.jpg)
SecurityScorecard, the global leader in threat-informed third-party risk management (TPRM), today announced it has completed the acquisition of Driftnet, a pioneer in global internet scanning and next-generation threat intelligence. This acquisition will bring Driftnet's high-fidelity internet discovery engine into SecurityScorecard's TITAN AI platform, giving TPRM, Security Operations, and threat hunting teams the real-time intelligence they need to find and fix third-party risks before attackers exploit them.
SecurityScorecard acquires Driftnet for global internet scanning and threat intelligence to power TITAN AI platform.
Driftnet engine identified more than 816,000 internet-exposed AI OpenClaw agent deployments, many correlated with prior breaches.
SecurityScorecard indexes 40% more Internet-exposed hosts than any other intelligence provider using Driftnet engine.
Driftnet capabilities include non-standard port enumeration, advanced fingerprinting, and IPv6 dominance.
SecurityScorecard serves 70% of Fortune 100 and over 3,300 organizations.
Driftnet maintains collaborations with US, EU, and UK CERTs and leading universities.
“The threat landscape has fundamentally changed. AI agentic automation and connected supply chain tools have exploded across enterprise environments — and most TPRM programs have no visibility into the risk AI poses for their vendors,” said Dr. Aleksandr Yampolskiy, CEO and Co-Founder of SecurityScorecard. “Driftnet's proprietary scanning gives our customers real-time, high-fidelity intelligence to find these exposures across the entire third-party ecosystem, before they become breaches. This is what Threat-Informed TPRM looks like in practice.”
Using the Driftnet engine, SecurityScorecard's threat intelligence team recently identified more than 816,000 internet-exposed AI OpenClaw agent deployments, many already correlated with prior breaches. Incidents like these illustrate a new class of third-party risk: powerful automation tools deployed across supplier and partner environments with weak access controls, exposed credentials, and no visibility in traditional TPRM workflows.
“We built Driftnet to go where traditional scanners can't — into the hidden corners of the internet that attackers exploit precisely because most tools ignore them,” said Ben Schofield, Founder of Driftnet. “Joining SecurityScorecard means that intelligence will now flow directly into the hands of the TPRM and SOC teams who need it most. Together, we can give security leaders the depth and speed to get ahead of threats, not just react to them. We're proud to be part of this mission.”
Industry analyst Paul McKay of Forrester Research wrote in April 2026 that: “Scanning external infrastructure can only tell you so much. Significant threat intelligence depth is required in addition to this data to help you pinpoint the issues you need to prioritize.” Driftnet provides that depth, and will flow directly into TPRM workflows.
Proactive Breach Detection Before the Board Asks: Driftnet's continuous scanning surfaces vendor exposures before they become incidents, giving teams defensible, real-time evidence to act on.
Threat Intelligence Flowing Into Vendor Risk: When STRIKE identifies a threat actor campaign or a new class of AI agent exposure, that intelligence will flow automatically into third-party risk assessments.
Security Operations and TPRM in Lockstep: When a SOC analyst flags suspicious activity linked to a vendor's infrastructure, the TPRM team can act on that signal immediately.
SecurityScorecard is the global leader in threat-informed third-party risk management (TPRM), securing the world's supply chains. The company delivers a threat-informed approach to TPRM that enables organizations to drive out risk at the source. The platform uses continuous visibility and AI-accelerated workflows to help organizations reduce third-party risk before incidents occur and respond with confidence when they do. Trusted by over 3,300 organizations, including 70% of the Fortune 100, and recognized as a trusted resource by the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.