Skip to main content
Help Center Help Center home page
Submit a request

Sign in

  1. Help Center
  2. Security posture
  3. FAQ

FAQ

  • Phased Re-introduction of Historical Findings Data
  • Let's Encrypt discontinued its OCSP service on August 6, 2025
  • Message 'Every row should contain the ";" separator.' received when uploading a custom compliance framework
  • Asset has a self-signed certificate finding but the certificate is signed by a public CA
  • Why do I see "This IP address is no longer attributed to this scorecard" on a custom scorecard?
  • Why does a ‘Medium-Severity’ CVSS finding have a lower score impact then ‘Low-Severity’ CVSS findings?
  • Understanding the meaning of 'Status' in the Compliance CSV export.
  • Multiple domains are attributed to my company but the WHOIS information is a 3rd party
  • Understanding the Column 'Criticality' in the Digital Footprint
  • Custom and Parent scorecards discrepancies between findings and digital footprint
  • Is there a count of resolved findings using the remediation process?
  • Email not received when resolving a finding by selecting 'Fixed'
  • ERR_SSL_VERSION_OR_CIPHER_MISMATCH when accessing SecurityScorecard Platform
  • Time Zones for Timestamps on the Platform UI, CSV exports and APIs
  • Why is the "Fixed" button not available for Patching Cadence issue types?
  • Multiple assets shown in observations for 'SSL/TLS' issue types for a single finding
  • The usage of hxxp/hxxps next to some links in Platform and API
  • Merge scorecards
  • Time-to-live (TTL) for attributed assets on Digital Footprint
  • What are the egress regions for SecurityScorecard scanners?
  • How and why Website Copyright is Not Current (website_copyright_expired) is an issue
  • Infection Date
  • History Tab Score Change does not match "Overall score impact" reported under Issue Types
  • Findings on a subdomain which is not present in the Digital Footprint
  • All CVSS v3 Issue types have a Low Severity despite of their Criticality
  • How is Reduced User-Agent String addressed?
  • Why is a new zero day vulnerability set to informational with no impact?
  • Adding and removing subdomains to the Digital Footprint
Help Center