The primary use case for SecurityScorecard is to assess and manage third-party cybersecurity risks within organizations.
SecurityScorecard
SecurityScorecardReviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
96 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Very good
What do you like best about the product?
it provides good information abouit our partners.
What do you dislike about the product?
its not easy to find or use. you can not save your work and go back to it.
What problems is the product solving and how is that benefiting you?
contious mnitoring of our vendors
Easy to use and navigate, it's simplicity makes it a good product
What do you like best about the product?
It's easy of use is what makes it good. You can have it deployed and running in no time, as it is hosted. There are many times where your scorecard will already to be ready t go. I have only run into 1-2 times where Security Scorecard did not have a website in its database, and I had to wait for them to go out and fetch it.
What do you dislike about the product?
Could use better inegrations with other systems.
What problems is the product solving and how is that benefiting you?
It gives us an outside view of what the internet sees, allowing us to better identify any security issues we might have.
Scoreard - great product
What do you like best about the product?
Great tool in moniotirng security score for own company and/or third parties. I like the folwing about Scorecard:
- Easy to understand
- Easy to use
- Customer Servie orientation
- Takes feedback to heart
- Allos to try out new features as a pilot
- Easy to understand
- Easy to use
- Customer Servie orientation
- Takes feedback to heart
- Allos to try out new features as a pilot
What do you dislike about the product?
- False positives
- No aggregate scoring for enire Enterprise
- No aggregate scoring for enire Enterprise
What problems is the product solving and how is that benefiting you?
Improving internal processes
Cotinuous monitoring of Third Parties
Cotinuous monitoring of Third Parties
Accurate and pervasive platform - incredible customer service
What do you like best about the product?
Accurate ratings and great customer service.
What do you dislike about the product?
Too much info is available. i find myself running down rabbit holes with a vendor - as if I am one of their network defenders.
What problems is the product solving and how is that benefiting you?
Security Scorecard provides and objective point of view about a company's cyber hygiene posture. It gathers whatever the internet shows, and display the results in terms of threats and specific cyber-hygiene categories. Their service gives us an independent assessment of a vendor - without having to request any information from the vendro.
Security Scorecard adds value to TPRM program
What do you like best about the product?
Security Scorecard adds value when completing vendor assessments and self-monitoring our organization's external facing vulnerabilities.
What do you dislike about the product?
Mis-attribution of vulnerablities to vendor organization's
What problems is the product solving and how is that benefiting you?
Security Scorecard helps streamline the vendor assessment process.
Easy-to-deploy product with good technical support services
What is our primary use case?
What needs improvement?
They could improve the process with a questionnaire module for the product. At present, we have to answer multiple questions for the suppliers manually. They could automate functionality to enhance this particular area.
For how long have I used the solution?
We have been using SecurityScorecard for four years.
What do I think about the stability of the solution?
The platform is stable.
How are customer service and support?
The technical support services are good.
How would you rate customer service and support?
Positive
How was the initial setup?
The platform is easy to deploy and maintain.
What was our ROI?
Determining the return on investment (ROI) for SecurityScorecard or similar products can be complex and organization-specific. Measuring ROI in this context involves assessing the tool's effectiveness in mitigating risks and preventing potential breaches. However, it's challenging to quantify the precise impact because successfully addressing vulnerabilities may prevent security incidents that would otherwise go unnoticed. For instance, one of our clients shared a story about discovering their data on the dark web, highlighting the importance of proactive security measures.
While achieving 100% vulnerability mitigation is ideal, it takes time to ascertain how many potential breaches are prevented. Nevertheless, given the increasing reliance on online services and the critical need for robust security measures, the significance of third-party risk management must be balanced. Ultimately, while the ROI of SecurityScorecard may be challenging to measure, its role in enhancing security posture and mitigating potential risks is invaluable in today's digital landscape.
What's my experience with pricing, setup cost, and licensing?
Similar to Barracuda, SecurityScorecard's list price may appear high initially. Even though it's competitive, they offer flexible pricing structures.
What other advice do I have?
Our organization relies on numerous SaaS services for critical business functions, such as CRM and monitoring solutions. In a hypothetical scenario where a security breach occurs in the CRM database, potentially exposing our data and our clients, SecurityScorecard proves invaluable. It provides a security score, typically a percentage, based on extensive data collection from various sources, including the dark web and social networks. Let's say our CRM solution receives a security score of 78%, indicating a relatively safe status according to the information gathered by SecurityScorecard.
One of its most effective features for risk identification is its enterprise-ready automation for third-party risk measurements. Additionally, it provides valuable insights into vulnerabilities within an organization, utilizing tools such as CVE details. For instance, it can assign a score based on vulnerabilities detected, such as 60%, and specify each vulnerability by its identifier. It offers scalability and can handle large volumes of real-time data.
The continuous monitoring feature significantly enhances the ability to manage risks by providing real-time data collection on suppliers. We can observe fluctuations in their security levels over time, sometimes even every month. We can create alerts for high-risk situations, enabling organizations to respond promptly to potential security threats or vulnerabilities identified within their supplier network.
The product's security ratings are helpful. While there may be occasional false positives, it does not function as a scanning solution. Instead, it presents the same information that hackers could potentially exploit.
While I haven't worked with other cybersecurity rating solutions, I can attest to its strengths based on my experience. One notable advantage is their extensive data collection capabilities, surpassing many competitors in the market. They gather a wide range of information, resulting in a vast database that includes many suppliers or companies. It is easy to integrate with other tools.
