Sign in
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

SecurityScorecard

SecurityScorecard | 1

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

74 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Matt M.

Good platform that continues to evolve

  • February 21, 2023
  • Review verified by G2

What do you like best about the product?
Quick and easy to use to find potential issues with your external assets.
What do you dislike about the product?
Some of the factors used to determine score are subjective and SSC does not provide strong evidence of a risk-based decision.
What problems is the product solving and how is that benefiting you?
Clear view into external asset security posture. In addition, customers are able to the score and how it improves over time.


    Analia P.

Useful to kick off a conversation

  • February 21, 2023
  • Review verified by G2

What do you like best about the product?
I use it as one more input when reviewing the vendor security posture within the vendor security risk assessment process. I like it gives me detailed inputs to start asking things about the third party. The reports are detailed enough to submit them and wait for a targeted and not high-level answer.
What do you dislike about the product?
According to third-party feedback, unfortunately, it gives many false positives. I would say that 50% of the vendors I asked about Scorecard-> are not maintaining it and re-direct us to their security trust center with more accurate pentest on their domains.
What problems is the product solving and how is that benefiting you?
As I said, it's giving me further inputs to kick off conversations with third parties. I wouldn't say it's solving any problem but it's in our checklist in the 3rd parties and supplier assessment. Honestly, so far, it hasn't given us enough accurate information to detect risk exposure in the third party. They don't give much relevance to what SS says and redirect us to their pen tests. It's plenty of false positives (i.e., domains not owned by the scanned URL) in the Application and network security sections.
If we had to follow up each variation in SS we would need a person dedicate to that with no full assurance on adding any value, so, we are not following that "live".


    Hendra G.

We are using securityscorecard to monitor our third party vendors

  • February 21, 2023
  • Review verified by G2

What do you like best about the product?
simplicity and easy to use reporting, its comprehensive coverage areas
What do you dislike about the product?
sometimes the data is not accurate after confirming with vendors
What problems is the product solving and how is that benefiting you?
blindsidedness when dealing with new third parties. This gives me an opportunity to evaluate risk profiles of the parties we are dealing with.


    Subodh P.

Best External Security Posture Rating platform

  • February 21, 2023
  • Review verified by G2

What do you like best about the product?
SecurityScoreCard (SCC) is not just an external security posture rating platform, but it is also external attack surface management. With all the public data available, it shows a mirror to organizations how exactly security looks from the outside.

With every organization now using SCC scores, a kind of social pressure has been created that every organization must maintain a mark security posture, which is overall good for the community.
What do you dislike about the product?
Anything related to your company name impacts the score, even your vendor services and all. Although that's the idea that the security posture of any company is not just its own infrastructure but all supplied ecosystem as well. However, sometimes test systems are also hosted with the same company domain, which can drop security scores a lot.
The assist discovery algorithm is not the best, especially for subdomains.
What problems is the product solving and how is that benefiting you?
Continuously monitoring external security posture in all areas of the security domain.
Social pressure to remain on top of our security.
Ability to detect external threats.


    Scott F.

It has been a cornerstone of building a successful security program

  • February 20, 2023
  • Review verified by G2

What do you like best about the product?
Simple to use interface, knowledgeable folks to work with, help resolving issues when they appear on reports, and daily comfort of knowing where I stand on attack surfaces.
What do you dislike about the product?
Wish there was more than just one complimentary vendor to have in the portfolio.
What problems is the product solving and how is that benefiting you?
It provides a powerful outside-in look at my network.


    Karen M.

Strong Product that Provides Leverage in Vendor Business Dealings

  • February 16, 2023
  • Review verified by G2

What do you like best about the product?
- SS provides various reporting options that allow me to target my security results message according to my audience. This is critical as we use results as contract leverage - agreement from the vendor for security control maintenance which can be observed on SS
- SS has a responsive support team. which is critical to me on time-sensitive projects.
-- SS engages its customers regularly to help improve and grow their use of the SS, and to obtain useful feedback from their user base
What do you dislike about the product?
- SS must integrate Atlas with the rest of the product in order to create a holistic view of the vendor's security controls. If they do this, they have a powerhouse tool. Security controls go beyond what can be seen from the Internet or what is reported in the news. Administrative controls, awareness and phishing exercises I need to know about for a final score on a vendor.
- I would like it to be easier to manipulate the footprint/IP roster used to create reports. Case in point, I have business partners I assess who contract with an IT provider to manage their domain. I know the full score of the IT provider includes all domains it provides, and it is the true indicator of its security practices. But I need to report on the subdomain of my customer to gain credibility on my final assessment rating.
What problems is the product solving and how is that benefiting you?
-Quickly providing provable, unbiased data about the technical security control environment of third parties with whom we share data/connectivity. The SS information is used as part of my final security risk assessments.
- Provides breach history and company stats without me having to research
- SS provides a visual way to begin the security conversation - and continue it - with our vendors/third parties. It gives us leverage during contract renewals and initial signing
- Simply put, IT HELPS ME WITH MY WORKLOAD. I have too many assessments coming in to manage. SS ups my efficiency


    Nick L.

Great tool

  • February 16, 2023
  • Review provided by G2

What do you like best about the product?
Being able to validate the level of security a vendor is claiming. new scan results appear quickly and support is responsive.
What do you dislike about the product?
So far i have not found anything to dislike.
What problems is the product solving and how is that benefiting you?
I can see our 3rd party vendors and issues that might arise, as well as issues my organization may have.


    Goutam P.

Security Scorecard Review

  • February 16, 2023
  • Review provided by G2

What do you like best about the product?
It gives comprehensive review about our key vendors, and also gives capability to look at our overall security posture.
What do you dislike about the product?
1. Suddenly too many false positives appear out of no where, and we end up cleaning the ips that are wrongly mapped
2. Whenever there are new ips found, customer should be given a choice to say Yes/No, before tagging them to customer score card.
What problems is the product solving and how is that benefiting you?
It is helping us draw a security baseline across different vendors
It is also helping us to review, the security posture of our organization from external point of view


    Richard H.

Low cost, highly effective solution!

  • February 15, 2023
  • Review verified by G2

What do you like best about the product?
Security Scorecard is one of the most easy-to-use, intuitive pieces of software I have used in my 36-year working history. It is useful from the time you start using it. Great dashboard display, which then allows you to go deeper into findings and then, as an added bonus - it tells you how to remediate the problem. The software is so good that I have purchased it in the past 3 security roles I have had. I recommend it to security people I know, who have all been "wowed" by it. And did I mention Support? Support is fantastic!
What do you dislike about the product?
There isn't a lot I dislike about Security Scorecard. In fact...I can't think of one item that annoys me! Maybe IF it included some information gathered from the Dark Web about my company... yeah, that would make it an 11/10 instead of a 10/10 rating.
What problems is the product solving and how is that benefiting you?
Security Scorecard is showing me either 1- what I don't know (Patching Cadence, DNS Health etc.) or 2- what would take me hours/ days to gather and then more time to assess. With respect to my second point - it has reduced the likelihood of hiring a security analyst to locate, collect and analyse all the data that Security Scorecard does with the click of a button.


    Financial Services

Good service, not the best experience

  • November 03, 2022
  • Review provided by G2

What do you like best about the product?
It has great customer service and a user-friendly interface.
What do you dislike about the product?
The lack of other clients/users represented in the system.
What problems is the product solving and how is that benefiting you?
Vendor management and some function of third-party risk management.