Comparison Overview

GrammaTech

VS

UKG

GrammaTech

531 Esty Street, Ithaca, New York, 14850, US
Last Update: 2025-05-06 (UTC)
Between 800 and 900
http://www.grammatech.com

Strong

30+ years of cyber innovation focused on security, resilience, sustainment, automation, and developer productivity.

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 54
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

UKG

Last Update: 2024-08-12 (UTC)

Strong

Between 800 and 900
https://www.ukg.com/

At UKG, our purpose is people. As strong believers in the power of culture and belonging as the secret to success, we champion great workplaces and build lifelong partnerships with our customers to show whatโ€™s possible when businesses invest in their people. One of the worldโ€™s leading HCM cloud companies today, UKG and our Life-work Technology approach to HR, pay, time, and culture solutions for all people helps 80,000 organizations around the globe and across every industry anticipate and adapt to their employeesโ€™ needs beyond just work. To learn more, visit ukg.com. UKG Social Media Guidelines available at https://www.ukg.com/ukg-social-media-guidelines.

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 14,208
Subsidiaries: 3
12-month incidents
0
Known data breaches
1
Attack type number
2

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/grammatech.jpeg
GrammaTech
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/UKG.jpeg
UKG
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
GrammaTech
100%
Compliance Rate
0/4 Standards Verified
UKG
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for GrammaTech in 2025.

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for UKG in 2025.

Incident History โ€” GrammaTech (X = Date, Y = Severity)

GrammaTech cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” UKG (X = Date, Y = Severity)

UKG cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/grammatech.jpeg
GrammaTech
Incidents

No Incident

https://images.rankiteo.com/companyimages/UKG.jpeg
UKG
Incidents

Date Detected: 6/2023
Type:Breach
Blog: Blog

Date Detected: 12/2021
Type:Ransomware
Blog: Blog

FAQ

Both GrammaTech company and UKG company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

UKG company has historically faced a number of disclosed cyber incidents, whereas GrammaTech company has not reported any.

In the current year, UKG company and GrammaTech company have not reported any cyber incidents.

UKG company has confirmed experiencing a ransomware attack, while GrammaTech company has not reported such incidents publicly.

UKG company has disclosed at least one data breach, while GrammaTech company has not reported such incidents publicly.

Neither UKG company nor GrammaTech company has reported experiencing targeted cyberattacks publicly.

Neither GrammaTech company nor UKG company has reported experiencing or disclosing vulnerabilities publicly.

UKG company has more subsidiaries worldwide compared to GrammaTech company.

UKG company employs more people globally than GrammaTech company, reflecting its scale as a Software Development.

Latest Global CVEs (Not Company-Specific)

Description

A security flaw has been discovered in Tipray ๅŽฆ้—จๅคฉ้”็ง‘ๆŠ€่‚กไปฝๆœ‰้™ๅ…ฌๅธ Data Leakage Prevention System ๅคฉ้”ๆ•ฐๆฎๆณ„้œฒ้˜ฒๆŠค็ณป็ปŸ 1.0. Impacted is the function doFilter of the file findDeptPage.do. Performing manipulation of the argument sort results in sql injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-10-05
Updated
Date
2025-10-05
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in Vanderlande Baggage 360 7.0.0. This issue affects some unknown processing of the file /api-addons/v1/messages. Such manipulation of the argument Message leads to cross site scripting. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-10-05
Updated
Date
2025-10-05
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:N/I:P/A:N
cvss3
Base: 3.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was found in qianfox FoxCMS up to 1.2. This affects an unknown part of the file /index.php/Search of the component Search Page. The manipulation of the argument keyword results in cross site scripting. The attack can be executed remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-10-05
Updated
Date
2025-10-05
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability has been found in UTT HiPER 840G up to 3.1.1-190328. Affected by this issue is the function strcpy of the file /goform/formTaskEdit. The manipulation of the argument txtMin2 leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-10-05
Updated
Date
2025-10-05
Risk Information
cvss2
Base: 9.0
Severity: LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A flaw has been found in CodeCanyon/ui-lib Mentor LMS up to 1.1.1. Affected by this vulnerability is an unknown functionality of the component API. Executing manipulation can lead to permissive cross-domain policy with untrusted domains. The attack may be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-10-05
Updated
Date
2025-10-05
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References