SecurityScorecard Reviews

Name: SecurityScorecard
Brand: SecurityScorecard
Rating: 4.0 (7 reviews)

Vendor: SecurityScorecard

4.0 out of 5

7 reviews
85% willing to recommend

678 followers

Start review

What is SecurityScorecard?

SecurityScorecard provides comprehensive cybersecurity insights with features such as notifications for score changes and configurable reporting, supporting team collaboration. It emphasizes multi-factor authentication and continuous monitoring for improved risk assessments.

Get the SecurityScorecard Buyer's Guide and find out what your peers are saying about SecurityScorecard, RSA Archer, OneTrust GRC and more!

SecurityScorecard is the #3 ranked solution in top IT Vendor Risk Management solutions. PeerSpot users give SecurityScorecard an average rating of 8.0 out of 10. SecurityScorecard is most commonly compared to RSA Archer: SecurityScorecard vs RSA Archer. SecurityScorecard is popular among the large enterprise segment, accounting for 57% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 15% of all views.

Helped 842,388 peers since 2012

Featured SecurityScorecard reviews

Hadar Eshel

Co-Founder and CEO at Cloudway

Our organization relies on numerous SaaS services for critical business functions, such as CRM and monitoring solutions. In a hypothetical scenario where a security breach occurs in the CRM database, potentially exposing our data and our clients, SecurityScorecard proves invaluable. It provides a security score, typically a percentage, based on extensive data collection from various sources, including the dark web and social networks. Let's say our CRM solution receives a security score of 78%, indicating a relatively safe status according to the information gathered by SecurityScorecard. One of its most effective features for risk identification is its enterprise-ready automation for third-party risk measurements. Additionally, it provides valuable insights into vulnerabilities within an organization, utilizing tools such as CVE details. For instance, it can assign a score based on vulnerabilities detected, such as 60%, and specify each vulnerability by its identifier. It offers scalability and can handle large volumes of real-time data. The continuous monitoring feature significantly enhances the ability to manage risks by providing real-time data collection on suppliers. We can observe fluctuations in their security levels over time, sometimes even every month. We can create alerts for high-risk situations, enabling organizations to respond promptly to potential security threats or vulnerabilities identified within their supplier network. The product's security ratings are helpful. While there may be occasional false positives, it does not function as a scanning solution. Instead, it presents the same information that hackers could potentially exploit. While I haven't worked with other cybersecurity rating solutions, I can attest to its strengths based on my experience. One notable advantage is their extensive data collection capabilities, surpassing many competitors in the market. They gather a wide range of information, resulting in a vast database that includes many suppliers or companies. It is easy to integrate with other tools. I rate it a nine out of ten.

Read full review

Steffen Hornung

Administrator at Neuberger Gebäudeautomation GmbH

There could be more information in regards to solving problems like hints on what specifically to look for. There should be the option to split responsibility for certain areas. This would be mandatory if we want to invite external consultants to look at things together. As mentioned above, the pricing for a paid subscription is too high for "just" a monitoring platform. They don't fix your issues. Instead, you have to come up with a good explanation of why things are the way they are. Small teams might not have the patience to re-submit closure of issues due to the fact that the explanation for the issue is not accepted.

Read full review

Antonio Scola

Owner at Sunlit Technologies

With SecurityScorecard, the most valuable feature is the ability to identify if third parties or vendors have digital threats that may impact our company. It also scans all internal domains and IPs to find vulnerabilities in the digital landscape. The continuous monitoring capabilities have been beneficial by providing ongoing assessments of potential risks.

Read full review

SecurityScorecard mindshare

As of March 2025, the mindshare of SecurityScorecard in the IT Vendor Risk Management category stands at 11.4%, up from 10.7% compared to the previous year, according to calculations based on PeerSpot user engagement data.

IT Vendor Risk Management

PeerAnalyst reports based on SecurityScorecard reviews

Type	Title	Date
Category	IT Vendor Risk Management	Mar 26, 2025	Download
Product	Reviews, tips, and advice from real users	Mar 26, 2025	Download
Comparison	SecurityScorecard vs OneTrust GRC	Mar 26, 2025	Download
Comparison	SecurityScorecard vs RSA Archer	Mar 26, 2025	Download
Comparison	SecurityScorecard vs Bitsight	Mar 26, 2025	Download

Title	Rating	Mindshare	Recommending
RSA Archer	4.0	11.5%	92%	41 interviews Add to research
OneTrust GRC	4.1	10.8%	78%	14 interviews Add to research

Valuable Features

SecurityScorecard's most valuable features include easy reporting, continuous monitoring, and benchmarking. It offers notifications for score changes, MFA login protection, and team collaboration. Users appreciate third-party digital threat identification, internal domain and IP vulnerability scanning, and attack surface capabilities such as exposed ports and breach information. Combining threat intel data with vulnerabilities, it aids comprehensive risk assessment and insights into third-party supply chain risks.

"The biggest benefit is visibility, allowing organizations to understand their risks, vulnerabilities, and potential threats."
"Fortify Data offers attack surface capabilities that identify vulnerabilities, exposed ports, and dark web information."
"The initial setup takes just a couple of days and doesn't require any installation."

Room for Improvement

SecurityScorecard requires improvements in pricing, technical support response time, and user instructions for issue resolution. It would benefit from enhanced third-party risk management capabilities and app scanning for mobile devices. Enabling alternative solutions for vulnerabilities and reducing manual tasks through automation would enhance user experience. Users express a desire for more comprehensive data points related to dark web threats and vulnerability scanning integration. Offering features to share responsibilities with external consultants is also suggested for improvement.

