SecurityScorecard Detects, Rates Security of Third-Party Suppliers
New technology aims to help discover and rate the security of an organization's extended list of third-party suppliers.Modern enterprises face a lot of different types of threats, including security risks and vulnerabilities in the third-party vendor technologies they use. It's a challenge that Aleksandr Yampolskiy, CEO and co-founder of SecurityScorecard, is tackling head on with his company's new Automated Vendor Detection (AVD) capability that can identify and rate the security of vendors used by an organization. Yampolskiy, who holds a Ph.D. in cryptography from Yale University and has worked at big names in IT including Microsoft, Oracle and Goldman Sachs, started SecurityScorecard in 2013 after realizing that he could build a company to address the challenge of multivendor risk. "The question that kept me awake at night was, I had a good grasp of security at my own company but when it came to my vendors, partners and suppliers, I was left in the dark if they were as diligent as I was to protect my data," Yampolskiy told eWEEK. SecurityScorecard, which employs approximately 60 people and is headquartered in New York City, in March 2015 raised $12.5 million in a Series A round of funding led by Sequoia Capital. What SecurityScorecard does is monitor millions of signals and terabytes of data from all over the Internet from every company in the world. The scorecard then rates the security of companies as observable from outside of the organization, according to Yampolskiy.
The new piece of the SecurityScorecard platform that is now launching is the ability to automatically discover the vendors that an organization is using. Yampolskiy said that most organizations face an unknown downstream risk when doing business today, as they don't always know all of the suppliers that their own vendors might be using.