Comparison Overview

Intuit

VS

Workday

Intuit

2700 Coast Ave, Mountain View, California, US, 94043
Last Update: 2025-12-09
View Profile
Between 700 and 749
https://www.intuit.com/

Intuit is a global technology platform that helps our customers and communities overcome their most important financial challenges. Serving millions of customers worldwide with TurboTax, QuickBooks, Credit Karma and Mailchimp, we believe that everyone should have the opportunity to prosper and we work tirelessly to find new, innovative ways to deliver on this belief. We encourage conversations on this page and will not delete comments that follow our terms of use. In order to keep this a safe community, the below posts may be removed: Repeated posts of the same content, spam or posts from fake accounts or profiles, offensive language or material, threats to others in the community, posts deliberately aimed to have a negative effect on the community or conversations.

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 17,165
Subsidiaries: 9
12-month incidents
2
Known data breaches
7
Attack type number
1
View Profile

Workday

6110 Stoneridge Mall Rd, None, Pleasanton, California, US, 94588
Last Update: 2025-12-09
Between 700 and 749
http://www.workday.com

Workday is a leading provider of enterprise cloud applications for finance and human resources, helping customers adapt and thrive in a changing world. Workday applications for financial management, human resources, planning, spend management, and analytics are built with artificial intelligence and machine learning at the core to help organizations around the world embrace the future of work. Workday is used by more than 10,000 organizations around the world and across industries – from medium-sized businesses to more than 50% of the Fortune 500.

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 25,257
Subsidiaries: 16
12-month incidents
2
Known data breaches
2
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/intuit.jpeg
Intuit
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/workday.jpeg
Workday
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Intuit
100%
Compliance Rate
0/4 Standards Verified
Workday
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

Intuit has 244.83% more incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs Software Development Industry Average (This Year)

Workday has 244.83% more incidents than the average of same-industry companies with at least one recorded incident.

Incident History — Intuit (X = Date, Y = Severity)

Intuit cyber incidents detection timeline including parent company and subsidiaries

Incident History — Workday (X = Date, Y = Severity)

Workday cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/intuit.jpeg
Intuit
Incidents

Date Detected: 5/2025
Type:Breach
Attack Vector: Credential Stuffing
Blog: Blog

Date Detected: 2/2025
Type:Breach
Attack Vector: Account Compromise
Blog: Blog

Date Detected: 3/2024
Type:Breach
Attack Vector: Unauthorized Access
Blog: Blog
https://images.rankiteo.com/companyimages/workday.jpeg
Workday
Incidents

Date Detected: 9/2025
Type:Breach
Attack Vector: Compromised Third-Party Application (Drift), OAuth Credential Abuse, Targeted Search Queries in Salesforce
Blog: Blog

Date Detected: 8/2025
Type:Breach
Attack Vector: Phishing (SMS/Phone Calls), Impersonation (HR/IT Personnel), Credential Harvesting
Motivation: Data Theft for Further Social Engineering, Credential Harvesting
Blog: Blog

FAQ

Workday company demonstrates a stronger AI Cybersecurity Score compared to Intuit company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Intuit company has faced a higher number of disclosed cyber incidents historically compared to Workday company.

In the current year, Workday and Intuit have reported a similar number of cyber incidents.

Neither Workday company nor Intuit company has reported experiencing a ransomware attack publicly.

Both Workday company and Intuit company have disclosed experiencing at least one data breach.

Neither Workday company nor Intuit company has reported experiencing targeted cyberattacks publicly.

Neither Intuit company nor Workday company has reported experiencing or disclosing vulnerabilities publicly.

Neither Intuit nor Workday holds any compliance certifications.

Neither company holds any compliance certifications.

Workday company has more subsidiaries worldwide compared to Intuit company.

Workday company employs more people globally than Intuit company, reflecting its scale as a Software Development.

Neither Intuit nor Workday holds SOC 2 Type 1 certification.

Neither Intuit nor Workday holds SOC 2 Type 2 certification.

Neither Intuit nor Workday holds ISO 27001 certification.

Neither Intuit nor Workday holds PCI DSS certification.

Neither Intuit nor Workday holds HIPAA certification.

Neither Intuit nor Workday holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 2.6
Severity: HIGH
AV:N/AC:H/Au:N/C:N/I:P/A:N
cvss3
Base: 3.7
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
cvss4
Base: 6.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument user_id leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References