What is the official website of KDC Inc. ?

The official website of KDC Inc. is http://www.kdcinc.com.

What is KDC Inc.'s cybersecurity risk score?

KDC Inc. has an AI-generated cybersecurity risk score of 754 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has KDC Inc. experienced?

According to Rankiteo, KDC Inc. currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has KDC Inc. been affected by any supply chain cyber incidents ?

According to Rankiteo, KDC Inc. has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does KDC Inc. have SOC 2 Type 1 certification ?

According to Rankiteo, KDC Inc. is not certified under SOC 2 Type 1.

Does KDC Inc. have SOC 2 Type 2 certification ?

According to Rankiteo, KDC Inc. does not hold a SOC 2 Type 2 certification.

Does KDC Inc. comply with GDPR ?

According to Rankiteo, KDC Inc. is not listed as GDPR compliant.

Does KDC Inc. have PCI DSS certification ?

According to Rankiteo, KDC Inc. does not currently maintain PCI DSS compliance.

Does KDC Inc. comply with HIPAA ?

According to Rankiteo, KDC Inc. is not compliant with HIPAA regulations.

Does KDC Inc. have ISO 27001 certification ?

According to Rankiteo,KDC Inc. is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does KDC Inc. operate in ?

KDC Inc. operates primarily in the Construction industry.

How many employees does KDC Inc. have ?

KDC Inc. employs approximately 371 people worldwide.

Does KDC Inc. own any subsidiaries ?

KDC Inc. presently has no subsidiaries across any sectors.

How many LinkedIn followers does KDC Inc. have ?

KDC Inc.'s official LinkedIn profile has approximately 1,684 followers.

What is the NAICS classification code for KDC Inc. ?

KDC Inc. is classified under the NAICS code 23, which corresponds to Construction.

Does KDC Inc. have a Crunchbase profile ?

No, KDC Inc. does not have a profile on Crunchbase.

Does KDC Inc. have a LinkedIn profile ?

Yes, KDC Inc. maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/kdcinc.

How many cybersecurity incidents has KDC Inc. experienced ?

As of June 14, 2026, Rankiteo reports that KDC Inc. has not experienced any cybersecurity incidents.

How many peer or competitor companies does KDC Inc. have ?

KDC Inc. has an estimated 39,748 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

KDC Inc.

Boost Score +25 with badge (5 left)

754

/1000

Fair

779

/1000

Fair

KDC Inc. Vendor Cyber Rating & Cyber Score

kdcinc.com

Add Your Compliance Badge

KDC Inc. has developed many strong relationships with general contractors, architects and engineers in Southern California. Our skill, experience, purchasing power, and access to technical and financial resources enable us to complete your project in a timely manner with cost competitive performance. Owned by EMCOR, the largest U.S. specialty contractor, KDC Inc. has a nationwide network of sister companies experienced in working together, linking our strengths to meet our customers' needs. We provide electrical, transportation, telecommunications and control system integration services. Our electrical division performs specialty electrical contracting work as well as design/build projects. Our transportation division performs all

KDC Inc. A.I CyberSecurity Scoring

Scoring History

KDC Inc.

KDC Inc. CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

KDC Inc. Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for KDC Inc.

Incidents vs Construction Industry Avg (This Year)

No incidents recorded for KDC Inc. in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for KDC Inc. in 2026.

Incident Types KDC Inc. vs Construction Industry Avg (This Year)

No incidents recorded for KDC Inc. in 2026.

Incident History - KDC Inc. (X = Date, Y = Severity)

Loading…

SUBSIDIARY

KDC Inc. Subsidiaries

KDC Inc.

Construction

Website: http://www.kdcinc.com

Company Size: 371

EMCOR Group, Inc.Construction

Loading…

KDC Inc. Similar Companies

Bouygues Group

cb bouygues.com

Founded in 1952 by Francis Bouygues, Bouygues is a diversified services group operating in over 80 countries with 200,000 employees all working to make life better every day. Its business activities in construction (Bouygues Construction, Bouygues Immobilier, Colas); energies & services (Equans); media (TF1) and telecoms (Bouygues Telecom) are able to drive growth since they all satisfy constantly changing and essential needs.

