3rd Party Risk Management,
Governance & Risk Management,
Next-Generation Technologies & Secure Development
Driftnet Acquisition Adds Real-Time Visibility Into Exposed Assets and AI Risks
In a strategic move aimed at bolstering its capabilities in internet risk management, SecurityScorecard has acquired Driftnet, an innovative startup that specializes in scanning the internet for hidden vulnerabilities. Led by a seasoned researcher from the UK government, Driftnet offers a unique opportunity for SecurityScorecard to deepen its understanding of potential threats within internet infrastructure.
The acquisition, highlighted by SecurityScorecard’s co-founder and CEO, Aleksandr Yampolskiy, emphasizes Driftnet’s advanced reconnaissance techniques that enable organizations to uncover relationships between various configurations and pinpoint misconfigurations that could lead to vulnerabilities. According to Yampolskiy, Driftnet is capable of indexing approximately 40% more internet-exposed hosts compared to its competitors, a feature that significantly enhances SecurityScorecard’s overall risk management framework.
Yampolskiy underscored a troubling trend in the cybersecurity landscape, stating, “Artificial intelligence has changed the attack surface in ways that have outpaced most security programs.” This rapid evolution has led to the emergence of novel categories of third-party risks, particularly as agents are increasingly deployed across vendor environments at unparalleled speed and scale.
Driftnet, which was founded in 2019 and operates with a small team of fewer than ten employees, is led by Ben Schofield. Schofield’s extensive experience as a UK government researcher has been instrumental in shaping Driftnet’s approach, particularly in the architecture and implementation of large-scale cyber systems. Interestingly, the company has yet to reveal any external funding sources.
Why SecurityScorecard Opted for Acquisition Over Partnership
In discussions with ISMG, Yampolskiy elaborated on Driftnet’s capabilities, which includes dynamic mapping of both IPv4 and IPv6 environments along with the monitoring of over 3 billion IP host-port combinations and more than 650 million domain names. Utilizing Driftnet’s reconnaissance capabilities, SecurityScorecard has successfully identified publicly accessible OpenClaw control panels in real time, a task that was previously more difficult.
“Through Driftnet’s technology, we were able to gain instant access to OpenClaw instances that many users failed to secure properly,” Yampolskiy stated. This ability highlights Driftnet’s vital role in enhancing SecurityScorecard’s threat detection capabilities.
The acquisition coincides with SecurityScorecard’s fight against a significant Chinese espionage campaign targeting U.S. infrastructure, involving more than 1,000 compromised operational relay boxes. With Driftnet’s advanced monitoring capabilities, SecurityScorecard has gained insights into malicious attack patterns that were previously obscured.
“With this enhanced visibility, we can now make informed, rapid business decisions, a capability we previously lacked,” Yampolskiy remarked, reinforcing the importance of Driftnet in enhancing SecurityScorecard’s operational readiness.
Owning Driftnet not only allows SecurityScorecard to ensure the quality and accuracy of its data, but also enables future innovations tailored to specific needs, particularly in the evolving areas of AI security and threat hunting. Yampolskiy highlighted SecurityScorecard’s approach to data collection, stating, “Our differentiator has always been our commitment to self-collection of data for accuracy and attribution.” This strategy is critical given the fast-paced changes in the threat landscape.
Bridging Third-Party Risk and Security Operations
The capabilities of Driftnet serve to unify third-party risk management with security operations, providing organizations with real-time visibility into exposed assets, operational technology (OT), and internet-of-things (IoT) environments. Yampolskiy emphasized that Driftnet enhances operational resilience and optimizes cloud footprint asset discovery, thereby creating a vital link between compliance-focused teams and those engaged in proactive threat management.
SecurityScorecard plans to seamlessly integrate Driftnet into its Titan platform, while also offering it as a standalone product. This dual approach caters to various client needs, particularly in industries like financial services where customers are eager to access intelligence directly through APIs. Yampolskiy remarked, “While Driftnet can function as a standalone product, its integration with the SecurityScorecard Titan platform ensures that all components work synergistically.”
The unique features of Driftnet are particularly appealing to larger enterprises, financial institutions, and public sector organizations that possess dedicated threat-hunting teams capable of utilizing the intelligence Driftnet provides. In contrast, smaller organizations that typically outsource their security operations may find it challenging to capitalize fully on this type of advanced intelligence.
As Yampolskiy noted, “Larger Tier I organizations are better positioned to leverage Driftnet data for threat detection and environmental protection. This capability enables them to gain insights similar to those of cybercriminals, revealing malicious infrastructure potentially for sale on the dark web.”