Comparison Overview

ConnectWise

VS

Workday

ConnectWise

400 N Tampa St, Suite 130, Tampa, FL, US, 33602
Last Update: 2025-12-09
View Profile
Between 700 and 749
https://www.connectwise.com/

Born out of a single software solution designed to help MSPs gain control of their help desk and billing, ConnectWise has grown into a robust platform of software built for technology solutions providers (TSPs) to run their entire as-a-service business. With products aiding in business management, remote monitoring and management, remote control and access, quote and proposal automation, and cybersecurity risk assessments, integrations with hundreds of key vendors, plus the largest and most engaged community in the industry, ConnectWise has built a platform for The IT Nation. Our company is powered by our connections, our colleagues and our community. And, we accept all kinds. Game-changers,innovators, culture-lovers - and the humankind. We invite discovery and debate. We recognize key moments as milestones. We see you and value you for your unique contributions. Our inclusive, positive culture lays the foundation to ensure every colleague is valued for their perspectives and skills, giving you the choice of how YOU make a difference.

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 3,454
Subsidiaries: 1
12-month incidents
2
Known data breaches
0
Attack type number
3
View Profile

Workday

6110 Stoneridge Mall Rd, None, Pleasanton, California, US, 94588
Last Update: 2025-12-09
Between 700 and 749
http://www.workday.com

Workday is a leading provider of enterprise cloud applications for finance and human resources, helping customers adapt and thrive in a changing world. Workday applications for financial management, human resources, planning, spend management, and analytics are built with artificial intelligence and machine learning at the core to help organizations around the world embrace the future of work. Workday is used by more than 10,000 organizations around the world and across industries – from medium-sized businesses to more than 50% of the Fortune 500.

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 25,257
Subsidiaries: 16
12-month incidents
2
Known data breaches
2
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/connectwise.jpeg
ConnectWise
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/workday.jpeg
Workday
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
ConnectWise
100%
Compliance Rate
0/4 Standards Verified
Workday
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

ConnectWise has 250.88% more incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs Software Development Industry Average (This Year)

Workday has 250.88% more incidents than the average of same-industry companies with at least one recorded incident.

Incident History — ConnectWise (X = Date, Y = Severity)

ConnectWise cyber incidents detection timeline including parent company and subsidiaries

Incident History — Workday (X = Date, Y = Severity)

Workday cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/connectwise.jpeg
ConnectWise
Incidents

Date Detected: 6/2025
Type:Vulnerability
Attack Vector: ViewState Code Injection (CVE-2025-3935), Authentication Bypass (CVE-2021-32030, CVE-2023-39780), OS Injection (CVE-2023-39780)
Motivation: Espionage (Suspected), Botnet Expansion (AyySSHush)
Blog: Blog

Date Detected: 5/2025
Type:Cyber Attack
Blog: Blog

Date Detected: 8/2024
Type:Cyber Attack
Attack Vector: Vulnerability Exploitation
Blog: Blog
https://images.rankiteo.com/companyimages/workday.jpeg
Workday
Incidents

Date Detected: 9/2025
Type:Breach
Attack Vector: Compromised Third-Party Application (Drift), OAuth Credential Abuse, Targeted Search Queries in Salesforce
Blog: Blog

Date Detected: 8/2025
Type:Breach
Attack Vector: Phishing (SMS/Phone Calls), Impersonation (HR/IT Personnel), Credential Harvesting
Motivation: Data Theft for Further Social Engineering, Credential Harvesting
Blog: Blog

FAQ

Workday company demonstrates a stronger AI Cybersecurity Score compared to ConnectWise company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

ConnectWise company has faced a higher number of disclosed cyber incidents historically compared to Workday company.

In the current year, Workday and ConnectWise have reported a similar number of cyber incidents.

ConnectWise company has confirmed experiencing a ransomware attack, while Workday company has not reported such incidents publicly.

Workday company has disclosed at least one data breach, while ConnectWise company has not reported such incidents publicly.

ConnectWise company has reported targeted cyberattacks, while Workday company has not reported such incidents publicly.

ConnectWise company has disclosed at least one vulnerability, while Workday company has not reported such incidents publicly.

Neither ConnectWise nor Workday holds any compliance certifications.

Neither company holds any compliance certifications.

Workday company has more subsidiaries worldwide compared to ConnectWise company.

Workday company employs more people globally than ConnectWise company, reflecting its scale as a Software Development.

Neither ConnectWise nor Workday holds SOC 2 Type 1 certification.

Neither ConnectWise nor Workday holds SOC 2 Type 2 certification.

Neither ConnectWise nor Workday holds ISO 27001 certification.

Neither ConnectWise nor Workday holds PCI DSS certification.

Neither ConnectWise nor Workday holds HIPAA certification.

Neither ConnectWise nor Workday holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
Description

Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
Description

A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/Ct_Config.php of the component Backend System Configuration Module. The manipulation of the argument Cj_Add/Cj_Edit results in code injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss2
Base: 5.8
Severity: LOW
AV:N/AC:L/Au:M/C:P/I:P/A:P
cvss3
Base: 4.7
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/Ct_App.php of the component Backend App Configuration Module. The manipulation of the argument CT_App_Paytype leads to code injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss2
Base: 5.8
Severity: LOW
AV:N/AC:L/Au:M/C:P/I:P/A:P
cvss3
Base: 4.7
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Weblate is a web based localization tool. In versions prior to 5.15, it was possible to accept an invitation opened by a different user. Version 5.15. contains a patch. As a workaround, avoid leaving one's Weblate sessions with an invitation opened unattended.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss4
Base: 1.0
Severity: HIGH
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References