Comparison Overview

Q: Between Elastic company and IDEMIA company, which one has the best AI Cybersecurity Score ?

IDEMIA company demonstrates a stronger AI Cybersecurity Score compared to Elastic company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between Elastic company and IDEMIA company, which one has experienced more cyber incidents in the past ?

Elastic company has historically faced a number of disclosed cyber incidents, whereas IDEMIA company has not reported any.

Q: Between Elastic company and IDEMIA company, which one has experienced more cyber incidents this year ?

In the current year, Elastic company has reported more cyber incidents than IDEMIA company.

Q: Between Elastic company and IDEMIA company, which one has experienced at least one ransomware attack ?

Neither IDEMIA company nor Elastic company has reported experiencing a ransomware attack publicly.

Q: Between Elastic company and IDEMIA company, which one has experienced at least one data breach ?

Neither IDEMIA company nor Elastic company has reported experiencing a data breach publicly.

Q: Between Elastic company and IDEMIA company, which one has experienced at least one targeted cyberattack ?

Neither IDEMIA company nor Elastic company has reported experiencing targeted cyberattacks publicly.

Q: Between Elastic company and IDEMIA company, which one has experienced at least one vulnerability ?

Elastic company has disclosed at least one vulnerability, while IDEMIA company has not reported such incidents publicly.

Q: Between Elastic company and IDEMIA company, which one holds the most compliance certifications ?

Neither Elastic nor IDEMIA holds any compliance certifications.

Q: Between Elastic company and IDEMIA company, which one has the most subsidiaries ?

IDEMIA company has more subsidiaries worldwide compared to Elastic company.

Elastic

88 Kearny St, San Francisco, California, US, 94108

Last Update: 2025-12-11

View Profile

Between 750 and 799

http://www.elastic.co

Elastic, the Search AI Company, enables everyone to find the answers they need in real time, using all their data, at scale. Elastic’s solutions for search, observability, and security are built on the Elastic Search AI Platform — the development platform used by thousands of companies, including more than 50% of the Fortune 500.

NAICS: 5112

NAICS Definition: Software Publishers

Employees: 4,424

Subsidiaries: 0

12-month incidents

2

Known data breaches

0

Attack type number

1

View Profile

IDEMIA

2 place Samuel Champlain, Courbevoie, Ile de France, 92400, FR

Last Update: 2025-12-09

Between 750 and 799

https://www.idemia.com/

IDEMIA Group unlocks simpler and safer ways to pay, connect, access, identify, travel and protect public places. With its long-standing expertise in biometrics and cryptography, IDEMIA develops technologies of excellence with an impactful, ethical, and socially responsible approach. Every day, IDEMIA secures billions of interactions in the physical and digital worlds. IDEMIA Group brings together three market-leading businesses that enable mission-critical solutions: • IDEMIA Secure Transactions is the leading technology provider who unlocks safer and easier ways to pay and connect. For more information, visit www.idemia.com/business/idemia-secure-transactions • IDEMIA Public Security is a leading global provider of biometric solutions that unlock convenient and secure travel, access, and protection. For more information, visit www.idemia.com/business/idemia-public-security • IDEMIA Smart Identity leverages the power of cryptographic and biometric technologies to unlock a single trusted identity for all. For more information, visit www.idemia.com/business/idemia-smart-identity With a global team of nearly 15,000 employees, IDEMIA Group is trusted by over 600 governmental organizations and more than 2,400 enterprises in over 180 countries. For more information, visit www.idemia.com and follow @IDEMIAGroup on X.

NAICS: 5112

NAICS Definition: Software Publishers

Employees: 13,546

Subsidiaries: 2

12-month incidents

0

Known data breaches

0

Attack type number

0

Elastic

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

IDEMIA

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Software Development Industry Average (This Year)

Elastic has 250.88% more incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for IDEMIA in 2025.

Incident History — Elastic (X = Date, Y = Severity)

Elastic cyber incidents detection timeline including parent company and subsidiaries

Incident History — IDEMIA (X = Date, Y = Severity)

IDEMIA cyber incidents detection timeline including parent company and subsidiaries

Elastic

Incidents

Date Detected: 6/2025

Type:Vulnerability

Attack Vector: Local/Remote Code Execution via Custom Loader, Kernel Driver Manipulation, NULL Pointer Dereference Exploit (CWE-476)

Blog: Blog

Date Detected: 3/2025

Type:Vulnerability

Attack Vector: Arbitrary Code Execution

Blog: Blog

IDEMIA

Incidents

No Incident

IDEMIA company demonstrates a stronger AI Cybersecurity Score compared to Elastic company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Elastic company has historically faced a number of disclosed cyber incidents, whereas IDEMIA company has not reported any.

