BV
Company Details
Linkedin ID:
black-and-veatch
Website:
Employees number:
11,201
Number of followers:
407,281
NAICS:
54139
Industry Type:
Homepage:
bv.com
IP Addresses:
0
Company ID:
BLA_1844573
Scan Status:
In-progress
Black & Veatch Company CyberSecurity Posture
bv.com
Black & Veatch is an employee-owned, global leader in building critical human infrastructure in Energy, Water, Digital Connectivity and Government Services. Since 1915, we have helped our clients improve business operations and the lives of people in over 100 countries through consulting, engineering, construction, operations and program management. Our purpose is building a world of difference and our vision is to be THE leader in sustainable infrastructure. Black & Veatch Holding Company, its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law.
Black & Veatch A.I CyberSecurity Scoring
BV Risk Score (AI oriented)Between 750 and 799
BV
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
BV Global Score (TPRM)XXXX
BV
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
BV Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
BV Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for BV
Incidents vs Engineering Services Industry Average (This Year)
No incidents recorded for Black & Veatch in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Black & Veatch in 2025.
Incident Types BV vs Engineering Services Industry Avg (This Year)
No incidents recorded for Black & Veatch in 2025.
Incident History — BV (X = Date, Y = Severity)
BV cyber incidents detection timeline including parent company and subsidiaries
BV Company Subsidiaries
Black & Veatch is an employee-owned, global leader in building critical human infrastructure in Energy, Water, Digital Connectivity and Government Services. Since 1915, we have helped our clients improve business operations and the lives of people in over 100 countries through consulting, engineering, construction, operations and program management. Our purpose is building a world of difference and our vision is to be THE leader in sustainable infrastructure. Black & Veatch Holding Company, its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law.
Loading...
BV Similar Companies
We're a global product engineering and digital services company focused on fulfilling our mission of helping the world drive, fly, build, and farm by enabling our customers to realize better products and deliver better experiences. We’re the strategic engineering partner businesses turn to when they
L&T Technology Services
L&T Technology Services (LTTS) is one of the world’s leading engineering and technology service providers. With operations in over 25 countries and a growing annual revenue that now surpasses USD 1.2 billion, we work with organizations who design, develop or deliver products and services. We help
Atkins
Atkins is now AtkinsRéalis. Please follow AtkinsRéalis on LinkedIn. We are a world-class engineering services and nuclear organization. We connect people, data and technology to transform the world’s infrastructure and energy systems. Together, with our industry partners and clients, and our glob
Technip Energies
Technip Energies is a global technology and engineering powerhouse. With leadership positions in LNG, hydrogen, ethylene, sustainable chemistry, and CO2 management, we are contributing to the development of critical markets such as energy, energy derivatives, decarbonization, and circularity. Our
We are a world-class engineering services and nuclear organization. We connect people, data and technology to transform the world’s infrastructure and energy systems. Together, with our industry partners and clients, and our global team of consultants, designers, engineers and project manager
UGL
UGL is CIMIC Group's specialist end-to-end engineering, services and operations provider. We have a rich history dating back to 1899 and since then we have grown to be a market leader in many of the sectors in which we operate. Working with some of the most important companies and governments in Au
We are a leading international service provider to the energy industry, with a diverse client portfolio including many of the world’s leading energy companies. Petrofac designs, builds, manages and maintains oil, gas, refining, petrochemicals and renewable energy infrastructure. Our purpose is to e
World leader in engineering and R&D services, Capgemini Engineering combines its broad industry knowledge and cutting-edge technologies in digital and software to support the convergence of the physical and digital worlds. Coupled with the capabilities of the rest of the Group, it helps clients to a
ALTEN
𝐀 𝐰𝐨𝐫𝐥𝐝 𝐥𝐞𝐚𝐝𝐞𝐫 𝐢𝐧 𝐄𝐧𝐠𝐢𝐧𝐞𝐞𝐫𝐢𝐧𝐠 𝐚𝐧𝐝 𝐈𝐓 𝐒𝐞𝐫𝐯𝐢𝐜𝐞𝐬 ALTEN is committed to meeting the expectations of its stakeholders and anticipating their requirements in the fields of innovation, R&D, and technological information systems. Founded in 1988 and present in 30+ countries, the Group has established its
.png)
BV CyberSecurity News
November 27, 2025 09:56 PM
Black Friday Streaming Deals 2025: Sales From Disney+, ESPN, Hulu, Starz, and More
The Disney Plus, Hulu, and ESPN Unlimited bundles are on sale through January 5, 2026. You can get ad-supported Disney Plus, ad-supported Hulu,...
