DRA
Company Details
Linkedin ID:
dubuque-racing-association
Website:
Employees number:
7
Number of followers:
586
NAICS:
7132
Industry Type:
Homepage:
dradubuque.com
IP Addresses:
0
Company ID:
DRA_2439134
Scan Status:
In-progress
DRA Company CyberSecurity Posture
dradubuque.com
The DRA, through its gaming and entertainment facilities, provides for social, economic and community betterment and lessens the burden of Dubuque city and area government, while contributing to the growth and viability of Dubuque area tourism. We are different. The DRA is unique because we are one of only two gaming organizations in the country established and run for the benefit of a local government entity. In fact, since our founding we have contributed more than $244 million back to the City of Dubuque. Our business model is simple. We distribute 100% of our winnings after expenses, which includes the 4.5% of adjusted gross receipts we receive monthly from the Diamond Jo Casino. A third of the money goes to area charities, a third goes to the City of Dubuque, and a third will now go toward efforts to develop and enhance amenities on the city-owned Schmitt Island. Simply put, this money supports organizations and projects that have a direct impact on improving the lives of people in the Dubuque area!
DRA A.I CyberSecurity Scoring
DRA Risk Score (AI oriented)Between 750 and 799
DRA
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
DRA Global Score (TPRM)XXXX
DRA
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
DRA Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
DRA Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for DRA
Incidents vs Gambling Facilities and Casinos Industry Average (This Year)
No incidents recorded for DRA in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for DRA in 2025.
Incident Types DRA vs Gambling Facilities and Casinos Industry Avg (This Year)
No incidents recorded for DRA in 2025.
Incident History — DRA (X = Date, Y = Severity)
DRA cyber incidents detection timeline including parent company and subsidiaries
DRA Company Subsidiaries
The DRA, through its gaming and entertainment facilities, provides for social, economic and community betterment and lessens the burden of Dubuque city and area government, while contributing to the growth and viability of Dubuque area tourism. We are different. The DRA is unique because we are one of only two gaming organizations in the country established and run for the benefit of a local government entity. In fact, since our founding we have contributed more than $244 million back to the City of Dubuque. Our business model is simple. We distribute 100% of our winnings after expenses, which includes the 4.5% of adjusted gross receipts we receive monthly from the Diamond Jo Casino. A third of the money goes to area charities, a third goes to the City of Dubuque, and a third will now go toward efforts to develop and enhance amenities on the city-owned Schmitt Island. Simply put, this money supports organizations and projects that have a direct impact on improving the lives of people in the Dubuque area!
Loading...
DRA Similar Companies
Estoril Sol Digital, Online Gaming Products and Services, S.A.
Estoril Sol Digital, Online Gaming Products and Services, S.A. is part of the biggest and most prestige casino group in Portugal, Grupo Estoril Sol, operating for more than 50 years with their land-based casinos, Casino Estoril, Casino Lisboa and Casino da Póvoa. Estoril Sol Digital owns the onl
Oxford Casino Hotel
LOOKING FOR STABILITY AND GREAT BENEFITS? YOU JUST FOUND IT!! Oxford Casino Hotel offers Medical, Dental, Vision, Life and Short Term Disability Insurance. We also offer a 401k Savings Plan with up to a 4% company match and the eligibility to purchase Churchill Downs Stock through an Employee Stock
Margaritaville Resort Casino - Bossier City, La.
Margaritaville® Resort Casino is Northwest Louisiana’s Newest, Nicest Casino-Resort. Margaritaville® Resort Casino is a unique luxury casino resort offering the Shreveport-Bossier market a new and exciting gaming experience, situated in the heart of Bossier City. Treat yourself to one of the
Automated Currency Instruments, Inc.
Automated Currency Instruments, Inc. is an innovative high technology company focused on the casino gaming industry. ACI designs and engineers solutions to casino gaming problems and issues. ACI's cutting edge kiosks and wireless solutions facilitate TITO redemption, cash access, player club enrol
Newport Racing & Gaming
The fun comes easy at Churchill Downs’ Newport Racing & Gaming! Like slots? You’ll love playing at Newport Racing & Gaming! Spinning and winning’s a breeze with hundreds of hot historical racing machines ready to play right up the road. Hit the jackpot on fun with an expansive gaming floor featuring
Hollywood Casino at Charles Town Races
An incredibly exciting, friendly, and total entertainment experience conveniently located about an hour from Baltimore and DC! Welcome to Hollywood! It starts with over 1,900 of the hottest slots. That's more machines than you'll find in many Las Vegas casinos. Besides having all your favorite game
.png)
DRA CyberSecurity News
November 11, 2025 08:00 AM
Top 40 Cyber Security Projects to Boost Your Skills (2026)
TL;DR: Cybersecurity projects help learners gain hands-on experience, strengthen technical skills, and understand key security concepts in...
