SecurityScorecard Acquires Driftnet to Expand Internet Visibility for Vendor Risk
SecurityScorecard Inc., a cyber risk management company, has acquired Driftnet Ltd., a U.K.-based internet scanning startup. The deal integrates Driftnet's real-time global internet visibility into SecurityScorecard's TITAN AI platform for third-party risk management.
Driftnet's scanning engine maps exposed hosts, services, and misconfigurations across the internet. It covers the full IPv4 space, regional internet registry data, DNS records, and IPv6 assets. SecurityScorecard says the integration lets it index 40% more internet-exposed hosts than competitors.
What This Means for Vendor Risk
Organizations can now identify vendor exposures before they become breaches-including non-standard ports, exposed credentials, and shadow AI deployments. This matters because third-party vendors often introduce risk that internal teams miss.
SecurityScorecard recently used Driftnet to find over 816,000 internet-exposed deployments of the OpenClaw AI agent framework. Many were linked to prior breaches. The discovery signals a new category of risk: automated tools with weak access controls running in supplier environments.
Why Timing Matters
Enterprises are adding AI software across their supply chains faster than security teams can track it. Vendors deploy these tools without standard security practices. A single unprotected AI deployment in a supplier network can create an entry point for attackers.
For managers overseeing vendor relationships, this acquisition underscores a basic reality: you cannot manage what you cannot see. Better visibility into what's actually running on your suppliers' networks is now table stakes for third-party risk programs.
Learn more about AI for Management and how to integrate security considerations into vendor oversight, or explore AI for Cybersecurity Analysts to understand the technical details of threat detection.
Your membership also unlocks:
