SecurityScorecard Reviews

Name: SecurityScorecard
Brand: SecurityScorecard
Rating: 4.0 (7 reviews)

Vendor: SecurityScorecard

4.0 out of 5

7 reviews
85% willing to recommend

678 followers

Post review

What is SecurityScorecard?

Funded by world-class investors including Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.

Get the SecurityScorecard Buyer's Guide and find out what your peers are saying about SecurityScorecard, RSA Archer, OneTrust GRC and more!

SecurityScorecard is the #3 ranked solution in top IT Vendor Risk Management solutions. PeerSpot users give SecurityScorecard an average rating of 8.0 out of 10. SecurityScorecard is most commonly compared to RSA Archer: SecurityScorecard vs RSA Archer. SecurityScorecard is popular among the large enterprise segment, accounting for 57% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 14% of all views.

Helped 838,640 peers since 2012

Featured reviews

Hadar Eshel

Co-Founder and CEO at Cloudway

Our organization relies on numerous SaaS services for critical business functions, such as CRM and monitoring solutions. In a hypothetical scenario where a security breach occurs in the CRM database, potentially exposing our data and our clients, SecurityScorecard proves invaluable. It provides a security score, typically a percentage, based on extensive data collection from various sources, including the dark web and social networks. Let's say our CRM solution receives a security score of 78%, indicating a relatively safe status according to the information gathered by SecurityScorecard. One of its most effective features for risk identification is its enterprise-ready automation for third-party risk measurements. Additionally, it provides valuable insights into vulnerabilities within an organization, utilizing tools such as CVE details. For instance, it can assign a score based on vulnerabilities detected, such as 60%, and specify each vulnerability by its identifier. It offers scalability and can handle large volumes of real-time data. The continuous monitoring feature significantly enhances the ability to manage risks by providing real-time data collection on suppliers. We can observe fluctuations in their security levels over time, sometimes even every month. We can create alerts for high-risk situations, enabling organizations to respond promptly to potential security threats or vulnerabilities identified within their supplier network. The product's security ratings are helpful. While there may be occasional false positives, it does not function as a scanning solution. Instead, it presents the same information that hackers could potentially exploit. While I haven't worked with other cybersecurity rating solutions, I can attest to its strengths based on my experience. One notable advantage is their extensive data collection capabilities, surpassing many competitors in the market. They gather a wide range of information, resulting in a vast database that includes many suppliers or companies. It is easy to integrate with other tools. I rate it a nine out of ten.

Read full review

Steffen Hornung

Administrator at Neuberger Gebäudeautomation GmbH

There could be more information in regards to solving problems like hints on what specifically to look for. There should be the option to split responsibility for certain areas. This would be mandatory if we want to invite external consultants to look at things together. As mentioned above, the pricing for a paid subscription is too high for "just" a monitoring platform. They don't fix your issues. Instead, you have to come up with a good explanation of why things are the way they are. Small teams might not have the patience to re-submit closure of issues due to the fact that the explanation for the issue is not accepted.

Read full review

Antonio Scola

Owner at Sunlit Technologies

With SecurityScorecard, the most valuable feature is the ability to identify if third parties or vendors have digital threats that may impact our company. It also scans all internal domains and IPs to find vulnerabilities in the digital landscape. The continuous monitoring capabilities have been beneficial by providing ongoing assessments of potential risks.

Read full review

SecurityScorecard mindshare

As of February 2025, the mindshare of SecurityScorecard in the IT Vendor Risk Management category stands at 11.3%, up from 10.7% compared to the previous year, according to calculations based on PeerSpot user engagement data.

IT Vendor Risk Management

PeerAnalyst reports

Type	Title	Date
Category	IT Vendor Risk Management	Feb 21, 2025	Download
Product	Reviews, tips, and advice from real users	Feb 21, 2025	Download
Comparison	SecurityScorecard vs OneTrust GRC	Feb 21, 2025	Download
Comparison	SecurityScorecard vs RSA Archer	Feb 21, 2025	Download
Comparison	SecurityScorecard vs AuditBoard	Feb 21, 2025	Download

Title	Rating	Mindshare	Recommending
RSA Archer	4.0	11.2%	92%	41 interviews Add to research
OneTrust GRC	4.1	10.7%	78%	14 interviews Add to research

Valuable Features

SecurityScorecard's most valuable features include flexible reports, notification alerts for score changes, and the option to invite team members. Multi-factor authentication enhances login security. Users appreciate continuous monitoring, easy reporting, security ratings, and benchmarking. The platform excels in identifying vulnerabilities in third-party and vendor networks, offering comprehensive risk assessments. Key features are third and fourth-party vendor evaluations, attack surface identification, breach information, and internal vulnerability scanning. This helps maintain updated visibility on potential digital threats.

