source Code. Are You at Risk?

Research

Lazarus Group is Infecting Open-Source Code. Are You at Risk?
North Korea’s Lazarus Group is hiding malware inside GitHub repositories and NPM packages, compromising developers and cryptocurrency platforms. Their targets: your code, your wallets, your users.
STRIKE Team
Breaking Silos with SCDR: How SOCs & TPRM Teams Drive Integrated Cyber Strategies

Webinars

Breaking Silos with SCDR: How SOCs & TPRM Teams Drive Integrated Cyber Strategies
Learn more in this resource.
Threat-Informed TPRM
SecurityScorecard Reaffirms FedRAMP and Achieves StateRAMP Ready Status

Press

SecurityScorecard Reaffirms FedRAMP and Achieves StateRAMP Ready Status
U.S. federal, state and local agencies to adopt SecurityScorecard SCDR to secure supply chains with confidence
A Deep Peek at DeepSeek

Blog

A Deep Peek at DeepSeek
DeepSeek’s rapid ascent in the AI space has made it impossible to ignore. Its sophisticated models and AI assistant have captured global attention. And, while headlines focus on DeepSeek’s capabilities, STRIKE research exposes critical security flaws, hidden data flows, and unanswered questions about who has access to the data and why.
STRIKE Team
Insurance Carriers Face Unprecedented Supply Chain Cyber Threats

Research

Insurance Carriers Face Unprecedented Supply Chain Cyber Threats
SecurityScorecard’s analysis of 150 leading insurance companies exposes a critical weakness: even carriers with robust security are being compromised through their supply chain partners. Our data reveals that threat actors are deliberately exploiting lower-scoring vendors to breach otherwise well-defended insurance organizations.
SecurityScorecard Report: 59% of Breaches Impacting Insurance Sector Caused by Third-Party Attack Vectors

Press

SecurityScorecard Report: 59% of Breaches Impacting Insurance Sector Caused by Third-Party Attack Vectors
Report highlights need to address third-party risks as cybersecurity gaps threaten critical services and policyholder trust.
ScanNetSecurity: 「SecurityScorecard」が自らを ASM と名乗らない理由

メディア掲載

ScanNetSecurity: 「SecurityScorecard」が自らを ASM と名乗らない理由
Learn more in this resource.
Japanese
Max Data Processing Agreement

Resources

Max Data Processing Agreement
Learn more in this resource.
Third-Party Risk Management Framework: How to Select the Right One

Blog

Third-Party Risk Management Framework: How to Select the Right One
Third parties come with significant cyber security risks. Learn how to select the right risk management framework.
Beyond the Perimeter: Why CISOs Need Threat-Informed TPRM

Blog

Beyond the Perimeter: Why CISOs Need Threat-Informed TPRM
Organizations rely heavily on external vendors and suppliers, creating complex supply chains vital for operations. However, this introduces a new dimension of risk: supply chain attacks move fast. While standard TPRM focuses on compliance, Threat-Informed TPRM is a proactive, data-first defense engine designed to stop attacks… Read More
Supply Chain Cyber Risk
Threat-Informed TPRM
Verdane

Case Studies

Verdane
How Verdane improved investment decisions and portfolio company cyber support using SecurityScorecard.