Independent Cybersecurity Posture Scores for Public Companies

We assess the cybersecurity posture of publicly traded U.S. companies using over 150 externally observable signals. No questionnaires. No internal access. Just what's visible from the outside.

See a Sample Report Explore Tiers and Sign Up

The Tools You Rely On Don't Tell You What You Think

SOC2? The company picks the scope. Cyber insurance? Full of exclusions — and claims get denied when hygiene doesn't match what was represented during underwriting. Neither tells you how one company's posture actually compares to another.

That's the problem we built SDP to solve.

What We Look At

We don't ask companies to fill out questionnaires. We don't access internal systems. We look at what's already visible from the outside — and we score it.

Over 150 signals. Six categories. Everything from DNS configuration and email authentication to whether a company has a CISO on the leadership page.

The result: a posture score you can compare company-to-company or benchmark against an industry.

See the Full Methodology →
150+
Externally Observable Signals
6
Assessment Categories
0
Internal Access Required
2 Comparison Modes
Company vs. Company and Company vs. Industry

Built for Professionals Who Assess Risk

Portfolio managers comparing cyber risk across holdings. Analysts building a diligence case for committee. Underwriters pricing cyber policies without a site visit. Risk officers benchmarking one company against its sector. M&A teams running cybersecurity due diligence on acquisition targets. If you assess risk for a living, SDP gives you a datapoint you didn't have before.

Even if you run your own security benchmarking internally, SDP serves as an independent second opinion — built on a different methodology, from a different vantage point.

Why SOC 2 and Cyber Insurance Aren't Enough

SOC 2 attestations evaluate controls the company itself defined. Cyber insurance policies contain structural exclusions and are subject to claim denial when represented posture diverges from actual hygiene. SDP provides what neither can: an independent, regularly updated, externally observed posture assessment.

Learn More →

Start With Three Companies

Data Sampler

  • 3 companies monthly
  • Portal reports + API access
  • Built for evaluation
Evaluation

Core

  • 25 companies monthly
  • 4 quarters of history
  • Full API
  • Built for integration
Integration

Scale

  • 100 companies monthly
  • Complete history
  • Priority support
  • Built for production
Production
Compare Plans →

Security DataPoint posture scores constitute an independent editorial assessment based on externally observable signals. Scores are provided for informational purposes only and do not constitute investment advice, a security certification, or a guarantee of any company's cybersecurity posture. The absence of observed signals does not imply the absence of risk. Security DataPoint LLC is not a registered investment adviser, broker-dealer, or Nationally Recognized Statistical Rating Organization (NRSRO).