SecurityScorecard Acquires Driftnet to Enhance Internet-Scale Threat Visibility
SecurityScorecard has acquired internet scanning startup Driftnet to bolster its real-time visibility into exposed infrastructure, AI-related risks, and malicious attack patterns.
SecurityScorecard has acquired Driftnet, an internet scanning startup, to enhance its capabilities in identifying hidden infrastructure and internet-exposed assets. The acquisition aims to provide the third-party risk management vendor with deeper, real-time visibility into the modern attack surface, which is increasingly complicated by the rapid deployment of AI agents and complex network configurations GovInfoSecurity.
Driftnet, founded in 2019 and led by former U.K. government researcher Ben Schofield, specializes in targeted reconnaissance. According to SecurityScorecard CEO Aleksandr Yampolskiy, the startup’s technology allows for the mapping of relationships between configurations and the identification of chained misconfigurations. The platform reportedly indexes approximately 40% more internet-exposed hosts than competing services, monitoring over 3 billion IP host-port combinations and 650 million domain names across both IPv4 and IPv6 environments GovInfoSecurity.
The integration of Driftnet’s data has already yielded practical security insights. SecurityScorecard researchers utilized the technology to gain a real-time view of publicly accessible OpenClaw control panels, which are often deployed without adequate security measures. By identifying these exposed instances, the company can now provide more immediate warnings regarding misconfigured AI assistants GovInfoSecurity.
Furthermore, the acquisition bolsters SecurityScorecard’s threat-hunting capabilities against sophisticated state-sponsored activity. Yampolskiy noted that Driftnet’s visibility was instrumental in uncovering a Chinese espionage campaign that leveraged more than 1,000 infected operational relay boxes to target U.S. infrastructure via compromised edge devices and small office routers. This level of granular, real-time data was previously unavailable to the company GovInfoSecurity.
By bringing Driftnet in-house, SecurityScorecard aims to exert direct control over data quality and attribution accuracy. Rather than relying on external data licensing, the company plans to customize the intelligence platform to address emerging challenges, such as the unique risks posed by AI agents deployed at scale within vendor environments. This move reflects a broader industry trend where security vendors are prioritizing proprietary, large-scale internet reconnaissance to keep pace with an attack surface that is evolving faster than traditional security programs GovInfoSecurity.