SecurityScorecard Reviews

Name: SecurityScorecard
Brand: SecurityScorecard
Rating: 4.1 (13 reviews)

Vendor: SecurityScorecard

4.1 out of 5

13 reviews
92% willing to recommend

Leave a review

What is SecurityScorecard?

SecurityScorecard provides comprehensive cybersecurity insights with features such as notifications for score changes and configurable reporting, supporting team collaboration. It emphasizes multi-factor authentication and continuous monitoring for improved risk assessments.

Get the SecurityScorecard Buyer's Guide and find out what your peers are saying about SecurityScorecard, RSA Archer, Bitsight and more!

SecurityScorecard is the #1 ranked solution in top IT Vendor Risk Management solutions, #3 ranked solution in top AI Legal & Compliance solutions, and #3 ranked solution in top AI Procurement & Supply Chain solutions. PeerSpot users give SecurityScorecard an average rating of 8.2 out of 10. SecurityScorecard is most commonly compared to RSA Archer: SecurityScorecard vs RSA Archer. SecurityScorecard is popular among the large enterprise segment, accounting for 58% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 13% of all views.

Helped 881,082 peers since 2012

Featured SecurityScorecard reviews

Aayush Gangwar

Application security engineer at a media company with 51-200 employees

In terms of improvements, I feel SecurityScorecard could enhance some of the integrations based on AI platforms, where I could receive suggestions from the AI tool regarding why SecurityScorecard rates specific issues as critical or high. Details on the technical mitigation would help my non-technical teams understand the security issues better. I think improvements could be made on the reporting side as well, such as the ability to download customizable reports. While SecurityScorecard offers various kinds of reports now, they are limited to predefined formats. Having the ability to choose specific fields for an automated report would be very helpful.

Read full review

JeffBrown

Owner at Taktik Technologies

The ability to perform an automatic scan at any point in time to refresh information and provide the most current data would be helpful. Setting up automated scans on a schedule where information is more than a week old so that a forced automatic scan could be triggered for a particular company would be beneficial. This would ensure that current information is being used when monitoring different clients.Overall, SecurityScorecard is a good product, and they need to continue developing it. There are challenges around third-party risk management. When providing risk management for your own company, it does everything you want it to do. However, for managing third parties, there are still some challenges, mainly because some aspects are out of their control since you do not have control over another company's risk or infrastructure and cannot dictate whether they are making changes. Overall, SecurityScorecard provides good information, but I am always looking for something that is more automated and would provide a better and more detailed picture of third-party risk profiles.

Read full review

E Danquah

IT operations risk analyst at a energy/utilities company with 10,001+ employees

The best features SecurityScorecard offers for me are mainly being able to properly position my organization's security posture because of the score that is provided. I am able to know if we are doing well by assigning the quality or assigning the security posture to a score. It helps put things into perspective for me and I am able to know to what extent a vulnerability exists and the level of threat and the level of information breach each vulnerability is associated with. The score helps me to inform leadership where we truly are at with regards to our security posture as an organization. It is also able to help me prioritize which vulnerabilities to remediate, which is more important, and which one needs immediate attention. It also helps me paint the best picture of our security position to management. SecurityScorecard helps my organization know how well we are performing with regards to our security posture, and we are able to close security gaps when they are raised in SecurityScorecard.

Read full review

SecurityScorecard mindshare

As of January 2026, the mindshare of SecurityScorecard in the IT Vendor Risk Management category stands at 8.1%, down from 11.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.

