SecurityScorecard Reviews

Name: SecurityScorecard
Brand: SecurityScorecard
Rating: 4.0 (7 reviews)

4.0 out of 5

7 reviews
85% willing to recommend

What is SecurityScorecard?

SecurityScorecard provides comprehensive cybersecurity insights with features such as notifications for score changes and configurable reporting, supporting team collaboration. It emphasizes multi-factor authentication and continuous monitoring for improved risk assessments.

Get the SecurityScorecard Buyer's Guide and find out what your peers are saying about SecurityScorecard, RSA Archer, Bitsight and more!

SecurityScorecard is the #2 ranked solution in top IT Vendor Risk Management solutions. PeerSpot users give SecurityScorecard an average rating of 8.0 out of 10. SecurityScorecard is most commonly compared to RSA Archer: SecurityScorecard vs RSA Archer. SecurityScorecard is popular among the large enterprise segment, accounting for 60% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 15% of all views.

Helped 867,370 peers since 2012

Featured SecurityScorecard reviews

Hadar Eshel

Co-Founder and CEO at Cloudway

Our organization relies on numerous SaaS services for critical business functions, such as CRM and monitoring solutions. In a hypothetical scenario where a security breach occurs in the CRM database, potentially exposing our data and our clients, SecurityScorecard proves invaluable. It provides a security score, typically a percentage, based on extensive data collection from various sources, including the dark web and social networks. Let's say our CRM solution receives a security score of 78%, indicating a relatively safe status according to the information gathered by SecurityScorecard. One of its most effective features for risk identification is its enterprise-ready automation for third-party risk measurements. Additionally, it provides valuable insights into vulnerabilities within an organization, utilizing tools such as CVE details. For instance, it can assign a score based on vulnerabilities detected, such as 60%, and specify each vulnerability by its identifier. It offers scalability and can handle large volumes of real-time data. The continuous monitoring feature significantly enhances the ability to manage risks by providing real-time data collection on suppliers. We can observe fluctuations in their security levels over time, sometimes even every month. We can create alerts for high-risk situations, enabling organizations to respond promptly to potential security threats or vulnerabilities identified within their supplier network. The product's security ratings are helpful. While there may be occasional false positives, it does not function as a scanning solution. Instead, it presents the same information that hackers could potentially exploit. While I haven't worked with other cybersecurity rating solutions, I can attest to its strengths based on my experience. One notable advantage is their extensive data collection capabilities, surpassing many competitors in the market. They gather a wide range of information, resulting in a vast database that includes many suppliers or companies. It is easy to integrate with other tools. I rate it a nine out of ten.

Read full review

Antonio Scola

Owner at SUNLIT TECHNOLOGIES

With SecurityScorecard, the most valuable feature is the ability to identify if third parties or vendors have digital threats that may impact our company. It also scans all internal domains and IPs to find vulnerabilities in the digital landscape. The continuous monitoring capabilities have been beneficial by providing ongoing assessments of potential risks.

