Cherokee Federal
Company Details
Linkedin ID:
cherokee-federal
Website:
Employees number:
2,205
Number of followers:
58,962
NAICS:
5416
Industry Type:
Homepage:
Cherokee-Federal.com
IP Addresses:
0
Company ID:
CHE_1266157
Scan Status:
In-progress
Cherokee Federal Company CyberSecurity Posture
Cherokee-Federal.com
Cherokee Federal, a division of Cherokee Nation Businesses, is a trusted team of government contracting professionals who can rapidly build innovative solutions. We work around the globe to help solve issues in national security and intelligence, information technology, health solutions, DoD logistics and humanitarian relief. Our businesses serve the Cherokee Nation tribe, where 100% of our profits support building a brighter future for tribal citizens.
Cherokee Federal A.I CyberSecurity Scoring
Cherokee Federal Risk Score (AI oriented)Between 700 and 749
Cherokee Federal
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Cherokee Federal Global Score (TPRM)XXXX
Cherokee Federal
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Cherokee Federal Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Cherokee Federal: AI Used to Delete Government Databases in Breach of Cybersecurity Protocols
Breach
Rankiteo Explanation
Attack threatening the organization's existence
Description: A federal contractor learned a hard lesson about the necessity of stringent cybersecurity measures when handling sensitive government information. Twin brothers with a history of hacking-related offenses exploited their lingering access after being terminated to compromise and delete nearly 100 government databases. The incident highlights a critical flaw in how quickly access is revoked following the termination of employees, prompting discussions on cybersecurity protocol improvements needed in government sectors. Breach of Government Databases Highlights Security Flaws The breach involving the twin brothers draws attention to the flawed security protocols employed by some federal contractors handling sensitive systems. After their termination, the brothers allegedly utilized their remaining access to delete databases connected to Homeland Security and other federal agencies. The incident exposes the risks posed by delays in cutting off access for recently dismissed employees. Flaws in Termination Protocols Endanger Sensitive Data The delay in revoking access following employment termination presents a significant security risk, as demonstrated in this recent breach. The failure to promptly eliminate the twins’ access highlights a weak link in existing cybersecurity practices. Without immediate revocation, recently dismissed employees can exploit dormant access to cause significant damage. Lack of immediate access revocation increases vulnerability Sensitive data link
Cherokee Federal Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Cherokee Federal
Incidents vs Business Consulting and Services Industry Average (This Year)
Cherokee Federal has 17.65% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Cherokee Federal has 53.85% more incidents than the average of all companies with at least one recorded incident.
Incident Types Cherokee Federal vs Business Consulting and Services Industry Avg (This Year)
Cherokee Federal reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — Cherokee Federal (X = Date, Y = Severity)
Cherokee Federal cyber incidents detection timeline including parent company and subsidiaries
Cherokee Federal Company Subsidiaries
Cherokee Federal, a division of Cherokee Nation Businesses, is a trusted team of government contracting professionals who can rapidly build innovative solutions. We work around the globe to help solve issues in national security and intelligence, information technology, health solutions, DoD logistics and humanitarian relief. Our businesses serve the Cherokee Nation tribe, where 100% of our profits support building a brighter future for tribal citizens.
Loading...
Cherokee Federal Similar Companies
Boston Consulting Group (BCG)
Boston Consulting Group partners with leaders in business and society to tackle their most important challenges and capture their greatest opportunities. BCG was the pioneer in business strategy when it was founded in 1963. Today, we work closely with clients to embrace a transformational approach a
EY-Parthenon
Our unique combination of transformative strategy, transactions and corporate finance delivers real-world value – solutions that work in practice, not just on paper. Benefiting from EY’s full spectrum of services, we’ve reimagined strategic consulting to work in a world of increasing complexity. Wi
Deloitte
Deloitte drives progress. Our firms around the world help clients become leaders wherever they choose to compete. Deloitte invests in outstanding people of diverse talents and backgrounds and empowers them to achieve more than they could elsewhere. Our work combines advice with action and integrity.
