Comparison Overview

InterAction

VS

Young Invincibles

InterAction

1400 Sixteeth Street, NW, Suite 210, Washington, 20036, US
Last Update: 2025-11-28
View Profile
Between 700 and 749
http://www.interaction.org

Convener. Thought Leader. United Voice. Founded in 1984, InterAction is the largest alliance of international NGOs and partners in the United States. We mobilize our Members to think and act collectively to serve the world’s poor and vulnerable, with a shared belief that we can make the world a more peaceful, just and prosperous place—together.

NAICS: 921
NAICS Definition: Executive, Legislative, and Other General Government Support
Employees: 209
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Young Invincibles

1725 Desales St NW, Washington, District of Columbia, 20036, US
Last Update: 2025-11-28
Between 700 and 749
http://younginvincibles.org/

Young Invincibles was founded in the summer of 2009, motivated by the recognition that young people’s voices were not being heard in the debate over health care reform. Co-Founders Ari Matusiak and Aaron Smith and a few friends wanted to change that, so they set up a one page website, asking young people to share their stories, believing in their generation’s capacity to stand up and make itself heard. In a little more than a year, ‘YI’ went from a group run out of a law school cafeteria to a national organization, representing the interests of 18 to 34 year-olds and making sure that our perspective is heard wherever decisions about our collective future are being made. We do this through conducting cutting-edge policy research and analysis, sharing the stories of young Americans, designing campaigns to educate on important issue areas, informing and mobilizing our generation and advocating to change the status quo. We still believe in our generation – now more than ever. We know that our generation will define the future we share as a nation. These are difficult times. But this is also our time. Why don’t you join us today?

NAICS: 921
NAICS Definition:
Employees: 139
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/interaction.jpeg
InterAction
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/young-invincibles.jpeg
Young Invincibles
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
InterAction
100%
Compliance Rate
0/4 Standards Verified
Young Invincibles
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Public Policy Offices Industry Average (This Year)

No incidents recorded for InterAction in 2025.

Incidents vs Public Policy Offices Industry Average (This Year)

No incidents recorded for Young Invincibles in 2025.

Incident History — InterAction (X = Date, Y = Severity)

InterAction cyber incidents detection timeline including parent company and subsidiaries

Incident History — Young Invincibles (X = Date, Y = Severity)

Young Invincibles cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/interaction.jpeg
InterAction
Incidents

No Incident

https://images.rankiteo.com/companyimages/young-invincibles.jpeg
Young Invincibles
Incidents

No Incident

FAQ

InterAction company demonstrates a stronger AI Cybersecurity Score compared to Young Invincibles company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, Young Invincibles company has disclosed a higher number of cyber incidents compared to InterAction company.

In the current year, Young Invincibles company and InterAction company have not reported any cyber incidents.

Neither Young Invincibles company nor InterAction company has reported experiencing a ransomware attack publicly.

Neither Young Invincibles company nor InterAction company has reported experiencing a data breach publicly.

Neither Young Invincibles company nor InterAction company has reported experiencing targeted cyberattacks publicly.

Neither InterAction company nor Young Invincibles company has reported experiencing or disclosing vulnerabilities publicly.

Neither InterAction nor Young Invincibles holds any compliance certifications.

Neither company holds any compliance certifications.

Neither InterAction company nor Young Invincibles company has publicly disclosed detailed information about the number of their subsidiaries.

InterAction company employs more people globally than Young Invincibles company, reflecting its scale as a Public Policy Offices.

Neither InterAction nor Young Invincibles holds SOC 2 Type 1 certification.

Neither InterAction nor Young Invincibles holds SOC 2 Type 2 certification.

Neither InterAction nor Young Invincibles holds ISO 27001 certification.

Neither InterAction nor Young Invincibles holds PCI DSS certification.

Neither InterAction nor Young Invincibles holds HIPAA certification.

Neither InterAction nor Young Invincibles holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

ThingsBoard in versions prior to v4.2.1 allows an authenticated user to upload malicious SVG images via the "Image Gallery", leading to a Stored Cross-Site Scripting (XSS) vulnerability. The exploit can be triggered when any user accesses the public API endpoint of the malicious SVG images, or if the malicious images are embedded in an `iframe` element, during a widget creation, deployed to any page of the platform (e.g., dashboards), and accessed during normal operations. The vulnerability resides in the `ImageController`, which fails to restrict the execution of JavaScript code when an image is loaded by the user's browser. This vulnerability can lead to the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and allowing unauthorized actions.

Published
Date
2025-11-27
Updated
Date
2025-11-27
Risk Information
cvss4
Base: 6.2
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email address used when switching authentication methods and sending a request to the /users/login/sso/code-exchange endpoint. The vulnerability requires ExperimentalEnableAuthenticationTransfer to be enabled (default: enabled) and RequireEmailVerification to be disabled (default: disabled).

Published
Date
2025-11-27
Updated
Date
2025-11-27
Risk Information
cvss3
Base: 9.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References
Description

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to sanitize team email addresses to be visible only to Team Admins, which allows any authenticated user to view team email addresses via the GET /api/v4/channels/{channel_id}/common_teams endpoint

Published
Date
2025-11-27
Updated
Date
2025-11-27
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References
Description

Exposure of email service credentials to users without administrative rights in Devolutions Server.This issue affects Devolutions Server: before 2025.2.21, before 2025.3.9.

Published
Date
2025-11-27
Updated
Date
2025-11-27
References
Description

Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8.

Published
Date
2025-11-27
Updated
Date
2025-11-27
References