BRAVE1 A.I CyberSecurity Scoring
15/06/2026
Access Monitoring Plan
Access Monitoring Plan
BRAVE1 has 52.83% fewer incidents than the average of same-industry companies with at least one recorded incident.
BRAVE1 has 4.76% fewer incidents than the average of all companies with at least one recorded incident.
BRAVE1 reported 1 incidents this year: 1 cyber attacks, 0 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Defense and Space Manufacturing
Indra Group (https://www.indragroup.com/) is the foremost Spanish multinational and one of the leading European companies that focus on defence and advanced technologies. It stands at the forefront of the defence, space, air traffic management, mobility, and Information Technology businesses through Minsait, and it integrates its sovereign AI, cybersecurity and cyberdefence capabilities into IndraMind. Indra Group is paving the way to a more secure and better-connected future through innovative solutions, trusted relationships and the very best talent. Sustainability is an integral part of its strategy and culture in order to overcome current and future social and environmental challenges. At the close of the 2024 financial year, Indra Group posted revenues of €4.843 billion and had a local presence in 46 countries and business operations in over 140 countries.
Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion. The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies. Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.
Sandia National Laboratories is the nation’s premier DOE science and engineering lab for national security and technology innovation. Our team of scientists, engineers, researchers, and business specialists apply their knowledge and skill toward delivering cutting-edge technology in an array of areas. Across our main sites in Albuquerque, NM, and Livermore, CA, our research ranges from nuclear defense and homeland and global security to innovative work in biotechnology, environmental preservation, energy, and cyber security. Our teams have shared some of the reasons they enjoy working at Sandia: • Challenging work with amazing impact that contributes to security, peace, and freedom worldwide • Extraordinary co-workers • Access to some of the best tools, equipment, and research facilities in the world (tours.sandia.gov) • Career advancement and enrichment opportunities • Work-life balance with flexible work schedules, competitive benefits, and convenient on-site amenities
A world leader in missiles and missile systems. Our multi-national organisation is made up of around 13,000 employees working across the UK, France, Italy, Germany, Spain and the US, and is the first truly integrated European defence company. As the European champion in our sector, our vision is to continue to grow our presence as a global player. Our mission is to achieve this by establishing ourselves as an industry leader; promoting co-operation and delivering technical and operational excellence to our customer. Our values are: • Innovation: Ensuring operational and strategic advantage; • Commitment: Always delivering on our promises; • Integrity: A reliable and trusted partner with the highest professional and ethical standards; • Passion: Applying all our energy and focus to every task, recognising our role in providing mission critical capabilities; • Team Spirit: Harnessing our diversity and collective purpose to deliver competitive advantage to all of our stakeholders. We have a rich heritage of designing and producing missiles and missile systems to meet the whole range of current and future operational requirements for the three armed forces (army, navy, air force). We are proud to be a trusted partner to our armed forces and work with them to deliver a cutting-edge portfolio of products.
Babcock is a FTSE 100 defence company operating in our focus countries of the UK, Australasia, Canada, France and South Africa, with exports to additional markets. Our Purpose, to create a safe and secure world, together, defines our strategy. We support and enhance our customers’ defence and security capabilities and critical assets through a range of product and service solutions. We meet our customers’ requirements of value for money, increased availability, modernisation and flexibility. These projects take all different kinds of professionals, from chartered engineers and project managers, to naval architects, data analysts and everything in between. To bring through the next generation of engineering and business experts, we offer apprenticeships and roles for students, graduates and fully-qualified professionals. There’s never been a better time to join us. Whether you’re looking for a new business management project or engineering role, join Babcock and grow with us. Babcock is a Disability Confident, Committed Employer
The Indian Army is the largest branch of the Indian Armed Forces and is responsible for land-based military operations. Its primary mission is the National Security and Defense of India from external aggression and threats, and maintaining peace and security within its borders. It also conducts humanitarian rescue operations during natural calamities and other disturbances. The Indian Army is one of the three services under the Ministry of Defence. The President of India is the Commander-in-Chief of the Indian Armed Forces, and thus of the Indian Army. The highest ranking military officer is the Chief of Army Staff (COAS), who is also a member of the Chiefs of Staff Committee. The Indian Army came into being at the Independence of India in 1947, and inherited most of the regiments and infrastructure of the British Indian Army that were located in post-partition India.
Amentum is a global leader in advanced engineering and innovative technology solutions, trusted by the United States and its allies to address their most significant and complex challenges in science, security and sustainability. Our people apply undaunted curiosity, relentless ambition and boundless imagination to challenge convention and drive progress. Our commitments are underpinned by the belief that safety, collaboration and well-being are integral to success. Headquartered in Chantilly, Virginia, we have approximately 50,000 employees in more than 70 countries across all 7 continents.