McKinsey & Company
McKinsey & Company is a global management consulting firm. We are the trusted advisor to the world's leading businesses, governments, and institutions. We work with leading organizations across the private, public and social sectors. Our scale, scope, and knowledge allow us to address problems t
ERM
Sustainability is our business. As the world’s largest specialist sustainability consultancy, ERM partners with clients to operationalize sustainability at pace and scale, deploying a unique combination of strategic transformation and technical delivery capabilities. This approach helps clients t
PwC India
At PwC, our purpose is to build trust in society and solve important problems. We’re a network of firms in 151 countries with over 360,000 people who are committed to delivering quality in assurance, advisory and tax services. Find out more and tell us what matters to you by visiting us at www.pwc.c
At Jacobs, we're challenging today to reinvent tomorrow – delivering outcomes and solutions for the world's most complex challenges. With a team of approximately 45,000, we provide end-to-end services in advanced manufacturing, cities & places, energy, environmental, life sciences, transportation an
ZS
ZS is a management consulting and technology firm that partners with companies to improve life and how we live it. We transform ideas into impact by bringing together data, science, technology and human ingenuity to deliver better outcomes for all. Founded in 1983, ZS has more than 13,000 employees
KPMG UK
Make growth happen. Make it trusted. Make bold moves. Make the future. KPMG makes the difference for our clients, people and communities. Make growth happen. Make it trusted. Make bold moves. Make the future. At KPMG, we’ve been making the difference for our clients, people and communities for over
.png)
Cherokee Federal CyberSecurity News
December 03, 2025 09:29 PM
Proximity To Military Bases Fuels Defense Industry Growth
For the defense industry, locations near military installations offer a strategic edge, unlocking access to mission-ready talent,...
November 24, 2025 11:24 PM
States, Tribal Nations Face Shared Cyber Challenges
Three tech executives describe similar challenges across jurisdictions — from replacing lost federal tools to bridging information silos...
October 13, 2025 07:00 AM
Cherokee Federal acquires Salesforce practice to expand digital services
Cherokee Federal will acquire HESFP, the Salesforce practice of HigherEchelon, effective Nov. 1, adding specialized capabilities for federal...
October 08, 2025 07:00 AM
Cherokee Federal acquires HigherEchelon's Salesforce practice
The tribally-owned contractor is looking to bolster its digital modernization capabilities through this purchase.
October 05, 2025 07:00 AM
Cherokee Nation takes over Claremont Hospital, authorizes $255M for upgrades, replacement facility
Cherokee Nation assumed operations of Claremore Indian Hospital from the Indian Health Service, marking a milestone in tribal health...
September 24, 2025 07:00 AM
Veteran Kratos Exec Brian Shepard Named Chief Information Officer
Shepard previously served as the company's vice president of information technology.
September 23, 2025 07:00 AM
Cherokee Federal Launches MC2
Cherokee Federal's Mobile Command Center, or MC2, features satellite connectivity and brings command and control on the field.
July 08, 2025 07:00 AM
Cybersecurity jobs available right now: July 8, 2025
As a Cyber Security Engineer, you will design and implement security architectures, manage and monitor infrastructure, perform vulnerability testing, and...
April 26, 2025 07:00 AM
Cherokee Federal opens Colorado Springs office, expands homeland security team
Cherokee Federal strengthens its defense sector presence with a new Colorado Springs office near military installations and adds homeland security expertise.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Cherokee Federal CyberSecurity History Information
Official Website of Cherokee Federal
The official website of Cherokee Federal is http://Cherokee-Federal.com.
Cherokee Federal’s AI-Generated Cybersecurity Score
According to Rankiteo, Cherokee Federal’s AI-generated cybersecurity score is 702, reflecting their Moderate security posture.
How many security badges does Cherokee Federal’ have ?
According to Rankiteo, Cherokee Federal currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Cherokee Federal have SOC 2 Type 1 certification ?
