SecurityScorecard is primarily used for supply chain risk management.
SecurityScorecard
SecurityScorecardExternal reviews
98 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Enhance vendor risk management with comprehensive analysis
What is our primary use case?
How has it helped my organization?
The product is included in our portfolio as we are a cybersecurity distributor.
What is most valuable?
The features customers are most interested in are third and fourth-party vendor analysis and questionnaires.
For how long have I used the solution?
The product got onboarded a couple of months ago.
What do I think about the stability of the solution?
No one complained about the stability.
What do I think about the scalability of the solution?
The ones that tried it liked it, although some wanted a different solution.
How was the initial setup?
The initial setup takes just a couple of days and doesn't require any installation.
What other advice do I have?
I'd rate the solution eight out of ten.
Comprehensive Security Monitoring Made Easy
What do you like best about the product?
SecurityScorecard provides a user-friendly platform that offers valuable insights into our cybersecurity posture. The ability to monitor our own and third-party vendors' security ratings helps us proactively address potential risks
What do you dislike about the product?
While SecurityScorecard provides valuable insights, some of the alerts can be too frequent or lack specificity, leading to alert fatigue. Additionally, the pricing structure may not be cost-effective for smaller organizations with tight budgets
What problems is the product solving and how is that benefiting you?
SecurityScorecard helps us manage third-party risks by providing visibility into the security posture of our vendors. This proactive monitoring allows us to identify and address potential risks before they become critical issues, thereby strengthening our overall cybersecurity strategy. Additionally, the platform supports compliance efforts by offering insights and reports that align with various regulatory standards
The most valuable feature is the ability to identify if third parties or vendors have digital threats that may impact our company
What is our primary use case?
SecurityScorecard performs deep analysis over the exposed view of data. It creates an external IT assessment of the company in terms of domain and vendor reports. Essentially, it scans the company's landscape, trying to find vulnerabilities and exposed data that may cause digital risks.
What is most valuable?
With SecurityScorecard, the most valuable feature is the ability to identify if third parties or vendors have digital threats that may impact our company. It also scans all internal domains and IPs to find vulnerabilities in the digital landscape. The continuous monitoring capabilities have been beneficial by providing ongoing assessments of potential risks.
What needs improvement?
The pricing of the product needs improvement in Brazil.
For how long have I used the solution?
I have been using SecurityScorecard for the past year.
What do I think about the stability of the solution?
As for stability, it's 99.99% stable.
What do I think about the scalability of the solution?
The scalability of SecurityScorecard is really easy. If the user starts with twenty domains and needs to double, it's already in the platform one just needs to flag a button.
How are customer service and support?
They work pretty fast and have full knowledge of the solution. Personally, I've never had a problem with them. Sometimes there's a little delay because they need to investigate further, but overall, I'm pleased with their support.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup of SecurityScorecard is very easy because it's a SaaS solution. Deployment time depends on the number of companies to be monitored; for fifteen to thirty companies, it might take two or three days, or up to a week.
The vendor helps users deploy the solution and set up functionalities, making it straightforward. Usually, three to four people are involved. The vendor assigns a Customer Success Manager to the end user, who acts as the focal point for support, new questions, and functionalities.
What about the implementation team?
What was our ROI?
The best ROI with SecurityScorecard is when the end user identifies that their vendors or third parties have digital threats that need to be addressed promptly. Preventing digital threats and data leakage from vendors and partners is the best ROI.
What's my experience with pricing, setup cost, and licensing?
The pricing of SecurityScorecard is fair. I would rate it a seven. It's a bit more on the expensive side. In Brazil, for example, making a payment to the vendor involves wire transfers and high taxes, making it more expensive. Selling SecurityScorecard or any American vendor's product in the United States is very different from selling in South America or Brazil.
What other advice do I have?
Overall I would rate the solution a nine out of ten.
Insightful data, potential for more reporting
What do you like best about the product?
The data presented is valuable and insightful, it helps to kick starty conversations with vendors regarding their cybersec controls. There are plenty of features to gather data, evidence and contact with Vendors to understand their infosec posture.
What do you dislike about the product?
There is room to improve further the autoamted reporting capabilities.
What problems is the product solving and how is that benefiting you?
It provides valuable information to strenght the TPRM program.
Very good
What do you like best about the product?
it provides good information abouit our partners.
What do you dislike about the product?
its not easy to find or use. you can not save your work and go back to it.
What problems is the product solving and how is that benefiting you?
contious mnitoring of our vendors
Easy to use and navigate, it's simplicity makes it a good product
What do you like best about the product?
It's easy of use is what makes it good. You can have it deployed and running in no time, as it is hosted. There are many times where your scorecard will already to be ready t go. I have only run into 1-2 times where Security Scorecard did not have a website in its database, and I had to wait for them to go out and fetch it.
What do you dislike about the product?
Could use better inegrations with other systems.