The mission of the United States Air Force is to fly, fight and win … in air, space and cyberspace. To achieve that mission, the Air Force has a vision of Global Vigilance, Reach and Power. That vision orbits around three core competencies: developing Airmen, technology to war fighting and integrating operations. These core competencies make our six distinctive capabilities possible. Air and Space Superiority: With it, joint forces can dominate enemy operations in all dimensions: land, sea, air and space. Global Attack: Because of technological advances, the Air Force can attack anywhere, anytime and do so quickly and with greater precision than ever before. Rapid Global Mobility: Being able to respond quickly and decisively anywhere we're needed is key to maintaining rapid global mobility. Precision Engagement: The essence lies in the ability to apply selective force against specific targets because the nature and variety of future contingencies demand both precise and reliable use of military power with minimal risk and collateral damage. Information Superiority: The ability of joint force commanders to keep pace with information and incorporate it into a campaign plan is crucial. Agile Combat Support: Deployment and sustainment are keys to successful operations and cannot be separated. Agile combat support applies to all forces, from those permanently based to contingency buildups to expeditionary
SAIC® is a premier Fortune 500 mission integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, civilian and intelligence markets includes secure high-end solutions in mission IT, enterprise IT, engineering services and professional services. We integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives. We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.5 billion.
Latest updates, reports, and threat intel affecting the global network.
HedgeDoc is an open source, real-time collaborative markdown notes application. Prior to 1.11.0, the GitHub Gist export flow created an OAuth2 state value but only checked that it was present rather than validating it against the value expected for the user's session. Because the state was not properly validated, an attacker could forge a callback URL containing their own valid GitHub OAuth code. When processing the callback, HedgeDoc used the victim's logged-in session to select which note to export, but the attacker's authorization code to determine which GitHub account received it. As a result, a logged-in victim who clicked a crafted link could export their own private, protected, or limited note directly into a Gist controlled by the attacker. This issue has been fixed in version 1.11.0.
HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to version 1.11.0, HedgeDoc was vulnerable to a YAML alias bomb due to unsafe processing of the note frontmatter. HedgeDoc parsed frontmatter with js-yaml.load (js-yaml v3) via @hedgedoc/meta-marked, which resolved YAML anchor aliases. A compact malicious payload could therefore expand into a huge object structure, consuming excessive CPU. This expansion ran on every request to the publish view (/s/<shortid>) and, when placed under the opengraph key, the editor view (/<noteId>). A ten-level alias bomb could block the single Node.js event loop for roughly 235 seconds per request, causing concurrent requests to hang or drop and rendering the instance unavailable (DoS). Because the note was stored in the database, the impact survived process restarts until the note was removed. toobusy-js did not reliably mitigate the worst cases, as the event loop was saturated before the middleware could respond. This issue was fixed in version 1.11.0.
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts. When building the extension hash (via extensions(), extensions_by_long_name(), extensions_by_oid(), or has_extension_oid()), the code passes OBJ_obj2txt()'s return value as the hash-key length; because that value is the OID's full text length rather than the bytes written to the fixed-size buffer (129 bytes), an OID whose text is longer than the 129-byte buffer causes a read past the allocation, exposing adjacent heap memory as the returned hash key. extensions_by_name() uses the static shortname path and is not affected.
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3_EXT_d2i(ext) returns NULL when an extension's DER value fails to parse. basicC, ia5string, and auth_att dereference its result without a NULL check. keyid_data also dereferences akid->keyid, which is NULL for an empty AKI SEQUENCE (DER 30 00) even when the parse succeeds. A caller invoking an affected helper on an extension from an untrusted certificate triggers a SIGSEGV that crashes the Perl process.
Cockpit CMS contains a path traversal vulnerability in the Bucket file storage API (/system/buckets/api). The api() method in modules/System/Controller/Buckets.php sanitizes the bucket name with preg_replace('/[^a-zA-Z0-9-_\\.]/','', $bucket), which permits '..' and '../' sequences. The sanitized value is interpolated into a Flysystem path as uploads://buckets/{bucket}. Flysystem's WhitespacePathNormalizer resolves 'buckets/..' to the empty string (the uploads storage root) without raising PathTraversalDetected because the '..' has a preceding component to consume. An authenticated low-privileged user can send a crafted request with a '../' bucket name to list, upload, and delete files across all buckets, including those belonging to other users or roles
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.