Rapid Cyber Risk Scorecard

Rapid Cyber Risk Scorecard

It is now very easy to identify the security posture of 3rd party vendors and cyber insurance subscribers.

Cyber Risk Score! You don’t have to use old-school excel files and questionnaires for 3rd-party risk management. Rapid Cyber Risk Scorecard (RapCard) is an affordable, faster and next-generation tool for cyber insurance providers and 3rd-party risk management. View a sample report.

  • Instant cyber risk score generated under 60 seconds
  • 10 risk categories and 250+ control items
  • User interface or API based and fully automated
  • Perfect for cyber insurance, M&A, and suppliers
  • Available with volume license

Rapid Cyber Risk Scorecard Categories

It is now very easy to identify the risk values of 3rd party providers or cyber insurance subscribers. The scorecard identifies how risky a company is by looking only at the target company's domain name in as little as 60 seconds. Instead of risk analysis by sending out old-fashioned excel files, you can use OSINT techniques to identify the risks posed by 3rd party vendors without touching the target company assets. A more cost-effective, faster and easier method for cyber insurers and 3rd party risk management. Rapid Cyber Risk Scorecard evaluates a company in many different categories. Each category provides specific information about an aspect of a firm’s cyber security posture.

  • Patch Management

    We collect details related to the version number of your systems and software from internet-wide scanners like Censys, Shodan, Zoomeye etc. These version numbers are converted into the corresponding common platform enumeration number (CPE-ID) and are correlated with NIST NVD and MITRE CVSS databases to detect and approximate any unmitigated known vulnerabilities.

  • DNS Health

    We generate DNS health report from 40+ control items which are collected from online services like IntoDNS, Robtex, Netcraft and HackerTarget. Since DNS queries are recursive, it is almost impossible to detect a hacker footprints from the DNS servers.

  • IP/Domain Reputation

    Asset reputation score is based on the number of IPs or domains are blacklisted or they are used for sophisticated APT attacks. The reputation feeds are collected from VirusTotal, Cymon, Firehol, BlackList DNS servers, etc.

  • Attack Surface

    Attack surface is the technical analysis of open critical ports, out-of-date services, application weaknesses, SSL/TLS strength and any misconfigurations. This information is gathered from Censys & Shodan database and service / application versions are correlated with Passive Vulnerability Scan results.

  • Web Ranking

    Cisco, Alexa and Majestic track web sites and rank them according to popularity, back-links, references, etc. This subcategory shows Alexa and Majestic trends, Google Page insight speed test results as well as Web Content Accessibility Guidelines (WCAG) 2.0 parsing compliance findings.

  • Brand Monitoring

    Brand monitoring is a business analytics process concerned with monitoring various channels on the web or media in order to gain insight about the company, brand, and anything explicitly connected to the cyber space.

  • Email Security

    We collect vulnerabilities related to potential email servers and SMTP misconfigurations like open relay, unauthenticated logins, restricted relay, SMTP ‘Verify’ vulnerabilities from the online services like MxToolbox and eMailSecurityGrader.

  • Leaked Credentials

    There are more than 5 billion hacked email / password available on the internet and underground forums. This section shows the leaked or hacked emails & passwords.

  • Fraudulent Domains

    Fraudulent Domains and subdomains are extracted from the domain registration database. The registered domains database holds more than 300M records.

  • Digital Footprint

    Digital Footprint is determined by open ports, services and application banners. This information is gathered from NormShield crawlers, Censys, VirusTotal, Robtext, Alexa, Shodan etc.

  • Informance Disclosure

    Company employees may disclose Local IPs, email addresses, version numbers, whois privacy records or even misconfigure a service in a way that it may expose sensitive information to the internet.

The Methodology

Cyber Threat Susceptibility Assessment (CTSA) is a methodology for evaluating the susceptibility of a system to cyber-attack developed by MITRE. CTSA quantitatively assesses a system's [in]ability to resist cyber-attack over a range of cataloged attack Tactics, Techniques, and Procedures (TTPs). CTSA consists of the following steps:


Product Methodology

To generate the scorecard, NormShield needs only the company domain. The engine collects the related information from VirusTotal, Passive DNs servers, web search engines and other Internet wide scanners as well as NormShield's proprietary databases which holds more than 10 billion historic items. The engine searches the database in order to find all IP address ranges and domain names that belong to the company. NormShield uses what is called Open Source Intelligence (OSINT) that is shown below to gather information.

Schedule time with one of our Information Security Specialist to chat about
your specific needs and see NormShield in action!
Fill out the form and we will get in touch with you soon.