Read full review

Jai Prakash Sharma

Vice President, Technology Operations at InfoEdge India Ltd

SecurityScorecard has improved our company's vendor risk assessment process since it basically gives us the comparison of the competitors and certain vulnerabilities which we can report from an external view or a third party view, giving us an improvement area to work on, which might we might not have focused a lot, or maybe it might be overlooked upon by us. SecurityScorecard helps our company get better scores. The tools help fix the vulnerabilities, which in turn improves scores, making it a valuable product for us. A scenario where SecurityScorecard enabled better decision-making for IT projects includes an incident involving a couple of domain names that my company used to use in the past since sometimes we see that some applications were replicated. My company forgot to clean up the DNS names. Once my company gets to know from SecurityScorecard that our application has vulnerabilities, I may not have renewed the certificate considering that the application is no longer in use, owing to which our company might lose track of it, during which SecurityScorecard helps us to do the cleanup. There are many places where the right certificates are not installed, or maybe there is a small application vulnerability, which the tool can catch from the external view. This can be let known to our company since there is an action we take to fix such areas. Our company operates in the online classified market. The features of SecurityScorecard that are the most beneficial for security monitoring are the reports generated with the help of external audit and vulnerability assessment. The platform's grading system helps prioritize our company's security concerns since it helps us in the area of scores and provides the competition score. The tool also provides recommendations to improve the scores, which is helpful. In the identification of potential threats, SecurityScorecard helps our organization since it does black box analysis. With the black box analysis, the tool helps us in the area of external websites where we cannot do many things directly, after which the tool shares an unbiased status with our company. SecurityScorecard's reporting capabilities support our company's compliance initiatives since it has a dashboard with credentials through which we can get the vulnerabilities reported. The product should provide an option so that it has the ability to fix the reported vulnerability at the same time that it is reported by allowing users to raise a ticket directly with SecurityScorecard's team. After the aforementioned steps are followed, SecurityScorecard can conduct a scanning process and add up the score, which basically gives me the complete trend by allowing me to say last month's trend versus the current month's trend or maybe the last scan versus the current month's scan. I would tell those who plan to use the solution that it is a straightforward product to use. I rate the product a nine out of ten.

Read full review

SecurityScorecard mindshare

As of September 2025, the mindshare of SecurityScorecard in the IT Vendor Risk Management category stands at 10.7%, up from 10.6% compared to the previous year, according to calculations based on PeerSpot user engagement data.

IT Vendor Risk Management Market Share Distribution
Product	Market Share (%)
SecurityScorecard	10.7%
RSA Archer	11.2%
Bitsight	10.5%
Other	67.6%

IT Vendor Risk Management

PeerResearch reports based on SecurityScorecard reviews

Type	Title	Date
Category	IT Vendor Risk Management	Sep 15, 2025	Download
Product	Reviews, tips, and advice from real users	Sep 15, 2025	Download
Comparison	SecurityScorecard vs OneTrust GRC	Sep 15, 2025	Download
Comparison	SecurityScorecard vs Bitsight	Sep 15, 2025	Download
Comparison	SecurityScorecard vs RSA Archer	Sep 15, 2025	Download

Title	Rating	Mindshare	Recommending
RSA Archer	4.0	11.2%	92%	42 interviews Add to research
Bitsight	4.3	10.5%	100%	6 interviews Add to research

Valuable Features

SecurityScorecard's most valuable features include easy reporting, continuous monitoring, and benchmarking. It offers notifications for score changes, MFA login protection, and team collaboration. Users appreciate third-party digital threat identification, internal domain and IP vulnerability scanning, and attack surface capabilities such as exposed ports and breach information. Combining threat intel data with vulnerabilities, it aids comprehensive risk assessment and insights into third-party supply chain risks.

"The biggest benefit is visibility, allowing organizations to understand their risks, vulnerabilities, and potential threats."
"Fortify Data offers attack surface capabilities that identify vulnerabilities, exposed ports, and dark web information."
"The initial setup takes just a couple of days and doesn't require any installation."

Room for Improvement

SecurityScorecard requires improvements in pricing, technical support response time, and user instructions for issue resolution. It would benefit from enhanced third-party risk management capabilities and app scanning for mobile devices. Enabling alternative solutions for vulnerabilities and reducing manual tasks through automation would enhance user experience. Users express a desire for more comprehensive data points related to dark web threats and vulnerability scanning integration. Offering features to share responsibilities with external consultants is also suggested for improvement.

"There are areas for improvement in response times and overall support."
"The product can be improved by incorporating more data points and intelligence around dark web information and threat data."
"Some wanted a different solution."

ROI

SecurityScorecard enhances security posture and mitigates risks by providing visibility into risks and vulnerabilities. It allows organizations to identify and address digital threats from vendors, preventing data breaches. Though ROI is hard to quantify, SecurityScorecard's role is significant in risk management. Organizations note differences in identifying threats and maintaining data integrity. Its effectiveness in risk mitigation is highlighted by users' experiences, such as discovering data on the dark web and avoiding unnoticed security incidents.

