SecurityScorecard Acquires Driftnet to Boost Real‑Time Internet Exposure Visibility for Third‑Party Risk Management
What Happened — SecurityScorecard announced the purchase of Driftnet, a UK‑origin internet‑scanning startup that claims to index ~40 % more exposed hosts than competing platforms. The acquisition adds continuous, AI‑enhanced reconnaissance of IPv4/IPv6 assets, open‑source control panels and malicious infrastructure to SecurityScorecard’s TPRM suite.
Why It Matters for TPRM —
- Expanded asset‑visibility reduces blind spots in vendor environments, a common source of third‑party risk.
- Real‑time detection of misconfigurations and exposed AI‑driven services enables faster remediation.
- Enhanced threat‑intel on espionage‑related infrastructure (e.g., compromised routers) improves risk scoring for critical supply‑chain partners.
Who Is Affected — Enterprises that rely on SecurityScorecard’s third‑party risk platform, as well as any organizations whose vendors are now subject to deeper internet‑exposure monitoring (finance, healthcare, technology, government, etc.).
Recommended Actions —
- Review your current SecurityScorecard contract to confirm inclusion of Driftnet‑derived data feeds.
- Align internal asset‑inventory processes with the expanded host‑port and domain coverage now available.
- Update remediation playbooks to incorporate alerts on newly discovered open‑source control panels (e.g., OpenClaw) and chained misconfigurations.
Technical Notes — Driftnet employs high‑precision reconnaissance techniques that map relationships between configurations, covering >3 billion IP host‑port combos and >650 million domain names. No CVEs or malware are disclosed; the value lies in the breadth of internet‑exposed asset discovery and AI‑driven risk modeling. Source: DataBreachToday