According to Rankiteo, Cherokee Federal is not certified under SOC 2 Type 1.
Does Cherokee Federal have SOC 2 Type 2 certification ?
According to Rankiteo, Cherokee Federal does not hold a SOC 2 Type 2 certification.
Does Cherokee Federal comply with GDPR ?
According to Rankiteo, Cherokee Federal is not listed as GDPR compliant.
Does Cherokee Federal have PCI DSS certification ?
According to Rankiteo, Cherokee Federal does not currently maintain PCI DSS compliance.
Does Cherokee Federal comply with HIPAA ?
According to Rankiteo, Cherokee Federal is not compliant with HIPAA regulations.
Does Cherokee Federal have ISO 27001 certification ?
According to Rankiteo,Cherokee Federal is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Cherokee Federal
Cherokee Federal operates primarily in the Business Consulting and Services industry.
Number of Employees at Cherokee Federal
Cherokee Federal employs approximately 2,205 people worldwide.
Subsidiaries Owned by Cherokee Federal
Cherokee Federal presently has no subsidiaries across any sectors.
Cherokee Federal’s LinkedIn Followers
Cherokee Federal’s official LinkedIn profile has approximately 58,962 followers.
NAICS Classification of Cherokee Federal
Cherokee Federal is classified under the NAICS code 5416, which corresponds to Management, Scientific, and Technical Consulting Services.
Cherokee Federal’s Presence on Crunchbase
No, Cherokee Federal does not have a profile on Crunchbase.
Cherokee Federal’s Presence on LinkedIn
Yes, Cherokee Federal maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/cherokee-federal.
Cybersecurity Incidents Involving Cherokee Federal
As of December 05, 2025, Rankiteo reports that Cherokee Federal has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Cherokee Federal has an estimated 18,106 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Cherokee Federal ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits (via a call to strings.Split) an optionally-provided OID (which is untrusted data) on periods. Similarly, function api.getContentType splits the Content-Type header (which is also untrusted data) on an application string. As a result, in the face of a malicious request with either an excessively long OID in the payload containing many period characters or a malformed Content-Type header, a call to api.ParseJSONRequest or api.getContentType incurs allocations of O(n) bytes (where n stands for the length of the function's argument). This vulnerability is fixed in 2.0.3.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Monkeytype is a minimalistic and customizable typing test. In 25.49.0 and earlier, there is improper handling of user input which allows an attacker to execute malicious javascript on anyone viewing a malicious quote submission. quote.text and quote.source are user input, and they're inserted straight into the DOM. If they contain HTML tags, they will be rendered (after some escaping using quotes and textarea tags).
Risk Information
cvss4
Base: 7.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
SysReptor is a fully customizable pentest reporting platform. Prior to 2025.102, there is a Stored Cross-Site Scripting (XSS) vulnerability allows authenticated users to execute malicious JavaScript in the context of other logged-in users by uploading malicious JavaScript files in the web UI. This vulnerability is fixed in 2025.102.
Risk Information
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
Description
Taiko Alethia is an Ethereum-equivalent, permissionless, based rollup designed to scale Ethereum without compromising its fundamental properties. In 2.3.1 and earlier, TaikoInbox._verifyBatches (packages/protocol/contracts/layer1/based/TaikoInbox.sol:627-678) advanced the local tid to whatever transition matched the current blockHash before knowing whether that batch would actually be verified. When the loop later broke (e.g., cooldown window not yet passed or transition invalidated), the function still wrote that newer tid into batches[lastVerifiedBatchId].verifiedTransitionId after decrementing batchId. Result: the last verified batch could end up pointing at a transition index from the next batch (often zeroed), corrupting the verified chain pointer.
Risk Information
cvss4
Base: 8.0
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A flaw has been found in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function getById/updateAddress/deleteAddress of the file /mall-ums/app-api/v1/addresses/. Executing manipulation can lead to improper control of dynamically-identified variables. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=cherokee-federal' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
