Comparison Overview

DLR Institute of Aerodynamics and Flow Technology

VS

Ipsos Public Affairs

DLR Institute of Aerodynamics and Flow Technology

None, None, Braunschweig-Göttingen-Köln, None, DE, None
Last Update: 2025-08-19 (UTC)
View Profile
Between 750 and 799
https://www.dlr.de/as

The Institute of Aerodynamics and Flow Technology is a leading research institute in the fields of aircraft and vehicle aerodynamics, aircraft aeroacoustics, space aerothermodynamics and wind energy research. Our institute is located at two sites - Braunschweig and Göttingen - and maintains a department in Cologne. With more than 350 employees, we investigate new methods and technologies in aerodynamics and fluid dynamics for aerospace, energy and transport. To this end, we develop and use numerical methods, wind tunnel experiments and flight tests. We analyze and optimize the entire spectrum of uncrewed aerial vehicles, eco-efficient transport aircraft, fast and low-noise helicopters, air taxis, tactical aircraft and missiles, next-generation ground vehicles, low-noise wind turbines, hypersonic aircraft and rockets.

NAICS: 5417
NAICS Definition: Scientific Research and Development Services
Employees: None
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Ipsos Public Affairs

160 Bloor Street East, 3rd Floor Toronto, Ontario M4W 1B9, CA
Last Update: 2025-03-14 (UTC)
Between 750 and 799
https://www.ipsos.com

Ipsos Public Affairs conducts strategic research in partnership with clients from government, public, corporate, and not-for-profit sectors. We understand and manage issues, advance reputations, determine and pinpoint shifts in attitude and opinion, enhance communications, and evaluate policy. We see respondents as citizens, stakeholders, employees, and voters – not just as consumers. We can effectively and quickly reach elite, stakeholder, and other highly targeted respondents, with the same ease as the general public. Ipsos ensures our clients get the answers they need from the audience that is critical to their business. Strategic advice is the key deliverable. We provide clients with advice that goes beyond reporting on data, based on a concrete understanding of the issues and their context. Learn more about... What we do: http://bit.ly/2i9cI20 What we're polling about: http://bit.ly/2yePZbj What we know: http://bit.ly/2ggHMww

NAICS: 541
NAICS Definition:
Employees: 10,001+
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/dlr-institut-für-aerodynamik-und-strömungstechnik.jpeg
DLR Institute of Aerodynamics and Flow Technology
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/ipsos-public-affairs.jpeg
Ipsos Public Affairs
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
DLR Institute of Aerodynamics and Flow Technology
100%
Compliance Rate
0/4 Standards Verified
Ipsos Public Affairs
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Research Services Industry Average (This Year)

No incidents recorded for DLR Institute of Aerodynamics and Flow Technology in 2025.

Incidents vs Research Services Industry Average (This Year)

No incidents recorded for Ipsos Public Affairs in 2025.

Incident History — DLR Institute of Aerodynamics and Flow Technology (X = Date, Y = Severity)

DLR Institute of Aerodynamics and Flow Technology cyber incidents detection timeline including parent company and subsidiaries

Incident History — Ipsos Public Affairs (X = Date, Y = Severity)

Ipsos Public Affairs cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/dlr-institut-für-aerodynamik-und-strömungstechnik.jpeg
DLR Institute of Aerodynamics and Flow Technology
Incidents

No Incident

https://images.rankiteo.com/companyimages/ipsos-public-affairs.jpeg
Ipsos Public Affairs
Incidents

No Incident

FAQ

DLR Institute of Aerodynamics and Flow Technology company demonstrates a stronger AI Cybersecurity Score compared to Ipsos Public Affairs company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, Ipsos Public Affairs company has disclosed a higher number of cyber incidents compared to DLR Institute of Aerodynamics and Flow Technology company.

In the current year, Ipsos Public Affairs company and DLR Institute of Aerodynamics and Flow Technology company have not reported any cyber incidents.

Neither Ipsos Public Affairs company nor DLR Institute of Aerodynamics and Flow Technology company has reported experiencing a ransomware attack publicly.

