In this article:
Some features mentioned in this article may only be available with a paid SecurityScorecard plan. See our plans page for more information about levels of features and access.
This article highlights product updates, new features, early release features, bug fixes, and more that we have added to the SecurityScorecard platform. Check back regularly to stay up to date!
December
December 22, 2021
- Benchmarking Report. Use the Benchmarking report to measure the cybersecurity resilience of any organization against organizations you monitor in your portfolios. Learn More
- Remediation Workflow improvements. We have improved our remediation response time or refute response time by more than 50%. Refute Response Time is tracked at our Trust Portal here.
December 16, 2021
- Public Scorecards. Public Scorecard is a publicly facing scorecard that enables our market to see what type of data SecurityScorecard has on each scored company. Learn More
December 13, 2021
- License management improvements. Companies now have more insight into their license usage, Administrators have an improved master list of monitored Scorecards, and companies are no longer able to add Scorecards once they are at their licensed capacity, keeping them in compliance. Learn More
December 1, 2021
- Evidence Locker 2.1. Companies can now share compliance documents with a specific customer or regulatory contacts outside their organization. We've also introduced a virus scanning capability. Learn More
November
November 29th, 2021
- Mimecast Marketplace app. Joint Customers can now install the application & connect their
Mimecast account to start receiving the daily Mimecast Targeted Threat Protection incident count within their own Scorecard Learn More - Redsift Marketplace app. By installing the application, users can start viewing Red Sift provided signals that will appear under the DNS Health and Social Engineering factor. Learn More
- IntSights Marketplace app. Gain visibility into hacker communities and underground marketplaces, and identify and lock down leaked sensitive information. Learn More
- Salesforce Service Cloud Marketplace app. Automatically create tickets in Salesforce Service Cloud when there are score changes, breaches, or other events in SecurityScorecard. Learn More
November 18th, 2021
- Evidence Locker 2.1, Early Access. Companies can now share compliance documents with a specific customer or regulatory contacts outside their organization. We've also introduced a virus scanning capability. Learn More
November 11th, 2021
- Usage Alert banners. Color-coded banners provide all users insight into their companies license usage to help them make decisions on what Scorecards to monitor. Learn More
October
October 28, 2021
- Scoring updates. We have added a new issue type, Ransomware Infection, and decreased severity for the OpenVPN Device Accessible issue type. Learn More
September
September 30, 2021
- Scanning of unique subdomains for the top 1000 followed scorecards and any other scorecard by request.
September 29, 2021
- We've moved from Batch Processing to Continuous Processing
September 28, 2021
- Support chatbot available to all users in Ratings. This chatbot is integrated with the support center to help provide relevant articles based on keywords or to open a ticket with our support team. Users can also live chat with a sales representative if they have questions about pricing or upgrades.
September 22, 2021
- PagerDuty launches in Marketplace. Users can now collect tailored SecurityScorecard Alerts in PagerDuty, leveraging our Rule Builder to get notified when new SecurityScorecard issues and events occur. Learn More
- Scoring updates. We’ve updated the “SPF is missing” issue type in DNS Health to include DMARC. We also increased detection of Endpoint Security, Out-of-date Browser, and Operating System measurements by approximately 20% Learn More
September 14, 2021
- Reporting Center now unifies in one place all of your Scorecard reporting and analysis resources. Learn More
- Digital Footprint 2.0, Early Access. Select customers are able to beta test our new Digital Footprint updates, designed to help you quickly understand what assets are influencing changes to your score so you can prioritize action. Learn More
September 9, 2021
- Atlas for all. All users will now be able to Switch into Atlas from the Ratings platform and have 5 free credits available to use. Learn More about Atlas
August
August 23, 2021
- Tenable Lumin integration. Installing the External Security Posture Report from SecurityScorecard into Tenable Lumin adds an “outside-in” perspective of cyber health in a side-by-side comparison to Lumin’s Cyber Exposure Score (CES). Learn More
August 19, 2021
- August Scoring updates. New informational issue types added, additional information added to IP Reputation. Learn More
July
July 29, 2021
- Zendesk in Marketplace. Automated ticket creation in Zendesk based on SecurityScorecard's continuous monitoring. Learn More
- HackNotice in Marketplace. When a HackNotice report is published on your scorecard or one you follow, you can get more details on the published report, review it, and take the next steps right away. Learn More
July 26, 2021
- Two new informational issue types. Potentially Vulnerable Applications (PVA) and Browser Average Age Indicates Older Versions (Browser SPA!) are now informational issue types present on scorecards when they are applicable.
