In this article:
Company Trends Report is available with a paid SecurityScorecard plan. See our plans page for more information about levels of features and access.
Use the Company Trends Report to monitor progress in preventing or remediating security threats for your own company or a vendor:
- Track your own security team's momentum, identify priorities for improvement, and start digging into areas of concern. Share this critical information with your executive leadership, boards of directors, and other internal stakeholders.
- Gauge a vendor's success and engagement in addressing threats. Because your company's security is only as good as that of third-party service providers, use this report to vet potential vendors to make sure they meet your standards.
Tip: To view security progress for multiple vendors in a SecurityScorecard portfolio, use the Portfolio Trends Report.
Run the report
- Select Company Trends Report from the Analysis Tools drop-down list.
- Select your company, or select a portfolio and then a company in that portfolio to report on.
- Select a time range to report on.
Note: The age of your portfolio and the current date affect the data you can see:
- If your portfolio is less than a day old, you can see the 30-day range within 24 hours after you created it.
- If your portfolio is less than one month old, you can only see the 30-day range.
- When your portfolio’s age passes 30 days, you can view other ranges.
- The data for each month appears on the first day of the following month.
Tip: Hover over a point in time for any visualization to see the data for that specific period.
Build insights with the data
Use the report's data visualizations, individually and collectively, to tell a story of how your company or a vendor is performing over time and to isolate and drill into areas requiring closer inspection.
Compare the company's Scorecard grades to the average for other companies in the same industry (dotted line) to determine where the company is excelling or falling behind.
Note breaches, marked by a red X in a black hexagon. Correlate breaches with concurrent or preceding issue findings to isolate critical security gaps.
A Scorecard grade comprises 10 security factors. Study the trends for each factor to identify which areas require the most attention for preventing certain types of attacks. By default, only the three most score-impacting factors are displayed.
Correlate changes in factor scores with overall score fluctuations. Make sure to expand the list of factors because the first three may not provide the full picture. For example, as seen in the following screenshot, after expanding the factor list, you can see that a drop in the overall score for April 2021 coincides with drops in three factor scores:
Click a factor to go to the History page and drill into the relevant issues we found, so that you can see their severity and scoring impact. On the History page, set your date range to match the range on the Company Trends report.
We consider a finding remediated when:
- We can verify corrective action with a scan.
- We accept a refutation of the finding based on a demonstrated compensating control.
In either case, a high number of remediations indicates a healthy level of engagement and vigilance on the part of the company.
Compare drops in remediation activity with coinciding levels of new findings. Low activity may just reflect fewer new issues. Or, as in the following screenshot, it may indicate lapses in action to address a surge:
While decayed findings do not impact the score, they may point to security efforts that are not visible on the internet or they may indicate lack of attention to security issues. We consider a finding decayed when:
- Remediation evidence is not visible from an internet view. For example, the issue was remediated behind a gateway.
- The finding has not been refuted in the scorecard and has “aged out” after an extended period of time, which depends on the issue type.
One way to gain more context for decayed findings is to correlate them with levels of remediated findings. Low coinciding remediation may indicate lack of engagement, at least from an internet-facing perspective. Surges in remediation activity may account for fewer decayed findings, as in the following screen shot:
New and existing findings
We distinguish new and existing relative to the current month:
- Findings recorded during a given month are regarded as new findings for that month.
- Any other findings that have not been remediated or decayed as of the start of the month are regarded as existing findings.
Correlate levels of new findings with with remediation activity to gauge their impact on your score. As the following two screen shots show, a surge in new findings during August and September 2020, combined with a lull in remediation activity during that period, coincides with a score drop for several factors and lower overall score.
To prioritize security issues that directly affect compliance efforts, use the Compliance section and correlate compliance framework questions with issues. For every framework, we map a percentage of questions to issues of different severity levels that we discovered.
Click a framework to view questions that are mapped to issues we found, and then click an issue to learn more about it.
Change which compliance frameworks you want to see in the report, selecting up to three different ones at a time.
Use the Digital Footprint section to view the total number of attributed IPs and survey their distribution by country. After using the Company Trends Report to create insights about your threat management or that of a vendor, you can get an idea of the scale of threats in different locations.
Click the IP tally to see the full inventory with the number of issues associated with each IP. Then you can click the issues to view details about them.
If you need help or have questions, submit a Support request.