In the current year, Elastic company has reported more cyber incidents than IDEMIA company.

Neither IDEMIA company nor Elastic company has reported experiencing a ransomware attack publicly.

Neither IDEMIA company nor Elastic company has reported experiencing a data breach publicly.

Neither IDEMIA company nor Elastic company has reported experiencing targeted cyberattacks publicly.

Elastic company has disclosed at least one vulnerability, while IDEMIA company has not reported such incidents publicly.

Neither Elastic nor IDEMIA holds any compliance certifications.

Neither company holds any compliance certifications.

IDEMIA company has more subsidiaries worldwide compared to Elastic company.

IDEMIA company employs more people globally than Elastic company, reflecting its scale as a Software Development.

Neither Elastic nor IDEMIA holds SOC 2 Type 1 certification.

Neither Elastic nor IDEMIA holds SOC 2 Type 2 certification.

Neither Elastic nor IDEMIA holds ISO 27001 certification.

Neither Elastic nor IDEMIA holds PCI DSS certification.

Neither Elastic nor IDEMIA holds HIPAA certification.

Neither Elastic nor IDEMIA holds GDPR certification.

Description

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss3

Base: 5.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References

https://support.pentaho.com/hc/en-us/articles/41833799577741--Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Generation-of-Error-Message-Containing-Sensitive-Information-Versions-before-10-2-0-4-Impacted-CVE-2025-9122

Description

Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss3

Base: 8.8

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

https://support.pentaho.com/hc/en-us/articles/41832536185613--Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Deserialization-of-Untrusted-Data-Versions-before-10-2-0-4-Impacted-CVE-2025-9121

Description

A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/Ct_Config.php of the component Backend System Configuration Module. The manipulation of the argument Cj_Add/Cj_Edit results in code injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss2

Base: 5.8

Severity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base: 4.7

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base: 5.1

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/Ct_App.php of the component Backend App Configuration Module. The manipulation of the argument CT_App_Paytype leads to code injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss2

Base: 5.8

Severity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base: 4.7

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base: 5.1

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

Weblate is a web based localization tool. In versions prior to 5.15, it was possible to accept an invitation opened by a different user. Version 5.15. contains a patch. As a workaround, avoid leaving one's Weblate sessions with an invitation opened unattended.

Published

Date

2025-12-15

Updated

Date

2025-12-15

Risk Information

cvss4

Base: 1.0

Severity: HIGH

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Elastic

VS

IDEMIA

Elastic

IDEMIA

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

Incidents vs Software Development Industry Average (This Year)

Incident History — Elastic (X = Date, Y = Severity)

Incident History — IDEMIA (X = Date, Y = Severity)

Notable Incidents

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-9122

Risk Information

CVE-2025-9121

Risk Information

CVE-2025-14730

Risk Information

CVE-2025-14729

Risk Information

CVE-2025-64725

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Elastic

VS

IDEMIA

Elastic

IDEMIA

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

Incidents vs Software Development Industry Average (This Year)

Incident History — Elastic (X = Date, Y = Severity)

Incident History — IDEMIA (X = Date, Y = Severity)

Notable Incidents

🔒 Incident : Vulnerability ELA627081725

🔒 Incident : Vulnerability ELA921030725

No Incident

FAQ

Between Elastic company and IDEMIA company, which one has the best AI Cybersecurity Score ?

Between Elastic company and IDEMIA company, which one has experienced more cyber incidents in the past ?

Between Elastic company and IDEMIA company, which one has experienced more cyber incidents this year ?

Between Elastic company and IDEMIA company, which one has experienced at least one ransomware attack ?

Between Elastic company and IDEMIA company, which one has experienced at least one data breach ?

Between Elastic company and IDEMIA company, which one has experienced at least one targeted cyberattack ?

Between Elastic company and IDEMIA company, which one has experienced at least one vulnerability ?

Between Elastic company and IDEMIA company, which one holds the most compliance certifications ?

Between Elastic company and IDEMIA company, which one holds the fewest compliance certifications ?

Between Elastic company and IDEMIA company, which one has the most subsidiaries ?

Between Elastic company and IDEMIA company, which one has the largest number of employees ?

Between Elastic and IDEMIA, which company holds both SOC 2 Type 1 certifications ?

Between Elastic and IDEMIA, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — Elastic or IDEMIA ?

Which company is PCI DSS compliant — Elastic or IDEMIA ?

Between Elastic and IDEMIA, which company complies with HIPAA regulations for healthcare data ?

Between Elastic and IDEMIA, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-9122

Risk Information

CVE-2025-9121

Risk Information

CVE-2025-14730

Risk Information

CVE-2025-14729

Risk Information

CVE-2025-64725

Risk Information