IT Vendor Risk Management Market Share Distribution
Product	Market Share (%)
SecurityScorecard	8.1%
OneTrust GRC	8.3%
RSA Archer	8.0%
Other	75.6%

IT Vendor Risk Management

PeerResearch reports based on SecurityScorecard reviews

Type	Title	Date
Category	IT Vendor Risk Management	Jan 26, 2026	Download
Product	Reviews, tips, and advice from real users	Jan 26, 2026	Download
Comparison	SecurityScorecard vs Bitsight	Jan 26, 2026	Download
Comparison	SecurityScorecard vs OneTrust GRC	Jan 26, 2026	Download
Comparison	SecurityScorecard vs RSA Archer	Jan 26, 2026	Download

Valuable Features

SecurityScorecard provides valuable features such as easy reporting, continuous monitoring, digital threat identification for third parties, IP vulnerability scanning, risk scoring, cyber insurance underwriting, and compliance support. Users benefit from quick assessment of security posture, improvement in compliance metrics, and effective risk management. The interface offers clear visualization, and automation features like alerts and notifications enhance efficiency. Teams can prioritize threat remediation and maintain ongoing visibility of their security environment.

"The best features SecurityScorecard offers for me are mainly being able to properly position my organization's security posture because of the score that is provided."
"SecurityScorecard has impacted my organization positively as it was a surprise to notice that many of our customers follow us there, and the tool scans the web twice per day, so we can see how hackers and what they can see from our publicly available IPs."
"SecurityScorecard helps us identify potential vulnerabilities early, reduce third-party risk, and make more informed security decisions without relying only on questionnaires or self-reporting information."

Room for Improvement

SecurityScorecard needs better problem-solving guidance and pricing adjustments. Timeliness in technical support responses requires enhancement. Users desire app scanning capabilities, improved questionnaire automation, and integration with AI platforms. Critical areas include enhanced dark web intelligence, customizable reporting, internal monitoring, and scheduled scans. Third-party risk management features should be more active, with detailed remediation guidance and more precise algorithmic data attribution. Stronger integration, improved user interface, and management of false positives are necessary improvements.

"I realized that because my company was acquired by a bigger organization, SecurityScorecard started associating other portfolio company vulnerabilities to our score, which was not helpful because it was giving us wrong data and giving us vulnerabilities we did not have."
"I suggest that SecurityScorecard could be improved by giving a little more specifics on how the scanning works and how you are able to detect those IPs, including more details on the privacy side about how the scanner operates and how it is sometimes allowed to do those scans."
"SecurityScorecard can be complex during setup, and I would recommend that anyone implementing it get help setting it up because it is not as straightforward as people might think."

ROI

Users indicate varied perspectives on ROI from SecurityScorecard. Many find it beneficial in enhancing security rankings and lowering insurance costs, while offering time-saving advantages. The tool is praised for improving visibility into risks and threats, helping organizations act promptly. Although quantifying ROI may be complex, some have reported significant percentage gains over time. Addressing third-party risks and preventing digital threats highlights its importance in modern digital security strategies.

Pricing

SecurityScorecard offers a pricing model with tiers catering to different organizational needs, including a $400 per month starter tier and higher-priced options. While some users mention the initial list price as high, many find the pricing competitive and reasonable given the features. Regional factors, such as high taxes for Brazil, can affect cost perceptions. The absence of setup costs and the SaaS deployment model are appreciated for ease of use and onboarding.

"The pricing of SecurityScorecard is fair. I would rate it a seven. It's a bit more on the expensive side. In Brazil, for example, making a payment to the vendor involves wire transfers and high taxes, making it more expensive. Selling SecurityScorecard or any American vendor's product in the United States is very different from selling in South America or Brazil."
"Even though it's competitive, they offer flexible pricing structures."
"The pricing could be split into a lower-paid tier for smaller organizations and another higher tier for others with a more security-focused outlook. $1000 per month is more than some companies pay for their internet connections in total.UPDATE: they have a new 400$ a month tier for starters."

Popular Use Cases

Organizations primarily use SecurityScorecard for assessing and managing cybersecurity risks. Its capabilities include monitoring vulnerabilities, evaluating third-party risk, and providing actionable intelligence. Users benefit by scanning domains and IPs, identifying weak configurations, and maintaining high security ratings. It serves various industries, allowing companies to improve their security posture and make informed decisions by analyzing external attack surfaces, vendor risks, and threat intelligence, facilitating continuous monitoring and response to detected security issues.

