Comparison Overview

Center for the Study of Democracy

VS

German Marshall Fund of the United States

Center for the Study of Democracy

5 Alexander Zhendov Str., Sofia, BG
Last Update: 2025-12-03
View Profile
Between 750 and 799
csd.eu

Founded in late 1989, the Center for the Study of Democracy (CSD) is a European public policy institute dedicated to the values of democracy and market economy. CSD is a non-partisan, independent organization fostering the reform process through impact on policy and civil society. CSD objectives are: • to provide an enhanced institutional and policy capacity for a successful European integration process; • to promote institutional reform and the practical implementation of democratic values in legal and economic practice; • to monitor public attitudes and serve as a watchdog of the institutional reform process in the country; • to strengthen the institutional and management capacity of NGOs in Bulgaria. Building bridges is the old-fashioned way of bringing together social actors and cementing new alliances. Born as a think-tank, the Center for the Study of Democracy has evolved into policy development through dialogue and partnership. Bringing cutting-edge solutions to transition problems is our way of keeping the middle ground between academia and social practice. The CSD has pioneered in several areas traditionally perceived as the inviolable public property, such as anti-corruption institutional reform, and national security. Our belief is that bringing a new culture of cooperation and trust in a milieu of inherited fragmentation and opacity is equally rewarding as the achievement of concrete social goals.

NAICS: 54172
NAICS Definition: Research and Development in the Social Sciences and Humanities
Employees: 108
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

German Marshall Fund of the United States

1744 R Street NW, Washington, DC, 20009, US
Last Update: 2025-12-02
Between 750 and 799
http://www.gmfus.org

The German Marshall Fund of the United States (GMF) is a non-partisan American public policy and grantmaking institution dedicated to promoting better understanding and cooperation between North America and Europe on transatlantic and global issues. GMF does this by supporting individuals and institutions working in the transatlantic sphere, by convening leaders and members of the policy and business communities, by contributing research and analysis on transatlantic topics, and by providing exchange opportunities to foster renewed commitment to the transatlantic relationship. In addition, GMF supports a number of initiatives to strengthen democracies. Founded in 1972 through a gift from Germany as a permanent memorial to Marshall Plan assistance, GMF maintains a strong presence on both sides of the Atlantic. In addition to its headquarters in Washington, DC, GMF has six offices in Europe: Berlin, Paris, Brussels, Belgrade, Ankara, and Bucharest. GMF also has smaller representations in Bratislava, Turin, and Stockholm.

NAICS: 54172
NAICS Definition: Research and Development in the Social Sciences and Humanities
Employees: 967
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/center-for-the-study-of-democracy.jpeg
Center for the Study of Democracy
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/german-marshall-fund-of-the-united-states.jpeg
German Marshall Fund of the United States
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Center for the Study of Democracy
100%
Compliance Rate
0/4 Standards Verified
German Marshall Fund of the United States
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Think Tanks Industry Average (This Year)

No incidents recorded for Center for the Study of Democracy in 2025.

Incidents vs Think Tanks Industry Average (This Year)

No incidents recorded for German Marshall Fund of the United States in 2025.

Incident History — Center for the Study of Democracy (X = Date, Y = Severity)

Center for the Study of Democracy cyber incidents detection timeline including parent company and subsidiaries

Incident History — German Marshall Fund of the United States (X = Date, Y = Severity)

German Marshall Fund of the United States cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/center-for-the-study-of-democracy.jpeg
Center for the Study of Democracy
Incidents

No Incident

https://images.rankiteo.com/companyimages/german-marshall-fund-of-the-united-states.jpeg
German Marshall Fund of the United States
Incidents

No Incident

FAQ

German Marshall Fund of the United States company demonstrates a stronger AI Cybersecurity Score compared to Center for the Study of Democracy company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, German Marshall Fund of the United States company has disclosed a higher number of cyber incidents compared to Center for the Study of Democracy company.

In the current year, German Marshall Fund of the United States company and Center for the Study of Democracy company have not reported any cyber incidents.