Pricing

SecurityScorecard offers flexible pricing structures with a $400 per month tier for smaller entities and higher tiers for more security-focused organizations, with costs around $1000 monthly. Pricing is middle-range compared to competitors like Fortify Data and Censinet. Users note potential additional costs due to taxes in regions like South America. Setup costs are minimized since most data is pre-collected from various sources. Transparency in scoring adjustments is provided, allowing for discussion and feedback.

"The pricing of SecurityScorecard is fair. I would rate it a seven. It's a bit more on the expensive side. In Brazil, for example, making a payment to the vendor involves wire transfers and high taxes, making it more expensive. Selling SecurityScorecard or any American vendor's product in the United States is very different from selling in South America or Brazil."
"Even though it's competitive, they offer flexible pricing structures."
"The pricing could be split into a lower-paid tier for smaller organizations and another higher tier for others with a more security-focused outlook. $1000 per month is more than some companies pay for their internet connections in total.UPDATE: they have a new 400$ a month tier for starters."

Popular Use Cases

Organizations primarily use SecurityScorecard to assess and manage third-party cybersecurity risks. It monitors and assesses the security posture of organizations, offering recommendations to improve it. Data is analyzed deeply to identify vulnerabilities and exposed data, addressing digital risks. Users appreciate the ability to evaluate the security score and explore attack surfaces. However, there is concern about the large gap between free and paid tiers, limiting smaller organizations' access to enhanced features.

Service and Support

Customer service and support for SecurityScorecard have room for improvement in response times and issue resolution. Users note responsiveness has improved over the past year but still encounter delays, with resolutions taking up to 1-3 days. Despite these delays, users express satisfaction with the knowledgeable technical team, rating their experience between six and eight. Suggestions include better organization to handle customer volume efficiently.

Deployment

SecurityScorecard's initial setup is straightforward and efficient. Users report it is easy to deploy within two or three hours for a quick implementation for smaller numbers of monitored companies. Implementation for larger setups with more companies can take a few days. Its SaaS nature simplifies the process, allowing immediate functionality. Users receive support from a Customer Success Manager, ensuring assistance during deployment. Usually, three to four individuals participate in the process.

Scalability

SecurityScorecard is a web-based service suitable for medium to large enterprises. Users highlight its easy scalability, allowing seamless domain expansion. However, it may not suit Fortune 500 companies. While some users admire its functionality, others seek alternatives. Few people in organizations typically use it, often without plans for expansion. Scalability is generally rated around seven out of ten, with simple adjustments possible by interacting with the interface.

Stability

Users experience strong stability with SecurityScorecard. One comment indicates a minor browser setting adjustment is needed for login in MS Edge. Stability ratings range from seven to nine out of ten. The platform is described as 99.99% stable. No complaints regarding stability have been reported, and users have encountered no significant challenges even with moderate traffic.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our SecurityScorecard Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	4
Midsize Enterprise	2
Large Enterprise	1

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	103
Midsize Enterprise	69
Large Enterprise	262

By visitors reading reviews

Top industries

By visitors reading reviews

Financial Services Firm

15%

Computer Software Company

13%

Manufacturing Company

12%

Insurance Company

Retailer

University

Government

Healthcare Company

Construction Company

Comms Service Provider

Media Company

Energy/Utilities Company

Legal Firm

Outsourcing Company

Non Profit

Pharma/Biotech Company

Hospitality Company

Educational Organization

Transportation Company

Wholesaler/Distributor

Recreational Facilities/Services Company

Consumer Goods Company

Security Firm

Logistics Company

Performing Arts

Engineering Company

Marketing Services Firm

Compare SecurityScorecard with alternative products

Learn more about SecurityScorecard

SecurityScorecard specializes in assessing third-party cybersecurity risks, enhancing security posture, and analyzing exposed data. It offers automated information gathering and vendor reports, aiding in vulnerability assessments for supply chain risk management. Users value the Attack Surface Index and recommendations for security improvements, though faster technical response times and better cost-effectiveness, especially in Brazil, are desired. Enhancements such as app scanning and more efficient vulnerability management could expand its capabilities.

What are the key features of SecurityScorecard?

