Resources

Learning Center
The Role of Cybersecurity in Enterprise Risk Management (ERM)
February 13, 2025
An enterprise risk management program should include a cybersecurity element so organizations can identify relationships between risk and impact across its ecosystem.
More Details
Tech Center
Blog, Learning Center
Vendor Risk Assessment Template
February 13, 2025
You can’t completely eliminate vendor risk, but you can manage it. Learn how to create a vendor risk assessment template with SecurityScorecard.
More Details
Tech Center
Research
Lazarus Group is Infecting Open-Source Code. Are You at Risk?
February 13, 2025
North Korea’s Lazarus Group is hiding malware inside GitHub repositories and NPM packages, compromising developers and cryptocurrency platforms. Their targets: your code, your wallets, your users.
More Details
STRIKE Team
Blog
Lazarus Group Targets Developers Through NPM Packages and Supply Chain Attacks
February 13, 2025
North Korea’s Lazarus Group is evolving its tactics again. The latest campaign, dubbed Operation Marstech Mayhem, introduces an advanced implant named "Marstech1."
More Details
STRIKE Team
Webinar
Breaking Silos with SCDR: How SOCs & TPRM Teams Drive Integrated Cyber Strategies
February 11, 2025More Details
SCDR
Blog
A Deep Peek at DeepSeek
February 10, 2025
DeepSeek’s rapid ascent in the AI space has made it impossible to ignore. Its sophisticated models and AI assistant have captured global attention. And, while headlines focus on DeepSeek’s capabilities, STRIKE research exposes critical security flaws, hidden data flows, and unanswered questions about who has access to the data and why.
More Details
STRIKE Team
Press
SecurityScorecard Reaffirms FedRAMP and Achieves StateRAMP Ready Status
February 10, 2025
U.S. federal, state and local agencies to adopt SecurityScorecard SCDR to secure supply chains with confidence
More Details
Research
Insurance Carriers Face Unprecedented Supply Chain Cyber Threats
February 6, 2025
SecurityScorecard's analysis of 150 leading insurance companies exposes a critical weakness: even carriers with robust security are being compromised through their supply chain partners. Our data reveals that threat actors are deliberately exploiting lower-scoring vendors to breach otherwise well-defended insurance organizations.
More Details
Press
SecurityScorecard Report: 59% of Breaches Impacting Insurance Sector Caused by Third-Party Attack Vectors
February 6, 2025
Report highlights need to address third-party risks as cybersecurity gaps threaten critical services and policyholder trust.
More Details
Blog
Third-Party Risk Management Framework: How to Select the Right One
February 4, 2025
Third parties come with significant cyber security risks. Learn how to select the right risk management framework.
More Details
Blog
Beyond the Perimeter: Why CISOs Need Supply Chain Detection and Response
February 4, 2025
Organizations rely heavily on external vendors and suppliers, creating complex supply chains vital for operations. However, this introduces a new dimension of risk: supply chain attacks. SCDR is a comprehensive security framework that focuses on identifying, assessing, and responding to threats within the supply chain.
More Details
SCDR, Supply Chain Cyber Risk
Case Study
Verdane
February 4, 2025
How Verdane improved investment decisions and portfolio company cyber support using SecurityScorecard.
More Details