Sold by: SecurityScorecardÂ
Deployed on AWS
Vendor Insights
SecurityScorecard is the global leader in third-party cyber risk management, with more than 12 million companies continuously rated. Our patented security ratings technology is used by organizations for enterprise risk management, third-party cyber risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight.
Thousands of customers rely on SecurityScorecard to help them move from risk identification to risk resolution, operationalize their cyber risk management program, and improve the overall cyber hygiene of their organizations.
Overview
The SecurityScorecard platform uses non-intrusive and proprietary data collection methods, as well as trusted commercial and open-source threat feeds, to quantitatively evaluate the cybersecurity posture of any organization. We continuously monitor 10 risk factor groups and instantly deliver an easy-to-understand A to F rating, empowering organizations to quickly find and fix vulnerabilities and issues.
SecurityScorecard assessments enable enterprises to cut through the "questionnaire noise" by empowering users to send, complete, and auto-validate questionnaires at scale. Our assessments leverage SecurityScorecard ratings to automatically provide insight into the validity of questionnaire responses. This inside-out approach coupled with SecurityScorecard Ratings outside-in perspective provide organizations an objective 360 degree view of the cybersecurity risks of any vendor.
Every company has the universal right to their trusted and transparent cybersecurity rating and can sign up for a free account. Please visit <www.securityscorecard.com/trust > for more information.
For inquiries about a Private Offer (PO) or a Channel Partner Private Offer (CPPO), please contact aws-sales@securityscorecard.io .
Highlights
- Hundreds of thousands of organizations followed and 12+ million companies continuously monitored
- Accelerates the vendor risk assessment process by 75% and cuts the questionnaire cycle in half
- Award-winning customer success team highly rated for "ease-of-setup" and "quality customer service" with over 98% satisfaction rate
Details
Sold by
Delivery method
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(2)
SOC2
AWS Managed Security Services Specialization
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
SSC Free | REQUEST QUOTE | $0.00 |
SSC Pro | REQUEST QUOTE | $0.00 |
SSC Business | For vendor management of 5 domains, reporting unlocked | $12,000.00 |
SSC Enterprise | Larger vendor management of 75 domains + onboarding experience | $141,250.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law or as provided in our MSA.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Our Customer Success team is a team of advisors, partners and experts that are here to help you maximize your experience with SecurityScorecard. They help you unleash the full potential of SecurityScorecard, provide guidance on use cases, as well as keep you apprised of new product features. From onboarding and adoption through operationalization and scaling, the Customer Success team will be your partner to ensure you meet your goals as an additional layer to our technical support resources. To reach the Customer Success team contact us at csm@securityscorecard.io . For technical support please contact us at support@securityscorecard.io .
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By SecurityScorecard
By Bitsight
By Hackmetrix
Top
10
In Procurement & Supply Chain, Legal & Compliance
Top
50
In Device Security
Top
10
In Security Observability, Compliance and Auditing
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Threat Intelligence Monitoring
Continuously monitors 10 risk factor groups using non-intrusive data collection methods and commercial and open-source threat feeds
Cybersecurity Risk Rating
Provides quantitative cybersecurity posture evaluation using an easy-to-understand A to F rating system
Vendor Risk Assessment
Enables automated questionnaire completion and validation with integrated inside-out and outside-in risk perspective
Data Collection Methodology
Utilizes proprietary and trusted data collection techniques for comprehensive cybersecurity assessment
Continuous Monitoring Technology
Performs real-time cybersecurity posture tracking across multiple organizations and risk domains
Cyber Risk Analytics
Advanced platform utilizing 44+ trillion raw events and 100 billion new events daily for comprehensive cybersecurity risk assessment
Security Performance Measurement
Continuous visibility and monitoring of an organization's extended digital footprint with performance tracking over time
Breach Likelihood Correlation
Security rating independently correlated to potential breach probability and organizational stock performance
Third-Party Risk Management
Capability to analyze and evaluate cybersecurity risks across vendor ecosystems and extended organizational networks
Global Organizational Rating
Comprehensive rating system covering 40 million organizations with 12+ months of historical cybersecurity performance data
Vulnerability Scanning
Continuous monitoring of systems to detect and alert on security vulnerabilities and misconfigurations
Compliance Management
Automated workflows for achieving ISO 27001 and PCI DSS certifications with comprehensive compliance tracking
Domain Security
Comprehensive domain scanning to identify potential security risks and exposure points
Device Monitoring
Real-time tracking and assessment of device security status and potential threats
Third-Party Application Security
Security assessment and monitoring of integrated third-party applications to identify potential security risks
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
-
-
-
No security profile
-
-
-
-
-
Standard contract
No
No
Customer reviews
0 ratings
0 AWS reviews
|
96 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
David Q.