"There are areas for improvement in response times and overall support."
"The product can be improved by incorporating more data points and intelligence around dark web information and threat data."
"Some wanted a different solution."

ROI

SecurityScorecard enhances security posture and mitigates risks by providing visibility into risks and vulnerabilities. It allows organizations to identify and address digital threats from vendors, preventing data breaches. Though ROI is hard to quantify, SecurityScorecard's role is significant in risk management. Organizations note differences in identifying threats and maintaining data integrity. Its effectiveness in risk mitigation is highlighted by users' experiences, such as discovering data on the dark web and avoiding unnoticed security incidents.

Pricing

SecurityScorecard offers flexible pricing structures with a $400 per month tier for smaller entities and higher tiers for more security-focused organizations, with costs around $1000 monthly. Pricing is middle-range compared to competitors like Fortify Data and Censinet. Users note potential additional costs due to taxes in regions like South America. Setup costs are minimized since most data is pre-collected from various sources. Transparency in scoring adjustments is provided, allowing for discussion and feedback.

"The pricing of SecurityScorecard is fair. I would rate it a seven. It's a bit more on the expensive side. In Brazil, for example, making a payment to the vendor involves wire transfers and high taxes, making it more expensive. Selling SecurityScorecard or any American vendor's product in the United States is very different from selling in South America or Brazil."
"Even though it's competitive, they offer flexible pricing structures."
"The pricing could be split into a lower-paid tier for smaller organizations and another higher tier for others with a more security-focused outlook. $1000 per month is more than some companies pay for their internet connections in total.UPDATE: they have a new 400$ a month tier for starters."

Popular Use Cases

Organizations primarily use SecurityScorecard to assess and manage third-party cybersecurity risks. It monitors and assesses the security posture of organizations, offering recommendations to improve it. Data is analyzed deeply to identify vulnerabilities and exposed data, addressing digital risks. Users appreciate the ability to evaluate the security score and explore attack surfaces. However, there is concern about the large gap between free and paid tiers, limiting smaller organizations' access to enhanced features.

Service and Support

Customer service and support for SecurityScorecard have room for improvement in response times and issue resolution. Users note responsiveness has improved over the past year but still encounter delays, with resolutions taking up to 1-3 days. Despite these delays, users express satisfaction with the knowledgeable technical team, rating their experience between six and eight. Suggestions include better organization to handle customer volume efficiently.

Deployment

SecurityScorecard's initial setup is straightforward and efficient. Users report it is easy to deploy within two or three hours for a quick implementation for smaller numbers of monitored companies. Implementation for larger setups with more companies can take a few days. Its SaaS nature simplifies the process, allowing immediate functionality. Users receive support from a Customer Success Manager, ensuring assistance during deployment. Usually, three to four individuals participate in the process.

Scalability

SecurityScorecard is a web-based service suitable for medium to large enterprises. Users highlight its easy scalability, allowing seamless domain expansion. However, it may not suit Fortune 500 companies. While some users admire its functionality, others seek alternatives. Few people in organizations typically use it, often without plans for expansion. Scalability is generally rated around seven out of ten, with simple adjustments possible by interacting with the interface.

Stability

Users experience strong stability with SecurityScorecard. One comment indicates a minor browser setting adjustment is needed for login in MS Edge. Stability ratings range from seven to nine out of ten. The platform is described as 99.99% stable. No complaints regarding stability have been reported, and users have encountered no significant challenges even with moderate traffic.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our SecurityScorecard Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Financial Services Firm

15%

Computer Software Company

13%

Educational Organization

10%

Manufacturing Company

Insurance Company

Healthcare Company

Retailer

Energy/Utilities Company

Government

University

Non Profit

Construction Company

Hospitality Company

Comms Service Provider

Media Company

Real Estate/Law Firm

Legal Firm

Transportation Company

Recreational Facilities/Services Company

Wholesaler/Distributor

Logistics Company

Pharma/Biotech Company

Engineering Company

Consumer Goods Company

Outsourcing Company

Security Firm

Marketing Services Firm

Compare SecurityScorecard with alternative products

Learn more about SecurityScorecard

SecurityScorecard specializes in assessing third-party cybersecurity risks, enhancing security posture, and analyzing exposed data. It offers automated information gathering and vendor reports, aiding in vulnerability assessments for supply chain risk management. Users value the Attack Surface Index and recommendations for security improvements, though faster technical response times and better cost-effectiveness, especially in Brazil, are desired. Enhancements such as app scanning and more efficient vulnerability management could expand its capabilities.

What are the key features of SecurityScorecard?

Score Change Notifications: Alerts for immediate awareness of security rating changes
Configurable Reporting: Customizable reports for different stakeholders
Team Collaboration: Tools to facilitate collaborative assessments and decision-making
Multi-Factor Authentication: Enhanced security for user logins
Continuous Monitoring: Ongoing evaluation of cybersecurity posture
Third and Fourth-Party Analysis: In-depth assessment of supply chain risks
Threat Intel Integration: Incorporation of real-time threat intelligence

What benefits or ROI should users expect?

Improved Risk Management: Enhanced visibility of cybersecurity risks
Supply Chain Protection: Identification and management of third-party vulnerabilities
Operational Efficiency: Automated data collection and analysis streamline workflows
Cost-Effectiveness: Potential reduction in security management costs
Comprehensive Threat Visibility: Access to integrated threat intelligence

SecurityScorecard is utilized in industries for managing third-party cybersecurity threats by providing detailed vulnerability assessments and automated reporting. Its implementation aids supply chain risk management and enhances industry-specific security strategies, with room for improvement in technical response times and dark web intelligence inclusion.