New Attack Surface Intelligence module and Cyber Risk Intelligence service empower security teams to stay ahead of threat actors with contextualized and tailored intelligence
26/10/2022 — NEW YORK — (BUSINESS WIRE)
SecurityScorecard, the global leader in cybersecurity ratings, today announced the launch of two cyber threat intelligence solutions to deliver an unrivaled view of organizations’ global cyber risk exposure. These new offerings, Attack Surface Intelligence (ASI) and Cyber Risk Intelligence (CRI), provide security teams with contextual intelligence, summarized views, and enriched remediations that are understandable and actionable from practitioner to the board room.
“Adding sophisticated cyber and attack surface intelligence is a natural progression for our customers’ security programs,” said Simon Hunt, chief product officer of SecurityScorecard. “Our robust contextualized and attribution intelligence, built by expert cyber threat researchers, has powered our security ratings for over a decade and, combined with the services of our intelligence team, enables customers who want to go deeper and have greater visibility to understand the ‘why’ and ‘how’ of even the most complex threats.”
Attack Surface Intelligence (ASI)
SecurityScorecard’s Attack Surface Intelligence empowers users with a search engine built within the SecurityScorecard ratings platform to help them identify, contextualize, and prioritize critical threats across their global attack surface. This allows customers to understand the adversary’s next steps, confidently make informed decisions, and reduce disruption. The solution solves for a number of critical challenges that cybersecurity teams are tackling today, including:
- Threat Investigations: Consolidate existing intelligence sources to gain the contextual information behind threats, vulnerabilities, leaked credentials, and more through API or in-platform use.
- Vendor Risk Management: Enhance your view of threats and critical vulnerabilities that impact your supply chain security.
- M&A Due Diligence: Quickly validate the security posture and risks associated with your merger & acquisition (M&A) targets.
- Cyber Insurance Policy Holder Reviews: Identify active threats and risks associated with your policy holders.
- Regulators and government agencies: Monitor active threats at the national and geographic level, protect critical infrastructure, and essential services.
Cyber Risk Intelligence (CRI)
Delivered by the SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) team, the Cyber Risk Intelligence service leverages the power of expert-led, human analysis coupled with deep intelligence sources, including ASI, to provide organizations with clarity and tailored advice on mitigation controls. With CRI, organizations can arm their threat intelligence teams with board-ready reports to proactively inform strategic decision-makers and prioritize risk controls.
CRI includes two offerings:
- CRI Core proactively illuminates an organization’s risk exposure to external cyber threats that aren’t detected by internal security controls, including leaked credentials, imposter domains, hacker chatter, and signs of advanced persistent threats (APT) reconnaissance.
- CRI’s Custom Investigations enables organizations to partner with SecurityScorecard’s STRIKE Team to meet their threat intelligence needs. Examples of custom investigations include malicious email analysis, leaked data and code discovery, malware analysis, investigation of cyber bullying, hacktivism, botnet tracking, and more.
SecurityScorecard’s STRIKE team is the company’s elite team of cybersecurity experts who have more than 100 years of collective experience in cybersecurity investigations and research. STRIKE Team members have varying backgrounds and experiences working with intelligence services, special operations units, and Fortune 50 cyber threat intelligence teams.
“The combination of CRI and ASI provide a critical advantage for organizations looking to constantly stay one step ahead of threat actors,” said Ryan Sherstobitoff, senior vice president of Threat Research and Intelligence at SecurityScorecard. “By partnering with SecurityScorecard’s STRIKE team, organizations will have an extension of their threat intelligence teams, and significantly reduce their cyber risk while better defending their networks from active and emerging threats.”
ASI gives customers access to SecurityScorecard’s industry-trusted and robust data lakes to investigate threats. CRI layers in unparalleled research and analysis by SecurityScorecard’s STRIKE team to help meet specific needs and inform the business of critical threats that could negatively impact operations and brand reputation.
For more information on ASI and CRI solutions, please visit: https://securityscorecard.com/
Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard’s patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard is the first cybersecurity ratings company to offer digital forensics and incident response services, providing a 360-degree approach to security prevention and response for its worldwide customer and partner base. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.