What problems is the product solving and how is that benefiting you?
It gives us an outside view of what the internet sees, allowing us to better identify any security issues we might have.
Scoreard - great product
What do you like best about the product?
Great tool in moniotirng security score for own company and/or third parties. I like the folwing about Scorecard:
- Easy to understand
- Easy to use
- Customer Servie orientation
- Takes feedback to heart
- Allos to try out new features as a pilot
- Easy to understand
- Easy to use
- Customer Servie orientation
- Takes feedback to heart
- Allos to try out new features as a pilot
What do you dislike about the product?
- False positives
- No aggregate scoring for enire Enterprise
- No aggregate scoring for enire Enterprise
What problems is the product solving and how is that benefiting you?
Improving internal processes
Cotinuous monitoring of Third Parties
Cotinuous monitoring of Third Parties
Accurate and pervasive platform - incredible customer service
What do you like best about the product?
Accurate ratings and great customer service.
What do you dislike about the product?
Too much info is available. i find myself running down rabbit holes with a vendor - as if I am one of their network defenders.
What problems is the product solving and how is that benefiting you?
Security Scorecard provides and objective point of view about a company's cyber hygiene posture. It gathers whatever the internet shows, and display the results in terms of threats and specific cyber-hygiene categories. Their service gives us an independent assessment of a vendor - without having to request any information from the vendro.
Security Scorecard adds value to TPRM program
What do you like best about the product?
Security Scorecard adds value when completing vendor assessments and self-monitoring our organization's external facing vulnerabilities.
What do you dislike about the product?
Mis-attribution of vulnerablities to vendor organization's
What problems is the product solving and how is that benefiting you?
Security Scorecard helps streamline the vendor assessment process.
Easy-to-deploy product with good technical support services
What is our primary use case?
The primary use case for SecurityScorecard is to assess and manage third-party cybersecurity risks within organizations.
What needs improvement?
They could improve the process with a questionnaire module for the product. At present, we have to answer multiple questions for the suppliers manually. They could automate functionality to enhance this particular area.
For how long have I used the solution?
We have been using SecurityScorecard for four years.
What do I think about the stability of the solution?
The platform is stable.
How are customer service and support?
The technical support services are good.
How would you rate customer service and support?
Positive
How was the initial setup?
The platform is easy to deploy and maintain.
What was our ROI?
Determining the return on investment (ROI) for SecurityScorecard or similar products can be complex and organization-specific. Measuring ROI in this context involves assessing the tool's effectiveness in mitigating risks and preventing potential breaches. However, it's challenging to quantify the precise impact because successfully addressing vulnerabilities may prevent security incidents that would otherwise go unnoticed. For instance, one of our clients shared a story about discovering their data on the dark web, highlighting the importance of proactive security measures.
While achieving 100% vulnerability mitigation is ideal, it takes time to ascertain how many potential breaches are prevented. Nevertheless, given the increasing reliance on online services and the critical need for robust security measures, the significance of third-party risk management must be balanced. Ultimately, while the ROI of SecurityScorecard may be challenging to measure, its role in enhancing security posture and mitigating potential risks is invaluable in today's digital landscape.
What's my experience with pricing, setup cost, and licensing?
Similar to Barracuda, SecurityScorecard's list price may appear high initially. Even though it's competitive, they offer flexible pricing structures.
What other advice do I have?
Our organization relies on numerous SaaS services for critical business functions, such as CRM and monitoring solutions. In a hypothetical scenario where a security breach occurs in the CRM database, potentially exposing our data and our clients, SecurityScorecard proves invaluable. It provides a security score, typically a percentage, based on extensive data collection from various sources, including the dark web and social networks. Let's say our CRM solution receives a security score of 78%, indicating a relatively safe status according to the information gathered by SecurityScorecard.
One of its most effective features for risk identification is its enterprise-ready automation for third-party risk measurements. Additionally, it provides valuable insights into vulnerabilities within an organization, utilizing tools such as CVE details. For instance, it can assign a score based on vulnerabilities detected, such as 60%, and specify each vulnerability by its identifier. It offers scalability and can handle large volumes of real-time data.
The continuous monitoring feature significantly enhances the ability to manage risks by providing real-time data collection on suppliers. We can observe fluctuations in their security levels over time, sometimes even every month. We can create alerts for high-risk situations, enabling organizations to respond promptly to potential security threats or vulnerabilities identified within their supplier network.
The product's security ratings are helpful. While there may be occasional false positives, it does not function as a scanning solution. Instead, it presents the same information that hackers could potentially exploit.
While I haven't worked with other cybersecurity rating solutions, I can attest to its strengths based on my experience. One notable advantage is their extensive data collection capabilities, surpassing many competitors in the market. They gather a wide range of information, resulting in a vast database that includes many suppliers or companies. It is easy to integrate with other tools.
I rate it a nine out of ten.
showing 21 - 30