Score Change Notifications: Alerts for immediate awareness of security rating changes
Configurable Reporting: Customizable reports for different stakeholders
Team Collaboration: Tools to facilitate collaborative assessments and decision-making
Multi-Factor Authentication: Enhanced security for user logins
Continuous Monitoring: Ongoing evaluation of cybersecurity posture
Third and Fourth-Party Analysis: In-depth assessment of supply chain risks
Threat Intel Integration: Incorporation of real-time threat intelligence

What benefits or ROI should users expect?

Improved Risk Management: Enhanced visibility of cybersecurity risks
Supply Chain Protection: Identification and management of third-party vulnerabilities
Operational Efficiency: Automated data collection and analysis streamline workflows
Cost-Effectiveness: Potential reduction in security management costs
Comprehensive Threat Visibility: Access to integrated threat intelligence

SecurityScorecard is utilized in industries for managing third-party cybersecurity threats by providing detailed vulnerability assessments and automated reporting. Its implementation aids supply chain risk management and enhances industry-specific security strategies, with room for improvement in technical response times and dark web intelligence inclusion.

SecurityScorecard customers

TriNet, USAA, Zurich, Gilt Groupe, McGraw Hill Financial

Product Categories

IT Vendor Risk Management

Popular Comparisons

RSA Archer vs SecurityScorecard

Bitsight vs SecurityScorecard

OneTrust GRC vs SecurityScorecard

MetricStream vs SecurityScorecard

ProcessUnity vs SecurityScorecard

Black Kite vs SecurityScorecard

RiskRecon vs SecurityScorecard

UpGuard Vendor Risk vs SecurityScorecard

Panorays vs SecurityScorecard

Microsoft Secure Score vs SecurityScorecard

Prevalent vs SecurityScorecard

See all alternatives

SecurityScorecard Reviews Summary
Author info	Rating	Review Summary
Regional Director at a tech services company with 51-200 employees	3.5	I use Fortify Data for financial organizations to assess vulnerabilities by combining attack surface capabilities with dark web information. Its strength lies in comprehensive risk assessments, though it could improve by adding more threat data and active risk management features.
Co-Founder and CEO at Cloudway	4.5	I primarily use SecurityScorecard for assessing third-party cybersecurity risks. While ROI measurement is complex, its role in mitigating risks is invaluable. Improvement is needed in automating questionnaires. Despite this, its importance in enhancing security posture is undeniable.
Owner at SUNLIT TECHNOLOGIES	4.5	I find SecurityScorecard valuable for its ability to identify digital threats from third parties and vendors, offering continuous monitoring of our domains. The biggest ROI comes from preventing potential threats. However, pricing in Brazil could be improved.
Vice President, Technology Operations at InfoEdge India Ltd	4.5	I find SecurityScorecard useful for monitoring and improving security posture with features like security ratings and benchmarking. However, the technical team's response time needs improvement, and the solution should include mobile app scanning while being more cost-effective.
System Administrator at OnShift	3.5	I use SecurityScorecard primarily for reporting due to its ease of use. Its most valuable feature is its straightforward reporting capability. However, it needs to improve on offering alternative solutions for vulnerability mitigation. While I have seen ROI, I cannot quantify it.
Administrator at Neuberger Gebäudeautomation GmbH	4.0	In our experience with SecurityScorecard's free tier, the pricing gap to the paid version feels steep for small organizations. Helpful features include score change notifications and report options, but improvements are needed in problem-solving guidance and subscription costs.
Presales at a tech services company with 1-10 employees	4.0	I primarily use SecurityScorecard for supply chain risk management. The most valuable features include third and fourth-party vendor analysis and questionnaires. There are no identified areas for improvement, and I haven't considered alternate solutions. Deployment is with another cloud provider.

SecurityScorecard Reviews

What is SecurityScorecard?

Featured SecurityScorecard reviews

SecurityScorecard mindshare

PeerResearch reports based on SecurityScorecard reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare SecurityScorecard with alternative products

Learn more about SecurityScorecard

SecurityScorecard customers

Related questions

Product Categories

Popular Comparisons