SecurityScorecard Platform Enhancements Enable Customers to Manage and Reduce Cyber ​​Risk

SecurityScorecard has unveiled key enhancements to its holistic risk intelligence platform, enabling teams to identify blind spots, visualize and quantify risk, and optimize response workflows.

In addition to four new modules, with early access customers, that provide a 360-degree view of cyber risk, the expansion includes a suite of professional services, 30 new features and integrations, and three new training courses. cybersecurity offered by SecurityScorecard Academy which collectively enables security managers to visualize, prevent and respond to risks.

The new offerings address key concerns of security leaders, including articulating the security agenda at the board level and strengthening their organization’s cybersecurity knowledge.

“SecurityScorecard’s cybersecurity assessments are indispensable for customers who need an easy way to visualize threats, communicate risks, and act decisively,” said Aleksandr Yampolskiy, co-founder and CEO of SecurityScorecard. . “Our new products and services now help customers move from knowing to solving. Security leaders can take a proactive approach to risk intelligence and report more effectively to their board of directors. »

With the four new SecurityScorecard modules, customers can now move from reactive to proactive risk intelligence:

  • Attack Surface Intelligence (ASI) provides visibility into IP, network, domain, or vendor attack surface risk data, all in a single window. This actionable, in-depth threat intelligence helps customers identify all of an organization’s connected assets, expose previously unknown threats, conduct large-scale investigations, and prioritize vendor remediation.
  • Internal Security Suite (ISS) easily integrates with existing internal security solutions to provide an easy-to-understand AF score and an internal view of an organization’s cyber risk indicators, including AWS cloud infrastructure configurations.
  • Automatic Vendor Detection (AVD) continuously discovers and monitors the cyber hygiene of an organization’s entire digital supply chain, giving customers a complete and automatic view of their third-party and fourth-party supplier risk.
  • Cyber ​​Risk Quantification (CRQ) shows customers the financial impact of a potential cyberattack, the likelihood of an attack or incident over time, and the reduction in expected losses if they fix vulnerabilities that have arisen in the platform.

“Early on, we knew eWorkOrders needed strong security and a strong risk management plan, but over time we had to evolve into a risk intelligence program,” said Jeff Roscher, CEO and president of eWorkOrders. “That meant using SecurityScorecard’s platform to improve on what we were already implementing, identify new threats, and immediately make the necessary changes to ensure our platform is the most secure in the industry.”

Recognizing that organizations need to have the right people, processes and technology in place, SecurityScorecard now offers a suite of professional services to help prevent attacks and respond immediately with a team of 24/7 Digital Forensic Incident Response (DFIR) experts.

SecurityScorecard professional services include:

  • Cyber ​​Risk Intelligence as a Service provides organizations with a personalized view of their ever-changing cyber risk posture and includes detailed reports with actionable next steps.
  • Third Party Risk Management Program (TPRM) includes workshops and custom roadmaps to help organizations mature their programs.
  • Table exercises help test your team’s cyber readiness for an actual cyber incident by practicing incident response scenarios.
  • Penetration Testing and Red Team Exercises hire secret teams of ethical hackers to identify weaknesses.
  • Digital forensics collect, preserve and analyze digital evidence when responding to an incident, whether it’s an insider threat situation or a nation-state attack. Our team of experts regularly testifies in court and works with law enforcement.
  • Incident Response support is available 24/7 and on-site during a crisis to help contain the attack, identify the threat actor and move safely into the eradication phase.

“These product announcements are both very one-time and, in my view, represent overall growth for SecurityScorecard,” said Chris Kissel, IDC Research Director, Cloud-native XDR and Tier 2 SOC Analytics. “The tools and technologies that SecurityScorecard uses to compile risk assessments for companies and individual compartments translate well to these new products and use cases. The traditional idea of ​​defense in depth is giving way to an attacker’s view of the network and how to mitigate their likely steps of intrusion.

To meet the needs of security managers for cybersecurity training for their teams, SecurityScorecard Academy, which offers certification courses and security training completion badges, has introduced three new courses: Cybersecurity in the conference, cybersecurity insurance strategies and self-monitoring with SecurityScorecard.