World Cyber Ranking by Scovery acts as a global and sectoral barometer of cyber risk exposure. It provides a synthetic cybersecurity score for millions of companies worldwide, calculated through large-scale analysis of observable internet-facing assets and vulnerabilities.
These individual scores are then aggregated by country and by industry, offering a unique lens to compare cyber resilience across regions and industries.
The dataset, monthly updated and refined, reflects the evolving cybersecurity landscape, helping organizations, analysts, and the public monitor trends, identify risk concentrations, and benchmark exposure levels globally.
The data reflects the state of cybersecurity external exposure for millions of companies worldwide.
The application provides a multi-dimensional view of global cyber exposure, based on continuous observation and monthly aggregation of billions of data points. It highlights:
Scovery collects continuously at global scale open data such as passive DNS, scan of the Internet, cyber threat intelligence indicators, certificate transparency, whois IP, whois gTLD & ccTLD, web crawling, list of companies, etc.
On top of that, over 200 cybersecurity control points are monitored, spanning a wide range of technical and operational exposures. These control points are grouped into 7 key categories:
Each category aggregates multiple control points that contribute to a companyโs cyber risk profile.
All collected data is aggregated every month into a massive graph-based model of the Internet, built and maintained by Scovery. The average KPI of this graph database includes:
Thanks to this global graph, each companyโs digital perimeter is automatically discovered using a proprietary graph traversal algorithm, enhanced by AI driven heuristics. These intelligent mechanisms continuously adapt to identify and associate assets with the right company, even as its digital footprint evolves.
This approach ensures that the cybersecurity score reflects what is actually observed on the public Internet, making it a a strong indicator of external cyber exposure.
Each company is assigned a cyber score ranging from 100 to 900 (with 900 being the highest) and a grade from F to A (A being the best). These ratings are determined by assessing the presence or absence of issues across a defined set of control points. The computation process follows these key steps:
Each country displayed on the Geo cyber scores is assigned to one of six dynamic color bands, based on its average company score for the current dataset (updated monthly).
This grouping is automatically recomputed every month, to reflect changes in the distribution of scores across all countries. The scale is determined by computing the minimum and maximum observed country scores, and dividing the range into 6 equal intervals:
The tooltip for each country provides:
This method helps viewers immediately identify regional cyber risk patterns and spot emerging trends globally.
The dataset is updated monthly to reflect:
Scores are based on externally observable data and statistical models. They do not reflect internal audits or proprietary threat intelligence from companies. While they provide insight into external risk exposure, they are not an absolute indicator of internal cybersecurity maturity.