October 02, 2025 07:00 AM
Future of Cybersecurity: NIELIT–FCRF Pact to Train Experts in AI Fraud, Forensics & Digital Law
NIELIT (MeitY) and Future Crime Research Foundation (FCRF) have signed an MoU to boost India's cybersecurity skilling.
September 04, 2025 07:00 AM
Fintech CISO on How AI is Changing Cybersecurity Skillsets
Broadridge CISO David Ramirez discusses how defenders can stay ahead of attackers in the AI arms race.
August 11, 2025 07:00 AM
Korea–U.S. team wins top prize at AI security competition
A team of researchers from Samsung Electronics Co. and top universities in South Korea and the United States has taken first place in a...
August 05, 2025 07:00 AM
New Reveal platform shines a light on post-login identity behavior
Designed for modern hybrid enterprises, the Reveal Platfom provides end-to-end visibility into both human and non-human identity behaviors.
July 03, 2025 07:00 AM
Kyrgyz banks lack cybersecurity: every second website is vulnerable to hacking on Akchabar
According to a study conducted by the Digital Resilience Association (DRA) in collaboration with TSARKA Kyrgyzstan, nearly half of the...
May 14, 2025 07:00 AM
What is business resilience?
Learn about business resilience, an organization's ability to adapt quickly to disruptions and maintain operations, safeguard people and...
April 16, 2025 07:00 AM
Cybersecurity Masterclass at UPJ: Fortifying Against Threats Through Artificial Intelligence
Group photo of academics and students atteding the masterclass. South Jakarta – In an era where cybersecurity threats are evolving at an...
April 14, 2025 07:00 AM
Kang Xia named MSU AgBioResearch associate director
Xia, former associate director of the Virginia Agricultural Experiment Station at Virginia Tech, begins her role with MSU AgBioResearch...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
DRA CyberSecurity History Information
Official Website of DRA
The official website of DRA is http://dradubuque.com.
DRA’s AI-Generated Cybersecurity Score
According to Rankiteo, DRA’s AI-generated cybersecurity score is 763, reflecting their Fair security posture.
How many security badges does DRA’ have ?
According to Rankiteo, DRA currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does DRA have SOC 2 Type 1 certification ?
According to Rankiteo, DRA is not certified under SOC 2 Type 1.
Does DRA have SOC 2 Type 2 certification ?
According to Rankiteo, DRA does not hold a SOC 2 Type 2 certification.
Does DRA comply with GDPR ?
According to Rankiteo, DRA is not listed as GDPR compliant.
Does DRA have PCI DSS certification ?
According to Rankiteo, DRA does not currently maintain PCI DSS compliance.
Does DRA comply with HIPAA ?
According to Rankiteo, DRA is not compliant with HIPAA regulations.
Does DRA have ISO 27001 certification ?
According to Rankiteo,DRA is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of DRA
DRA operates primarily in the Gambling Facilities and Casinos industry.
Number of Employees at DRA
DRA employs approximately 7 people worldwide.
Subsidiaries Owned by DRA
DRA presently has no subsidiaries across any sectors.
DRA’s LinkedIn Followers
DRA’s official LinkedIn profile has approximately 586 followers.
NAICS Classification of DRA
DRA is classified under the NAICS code 7132, which corresponds to Gambling Industries.
DRA’s Presence on Crunchbase
No, DRA does not have a profile on Crunchbase.
DRA’s Presence on LinkedIn
Yes, DRA maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/dubuque-racing-association.
Cybersecurity Incidents Involving DRA
As of November 27, 2025, Rankiteo reports that DRA has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
DRA has an estimated 894 peer or competitor companies worldwide.
DRA CyberSecurity History Information
How many cyber incidents has DRA faced ?
Total Incidents: According to Rankiteo, DRA has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at DRA ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=dubuque-racing-association' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