Service and Support

SecurityScorecard's customer service and support shows varying response times, with improvements noted over the past year. Users report helpful interactions during onboarding and frequent sync-up calls. Although some experience delays, the knowledgeable team is praised for resolving inquiries. Their 24/7 availability receives high satisfaction ratings, yet there's a notable need for better organization to handle customer volume efficiently. Many consider the service good, rating it between six to nine out of ten.

Deployment

Many users find SecurityScorecard's initial setup straightforward and easy, often achieving deployment in hours. As a SaaS platform, it facilitates swift deployment, although time varies with the number of companies monitored. Assistance from a Customer Success Manager enhances the process. Some users advise seeking third-party help due to potential complexities, particularly when dealing with third-party configurations. Licensing limitations may affect the number of domains or vendors integrated, varying based on the chosen license.

Scalability

Users find SecurityScorecard highly scalable due to its web-based nature, enabling easy adjustment for domain expansion. It's deemed suitable for medium to large businesses, though not ideal for Fortune 500 companies. Challenges during initial onboarding were resolved efficiently with the support team. Some users appreciated the scalability, while others expressed interest in alternatives. Users gave mixed ratings but generally felt scaling up was straightforward without major issues reported.

Stability

SecurityScorecard has consistently demonstrated stability. Users have reported no downtime, and there are no complaints regarding reliability. Most rate its stability between seven to nine out of ten. The platform efficiently handles operations and is mostly stable. A minor issue noted is with MS Edge requiring a specific setting adjustment during login. Many find it stable for their organizational needs without disruptions, and the browser extension feature is particularly appreciated.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our SecurityScorecard Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company Size	Count
Small Business	6
Midsize Enterprise	4
Large Enterprise	2

By reviewers

By visitors reading reviews
Company Size	Count
Small Business	102
Midsize Enterprise	63
Large Enterprise	228

By visitors reading reviews

Top industries

By visitors reading reviews

Financial Services Firm

13%

Manufacturing Company

11%

Computer Software Company

10%

Insurance Company

Retailer

Healthcare Company

Government

Energy/Utilities Company

Media Company

Comms Service Provider

Construction Company

University

Outsourcing Company

Legal Firm

Educational Organization

Non Profit

Hospitality Company

Transportation Company

Wholesaler/Distributor

Pharma/Biotech Company

Recreational Facilities/Services Company

Engineering Company

Marketing Services Firm

Security Firm

Consumer Goods Company

Logistics Company

Real Estate/Law Firm

Aerospace/Defense Firm

Compare SecurityScorecard with alternative products

Learn more about SecurityScorecard

SecurityScorecard specializes in assessing third-party cybersecurity risks, enhancing security posture, and analyzing exposed data. It offers automated information gathering and vendor reports, aiding in vulnerability assessments for supply chain risk management. Users value the Attack Surface Index and recommendations for security improvements, though faster technical response times and better cost-effectiveness, especially in Brazil, are desired. Enhancements such as app scanning and more efficient vulnerability management could expand its capabilities.

What are the key features of SecurityScorecard?

Score Change Notifications: Alerts for immediate awareness of security rating changes
Configurable Reporting: Customizable reports for different stakeholders
Team Collaboration: Tools to facilitate collaborative assessments and decision-making
Multi-Factor Authentication: Enhanced security for user logins
Continuous Monitoring: Ongoing evaluation of cybersecurity posture
Third and Fourth-Party Analysis: In-depth assessment of supply chain risks
Threat Intel Integration: Incorporation of real-time threat intelligence

What benefits or ROI should users expect?

Improved Risk Management: Enhanced visibility of cybersecurity risks
Supply Chain Protection: Identification and management of third-party vulnerabilities
Operational Efficiency: Automated data collection and analysis streamline workflows
Cost-Effectiveness: Potential reduction in security management costs
Comprehensive Threat Visibility: Access to integrated threat intelligence

SecurityScorecard is utilized in industries for managing third-party cybersecurity threats by providing detailed vulnerability assessments and automated reporting. Its implementation aids supply chain risk management and enhances industry-specific security strategies, with room for improvement in technical response times and dark web intelligence inclusion.