I rate it a nine out of ten.
A reasonably stable product that provides recommendations to improve the scores
What is our primary use case?
This tool is a platform for monitoring and assessing the security posture of organizations and also helps to improve the posture by recommendations
How has it helped my organization?
This tool is a platform for monitoring and assessing the security posture of organizations and also helps to improve the posture by recommendations
What is most valuable?
Security Ratings, Continuous Monitoring, & Benchmarking are most useful
What needs improvement?
SecurityScorecard's technical team's response time is an area that my company expects to be made faster. As per the tool's SLAs, three days is way too much time for a user to wait for a response.
SecurityScorecard is an online scanning tool. Apart from the web scanning feature, SecurityScorecard should be available for use on Android or iOS for app scanning purposes and then provide a status to the user.
From the perspective of a customer, I would always want the price of the solution to be on the cheaper side.
For how long have I used the solution?
I have been using SecurityScorecard for more than two years.
What do I think about the stability of the solution?
Stability-wise, I rate the solution a nine out of ten.
What do I think about the scalability of the solution?
Around three to four people in my company use the product.
My company has no plans to increase the use of the solution.
How are customer service and support?
Apart from the delay in response time, I am happy with SecurityScorecard's technical team.
I rate the technical support an eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Long ago, my company used to use another solution.
How was the initial setup?
I rate the product's initial setup phase a nine on a scale of one to ten, where one is a difficult setup phase, and ten is an easy setup process.
The solution is deployed on a multi-hybrid cloud.
The solution can be deployed in hardly two or three hours.
What other advice do I have?
SecurityScorecard has improved our company's vendor risk assessment process since it basically gives us the comparison of the competitors and certain vulnerabilities which we can report from an external view or a third party view, giving us an improvement area to work on, which might we might not have focused a lot, or maybe it might be overlooked upon by us. SecurityScorecard helps our company get better scores. The tools help fix the vulnerabilities, which in turn improves scores, making it a valuable product for us.
A scenario where SecurityScorecard enabled better decision-making for IT projects includes an incident involving a couple of domain names that my company used to use in the past since sometimes we see that some applications were replicated. My company forgot to clean up the DNS names. Once my company gets to know from SecurityScorecard that our application has vulnerabilities, I may not have renewed the certificate considering that the application is no longer in use, owing to which our company might lose track of it, during which SecurityScorecard helps us to do the cleanup. There are many places where the right certificates are not installed, or maybe there is a small application vulnerability, which the tool can catch from the external view. This can be let known to our company since there is an action we take to fix such areas.
Our company operates in the online classified market.
The features of SecurityScorecard that are the most beneficial for security monitoring are the reports generated with the help of external audit and vulnerability assessment.
The platform's grading system helps prioritize our company's security concerns since it helps us in the area of scores and provides the competition score. The tool also provides recommendations to improve the scores, which is helpful.
In the identification of potential threats, SecurityScorecard helps our organization since it does black box analysis. With the black box analysis, the tool helps us in the area of external websites where we cannot do many things directly, after which the tool shares an unbiased status with our company.
SecurityScorecard's reporting capabilities support our company's compliance initiatives since it has a dashboard with credentials through which we can get the vulnerabilities reported. The product should provide an option so that it has the ability to fix the reported vulnerability at the same time that it is reported by allowing users to raise a ticket directly with SecurityScorecard's team. After the aforementioned steps are followed, SecurityScorecard can conduct a scanning process and add up the score, which basically gives me the complete trend by allowing me to say last month's trend versus the current month's trend or maybe the last scan versus the current month's scan.
I would tell those who plan to use the solution that it is a straightforward product to use.
I rate the product a nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
Helps identify our environment's vulnerabilities
What is our primary use case?
We use SecurityScorecard for reporting.
How has it helped my organization?
The solution helps identify our environment's vulnerabilities.
What is most valuable?
SecurityScorecard's most valuable feature is easy reporting.
What needs improvement?
The tool needs to have the ability to mitigate vulnerabilities with alternative solutions.
For how long have I used the solution?
I have been working with the solution for three years.
What do I think about the stability of the solution?
I rate SecurityScorecard's stability a seven out of ten.
What do I think about the scalability of the solution?
I rate the solution's scalability a seven out of ten.
How was the initial setup?
SecurityScorecard's deployment is easy.
What was our ROI?
I have seen ROI with the tool's use but cannot quantify it.
What other advice do I have?
I rate the product a seven out of ten.
Good data
What do you like best about the product?
I verify and consult they webinair and my mail receive
What do you dislike about the product?
I dislike is a not remote my cash money in my account bank
What problems is the product solving and how is that benefiting you?
My analyse data is real times for my domaine name
Quick and easy to set up; can start remediating issues immediately
What do you like best about the product?
It's got a very straightforward dashboard, with the ability to drill down into any areas of interest to help understand the specific remediation needed to rectify whatever issues are impacting your score.
What do you dislike about the product?
It's not always easy to see specifically why a score has gone up or down as there is sometimes a lack of clarity between the items newly detected and the impact on score.
What problems is the product solving and how is that benefiting you?
It shows us our business as we look to the outside world as it puts us into our customers' shoes and also helps us oversee the constantly changing risk environment of our suppliers.
showing 21 - 30