"The biggest benefit is visibility, allowing organizations to understand their risks, vulnerabilities, and potential threats."
"Fortify Data offers attack surface capabilities that identify vulnerabilities, exposed ports, and dark web information."
"The initial setup takes just a couple of days and doesn't require any installation."

Room for Improvement

SecurityScorecard requires enhancements in several areas. Their data should include more guidance on addressing issues and expanded responsibility options for collaboration. Users feel their pricing is high, response times from the technical team are slow, and app scanning is limited. The platform's process could be streamlined, automation could improve manual tasks, and both internal scanning and third-party risk management features need strengthening. More competitive pricing is also suggested.

"There are areas for improvement in response times and overall support."
"The product can be improved by incorporating more data points and intelligence around dark web information and threat data."
"Some wanted a different solution."

ROI

Organizations find it challenging to quantify ROI with SecurityScorecard due to its effectiveness in mitigating risks and preventing breaches. SecurityScorecard provides visibility into risks, aids in identifying vendors' digital threats, and supports informed decision-making. While the financial return is not easily defined, the tool's impact in preventing potential security incidents and enhancing security posture is significant.

Pricing

Enterprise feedback indicates SecurityScorecard offers a fair and flexible pricing structure with tiers tailored to organization size, including a new $400/month starter option. While some consider the $1000/month tier expensive, especially compared to internet costs, others find the pricing competitive within its range. Licensing processes may involve additional costs in specific regions like South America due to wire transfers and taxes. Pricing is comparable to peers like Fortify Data and Censinet.

"The pricing of SecurityScorecard is fair. I would rate it a seven. It's a bit more on the expensive side. In Brazil, for example, making a payment to the vendor involves wire transfers and high taxes, making it more expensive. Selling SecurityScorecard or any American vendor's product in the United States is very different from selling in South America or Brazil."
"Even though it's competitive, they offer flexible pricing structures."
"The pricing could be split into a lower-paid tier for smaller organizations and another higher tier for others with a more security-focused outlook. $1000 per month is more than some companies pay for their internet connections in total.UPDATE: they have a new 400$ a month tier for starters."

Popular Use Cases

Organizations use SecurityScorecard to monitor and improve their security posture by assessing cybersecurity risks, managing third-party risks, and conducting external IT assessments. It offers features like Attack Surface Index to identify vulnerabilities in specific software. Many seek free offerings, but find the paid subscription costly, particularly for smaller organizations. It performs deep analysis of data to uncover vulnerabilities and risks. Widely used for supply chain risk management, it helps in comprehensive risk assessments.

Service and Support

Users find SecurityScorecard's customer service and support to have room for improvement in response times. Acknowledgment isn't immediate, with resolutions often taking 1-3 days if not faster. Despite delays, there's satisfaction with the knowledgeable team. Ratings range from six to eight out of ten, showing progress over the last year. There's acknowledgment of continual improvement, but better organization is necessary to fully meet customer needs.

Deployment

SecurityScorecard's initial setup is straightforward and quick, requiring only a work email login. Deployment is deemed smooth, with the process rated nine out of ten by users. It's deployed over a multi-hybrid cloud, taking a few hours, but may extend to days depending on the number of companies monitored. Assistance is provided, typically involving a Customer Success Manager and several personnel, ensuring easy setup and management without installation requirements.

Scalability

SecurityScorecard's scalability is seamless for web-based services, facilitating easy expansion, such as doubling domains. Users rate scalability as moderately high. While several users maintain current usage without plans for expansion, others find it easy to scale. Those familiar generally prefer different options. Ideal for medium to large enterprises with significant revenue, it may not meet the needs of large-scale corporations like Fortune 500 due to limited name recognition and scalability issues.

Stability

SecurityScorecard exhibits reliable stability with minimal issues reported. Users indicate it operates smoothly, rating it between seven to nine out of ten. They note it as 99.99% stable with no significant traffic concerns. Users discovered a requirement to disable the "no-tracking" option in MS Edge for login, but no complaints about stability have been mentioned.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our SecurityScorecard Buyer's Guide for additional reliable information.