SecurityScorecard, the global leader in threat-informed third-party risk management (TPRM), announced it has completed the acquisition of Driftnet, a pioneer in global internet scanning and next-generation threat intelligence—bringing Driftnet’s high-fidelity internet discovery engine into SecurityScorecard’s TITAN AI platform.
This move gives TPRM, Security Operations, and threat hunting teams the real-time intelligence they need to find and fix third-party risks before attackers exploit them, according to SecurityScorecard.
Using the Driftnet engine, its proprietary internet scanning capabilities, including non-standard port enumeration, advanced fingerprinting, and IPv6 dominance, surface exactly the kind of hidden, misconfigured infrastructure that creates third-party exposure.
Driftnet provides that depth and will flow directly into TPRM workflows, the company said.
“The threat landscape has fundamentally changed. AI agentic automation and connected supply chain tools have exploded across enterprise environments—and most TPRM programs have no visibility into the risk AI poses for their vendors,” said Dr. Aleksandr Yampolskiy, CEO and co-founder of SecurityScorecard. “Driftnet’s proprietary scanning gives our customers real-time, high-fidelity intelligence to find these exposures across the entire third-party ecosystem, before they become breaches. This is what Threat-Informed TPRM looks like in practice.”
The acquisition enables SecurityScorecard to serve converging security functions with a single intelligence foundation. Threat hunters, SOC analysts, and TPRM practitioners can now work from the same real-time picture of third-party exposure:
- Proactive breach detection before the board asks: TPRM teams that rely on breach notifications are already behind. Driftnet’s continuous scanning surfaces vendor exposures before they become incidents, giving teams defensible, real-time evidence to act on.
- Threat intelligence flowing into vendor risk: When STRIKE identifies a threat actor campaign or a new class of AI agent exposure, that intelligence will flow automatically into third-party risk assessments. TPRM teams get context, not just scores—understanding which vendor exposures are actively exploited and which threat groups are targeting them.
- Security operations and TPRM in lockstep: When a SOC analyst flags suspicious activity linked to a vendor’s infrastructure, or a threat hunter surfaces a Remote Desktop Protocol service on a non-standard port, the TPRM team can act on that signal immediately. SecurityScorecard now gives all three functions the data and workflows to move from detection through vendor remediation without handoffs. .
“We built Driftnet to go where traditional scanners can’t—into the hidden corners of the internet that attackers exploit precisely because most tools ignore them,” said Ben Schofield, founder of Driftnet. “Joining SecurityScorecard means that intelligence will now flow directly into the hands of the TPRM and SOC teams who need it most. Together, we can give security leaders the depth and speed to get ahead of threats, not just react to them. We’re proud to be part of this mission.”
SecurityScorecard will maintain Driftnet’s existing collaborations with U.S., EU, and U.K. CERTs and several leading universities in internet measurement research.
For more information about this news, visit https://securityscorecard.com.