Cybersecurity white papers, data sheets, webinars, videos and more

Webinars

Being Proactive with Security: Web Application Penetration Testing

Learn more in this resource.

Webinars

Live Attack Simulation: Uncover Ransomware in Real-Time [#2]

Learn more in this resource.

Data Sheet

Incident Response Tabletop Exercise

SecurityScorecard’s Incident Response (IR) Tabletop Exercise tests your team’s cyber readiness against a real world cyber incident. Using a scenario-based methodology, teams can practice their skills and identify gaps in your incident response plan so you can strengthen and sharpen your response time and readiness.

Services

Research

Expand Your Vendor Intelligence To Identify Active Threats

Research by Ponemon Institute reports that 59% of survey respondents haveconfirmed that their organization has experienced a data breach caused byone of their third parties, with 54% of the incidents occurring in the past12 months. What is more alarming is that only 34% of organizations areconfident their suppliers would notify them of a breach that couldput their business at risk. As the global attack surface continuesto expand, it’s more important than ever to tighten and matureThird- Party Risk Management (TPRM) programs, alsoreferred to as Vendor Risk Management. Staying ahead ofweaponized vulnerabilities and threat actors targetingyour vendors’ assets decreases the chances of acyber disruption to your organization.

Attack Surface Management

Cyber Threat Intelligence

Enterprise Cyber Risk

Press

SecurityScorecard Added to the Department of Homeland Security’s Continuous Diagnostics and Mitigation Program’s Approved Products List (CDM APL)

SecurityScorecard’s Attack Surface Intelligence Solution is now available to federal agencies looking to enhance threat monitoring and detection.

Public Sector

Webinars

Being Proactive with Security: Processes for a More Cyber Resilient Organization

Learn more in this resource.

Webinars

Close Encounters of the Third (and Fourth) Party Kind

Learn more in this resource.

Ebook

Boards are from Mars, CISOs are from Venus

Learn more in this resource.

Research

A Deep Dive Into A Posh C2 Implant

PoshC2 is an open-source C2 framework used by penetration testers and threat actors. It can generate a Powershell-based implant, a C#.NET implant that we analyze in this paper, and a Python3 implant.

Press

SecurityScorecard Announces Significant Momentum in 2022, Growing by 49%

SecurityScorecard now delivers Security Ratings, Response, and Resilience Solutions and Services to 73% of Fortune 100 organizations.

Research

ESXiArgs Ransomware Campaign Targets VMWare ESXi Vulnerability

Executive Summary On February 3, European hosting providers and computer emergency response teams (CERTs) began warning of a widespread ransomware campaign exploiting CVE-2021-21974, a VMWare ESXi vulnerability for which a patch has been available since February 2021. Shortly after the warnings’ publication, SecurityScorecard developed an emergency informational… Read More

Cyber Threat Intelligence

Research

Ransomware Attack Against U.S. Public Housing Authority Linked to Previous Attacks

Executive Summary On January 3, local media reported that a major U.S. city’s housing authority had suffered a ransomware attack. The LockBit ransomware group, which has made false claims in the past, took responsibility for the incident. As of this publication, the housing authority has announced a disruption, but… Read More

Cyber Threat Intelligence

Public Sector

Webinars

How brokers and MSSPs partner to reduce cyber risk and enhance cyber hygiene

Learn more in this resource.

Cyber Insurance

Webinars

How brokers and MSSPs partner to reduce cyber risk and enhance cyber hygiene

Learn more in this resource.

Cyber Insurance

Blog

SecurityScorecard releases list of Killnet open proxy IP addresses

In the wake of Killnet’s latest DDoS attack on U.S. hospitals on January 30, SecurityScorecard has made its KillNet open proxy IP blocklist available to the public. This list is the product of the SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) Team’s ongoing research into KillNet. We released this list to help organizations better defend themselves against KillNet and other groups like it by preventing traffic from exploitable assets. In this blog, we’ll explain how we developed this proxy list and our recommendations for preventing DDos attacks.

Cyber Threat Intelligence

Research

A Detailed Analysis Of A New Stealer Called Stealerium

Learn more in this resource.

Research

Cyentia Institute and SecurityScorecard Research Report: Close Encounters of the Third (and Fourth) Party Kind

Learn more in this resource.

Blog

Close Encounters of the Third- (and Fourth-) Party Kind: The Blog

Let’s dive deeper into some other insights that help us understand the true extent of exposure from third- and fourth-party relationships.

Supply Chain Cyber Risk

Press

SecurityScorecard Research Shows 98% of Organizations Globally Have Relationships With At Least One Breached Third-Party

In collaboration with The Cyentia Institute, SecurityScorecard research finds 98% of organizations have vendor relationships with at least one third-party that has experienced a breach in the last two years.

Research

Close Encounters Of The Third And Fourth Party Kind

Learn more in this resource.

事例

大学共同利用機関法人 自然科学研究機構 岡崎3機関

株式会社ネットワークバリューコンポネンツによる導入事例

Japanese