Comparison Overview

Grafana Labs

VS

Upwork

Grafana Labs

29 Broadway, New York, 10006, US
Last Update: 2025-12-02
View Profile
Between 750 and 799
https://grafana.com

Grafana Labs provides an open and composable observability stack built around Grafana, the leading open source technology for dashboards and visualization. There are 5,000+ Grafana Labs customers, including Bloomberg, Citigroup, Dell Technologies, Salesforce, and TomTom, and 25M+ Grafana users around the world. Grafana Labs helps companies achieve their observability goals with the LGTM Stack, which features scalable metrics (Grafana Mimir), logs (Grafana Loki), and traces (Grafana Tempo) as well as extensive enterprise data source plugins, dashboard management, alerting, reporting, and security. The fully managed Grafana Cloud offering helps organizations get observability up and running easier and faster, with turnkey solutions for Kubernetes and infrastructure monitoring, incident response management, load testing, application observability, and more. Grafana Labs is backed by leading investors Lightspeed Venture Partners, Lead Edge Capital, GIC, Sequoia Capital, Coatue, J.P. Morgan, and CapitalG. Follow Grafana Labs on LinkedIn and Twitter or visit grafana.com.

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 1,742
Subsidiaries: 0
12-month incidents
2
Known data breaches
0
Attack type number
1
View Profile

Upwork

475 Brannan St, San Francisco, California, 94107, US
Last Update: 2025-12-01
Between 800 and 849
https://www.upwork.com/

Upwork is the world’s work marketplace that connects businesses with independent talent from across the globe. We serve everyone from one-person startups to large, Fortune 100 enterprises with a powerful, trust-driven platform that enables companies and talent to work together in new ways that unlock their potential. Our talent community on Upwork encompasses more than 10,000 skills in categories including website & app development, creative & design, customer support, finance & accounting, consulting, and operations.

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 144,138
Subsidiaries: 3
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/grafana-labs.jpeg
Grafana Labs
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/upwork.jpeg
Upwork
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Grafana Labs
100%
Compliance Rate
0/4 Standards Verified
Upwork
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

Grafana Labs has 365.12% more incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for Upwork in 2025.

Incident History — Grafana Labs (X = Date, Y = Severity)

Grafana Labs cyber incidents detection timeline including parent company and subsidiaries

Incident History — Upwork (X = Date, Y = Severity)

Upwork cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/grafana-labs.jpeg
Grafana Labs
Incidents

Date Detected: 11/2025
Type:Vulnerability
Attack Vector: Network, SCIM Provisioning Misconfiguration
Blog: Blog

Date Detected: 5/2025
Type:Vulnerability
Attack Vector: Client-side open redirect
Motivation: Account takeover, execution of malicious plugins
Blog: Blog
https://images.rankiteo.com/companyimages/upwork.jpeg
Upwork
Incidents

No Incident

FAQ

Upwork company demonstrates a stronger AI Cybersecurity Score compared to Grafana Labs company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Grafana Labs company has historically faced a number of disclosed cyber incidents, whereas Upwork company has not reported any.

In the current year, Grafana Labs company has reported more cyber incidents than Upwork company.

Neither Upwork company nor Grafana Labs company has reported experiencing a ransomware attack publicly.

Neither Upwork company nor Grafana Labs company has reported experiencing a data breach publicly.

Neither Upwork company nor Grafana Labs company has reported experiencing targeted cyberattacks publicly.

Grafana Labs company has disclosed at least one vulnerability, while Upwork company has not reported such incidents publicly.

Neither Grafana Labs nor Upwork holds any compliance certifications.

Neither company holds any compliance certifications.

Upwork company has more subsidiaries worldwide compared to Grafana Labs company.

Upwork company employs more people globally than Grafana Labs company, reflecting its scale as a Software Development.

Neither Grafana Labs nor Upwork holds SOC 2 Type 1 certification.

Neither Grafana Labs nor Upwork holds SOC 2 Type 2 certification.

Neither Grafana Labs nor Upwork holds ISO 27001 certification.

Neither Grafana Labs nor Upwork holds PCI DSS certification.

Neither Grafana Labs nor Upwork holds HIPAA certification.

Neither Grafana Labs nor Upwork holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM Otherwise accessing them can cause a crash.

Published
Date
2025-12-06
Updated
Date
2025-12-06
References
Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices Previously, APU platforms (and other scenarios with uninitialized VRAM managers) triggered a NULL pointer dereference in `ttm_resource_manager_usage()`. The root cause is not that the `struct ttm_resource_manager *man` pointer itself is NULL, but that `man->bdev` (the backing device pointer within the manager) remains uninitialized (NULL) on APUs—since APUs lack dedicated VRAM and do not fully set up VRAM manager structures. When `ttm_resource_manager_usage()` attempts to acquire `man->bdev->lru_lock`, it dereferences the NULL `man->bdev`, leading to a kernel OOPS. 1. **amdgpu_cs.c**: Extend the existing bandwidth control check in `amdgpu_cs_get_threshold_for_moves()` to include a check for `ttm_resource_manager_used()`. If the manager is not used (uninitialized `bdev`), return 0 for migration thresholds immediately—skipping VRAM-specific logic that would trigger the NULL dereference. 2. **amdgpu_kms.c**: Update the `AMDGPU_INFO_VRAM_USAGE` ioctl and memory info reporting to use a conditional: if the manager is used, return the real VRAM usage; otherwise, return 0. This avoids accessing `man->bdev` when it is NULL. 3. **amdgpu_virt.c**: Modify the vf2pf (virtual function to physical function) data write path. Use `ttm_resource_manager_used()` to check validity: if the manager is usable, calculate `fb_usage` from VRAM usage; otherwise, set `fb_usage` to 0 (APUs have no discrete framebuffer to report). This approach is more robust than APU-specific checks because it: - Works for all scenarios where the VRAM manager is uninitialized (not just APUs), - Aligns with TTM's design by using its native helper function, - Preserves correct behavior for discrete GPUs (which have fully initialized `man->bdev` and pass the `ttm_resource_manager_used()` check). v4: use ttm_resource_manager_used(&adev->mman.vram_mgr.manager) instead of checking the adev->gmc.is_app_apu flag (Christian)

Published
Date
2025-12-06
Updated
Date
2025-12-06
References
Description

In the Linux kernel, the following vulnerability has been resolved: exfat: fix improper check of dentry.stream.valid_size We found an infinite loop bug in the exFAT file system that can lead to a Denial-of-Service (DoS) condition. When a dentry in an exFAT filesystem is malformed, the following system calls — SYS_openat, SYS_ftruncate, and SYS_pwrite64 — can cause the kernel to hang. Root cause analysis shows that the size validation code in exfat_find() does not check whether dentry.stream.valid_size is negative. As a result, the system calls mentioned above can succeed and eventually trigger the DoS issue. This patch adds a check for negative dentry.stream.valid_size to prevent this vulnerability.

Published
Date
2025-12-06
Updated
Date
2025-12-06
References
Description

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible memory leak in smb2_read() Memory leak occurs when ksmbd_vfs_read() fails. Fix this by adding the missing kvfree().

Published
Date
2025-12-06
Updated
Date
2025-12-06
References
Description

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible refcount leak in smb2_sess_setup() Reference count of ksmbd_session will leak when session need reconnect. Fix this by adding the missing ksmbd_user_session_put().

Published
Date
2025-12-06
Updated
Date
2025-12-06
References