SecurityScorecard Acquires Driftnet to Power Real-Time, Threat-Informed Third-Party Risk Management

NEW YORK--(BUSINESS WIRE)--SecurityScorecard, the global leader in threat-informed third-party risk management (TPRM), today announced it has completed the acquisition of Driftnet, a pioneer in global internet scanning and next-generation threat intelligence. This acquisition will bring Driftnet's high-fidelity internet discovery engine into SecurityScorecard's TITAN AI platform, giving TPRM, Security Operations, and threat hunting teams the real-time intelligence they need to find and fix third-party risks before attackers exploit them.

Using the Driftnet engine, SecurityScorecard's threat intelligence team recently identified more than 816,000 internet-exposed AI OpenClaw agent deployments, many already correlated with prior breaches. Incidents like these illustrate a new class of third-party risk: powerful automation tools deployed across supplier and partner environments with weak access controls, exposed credentials, and no visibility in traditional TPRM workflows.

Driftnet changes that. Its proprietary internet scanning capabilities, including non-standard port enumeration, advanced fingerprinting, and IPv6 dominance, surface exactly the kind of hidden, misconfigured infrastructure that creates third-party exposure. With the Driftnet engine, SecurityScorecard indexes 40% more Internet-exposed hosts than any other intelligence provider.

Industry analyst Paul McKay of Forrester Research wrote in April 2026 that: "Scanning external infrastructure can only tell you so much. Significant threat intelligence depth is required in addition to this data to help you pinpoint the issues you need to prioritize.”

Driftnet provides that depth, and will flow directly into TPRM workflows.

“The threat landscape has fundamentally changed. AI agentic automation and connected supply chain tools have exploded across enterprise environments — and most TPRM programs have no visibility into the risk AI poses for their vendors,” said Dr. Aleksandr Yampolskiy, CEO and Co-Founder of SecurityScorecard. “Driftnet’s proprietary scanning gives our customers real-time, high-fidelity intelligence to find these exposures across the entire third-party ecosystem, before they become breaches. This is what Threat-Informed TPRM looks like in practice."

The acquisition enables SecurityScorecard to serve converging security functions with a single intelligence foundation. Threat hunters, SOC analysts, and TPRM practitioners can now work from the same real-time picture of third-party exposure:

• Proactive Breach Detection Before the Board Asks: TPRM teams that rely on breach notifications are already behind. Driftnet's continuous scanning surfaces vendor exposures before they become incidents, giving teams defensible, real-time evidence to act on.
• Threat Intelligence Flowing Into Vendor Risk: When STRIKE identifies a threat actor campaign or a new class of AI agent exposure, that intelligence will flow automatically into third-party risk assessments. TPRM teams get context, not just scores — understanding which vendor exposures are actively exploited and which threat groups are targeting them.
• Security Operations and TPRM in Lockstep: When a SOC analyst flags suspicious activity linked to a vendor's infrastructure, or a threat hunter surfaces a Remote Desktop Protocol service on a non-standard port, the TPRM team can act on that signal immediately. SecurityScorecard now gives all three functions the data and workflows to move from detection through vendor remediation without handoffs.

"We built Driftnet to go where traditional scanners can't — into the hidden corners of the internet that attackers exploit precisely because most tools ignore them,” said Ben Schofield, Founder of Driftnet. “Joining SecurityScorecard means that intelligence will now flow directly into the hands of the TPRM and SOC teams who need it most. Together, we can give security leaders the depth and speed to get ahead of threats, not just react to them. We're proud to be part of this mission."

SecurityScorecard will maintain Driftnet’s existing collaborations with US, EU, and UK CERTs and several leading universities in internet measurement research. These partnerships have produced significant cited academic work on global internet health.

About SecurityScorecard

SecurityScorecard is the global leader in threat-informed third-party risk management (TPRM), securing the world’s supply chains. The company delivers a threat-informed approach to TPRM that enables organizations to drive out risk at the source. The platform uses continuous visibility and AI-accelerated workflows to help organizations reduce third-party risk before incidents occur and respond with confidence when they do.

Trusted by over 3,300 organizations, including 70% of the Fortune 100, and recognized as a trusted resource by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). Backed by Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, Google Ventures, and Riverwood Capital, SecurityScorecard delivers end-to-end supply chain cybersecurity that safeguards business continuity.

Protect the supply chain behind your business. Learn more at securityscorecard.com.