Resources

Cybersecurity white papers, data sheets, webinars, videos and more

Resource Library

5 Steps to Avoid Cyber Incident

Ebook

5 Steps to Avoid Cyber Incident
According to a recent Gartner report, by 2025, a lack of talent or human failure will be responsible for over half of significant cyber incidents. And with the average cost of a data breach now at $4.35 million, it’s time for organizations to take proactive measures to protect themselves against cyber threats. This ebook was written with experts from SecurityScorecard’s Digital Forensics and Incident Response team, who have decades of experience working with companies to respond to cyber incidents. Here, these experts provide practical guidance for protecting your organization against cyber threats and mitigating their associated risks for CEOs and CISOs.
Cyber Insurance
SecurityScorecard Partners with The International Legal Technology Association (ILTA) to Create a Cyber Resilient Legal Community

Press

SecurityScorecard Partners with The International Legal Technology Association (ILTA) to Create a Cyber Resilient Legal Community
SecurityScorecard provides 25,000 ILTA members with 360-degree view of cyber risk exposure.
Cyber Insurance
SecurityScorecard Partners with The International Legal Technology Association (ILTA) to Create a Cyber Resilient Legal Community

Press

SecurityScorecard Partners with The International Legal Technology Association (ILTA) to Create a Cyber Resilient Legal Community
SecurityScorecard provides 25,000 ILTA members with 360-degree view of cyber risk exposure.
Cyber Insurance
ESXi Ransomware  A Case Study Of Royal Ransomware

Research

ESXi Ransomware A Case Study Of Royal Ransomware
Learn more in this resource.
SecurityScorecard Named to Fast Company’s Annual List of the World’s Most Innovative Companies for 2023

Press

SecurityScorecard Named to Fast Company’s Annual List of the World’s Most Innovative Companies for 2023
SecurityScorecard joins the ranks of Disney, Tiffany & Co., and others.
Being Proactive with Security: Web Application Penetration Testing

Webinars

Being Proactive with Security: Web Application Penetration Testing
Learn more in this resource.
Live Attack Simulation: Uncover Ransomware in Real-Time [#2]

Webinars

Live Attack Simulation: Uncover Ransomware in Real-Time [#2]
Learn more in this resource.
Incident Response Tabletop Exercise

Data Sheet

Incident Response Tabletop Exercise
SecurityScorecard’s Incident Response (IR) Tabletop Exercise tests your team’s cyber readiness against a real world cyber incident. Using a scenario-based methodology, teams can practice their skills and identify gaps in your incident response plan so you can strengthen and sharpen your response time and readiness.
Services
Expand Your Vendor Intelligence To Identify Active Threats

Research

Expand Your Vendor Intelligence To Identify Active Threats
Research by Ponemon Institute reports that 59% of survey respondents haveconfirmed that their organization has experienced a data breach caused byone of their third parties, with 54% of the incidents occurring in the past12 months. What is more alarming is that only 34% of organizations areconfident their suppliers would notify them of a breach that couldput their business at risk. As the global attack surface continuesto expand, it’s more important than ever to tighten and matureThird- Party Risk Management (TPRM) programs, alsoreferred to as Vendor Risk Management. Staying ahead ofweaponized vulnerabilities and threat actors targetingyour vendors’ assets decreases the chances of acyber disruption to your organization.
Attack Surface Management
Cyber Threat Intelligence
Enterprise Cyber Risk
SecurityScorecard Added to the Department of Homeland Security’s Continuous Diagnostics and Mitigation Program’s Approved Products List (CDM APL)

Press

SecurityScorecard Added to the Department of Homeland Security’s Continuous Diagnostics and Mitigation Program’s Approved Products List (CDM APL)
SecurityScorecard’s Attack Surface Intelligence Solution is now available to federal agencies looking to enhance threat monitoring and detection.
Public Sector
Being Proactive with Security: Processes for a More Cyber Resilient Organization

Webinars

Being Proactive with Security: Processes for a More Cyber Resilient Organization
Learn more in this resource.
Close Encounters of the Third (and Fourth) Party Kind

Webinars

Close Encounters of the Third (and Fourth) Party Kind
Learn more in this resource.
Boards are from Mars, CISOs are from Venus

Ebook

Boards are from Mars, CISOs are from Venus
Learn more in this resource.
A Deep Dive Into A Posh C2 Implant

Research

A Deep Dive Into A Posh C2 Implant
PoshC2 is an open-source C2 framework used by penetration testers and threat actors. It can generate a Powershell-based implant, a C#.NET implant that we analyze in this paper, and a Python3 implant.
SecurityScorecard Announces Significant Momentum in 2022, Growing by 49%

Press

SecurityScorecard Announces Significant Momentum in 2022, Growing by 49%
SecurityScorecard now delivers Security Ratings, Response, and Resilience Solutions and Services to 73% of Fortune 100 organizations.
ESXiArgs Ransomware Campaign Targets VMWare ESXi Vulnerability

Research

ESXiArgs Ransomware Campaign Targets VMWare ESXi Vulnerability
Executive Summary On February 3, European hosting providers and computer emergency response teams (CERTs) began warning of a widespread ransomware campaign exploiting CVE-2021-21974, a VMWare ESXi vulnerability for which a patch has been available since February 2021. Shortly after the warnings’ publication, SecurityScorecard developed an emergency informational… Read More
Cyber Threat Intelligence
Ransomware Attack Against U.S. Public Housing Authority Linked to Previous Attacks

Research

Ransomware Attack Against U.S. Public Housing Authority Linked to Previous Attacks
Executive Summary On January 3, local media reported that a major U.S. city’s housing authority had suffered a ransomware attack. The LockBit ransomware group, which has made false claims in the past, took responsibility for the incident. As of this publication, the housing authority has announced a disruption, but… Read More
Cyber Threat Intelligence
Public Sector
How brokers and MSSPs partner to reduce cyber risk and enhance cyber hygiene

Webinars

How brokers and MSSPs partner to reduce cyber risk and enhance cyber hygiene
Learn more in this resource.
Cyber Insurance
How brokers and MSSPs partner to reduce cyber risk and enhance cyber hygiene

Webinars

How brokers and MSSPs partner to reduce cyber risk and enhance cyber hygiene
Learn more in this resource.
Cyber Insurance
SecurityScorecard releases list of Killnet open proxy IP addresses

Blog

SecurityScorecard releases list of Killnet open proxy IP addresses
In the wake of Killnet’s latest DDoS attack on U.S. hospitals on January 30, SecurityScorecard has made its KillNet open proxy IP blocklist available to the public. This list is the product of the SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) Team’s ongoing research into KillNet. We released this list to help organizations better defend themselves against KillNet and other groups like it by preventing traffic from exploitable assets. In this blog, we’ll explain how we developed this proxy list and our recommendations for preventing DDos attacks.
Cyber Threat Intelligence
A Detailed Analysis Of A New Stealer Called Stealerium

Research

A Detailed Analysis Of A New Stealer Called Stealerium
Learn more in this resource.