The Gold Standard for Security Ratings
Reviewed on Aug 16, 2025
Review provided by G2
What do you like best about the product?
Its interface is deceptively simple with incredible functionality. I've rolled this out in three organizations, and EVERY time, it's found THE critical gaps (e.g.- expired SSL certificates). Daily use: it is my first dashboard check in the morning. PowerPoint Integration : Easily share insights with my leadership via PowerPoint.
What do you dislike about the product?
The very first setup had to do small adjustments not to score non-critical assets. It would help to have an onboarding wizard for this.
What problems is the product solving and how is that benefiting you?
It has also done away with self-assessment “security theater.” We are now trusted by our clients when it comes to rating and sales cycles within IT security has been reduced by 30%.
Brad H.
Industry Benchmarking at Its Best
Reviewed on Aug 16, 2025
Review provided by G2
What do you like best about the product?
It is very rare a platform can benchmark our security posture against our peers. It was extremely easy to implement and we were up and running in less than days. Completely game changing features like monitors for compromised credentials and DNS health checking. Proactive: Support will frequently suggest optimizations
What do you dislike about the product?
Sometimes scores will vary because of things like CDN outages which may cause unnecessary alerts. Another option would be a “pause monitoring” feature for maintenance windows.
What problems is the product solving and how is that benefiting you?
Our boardroom discussions have changed, and executives now hold leaders accountable when scores dip. The platform also allowed us to discover a cloud storage bucket misconfiguration before it could be exploited.
Thomas B.
Objective Metrics for Security Posture
Reviewed on Aug 15, 2025
Review provided by G2
What do you like best about the product?
Since SecurityScorecard does not utilize any such data, the vendor ratings are impartial. The customers think of it as a no-brainer with one neutral benchmark. Understanding customer service & user-friendliness of platform (even for non-technical stakeholders).
What do you dislike about the product?
Ratings sometimes are unfairly strong about subjects a business cannot control (e.g. shared hosting providers) — More filters in data can be helpful
What problems is the product solving and how is that benefiting you?
It allows advisors to be more objective when discussing risk with clients by presenting hard data points on top of the perception. The audit process is faster, and the reliability and confidence of stakeholders are higher than they were prior to them.
Chris L.
External Vulnerability Management External Attack Surface
Reviewed on Aug 15, 2025
Review provided by G2
What do you like best about the product?
tHIS TOO IS A SIMPLE man when it comes to ease of use and an insane one for the depth. I rely on it daily for our public security posture and the MS Power BI integration (thru API's) allows simple dashboarding. This is another huge one, the amount of features dark web monitoring, IP reputation checks etc really does save us hours and hours compared to doing it all manually. Unmatchable customer service, every concern is catered in hours.
What do you dislike about the product?
The initial integration work was a bit hard because of some legacy systems we have here, but their team really helped us. The only issue is that it doesn't detect all the subdomains (so you must type them manually).
What problems is the product solving and how is that benefiting you?
It identified seen assets, but right now blind spots or new asset categories such as old test envs. It has greatly reduced our attack surface, and helps us out a lot in negotiations when it comes to cyber insurance.
Tim U.
Essential for Third-Party Risk Management
Reviewed on Aug 14, 2025
Review provided by G2
What do you like best about the product?
Connecting our score to the fullest third-party security risk exposure view One of the things that I found most amazing was just how much you can see about a vendors security posture and not get bogged down in the weeds of all the technical analysis. Streamline the risk categorization (DNS Health, Patching cadence etc) for better focus and correct prioritization of remediation efforts. We got help and updates so you can be timely.
What do you dislike about the product?
The issue is… as positive as those scores are, we do still occasionally see some false positives related to the baked-in risk of vendors with whom we have no leverage. Once we had dialed in some compliance settings to better meet our own Risk Profiles, it was fairly straightforward to set up. As such — if reporting can be made any more flexible (which would cover the last gap), it will already be extremely similar to how we segment workflow.
What problems is the product solving and how is that benefiting you?
For vendor risk assessments, the utility use 60% time savings over manual due diligence. Yet, to keep their defenses up they can set up automatic alerts for when ratings drop and address vulnerabilities head-on so changes are made before things become dire. It is already quite critical for the compliance reporting and C-Level Risk visibility.