Rule Builder is available with a paid SecurityScorecard plan. See our plans page for more information about levels of features and access.
Automate how your team monitors Scorecards and receives updates. Create workflows that trigger when a meaningful Scorecard change occurs, or schedule recurring reports to keep your team informed without manual checking. This saves time and helps you identify high-risk issues faster.
How Rule Builder works
Rules can trigger actions in two ways:
When Scorecard events occur (for example, score changes, new issues, breaches)
On a schedule you define (for example, weekly or monthly report delivery)
We evaluate Scorecard events daily and run any rules that match your conditions.
Example: Alert your team when a new high-severity issue appears in a portfolio, or schedule a weekly Scorecard report to keep everyone updated.
Example use cases
Below are common ways teams use rules to automate monitoring, reporting, and response workflows.
Set score standards for a portfolio
Alert your team to investigate if a portfolio Scorecard falls below a minimum score threshold.
Example: If one of my Tier 1 vendors drops below a B, notify me so that I can take appropriate
action.
Automatically share reports
Automatically share a report when a Scorecard event occurs, so the right team is notified as soon as a vendor falls out of compliance.
Example: When a company we work with is breached, share a Summary Report with the business unit responsible for maintaining the vendor relationship.
Automatically move a Scorecard to a portfolio
Automatically move Scorecards to the right portfolio when they meet specific conditions, so your team can quickly find the ones that need review or action.
Examples:
- When a Scorecard drops below a B, move it to an at-risk portfolio for deeper investigation.
- When a vendor experiences a breach, move the Scorecard to the Breaches portfolio to simplify reporting and tracking.
- When a new high-severity issue is detected in a Tier 1 vendor, move the Scorecard to the Needs Review portfolio so your team can quickly identify and address the issue.
Keep stakeholders aligned with scheduled reporting
Schedule recurring Scorecard reports to keep your team informed of changes and trends without manual checks.
Example: Deliver a daily issues report to your remediation team to track new findings and status updates.
FAQ
Q. How do I turn off email notifications?
You can opt out of receiving email notifications at any time by going to the Alerts icon on the upper-right corner and turning off the Email Me Daily Updates toggle for Rules in Alerts Settings.
Q. Are there any known limitations with Rule Builder?
- Currently, each user can create up to 25 rules.
- Rule notifications are limited to Scorecards of registered domain names.