Neither Ipsos Public Affairs company nor DLR Institute of Aerodynamics and Flow Technology company has reported experiencing a data breach publicly.

Neither Ipsos Public Affairs company nor DLR Institute of Aerodynamics and Flow Technology company has reported experiencing targeted cyberattacks publicly.

Neither DLR Institute of Aerodynamics and Flow Technology company nor Ipsos Public Affairs company has reported experiencing or disclosing vulnerabilities publicly.

Neither DLR Institute of Aerodynamics and Flow Technology nor Ipsos Public Affairs holds any compliance certifications.

Neither company holds any compliance certifications.

Neither DLR Institute of Aerodynamics and Flow Technology company nor Ipsos Public Affairs company has publicly disclosed detailed information about the number of their subsidiaries.

Neither DLR Institute of Aerodynamics and Flow Technology company nor Ipsos Public Affairs company has publicly disclosed the exact number of their employees.

Neither DLR Institute of Aerodynamics and Flow Technology nor Ipsos Public Affairs holds SOC 2 Type 1 certification.

Neither DLR Institute of Aerodynamics and Flow Technology nor Ipsos Public Affairs holds SOC 2 Type 2 certification.

Neither DLR Institute of Aerodynamics and Flow Technology nor Ipsos Public Affairs holds ISO 27001 certification.

Neither DLR Institute of Aerodynamics and Flow Technology nor Ipsos Public Affairs holds PCI DSS certification.

Neither DLR Institute of Aerodynamics and Flow Technology nor Ipsos Public Affairs holds HIPAA certification.

Neither DLR Institute of Aerodynamics and Flow Technology nor Ipsos Public Affairs holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Sakai is a Collaboration and Learning Environment. Prior to versions 23.5 and 25.0, EncryptionUtilityServiceImpl initialized an AES256TextEncryptor password (serverSecretKey) using RandomStringUtils with the default java.util.Random. java.util.Random is a non‑cryptographic PRNG and can be predicted from limited state/seed information (e.g., start time window), substantially reducing the effective search space of the generated key. An attacker who can obtain ciphertexts (e.g., exported or at‑rest strings protected by this service) and approximate the PRNG seed can feasibly reconstruct the serverSecretKey and decrypt affected data. SAK-49866 is patched in Sakai 23.5, 25.0, and trunk.

Published
Date
2025-10-22
Updated
Date
2025-10-22
Risk Information
cvss3
Base: 2.6
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
References
Description

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream of a page using the LZWDecode filter. This has been fixed in pypdf version 6.1.3.

Published
Date
2025-10-22
Updated
Date
2025-10-22
Risk Information
cvss4
Base: 6.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in pypdf version 6.1.3.

Published
Date
2025-10-22
Updated
Date
2025-10-22
Risk Information
cvss4
Base: 6.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Authlib is a Python library which builds OAuth and OpenID Connect servers. Prior to version 1.6.5, Authlib’s JWE zip=DEF path performs unbounded DEFLATE decompression. A very small ciphertext can expand into tens or hundreds of megabytes on decrypt, allowing an attacker who can supply decryptable tokens to exhaust memory and CPU and cause denial of service. This issue has been patched in version 1.6.5. Workarounds for this issue involve rejecting or stripping zip=DEF for inbound JWEs at the application boundary, forking and add a bounded decompression guard via decompressobj().decompress(data, MAX_SIZE)) and returning an error when output exceeds a safe limit, or enforcing strict maximum token sizes and fail fast on oversized inputs; combine with rate limiting.

Published
Date
2025-10-22
Updated
Date
2025-10-22
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References
Description

OpenBao is an open source identity-based secrets management system. Prior to version 2.4.2, OpenBao's audit log did not appropriately redact fields when relevant subsystems sent []byte response parameters rather than strings. This includes, but is not limited to sys/raw with use of encoding=base64, all data would be emitted unredacted to the audit log, and Transit, when performing a signing operation with a derived Ed25519 key, would emit public keys to the audit log. This issue has been patched in OpenBao 2.4.2.

Published
Date
2025-10-22
Updated
Date
2025-10-22
Risk Information
cvss4
Base: 5.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References