July 23, 2021
- Company Trends Report. Easily extract key data to track your own security team's momentum or gauge a vendor's success and engagement in addressing threats. Learn More
- Two new issue types. Expired copyright and Server with Expired Certificate Contacted are now two new issue types present on scorecards when they are applicable.
July 16, 2021
- Microsoft Teams app on Marketplace. Set up notifications through Rule Builder that launch in a specific Teams channels based on Scorecard changes and events. Learn More
July 15, 2021
- July Scoring updates. Several issue types increased in severity, UPnP Accessible decreased in severity, updated Application Security issue types. Learn More
July 14, 2021
- Source Defense app on Marketplace. This app brings insights on client-side website attacks directly into Scorecards. Learn More
- Custom Scorecards improvements. Improved user experience for creating and editing custom scorecards, that are more intuitive and simplified with improved filtering logic and support. Learn More
July 13, 2021
- CSC app on Marketplace. This app brings insights on Domain Security classes directly into Scorecards. Learn More
June
June 18, 2021
- June Scoring updates. Added three new ransomware types, moved several issue types from information to scored, added new version of endpoints to Application security issue, added detection for additional CVEs. Learn More
June 11, 2021
- Three new ransomware issue types. Hacker Chatter: Domain Advertised as Ransomware Victim, IP Reputation: Products Susceptible to Ransomware Exploits Exposed, and Cubit Score: Ransomware-Susceptible Remote Access Services Exposed are now part of rated scorecards, when applicable. Learn More
June 2, 2021
- Integrate360° Marketplace launches. This is a one-stop-shop for users to discover and deploy trusted partner solutions and prebuilt integrations. Learn More
May
May 24, 2021
- May Scoring Updates. This month we launched 19 new informational issue types as well as several other changes to make it our biggest scoring update yet. Learn More
May 24, 2021
- Exim vulnerabilities. The latest Exim vulnerabilities are now live through the portfolio filter.
April
April 22, 2021
- Pulse Secure VPN Zero-Day is now being scored on SecurityScorecard
April 16, 2021
- CybelAngel. CybelAngel is the world-leading digital risk protection platform that detects and resolves external threats before these wreak havoc.
User can now receive insights and signals for Exposed Credentials and Documents collected by CybelAngel directly in their Scorecards. Learn More - DarkOwl. DarkOwl provides the world's largest database of darknet content and the tools to efficiently find leaked or otherwise compromised personal or organizational data.
Install the DarkOwl application to receive and view your DARKINT exposure score directly in your Scorecard. Learn More - HackerOne. HackerOne is the industry standard for hacker-powered security. The HackerOne app for SecurityScorecard surfaces HackerOne "hacktivity" for available companies under Patching Cadence in SecurityScorecard. A "Hacker Report" information issue will appear on a Scorecard for companies with active public security or bug bounty program when a hacker report is published. Learn More
April 15, 2021
- New Invite Company workflow. We now have a revamped company invite modal with default template messaging, the ability to co-brand the invitation with your logo, set score mandates as part of the invitations with deadlines, and the ability to track invites through your Invited Company dashboard. Learn More
- April Scoring updates. Updated out-of-date browser versions. Learn More
March
March 31, 2021
- Board Trends Report. This report is focused on third parties and enables easier communication of trends and changes across your monitored security portfolio to inform executive leadership, boards of directors, and other internal stakeholders. Learn More
March 19, 2021
- Microsoft Exchange CVE Filter. You can now filter portfolios for the Microsoft Exchange CVE
March 18, 2021
- May Scoring updates. Updated out-of-date browser versions, corrected SSL/TLS Service Supports Weak Protocol's scoring impact to be in line with other high severity findings. Learn More
February
February 22, 2021
- Atlas email template upgrades. Atlas customers can now add their company logo to co-brand their invitations, leverage a "lead-in" template, and first-time receivers land on a unique onboarding page. Learn More about Atlas
February 18, 2021
- February Scoring updates. SSL/TLS Service Supports Weak Protocol from Informational to Scored (High Severity). Learn More
January
January 29, 2021
- Slack and JIRA Marketplace apps. Enhance automation by integrating changes in SecurityScorecard with JIRA or Slack. Learn More
January 21, 2021
- January Scoring updates. We’ve refactored TLS and certificate signals in Network Security to make it easier for users to focus on related issues versus reviewing copies of the same certificate. Learn More
January 20, 2021
- Company Hierarchy. A new way to visualize ecosystem risk, which includes parent holders, subsidiary companies, and more! Learn More