SecurityScorecard has acquired Driftnet, a UK startup specializing in comprehensive internet scanning and threat intelligence. This acquisition aims to embed Driftnet’s real-time global internet visibility into SecurityScorecard’s third-party risk management platform, bolstering capabilities to identify vendor exposures before they result in breaches.
- Driftnet’s internet scanning covers IPv4, IPv6, DNS, and regional registration data using advanced fingerprinting tools.
- Integration with TITAN AI platform automates vendor risk workflows and enhances threat intelligence for supply chain assessments.
- The acquisition addresses emerging third-party risks from widespread AI agent deployment with limited visibility.
Market signal
SecurityScorecard’s acquisition of Driftnet underscores increasing demand for enriched real-time internet visibility within cybersecurity third-party risk management solutions. As enterprises face a growing surface area of exposed hosts and services, the ability to map and monitor these globally at scale becomes essential for proactive risk management. Driftnet’s patented scanning technology spans entire IPv4 and IPv6 spaces and employs advanced fingerprinting methods, enabling enhanced asset identification beyond what traditional scanners capture.
This move aligns with a broader trend in the cybersecurity market emphasizing AI-driven automation in vendor risk prioritization and workflow integration. Alongside recent acquisitions like HyperComply, SecurityScorecard is enhancing its platform’s depth and automation, indicating strong market appetite for comprehensive, intelligence-driven third-party risk tools capable of addressing dynamic and complex supply chain vulnerabilities.
Operator impact
Operators and buyers of third-party risk management solutions will gain from more complete and timely identification of exposed infrastructure within their supplier ecosystems. Layering Driftnet’s scanning data into TITAN AI’s automation helps reduce blind spots related to non-standard ports, exposed credentials, and shadow AI tooling deployments that often evade standard detection and pose escalating risks.
This enhanced visibility enables security operations centers (SOCs) and TPRM teams to automate risk validation processes more effectively and prioritize high-risk vendors before incidents occur. Moreover, the integration supports continuous monitoring that can adapt to new threat vectors emerging from the widespread deployment of AI-driven automation tools within third-party environments.
What to watch next
Expect SecurityScorecard to expand the use cases for Driftnet’s technology within their platform, including deeper analytics around AI-agent-driven risks and anomalous internet-facing infrastructure. Monitoring how the combined platform improves detection speed and accuracy for supply chain exposures will be key for operators assessing its value proposition.
Additionally, watch for further partnerships or extensions of research collaborations with CERTs and academia, which may enhance Driftnet’s scanning capabilities and threat intelligence insights. The role of AI in transforming third-party risk visibility and workflows is evolving rapidly, so developments in automated vendor security validation and incident correlation around automated tools will be important indicators of next-generation TPRM innovation.