Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

SecurityScorecard

SecurityScorecard | 1

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

74 reviews
from G2

External reviews are not included in the AWS star rating for the product.

    Marvin G.

Best bang for the Buck in SecurityScore space

  • October 26, 2019
  • Review verified by G2

What do you like best about the product?
We use SecurityScorecard in a variety of ways; 1) watching ourselves to ensure our Internet footprint secure & following best practices, 2) as part of 3rd party security reviews/approvals of new vendors/SaaS, etc., and 3) Industry benchmarking & Board reporting. 4) We're just beginning to look at corporate spend & map that back to a SecurityScore-based heatmap for a more corporate view. Also, the ability to quickly add previously unscored companies is a great feature.
What do you dislike about the product?
Biggest thing to me is around the lack of email notifications when user-initiatied 'offline/adhoc' processes are requested, which today requires the requestor to remember and go back & check, like: 1) requesting a new company be reviewed, which generally takes 3-5 days, 2) when security score reports have been requested, etc. Improving here would greatly improve the user experience.
What problems is the product solving and how is that benefiting you?
We're in our 2nd full year of use, and improved our overall score from 73-C to 98-A. SecurityScorecard has brought to light several best practices that weren't being followed (especially around Email security & DNS (SPF/DKIM), SSL best practices, as well as, garbage collection, not to mention keeping tabs on a sprawling web presence. While it was a tremendous amount of work to clean up the environment, it's now relatively easy to keep clean, enabling us to see a drastic reduction in the number of successful web attacks, as well as, increasing the effectiveness of the advanced security capability of our email filtering capability, resulting in reductions in the number of actual phish in users' mailboxes.
Recommendations to others considering the product:
The biggest value to us is the continuous monitoring of ourselves, and taking action on score changes. From my perspective, continuous monitoring of 3rd parties hasn't been all that valuable to date - we found we didn't do anything with the alerts. We're looking into integration with ServiceNow to enhance the approval process vs. being disjointed today - hope is to streamline the process.

    Education Management

Best 3rd party vendor management tool for the money

  • October 22, 2019
  • Review verified by G2

What do you like best about the product?
I am able to review our vendors in real time to frameworks such as PCI, HIPAA and many more. We had a vendor say they were HIPAA compliant and I was able to show them they were not according to security scorecard
What do you dislike about the product?
They make so many improvements to the product at this point it would only be nitpicking
What problems is the product solving and how is that benefiting you?
We are able to watch our vendors and make informed decisions on new vendors.
Recommendations to others considering the product:
Start off with 5 vendors. You can switch them up on a daily basis. If you need more then you can buy more later.

    Retail

SS helps me do my job

  • October 17, 2019
  • Review verified by G2

What do you like best about the product?
Easy to understand rating system. Evaluation against industry peers.
What do you dislike about the product?
Not every vendor has a ScoreCard available
What problems is the product solving and how is that benefiting you?
Used to evaluate vendors and third party risk

    Chris K.

Rich Risk Information in a Clean GUI

  • October 15, 2019
  • Review verified by G2

What do you like best about the product?
I appreciate the way Security Scorecard brings together publically available risk information and provides an initial risk analysis. The GUI interface makes it easy to drill deeper into areas of interest and the Historical trending allows you to materialize risk reduction. The ability to invite vendors to see their scorecard is a nice touch combined with allowing the customer to question, refute, or resolve any identified vulnerability.
What do you dislike about the product?
The tool does a great job at managing a vendor with a wealth of information but lacks tools to effectively and efficiently manage entire portfolios of hundreds of vendors. There are few options to bubble to the surface highest risk issues across and entire portfolio and recently identified and posted vulnerabilities so that risk mitigation efforts can begin. The Breach Insight feature is lacking in credibility and effectiveness. The lack of CVE numbers & CVSS security ratings can led to subjective opinion of risk by Security Scorecard versus the collaborative\standard presented by a CVE\CVSS.
What problems is the product solving and how is that benefiting you?
Currently we are monitoring 1000+ third parties identifying the worst performing companies overall as well as within specific risk areas or specific vulnerabilities. Once alerted or identified then proactive efforts are taken to verify the potential vulnerability and work with the third party to mitigate. We are also leveraging the breach\incident alerts to review potential impact and risk exposure and liabilities.

showing 71 - 74