Issue Types
- Address score-impacting CVEs in your Scorecard
- Park domains properly and keep them secure
- Potential Vulnerability Detected
- November 2022 OpenSSL 3.X vulnerability detected
- Domain advertised as ransomware victim
- Learn about decayed issue findings
Getting Started & Setting Up
- Create API tokens for the SecurityScorecard platform
- Choose how to log into our platform
- Personalize your reports and communications with your logo
- An email already exists for a new user you are trying to add
- SAML is not enabled after you set up SSO
- How do I reset my SecurityScorecard password?
Product Overview
- Check platform access with Audit Log
- View compliance through your unique lens with Custom Frameworks
- Get actionable information about your organization or vendors you follow with Scorecard Overview
- Adding and removing subdomains to the Digital Footprint
- Get a quick, actionable view of compliance
- See the positive impact of your Scorecard activity immediately with your Projected Score
Analysis Reporting
- Create your own security narrative with a Custom Report
- Track vulnerabilities and affected parties with the CVE Impact on Companies report
- No score appears in Ransomware Analytics Report
- Automatic Vendor Detection displays no information
- Gauge likelihood of a ransomware attack with the Ransomware Analytics report
- Track issue prevalence and affected organizations with Issue Type Trends report
Scoring Updates
- Prepare for Scoring 3.0
- Score Update FAQ
- What is a scoring update?
- Score update banner information disappeared or does not display
- Why are there big "score swings" in a Scorecard?
- Public Scorecard Badge has outdated score compared to platform score
Scorecard
- Investigate risk for your corporate subsidiaries
- Quantify the financial impact of your cyber risk
- Understanding the concept of related domains
- Tag your Scorecards and assets for meaningful contexts
- Use asset categories to better monitor your Digital Footprint
- Assess browser health at a glance with Desktop Analytics
Third Party Risk Management
- Create a Portfolio
- Create a Group
- Contact partners or vendors to initiate collaboration
- Use Action Plans to collaborate with your vendors on security improvements
- Manage supply chain risk with Automatic Vendor Detection
- Gain additional vendor insights with Enhanced Illumination
Best Practices
FAQ
- What does status 'Inactive' mean next to a scorecard shown in a portfolio?
- Invalid SAML response, Invalid signature
- Can I request a rescan of my Scorecard?
- Why we require HTTPS for all sites
- 1-point score change did not trigger rule
- Digital Footprint displays no issues despite issues present in subdomain