Exclaimer's SecurityScorecard rating
Exclaimer holds an A rating (100/100) from SecurityScorecard, the third-party platform that continuously rates the external security posture of cloud vendors. SecurityScorecard generates Exclaimer's score from public internet signals with no input from Exclaimer. This makes it a fully independent assessment.
This page covers what SecurityScorecard rates, how Exclaimer's score is calculated, and where to verify Exclaimer's current rating.
At a glance
Current rating: A (100/100)
Rating provider: SecurityScorecard, Inc. (independent third party)
Assessment type: Fully independent, externally observable signals only
Monitoring: Continuous, real-time updates
Industry context: An A rating places Exclaimer among the most secure cloud-based email signature solutions on the market
What SecurityScorecard rates about Exclaimer
What is SecurityScorecard and how does it work?
SecurityScorecard is a vendor risk management platform that issues continuous security ratings for organizations based on externally observable signals. Ratings are derived from public internet data, including DNS records, exposed services, leaked credentials, malware indicators, and patching behavior. The rated organization submits nothing, which is what makes the assessment independent.
Procurement, security, and vendor risk teams use SecurityScorecard ratings as an independent benchmark when evaluating SaaS suppliers. The scale runs from A to F, with A as the highest grade. Exclaimer holds an A.
The ten risk factor groups SecurityScorecard rates
SecurityScorecard scores Exclaimer across ten risk factor groups:
Network Security – Evaluates the security of network infrastructure and configurations
DNS Health – Assesses DNS configuration and resilience against attacks
Patching Cadence – Measures how quickly known vulnerabilities are addressed
Endpoint Security – Reviews protection of devices connecting to the network
IP Reputation – Monitors for malicious activity associated with IP addresses
Application Security – Examines web application security practices
Hacker Chatter – Tracks mentions in underground forums and threat intelligence
Information Leak – Detects exposed credentials or sensitive data
Social Engineering – Assesses susceptibility to phishing and social attacks
Cubit Score – Evaluates governance and disclosed compliance signals
Each group is scored independently. Exclaimer's overall rating is a weighted aggregate of the ten group scores.
What is Exclaimer's current SecurityScorecard rating?
Exclaimer has held an A grade on SecurityScorecard's continuous rating since 2021. The rating updates automatically as SecurityScorecard's external monitoring detects changes.
Field | Detail |
|---|---|
Current rating | A (100/100) |
Rating service | SecurityScorecard, Inc. |
Scope | Externally observable security signals across Exclaimer's cloud-hosted platform and supporting domains |
Update cadence | Continuous. Rating refreshes as monitoring data updates. |
Last reviewed by Exclaimer | May 2026 |
How is SecurityScorecard different from ISO 27001 and SOC 2?
A SecurityScorecard rating complements formal certifications rather than replacing them. Certifications like ISO/IEC 27001 and SOC 2 Type II validate the security controls Exclaimer designs and operates internally. They're audited against an established framework, on a defined cadence, by an independent body.
SecurityScorecard rates the same organization from the outside, using only externally observable signals and with no documentation supplied by Exclaimer.
For a procurement or vendor risk team, that gives three complementary views of Exclaimer's security:
ISO 27001 and ISO 27018 confirm that Exclaimer's information security and cloud privacy controls are designed and managed against the international standard.
SOC 2 Type II confirms that Exclaimer's controls for Security, Availability, and Confidentiality operated effectively across a continuous 12-month audit window.
SecurityScorecard confirms how Exclaimer's security posture appears externally on the open internet, refreshed continuously.
For Exclaimer's full security program, including ISO 27001 and ISO 27018, SOC 2 Type II, and the wider technical controls, see the Exclaimer security page.
Where can I find Exclaimer's security documentation?
The Exclaimer Trust Center comes with supporting documentation and pre-completed answers to over 350 questions covering Exclaimer's wider security and compliance program.
If your vendor review requires documentation or context not available in the Trust Center, contact Exclaimer's security team directly.
Visit the Trust Center →Frequently asked questions about Exclaimer's SecurityScorecard rating
Exclaimer holds an A rating (100/100) from SecurityScorecard. The rating updates continuously as SecurityScorecard's external monitoring detects changes.
SecurityScorecard scores Exclaimer using externally observable signals across ten risk factor groups, including application security, DNS health, IP reputation, patching cadence, and information leak. Exclaimer doesn't submit data to SecurityScorecard, so the rating is fully independent.
ISO 27001 and SOC 2 Type II are independently audited frameworks that validate the security controls Exclaimer designs and operates internally. SecurityScorecard rates Exclaimer based on external signals only, with no documentation supplied by Exclaimer. Most enterprise procurement teams reference all three as part of a vendor review.
Continuously. SecurityScorecard refreshes Exclaimer's rating as new signals are detected, with no scheduled audit cycle.
Talk to Exclaimer's security team
If your vendor review needs evidence that isn't covered here or in the Trust Center, Exclaimer's security team can walk you through the specifics directly.
Contact our security team →