November 27, 2025 09:42 PM
Stores, restaurants hope to lure in Black Friday shoppers with freebies and deals
Black Friday deals available at stores and restaurants across Kansas City and the country.
November 27, 2025 09:41 PM
Black Friday Freebies and Deals offered at stores, restaurants
Black Friday freebies and deals are available at stores and restaurants across Kansas City and the rest of the country.
November 27, 2025 09:36 PM
Walmart Black Friday Hours: Opening, closing and deals available in 2025
Many of the most popular chains keep their opening hours early in the morning. After Walmart confirmed that all branches will remain closed...
November 27, 2025 09:36 PM
We found 95 of the best Amazon Black Friday deals from Apple, Dyson, Shark and more
Amazon's Black Friday sale is officially live! For the next five days, the retailer will offer some of the best discounts of the year on...
November 27, 2025 09:29 PM
Hulu Black Friday 2025 deal: Disney+ and Hulu for just $4.99/month
The best Black Friday streaming bundle offer is live now. Score Disney+ and Hulu for just $4.99 per month through Dec. 1.
November 27, 2025 09:05 PM
Wendy's launches '6-7' Frosty deal for Black Friday. How, where to get one
Wendy's is jumping on the latest viral internet trend by offering customers a 67-cent Frosty on Black Friday.
November 27, 2025 09:02 PM
The best Black Friday streaming deals – LIVE
Lock in a Black Friday subscription to make Thanksgiving cozy and avoid the next price hike.
November 27, 2025 09:02 PM
Mott and Bow's Black Friday sale is packed with 30% off its popular jeans and T-shirts — but there's a catch
Mott and Bow, makes some of the best jeans and tees we've tested. This Black Friday, the sale is a little different than most,...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
BV CyberSecurity History Information
Official Website of Black & Veatch
The official website of Black & Veatch is https://www.bv.com/.
Black & Veatch’s AI-Generated Cybersecurity Score
According to Rankiteo, Black & Veatch’s AI-generated cybersecurity score is 781, reflecting their Fair security posture.
How many security badges does Black & Veatch’ have ?
According to Rankiteo, Black & Veatch currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Black & Veatch have SOC 2 Type 1 certification ?
According to Rankiteo, Black & Veatch is not certified under SOC 2 Type 1.
Does Black & Veatch have SOC 2 Type 2 certification ?
According to Rankiteo, Black & Veatch does not hold a SOC 2 Type 2 certification.
Does Black & Veatch comply with GDPR ?
According to Rankiteo, Black & Veatch is not listed as GDPR compliant.
Does Black & Veatch have PCI DSS certification ?
According to Rankiteo, Black & Veatch does not currently maintain PCI DSS compliance.
Does Black & Veatch comply with HIPAA ?
According to Rankiteo, Black & Veatch is not compliant with HIPAA regulations.
Does Black & Veatch have ISO 27001 certification ?
According to Rankiteo,Black & Veatch is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Black & Veatch
Black & Veatch operates primarily in the Engineering Services industry.
Number of Employees at Black & Veatch
Black & Veatch employs approximately 11,201 people worldwide.
Subsidiaries Owned by Black & Veatch
Black & Veatch presently has no subsidiaries across any sectors.
Black & Veatch’s LinkedIn Followers
Black & Veatch’s official LinkedIn profile has approximately 407,281 followers.
NAICS Classification of Black & Veatch
Black & Veatch is classified under the NAICS code 54139, which corresponds to Engineering Services.
Black & Veatch’s Presence on Crunchbase
No, Black & Veatch does not have a profile on Crunchbase.
Black & Veatch’s Presence on LinkedIn
Yes, Black & Veatch maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/black-and-veatch.
Cybersecurity Incidents Involving Black & Veatch
As of November 27, 2025, Rankiteo reports that Black & Veatch has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
Black & Veatch has an estimated 1,241 peer or competitor companies worldwide.
Black & Veatch CyberSecurity History Information
How many cyber incidents has Black & Veatch faced ?
Total Incidents: According to Rankiteo, Black & Veatch has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at Black & Veatch ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=black-and-veatch' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
