SecurityScorecard platform enhancements empower customers to manage and reduce cyber risks

SecurityScorecard unveiled key enhancements to its holistic risk intelligence platform, empowering teams to identify blind spots, visualize and quantify risk, and optimize response workflows.

In addition to four new modules—with customers in early access—that provide a 360-degree view of cyber risk, the expansion includes a suite of Professional Services, 30 new features and integrations, and three new cybersecurity education courses offered through SecurityScorecard Academy that collectively empowers security executives to visualize, prevent, and respond to risks.

The new offerings address top concerns security executives face including articulation of the security program to the board and bolstering their organization’s cybersecurity knowledge.

“SecurityScorecard’s cybersecurity ratings are a must-have for customers that need an easy way to visualize threats, communicate risk and act decisively,” said Aleksandr Yampolskiy, co-founder and CEO, SecurityScorecard. “Our new products and services now help customers go from knowing to solving. Security executives can take a proactive approach to risk intelligence and report to their Board more effectively.”

With SecurityScorecard’s four new modules, customers can now move beyond reactive to proactive risk intelligence:

• Attack Surface Intelligence (ASI) provides visibility into any IP, network, domain, or vendor’s attack surface risk data, all in one pane of glass. This actionable, deep threat intelligence helps customers identify all of an organization’s connected assets, expose previously unknown threats, conduct investigations at scale, and prioritize vendor remediation.
• Internal Security Suite (ISS) easily integrates with existing internal security solutions to provide an easy-to-understand A-F score and internal view of an organization’s cyber risk indicators, including AWS cloud infrastructure configurations.
• Automatic Vendor Detection (AVD) discovers and continuously monitors the cyber hygiene of an organization’s entire digital supply chain, giving customers a complete and automatic view of their third- and fourth-party vendor risk.
• Cyber Risk Quantification (CRQ) shows customers the financial impact of a potential cyber attack, the probability of an attack or incident over time, and the reduction in expected losses if they remediate the vulnerabilities surfaced in the platform.

“From the very beginning, we knew eWorkOrders required tight security and a strong risk management plan, but over time we needed to evolve to a risk intelligence program,” said Jeff Roscher, CEO and president, eWorkOrders. “That meant using SecurityScorecard’s platform to improve what we were already implementing, identify new threats and immediately make the necessary changes to ensure our platform is the safest in the industry.”

Recognizing that organizations must have the appropriate people, processes, and technologies in place, SecurityScorecard now offers a suite of Professional Services to help prevent attacks and respond immediately with a team of 24/7 Digital Forensic Incident Response (DFIR) experts.

SecurityScorecard’s Professional Services include:

• Cyber Risk Intelligence-as-a-Service provides organizations with a tailored view of their constantly changing cyber risk posture and includes detailed reports with actionable next steps.
• Third-Party Risk Management (TPRM) Program includes workshops and customized roadmaps to help organizations mature their programs.
• Tabletop Exercises help test your team’s cyber readiness against a real-world cyber incident by practicing incident response scenarios.
• Penetration Testing and Red Team Exercises engage covert teams of ethical hackers to identify weaknesses.
• Digital Forensics collect, preserve, and analyze digital evidence when responding to an incident, whether that be an insider threat situation or a nation state attack. Our team of experts regularly testify in court and collaborate with law enforcement.
• Incident Response support is available 24/7 and onsite during a crisis to help contain the attack, identify the threat actor, and safely progress to the eradication phase.

“These product announcements are both very much on time, and to my way of thinking, represent holistic growth for SecurityScorecard,” said Chris Kissel, IDC Research Director, Cloud-native XDR and Tier 2 SOC Analytics. “The tools and technologies that SecurityScorecard uses to compile risk ratings for individual companies and compartments convey nicely to these new products and use cases. The traditional idea of defense-in-depth is giving way to an attacker’s view of the network and how to mitigate their likely steps of intrusion.”

To meet security executives need for greater cybersecurity education for their teams, SecurityScorecard Academy—which offers certification courses and security training completion badges—introduced three new courses: Cybersecurity in the Board Room, Cybersecurity Insurance Strategies, and Self-Monitoring with SecurityScorecard.