Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
SSC
What do you like best about the product?
The automated scanning and scoring that feeds into a portal where we can manage findings, resolutions, etc.
What do you dislike about the product?
Adjusted scoring seems to be to frequent
Patching cadence findings show in the score improvement plan generation and you cannot resolve those until the time elapses
I don't like the patching cadence logic and it is to rigid of a scoring mechanism for large organizations with multiple environments with an online presence.
Patching cadence findings show in the score improvement plan generation and you cannot resolve those until the time elapses
I don't like the patching cadence logic and it is to rigid of a scoring mechanism for large organizations with multiple environments with an online presence.
What problems is the product solving and how is that benefiting you?
Visibility into our digital footprint and a risk based scoring report
- Leave a Comment |
- Mark review as helpful
Security Scorecards: Excellent insight to security posture
What do you like best about the product?
Consistent view to our posture, continually updated.
What do you dislike about the product?
Need better grouping for my industry for comparison.
What problems is the product solving and how is that benefiting you?
We had an issue previously how to show our clients and executives where we stand security posture wise.
Easy to use platform. Great customer service.
What do you like best about the product?
Intuitive platform. Great customer support.
What do you dislike about the product?
Not sure about all the details around how SSC determines/generates an organizational scorecard.
What problems is the product solving and how is that benefiting you?
Improving a Third Party Vendors SSC score. Increased cybersecurity posture of our organization and others.
Great utility for a reasonable cost!
What do you like best about the product?
SecurityScorecard presents security metrics that are easy to understand and present to upper management. It has given me ammo to change some low-hanging security settings without burdening my staff.
What do you dislike about the product?
There can be some false positive when looking at the scorecards of vendors because they may use cloud resources which are shared by other companies so malware sources or IP reputation might have been affected by the other companies using the same resource.
What problems is the product solving and how is that benefiting you?
It is a fast way to give a surface look at the security postures of other vendors or peers. It allows me to push for security changes.
Holistic view of a company's digital security performance
What do you like best about the product?
SecurityScoreCard provides a comprehensive view of the security of an organization's digital footprint. Their team provides great support and pricing is competitive.
What do you dislike about the product?
Security ratings may be negatively impacted by non-critical assets, such as parked domains. The dynamic nature of public cloud deployments where public IP addresses and services are dynamic may lead to false positives, and it can be time consuming to trace down the reason why assets have been assigned to your company which are not part of one's current asset inventory.
What problems is the product solving and how is that benefiting you?
SecurityScoreCard is a useful tool in the vendor risk management tool chest which, when combined with 3rd party attestations like SOC reports and Pen tests provides a holistic view of the security practices are key suppliers as well as competitors.
Recommendations to others considering the product:
I recommend SSC as a tool for both in house IT and Security teams to ascertain and monitor their own digital footprint, particularly for cloud service providers, as well as enterprise customers who are tasked with ascertaining the risk profile of their key suppliers.
Great insights into your own security stance and your vendor’s
What do you like best about the product?
Comprehensive research presented well. Quick and helpful support team!
What do you dislike about the product?
Sometimes items get misidentified a few times until the algorithm get updated. As the support team is quick in removing demonstrated incorrect entries, this isn’t a big detractor.
What problems is the product solving and how is that benefiting you?
The main driver was to have a near continuous monitoring of our external infrastructure for open vulnerabilities and incorrect/insecure configurations. We found a number of improvements and improved our standing significantly. We also react faster to new vulnerabilities.
A secondary driver was to review our vendors; this provided some helpful insights and some interesting conversations with underperforming vendors.
A secondary driver was to review our vendors; this provided some helpful insights and some interesting conversations with underperforming vendors.
Excellent tool for vendor risk assessments
What do you like best about the product?
It's nice to know that they are always watching my critical vendors and I can see how they are scoring. I also like that I can invite vendors to join SecurityScoreCard at no cost to them.
What do you dislike about the product?
No problems with SecurityScoreCard at present.
What problems is the product solving and how is that benefiting you?
All of my critical vendors go through SecurityScoreCard.
Recommendations to others considering the product:
I liked SecurityScoreCard better than Bit Sight because SecurityScoreCard grades are easily understandable. For example, with SecurityScoreCard, a vendor can get an 89 (B), but with BitSight their grade might be 647. A bit more difficult to interpret.
New Implementation
What do you like best about the product?
Security Scorecard allows us to monitor the changing security posture of our suppliers
What do you dislike about the product?
One feature that would be great is to be able to nest portfolios. In the compliance tab having the ability to have a holistic view of all of our vendors that do not meet a certain control
What problems is the product solving and how is that benefiting you?
The benefits of the platform allows us to provide and additional view of risk associated with using third parties
The tool is really helful to know the security status of a company , data breaches and data issues
What do you like best about the product?
The best part is that post you know the issues & breaches of a company, you can invite them to get remediation. You can help them improve
What do you dislike about the product?
The process of adding companies to portfolio need a little improvement. Sometimes the weblink inside the company does not open up. Also sometime the tool is little slow
What problems is the product solving and how is that benefiting you?
Sending Questionnaire and assessment questions is really awesome.
Help in improving security scores of companies
Help in improving security scores of companies
Recommendations to others considering the product:
This tool is really helful as it covers different domains related to information security and very helpful to improve the score/grade of a company
Excellent tool and service behind
What do you like best about the product?
The Security Scorecard offers us what we need in terms of continuous assessment of the external network vulnerabilities tests. The webUI is user-friendly and built in a logical format, very easy to use and dig for information on it.
What do you dislike about the product?
There is no user option to re-launch the test, so you get confirmation that your fix really works. Claiming a fixed issue takes some time and a ticket to Security ScoreCard Support to validate it. Also, the propagation of the fix may take some time, before it gets reflected on the organization's score.
What problems is the product solving and how is that benefiting you?
We have a full picture of our organization's exposure on the public domain. Getting this "big picture" for the entire IP space helps us prioritize the mitigation actions and the maintenance windows for our external hosts. Also, having the issues summarized, explained, and the solution suggested for any problem that came out of scans, it's really helpful.
Recommendations to others considering the product:
Try it. Ask for a demo.
showing 51 - 60