Resources
Cybersecurity white papers, data sheets, webinars, videos and more
Resource Library
Data Sheet
Your cybersecurity journey begins with trust
The Trust Portal serves as a single source of truth when looking for answers to questions about the validity and accuracy of our ratings, scoring methodology and data collection processes, and how we comply with industry standards and regulations.
Security Ratings
Data Sheet
Discover what customers love about SecurityScorecard
Read how organizations use the SecurityScorecard platform to fit their specific needs, while improving visibility, and saving time and resources.
Security Ratings
Ebook
5 Tips To Know You Are Using Data You Can Trust
Organizations need to trust their data and be confident that their customers, clients, and vendors can trust it as well. This means knowing that it’s accurate, reliable, and secure. How can this be accomplished?
Ebook
4 Factors To Consider When Evaluating A Cybersecurity Partner
How should you evaluate a partner you work with? This guide can help you make informed choices about business partners.
Data Sheet
Zero-Day as-a-Service (ZDaaS)
Your Ultimate Defense Against Zero Days Zero-Day Vulnerability Identification: Our ROC analysts leverage SecurityScorecard signals and threat intelligence to identify active zero day exploits as they develop. Vendor Assessment for Potential Impact: Targeted vendors within your third and fourth-party ecosystem are assessed for potential impact to an announced zero day vulnerability/ critical CVE. Zero-Day Reports: Our comprehensive reports provide precise recommendations to counter identified zero day vulnerabilities/ critical CVEs and solidify your cybersecurity defenses. Detailed findings, outputs, and score improvement planning Zero-day vulnerabilities are unseen, undetectable risks, waiting to exploit gaps in your IT environment and supply chain ecosystem. Your team can do everything right and still be breached due to a zero day critical vulnerability.
Professional Services
Services
Webinars
Customer Insights Webinar: Learn More About Our APIs
Learn more in this resource.
Webinars
Customer Insights Webinar: Explore our Marketplace
Learn more in this resource.
Webinars
Threat Exposure Management: A Proactive Approach for Security Leaders
Learn more in this resource.
Webinars
Vendor Risk Management: How to go from Spreadsheet to Automation
Learn more in this resource.
Research
SecurityScorecard Analysis of Traffic Involving Storm-0558 IoCs
On July 11th, 2023, Microsoftdisclosed that a threat actor hadobtained a Microsoft private encryption key that allowed attackersto generate tokens enabling accessto customers’ Exchange Online andOutlook[.]com accounts.Subsequent research found that thecompromised key could have grantedaccess to a wider variety of applications including Azure Active Directory,SharePoint, Teams, and OneDrive.
Blog
6 Myths About Cybersecurity Ratings (and 1 Truth): The Current State Of The Cybersecurity Ratings Industry And Where It Can Improve
Cybersecurity ratings are a valuable asset in defending your organization. Learn about popular cybersecurity myths and what security ratings can do for you.
Security Ratings
Research
A technical analysis of the Underground ransomware deployed by Storm-0978
Executive summary The Underground ransomware is the successor of the Industrial Spy ransomware and was deployed by a threat actor called Storm-0978. The malware stops a target service, deletes the Volume Shadow Copies, and clears all Windows event logs. The files are encrypted using the 3DES algorithm, with the… Read More
Data Sheet
Cyber Resilience Services
Learn more in this resource.
Services
Blog
Top 5 Security Vulnerabilities of 2023
Why 2023 is a year of ‘digital forest fires’: New Attack Surface Intelligence Research from SecurityScorecard 2023 is a year of “digital forest fires.” The MOVEit and the Barracuda Networks’ email supply chain attacks underscore the massive butterfly effect a single software flaw can have on the threat landscape. Supply… Read More
Cyber Threat Intelligence
Supply Chain Cyber Risk
Press
SecurityScorecard Launches Managed Cyber Risk Services to Mitigate Zero-Day and Critical Supply Chain Vulnerabilities
Cybersecurity experts operationalize third- and fourth-party cyber risk management, drive action with security ratings, and mitigate global supply chain risk. News Summary Customers save time, gain resources, and streamline vendor compliance Powered by SecurityScorecard technology, data, and SOC analysts Cybersecurity veteran and former Mandiant leader joins as Senior Vice President… Read More
Data Sheet
Managed Cyber Risk Services
Learn more in this resource.
Services
Research
Cybersecurity and Executive (dis)Orders: Cognitive and Systemic Risk in the Boardroom
This Board Risk Report focuses on what boards of directors can do to understand the nature of cognitive and systemic risk, their impact at the board level, better understand the unique dimensions of cyber risk, and understand emerging principles for modern cybersecurity governance
Data Sheet
Attack Surface Intelligence Final
Learn more in this resource.
Attack Surface Management
Blog
3 Takeaways: New SEC Cyber Risk Disclosure Rules
Blog: New rules require a detailed assessment of supply chain and organizational resilience
Services
Press
SecurityScorecard Research Reveals 78% of Europe’s Largest Financial Institutions Experienced a Third-Party Breach in the Past Year
Financial service organizations face uphill battle to comply with Digital Operational Resilience Act (DORA) required by January 2025.
Data Sheet
How To Prepare For The Digital Operational Resilience Act (DORA)
The Digital Operational Resilience Act (DORA) is a pivotal piece of legislation aimed at strengthening the digital resilience of regulated financial entities in the European Union, including: credit institutions, investment firms, insurers, and more. Included in DORA are five key pillars that will shape how these organizations manage Information and Communication technology (ICT) and cyber risks.
DORA
Security Ratings
Third-Party Risk Management