Attack Surface Intelligence (ASI)
SecurityScorecard’s Attack Surface Intelligence empowers users with a search engine built within the SecurityScorecard ratings platform to help them identify, contextualize, and prioritize critical threats across their global attack surface. This allows customers to understand the adversary’s next steps, confidently make informed decisions, and reduce disruption. The solution solves for a number of critical challenges that cybersecurity teams are tackling today, including:
- Threat Investigations: Consolidate existing intelligence sources to gain the contextual information behind threats, vulnerabilities, leaked credentials, and more through API or in-platform use.
- Vendor Risk Management: Enhance your view of threats and critical vulnerabilities that impact your supply chain security.
- M&A Due Diligence: Quickly validate the security posture and risks associated with your merger & acquisition (M&A) targets.
- Cyber Insurance Policy Holder Reviews: Identify active threats and risks associated with your policy holders.
- Regulators and government agencies: Monitor active threats at the national and geographic level, protect critical infrastructure, and essential services.
Cyber Risk Intelligence (CRI)
Delivered by the SecurityScorecard Threat Research, Intelligence, Knowledge, and Engagement (STRIKE) team, the Cyber Risk Intelligence service leverages the power of expert-led, human analysis coupled with deep intelligence sources, including ASI, to provide organizations with clarity and tailored advice on mitigation controls. With CRI, organizations can arm their threat intelligence teams with board-ready reports to proactively inform strategic decision-makers and prioritize risk controls.
CRI includes two offerings:
- CRI Core proactively illuminates an organization’s risk exposure to external cyber threats that aren’t detected by internal security controls, including leaked credentials, imposter domains, hacker chatter, and signs of advanced persistent threats (APT) reconnaissance.
- CRI’s Custom Investigations enables organizations to partner with SecurityScorecard’s STRIKE Team to meet their threat intelligence needs. Examples of custom investigations include malicious email analysis, leaked data and code discovery, malware analysis, investigation of cyber bullying, hacktivism, botnet tracking, and more.
SecurityScorecard’s STRIKE team is the company’s elite team of cybersecurity experts who have more than 100 years of collective experience in cybersecurity investigations and research. STRIKE Team members have varying backgrounds and experiences working with intelligence services, special operations units, and Fortune 50 cyber threat intelligence teams.
“The combination of CRI and ASI provide a critical advantage for organizations looking to constantly stay one step ahead of threat actors,” said Ryan Sherstobitoff, senior vice president of Threat Research and Intelligence at SecurityScorecard. “By partnering with SecurityScorecard’s STRIKE team, organizations will have an extension of their threat intelligence teams, and significantly reduce their cyber risk while better defending their networks from active and emerging threats.”
ASI gives customers access to SecurityScorecard’s industry-trusted and robust data lakes to investigate threats. CRI layers in unparalleled research and analysis by SecurityScorecard’s STRIKE team to help meet specific needs and inform the business of critical threats that could negatively impact operations and brand reputation.