Neither German Marshall Fund of the United States company nor Center for the Study of Democracy company has reported experiencing a ransomware attack publicly.

Neither German Marshall Fund of the United States company nor Center for the Study of Democracy company has reported experiencing a data breach publicly.

Neither German Marshall Fund of the United States company nor Center for the Study of Democracy company has reported experiencing targeted cyberattacks publicly.

Neither Center for the Study of Democracy company nor German Marshall Fund of the United States company has reported experiencing or disclosing vulnerabilities publicly.

Neither Center for the Study of Democracy nor German Marshall Fund of the United States holds any compliance certifications.

Neither company holds any compliance certifications.

Neither Center for the Study of Democracy company nor German Marshall Fund of the United States company has publicly disclosed detailed information about the number of their subsidiaries.

German Marshall Fund of the United States company employs more people globally than Center for the Study of Democracy company, reflecting its scale as a Think Tanks.

Neither Center for the Study of Democracy nor German Marshall Fund of the United States holds SOC 2 Type 1 certification.

Neither Center for the Study of Democracy nor German Marshall Fund of the United States holds SOC 2 Type 2 certification.

Neither Center for the Study of Democracy nor German Marshall Fund of the United States holds ISO 27001 certification.

Neither Center for the Study of Democracy nor German Marshall Fund of the United States holds PCI DSS certification.

Neither Center for the Study of Democracy nor German Marshall Fund of the United States holds HIPAA certification.

Neither Center for the Study of Democracy nor German Marshall Fund of the United States holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits (via a call to strings.Split) an optionally-provided OID (which is untrusted data) on periods. Similarly, function api.getContentType splits the Content-Type header (which is also untrusted data) on an application string. As a result, in the face of a malicious request with either an excessively long OID in the payload containing many period characters or a malformed Content-Type header, a call to api.ParseJSONRequest or api.getContentType incurs allocations of O(n) bytes (where n stands for the length of the function's argument). This vulnerability is fixed in 2.0.3.

Published
Date
2025-12-04
Updated
Date
2025-12-04
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References
Description

Monkeytype is a minimalistic and customizable typing test. In 25.49.0 and earlier, there is improper handling of user input which allows an attacker to execute malicious javascript on anyone viewing a malicious quote submission. quote.text and quote.source are user input, and they're inserted straight into the DOM. If they contain HTML tags, they will be rendered (after some escaping using quotes and textarea tags).

Published
Date
2025-12-04
Updated
Date
2025-12-04
Risk Information
cvss4
Base: 7.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

SysReptor is a fully customizable pentest reporting platform. Prior to 2025.102, there is a Stored Cross-Site Scripting (XSS) vulnerability allows authenticated users to execute malicious JavaScript in the context of other logged-in users by uploading malicious JavaScript files in the web UI. This vulnerability is fixed in 2025.102.

Published
Date
2025-12-04
Updated
Date
2025-12-04
Risk Information
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
References
Description

Taiko Alethia is an Ethereum-equivalent, permissionless, based rollup designed to scale Ethereum without compromising its fundamental properties. In 2.3.1 and earlier, TaikoInbox._verifyBatches (packages/protocol/contracts/layer1/based/TaikoInbox.sol:627-678) advanced the local tid to whatever transition matched the current blockHash before knowing whether that batch would actually be verified. When the loop later broke (e.g., cooldown window not yet passed or transition invalidated), the function still wrote that newer tid into batches[lastVerifiedBatchId].verifiedTransitionId after decrementing batchId. Result: the last verified batch could end up pointing at a transition index from the next batch (often zeroed), corrupting the verified chain pointer.

Published
Date
2025-12-04
Updated
Date
2025-12-04
Risk Information
cvss4
Base: 8.0
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A flaw has been found in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function getById/updateAddress/deleteAddress of the file /mall-ums/app-api/v1/addresses/. Executing manipulation can lead to improper control of dynamically-identified variables. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-12-04
Updated
Date
2025-12-04
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References