SecurityScorecard announced it has acquired Driftnet to strengthen its real-time, threat-informed third-party risk management capabilities. The acquisition integrates Driftnet’s internet scanning and threat intelligence technology into SecurityScorecard’s TITAN AI platform, providing TPRM, Security Operations, and threat hunting teams with expanded visibility into third-party exposures before they are exploited.
According to the company, Driftnet’s scanning engine recently helped identify more than 816,000 internet-exposed AI OpenClaw agent deployments, many of which were associated with prior breaches. SecurityScorecard said the findings highlight a growing category of third-party risk tied to AI-driven automation tools deployed across vendor and partner environments without sufficient visibility or access controls.
Driftnet’s technology includes non-standard port enumeration, advanced fingerprinting, and IPv6-focused internet discovery capabilities designed to uncover hidden or misconfigured infrastructure. SecurityScorecard said the integration enables it to index 40% more internet-exposed hosts than other intelligence providers.
Paul McKay wrote in April 2026 that scanning external infrastructure alone is insufficient without deeper threat intelligence to help organizations prioritize the most critical issues. SecurityScorecard said Driftnet’s capabilities will provide that additional intelligence depth directly within third-party risk workflows.
The acquisition also expands SecurityScorecard’s ability to unify multiple cybersecurity functions on a shared intelligence foundation. The company said TPRM practitioners, SOC analysts, and threat hunters will now be able to collaborate using the same real-time view of third-party infrastructure exposures.
SecurityScorecard highlighted several operational benefits from the integration, including proactive breach detection, automated threat intelligence flowing into vendor risk assessments, and tighter coordination between security operations teams and TPRM programs. The company said threat intelligence from STRIKE campaigns and emerging AI agent exposures will automatically feed into third-party risk evaluations to provide additional context around active threats and exploited vendor vulnerabilities.
Dr. Aleksandr Yampolskiy said the cybersecurity landscape has shifted as AI agentic automation and connected supply chain technologies have rapidly expanded across enterprise environments.
“AI agentic automation and connected supply chain tools have exploded across enterprise environments, and most TPRM programs have no visibility into the risk AI poses for their vendors,” Yampolskiy said. “Driftnet’s proprietary scanning gives our customers real-time, high-fidelity intelligence to find these exposures across the entire third-party ecosystem, before they become breaches.”
Ben Schofield said Driftnet was created to uncover internet infrastructure exposures often missed by traditional scanning technologies.
He added that joining SecurityScorecard will allow Driftnet’s intelligence to flow directly into the hands of TPRM and SOC teams, helping organizations respond to threats more proactively rather than reactively.
SecurityScorecard also said it will continue Driftnet’s existing collaborations with CERT organizations across the United States, European Union, and United Kingdom, along with partnerships with universities focused on internet measurement research.
KEY QUOTES:
“The threat landscape has fundamentally changed. AI agentic automation and connected supply chain tools have exploded across enterprise environments — and most TPRM programs have no visibility into the risk AI poses for their vendors. Driftnet’s proprietary scanning gives our customers real-time, high-fidelity intelligence to find these exposures across the entire third-party ecosystem, before they become breaches. This is what Threat-Informed TPRM looks like in practice.”
Dr. Aleksandr Yampolskiy, CEO and Co-Founder, SecurityScorecard
“We built Driftnet to go where traditional scanners can’t — into the hidden corners of the internet that attackers exploit precisely because most tools ignore them. Joining SecurityScorecard means that intelligence will now flow directly into the hands of the TPRM and SOC teams who need it most. Together, we can give security leaders the depth and speed to get ahead of threats, not just react to them. We’re proud to be part of this mission.”
Ben Schofield, Founder, Driftnet
