SecurityScorecard Acquires Driftnet for Enhanced Third-Party Risk Management

Severity: Low (Score: 39.9)

Sources: cts.businesswire.com, Darkreading, Morningstar, securityscorecard.com

Summary

On May 14, 2026, SecurityScorecard announced its acquisition of Driftnet, a U.K.-based internet scanning startup, to enhance its threat-informed third-party risk management (TPRM) capabilities. The integration of Driftnet's technology into SecurityScorecard's TITAN AI platform aims to provide real-time intelligence on third-party risks, particularly those associated with AI and automated tools. SecurityScorecard's research indicates that nearly one-third of breaches are linked to third-party vendors, a figure that is likely underreported. The Driftnet engine can identify vulnerabilities and misconfigurations across supplier environments, significantly increasing visibility into potential threats. This acquisition comes as organizations face growing risks from automated tools deployed with weak security controls. The combined capabilities are expected to enable a more proactive approach to breach detection and risk mitigation in complex supply chains. Key Points: • SecurityScorecard acquired Driftnet to enhance third-party risk management capabilities. • Driftnet's technology identifies vulnerabilities in third-party environments, increasing visibility. • Almost one-third of breaches are linked to third-party vendors, highlighting the acquisition's relevance.

Key Entities

• Ransomware (attack_type)
• Supply Chain Attack (attack_type)
• CWE-200 - Exposure of Sensitive Information (cwe)
• CWE-862 - Missing Authorization (cwe)
• 10fold.com (domain)
• businesswire.com (domain)
• [email protected] (email)
• Driftnet (tool)