SecurityScorecard customers

TriNet, USAA, Zurich, Gilt Groupe, McGraw Hill Financial

Product Categories

IT Vendor Risk Management

AI Legal & Compliance

AI Procurement & Supply Chain

Popular Comparisons

RSA Archer vs SecurityScorecard

Bitsight vs SecurityScorecard

OneTrust GRC vs SecurityScorecard

AuditBoard vs SecurityScorecard

MetricStream vs SecurityScorecard

ProcessUnity vs SecurityScorecard

Black Kite vs SecurityScorecard

RiskRecon vs SecurityScorecard

UpGuard Vendor Risk vs SecurityScorecard

Panorays vs SecurityScorecard

Kovrr vs SecurityScorecard

Microsoft Secure Score vs SecurityScorecard

Prevalent vs SecurityScorecard

See all alternatives

SecurityScorecard Reviews Summary
Author info	Rating	Review Summary
Application security engineer at a media company with 51-200 employees	4.0	I use SecurityScorecard to manage vendor risk and monitor threats, which helped improve our security score from B to A, reduced insurance costs, and enhanced overall security maturity through valuable features, Jira integration, and reliable support.
Owner at Taktik Technologies	3.5	I've used SecurityScorecard for years to monitor third-party risk; it's highly informative, especially on cloud security, though setup is complex and data isn't always current. It’s effective but could improve automation and real-time scanning.
IT operations risk analyst at a energy/utilities company with 10,001+ employees	4.0	I've used SecurityScorecard for two years to monitor vulnerabilities in our domain; its scoring system helps prioritize threats, though accuracy suffered after a company acquisition. The platform is user-friendly, and customer support responds promptly to issues.
SOC analyst at BUSINESS IT	4.0	I use SecurityScorecard to quickly assess vendor security, reduce third-party risk, and support informed decisions. It's stable, scalable, and user-friendly, though it could improve customization, integration, and reporting. Overall, it saves time and delivers clear ROI.
Technical Lead at M.TECH Solutions India Pvt. Ltd.	5.0	I've used SecurityScorecard for years to help customers identify vulnerabilities, assess cyber risk, and improve compliance, with clear ROI and strong support, though it could improve by monitoring internal, non-public-facing systems more effectively.
Regional Director at a tech services company with 51-200 employees	3.5	I use Fortify Data for financial organizations to assess vulnerabilities by combining attack surface capabilities with dark web information. Its strength lies in comprehensive risk assessments, though it could improve by adding more threat data and active risk management features.
Cybersecurity Specialist at a tech vendor with 501-1,000 employees	4.5	I've found SecurityScorecard easy to use, helpful for tracking vulnerabilities and improving our security score, which matters to customers. While it's mostly great, more detail on scans and managing false positives would improve it further.
Co-Founder and CEO at Cloudway	4.5	I primarily use SecurityScorecard for assessing third-party cybersecurity risks. While ROI measurement is complex, its role in mitigating risks is invaluable. Improvement is needed in automating questionnaires. Despite this, its importance in enhancing security posture is undeniable.

Title	Rating	Mindshare	Recommending
RSA Archer	4.0	8.0%	92%	42 interviews Add to research
Bitsight	4.1	7.5%	100%	9 interviews Add to research

SecurityScorecard Reviews

What is SecurityScorecard?

Featured SecurityScorecard reviews

SecurityScorecard mindshare

PeerResearch reports based on SecurityScorecard reviews

Valuable Features

Room for Improvement

ROI

Pricing

Popular Use Cases

Service and Support

Deployment

Scalability

Stability

Review data by company size

Top industries

Compare SecurityScorecard with alternative products

Learn more about SecurityScorecard

SecurityScorecard customers

Related questions

Product Categories

Popular Comparisons