Resources
Cybersecurity white papers, data sheets, webinars, videos and more
Resource Library
Blog
Strengthening National Cyber Resilience: Reflections from My Fireside Chat with ONCD Director Sean Cairncross
Mike Centrella, SecurityScorecard Head of Public Policy, shares insights from his fireside chat with the National Cyber Director Sean Cairncross on strengthening U.S. cyber resilience, deterrence, AI security, and workforce strategy.
Blog
Beyond the Hype: Moltbot’s Real Risk Is Exposed Infrastructure, Not AI Superintelligence
While the world debates Moltbook’s role in the AI ecosystem, it is just the tip of the iceberg of Titanic risk. SecurityScorecard’s STRIKE team uncovered what lurks beneath: Thousands of exposed OpenClaw (Moltbot) control panels vulnerable to takeover through misconfigured access and known exploits.
STRIKE Team
Blog
Why India Is Emerging as a Third-Party Breach Hotspot
SecurityScorecard experts analyzed why 52.6% of Indian vendors experienced at least one third-party breach in the past year in a recent webinar. India has become one of the most critical engines of the global digital economy and one of the most targeted.
Strike Alert
Citrix NetScaler ADC and Gateway Buffer Overflow Vulnerability (CVE-2025-6543) Added to CISA KEV
Learn more in this resource.
Blog
What is a SOC 2 Compliance Checklist?
Use this SOC 2 compliance checklist to prepare for your audit, meet requirements, and maintain continuous compliance. Expert guidance for security leaders.
Blog
What Are Moltbot and Moltbook and What Happens When Agentic AI Assistants Scale Without Security
Moltbot AI assistants and their social media platform Moltbook have sparked AGI fears in recent days, but the real risk is access. Learn what Moltbook and Moltbot are (now OpenClaw and formerly known as Clawdbot), why it’s not artificial general intelligence (AGI), and how to reduce security exposure.
Blog
What Is Network Cloud Security?
Learn what network cloud security is, why traditional approaches fall short, and best practices for protecting your cloud infrastructure from security threats.
Blog
Odyssey 2026 Recap: Building Continuous Supply Chain Resilience in an Era of Persistent Threats
SecurityScorecard’s Odyssey 2026 customer conference in Miami brought CISOs together to examine continuous, threat-informed supply chain security and the shift from periodic assessments to real-time risk operations.
Blog
What Is Cyber Incident Response and Why It Matters
Learn what cyber incident response is, the steps in the incident response lifecycle, and how to build effective incident response teams and playbooks.
STRIKE
The Quiet Siege II
Explore a fictional depiction of a DDoS attack in The Quiet Siege Part II: Life, Interrupted. The scenario described does not represent a real attack, organization, or incident.
STRIKE
The Quiet Siege I
Explore a fictional depiction of a DDoS attack. The scenario described does not represent a real attack, organization, or incident.
STRIKE
Latin America as a Proving Ground: Cybercriminal Innovation and Escalation
The Conti ransomware group, active since late 2019, quickly became one of the most aggressive forces in the world of cybercrime. Known for “big game hunting” and its double-extortion model: stealing data before encrypting systems, Conti targeted major institutions in healthcare, education, and infrastructure.
Blog
Critical Update: What Security Leaders Need to Know Right Now About the Future of CISA and Threat Sharing
Discover how the expiration of the Cybersecurity Information Sharing Act (CISA 2015) disrupted threat intelligence, weakened national security, and widened AI-driven attack gaps. SecurityScorecard’s Mike Centrella and Dr. Aleksandr Yampolskiy explain what’s at stake as the January 2026 deadline nears amid a potential government shutdown.
Blog
What is a Parked Domain?
Learn what is a parked domain, why people park domains, and the security risks they create. Discover how to protect your attack surface from hidden threats.
Blog
Cyber Resilience in 2026: Why Supply Chains Are the New Front Line
The World Economic Forum’s Global Cybersecurity Outlook 2026 delivers a clear message for leaders across government and industry: cyber risk no longer lives inside the firewall.
Research
How to Prepare for Hong Kong’s Protection of Critical Infrastructure Bill in 2026
Hong Kong’s Protection of Critical Infrastructures Bill, effective January 1, 2026, introduces a comprehensive cybersecurity framework to safeguard essential services and strengthen national resilience. The legislation mandates operator-level accountability for both internal systems and external dependencies, including cloud platforms, managed services, and third-party vendors. Non-compliance carries severe financial penalties, emphasizing the need for structured governance and continuous oversight.
Blog
What Is a Brute Force Attack and How to Prevent It
What is a brute force attack, how attackers use password cracking methods to gain access, and proven strategies to protect yourself.
Blog
What is SOX Compliance?
Discover how SOX compliance protects financial reporting through internal controls, audits, and cybersecurity measures for public companies.
Blog
What Is Data Leakage
Data leakage occurs when sensitive information escapes an organization’s control, whether due to employee mistakes, software vulnerabilities, or intentional theft.
Resources
Tens of thousands more ASUS routers pwned by suspected, evolving China operation
Learn more in this resource.
STRIKE News
Blog
What is API Security?
Learn what API security is, common vulnerabilities like broken authentication, and essential techniques to protect your APIs from evolving threats.