STRABAG

cb strabag.com

At STRABAG around 86,000 people working on progress at more than 2,400 locations worldwide. Uniqueness and individual strengths characterise both our projects and each of us as individuals. Whether its building construction, civil engineering, road construction, underground engineering, bridge building, tunnelling, construction material production, project development or building management – we are always one step ahead so that we can become the most innovative and sustainable construction technology company in Europe. Diversity, inclusion and equal opportunities are integral to this, who we are as a company and how we work. Together we work as partners to complete projects successfully and grow with new challenges. Together we achieve great things. Let’s progress!

Bouygues Construction

bouygues-construction.com

Bouygues Construction employs 35,600 people around the world, all driven by the greatest and most exciting responsibility of all – building for life. For our customers in more than 50 countries, we deliver much more than projects. We build to create spaces, connections and opportunities. We improve daily life for millions of people by creating structures and buildings that welcome life in all its diversity, serving all our needs: housing, healthcare, education, work, tourism, leisure activities, public services, etc. We are aware that everything we build is here to stay, and our legacy as builders will be with us for generations to come. This is why every day, we look for new solutions in order to design, renovate, and build differently. Our aim is to address the critical imperatives of the environmental transition: we are committed to making construction sustainable and less resource-intensive. We support the development of low-carbon energy production and public transport infrastructures, and we construct and renovate buildings and neighbourhoods using low-carbon materials, optimising the design of our structures and taking account of their lifecycle. Because the men and women of Bouygues Construction are our most precious asset, we ensure that everyone is safe at all times, and that human rights and ethical standards are respected. Finally, we are committed to ensuring that everyone can achieve their full potential in their work by building a career path that reflects the values we hold dear: respect, commitment, pioneering and sharing.

ALEC Holdings

alec.ae

ALEC Holdings, part of the Investment Corporate of Dubai (ICD), is a leading construction and related businesses group operating in the UAE and KSA. The company builds and provides construction solutions that set industry benchmarks for quality, safety, functionality, and aesthetics. ALEC Holdings offers its clients complete turnkey solutions in construction, MEP, fit-out, marine, oil & gas, modular construction, energy efficiency and solar projects, heavy equipment rental, technology systems, data centers and asset maintenance. With these capabilities, the company successfully serves a diverse range of sectors including airports, retail, hotels & resorts, high-rise buildings, and themed projects.

VINCI Construction

vinci-construction.com

Premier groupe français et acteur mondial de premier plan de la construction, VINCI Construction réunit plus de 830 entreprises et près de 69000 collaborateurs dans une centaine de pays. Ses expertises s’étendent à l’ensemble des métiers du bâtiment, du génie civil, et des activités spécialisées associés à la construction VINCI Construction se caractérise, outre l’étendue de sces expertises, par un modèle économique articulé en trois composantes complémentaires. Un réseau de filiales locales :  - en France, avec VINCI Construction France, qui dispose en métropole d’un réseau solidement ancré de 450 centres de profit, et VINCI Construction Dom-Tom, représenté par une trentaine de filiales locales implantées dans les départements, territoires et collectivités d’outre-mer ;  - à l’international, avec VINCI Construction UK au Royaume-Uni; avec Warbud, SMP, Prumstav, SMS et APS Alkon en Europe centrale et enfin avec Sogea-Satom en Afrique ; Des métiers de spécialités exercés à l’échelle mondiale : Soletanche Freyssinet (fondations et technologies du sol, structures, nucléaire) ; Entrepose Contracting (infrastructures parapétrolières et gazières) ; Une division dédiée au management et à la réalisation de projets complexes, avec VINCI Construction Grands Projets, VINCI Construction Terrassement et Dodin Campenon Bernard, qui interviennent sur le marché des grands ouvrages de génie civil et de bâtiment, en France et à l’international. VINCI Construction est le creuset de la culture d’entrepreneur du Groupe et de son schéma de management, qui conjugue décentralisation, travail en réseau, autonomie et responsabilité individuelle de l’encadrement, valorisation des hommes et réactivité des organisations.

Burns & McDonnell

burnsmcd.com

At Burns & McDonnell, our engineers, construction professionals, architects, planners, technologists and scientists do more than plan, design and construct. With a mission unchanged since 1898 — make our clients successful — we partner with you on the toughest challenges, constantly working to make the world an amazing place. Each professional brings an ownership mentality to projects at our 100% employee-owned firm, which has safety performance among the top 5% of AEC firms. As dedicated owners, we work through challenges until they’re resolved, meeting or exceeding our clients’ goals. We apply this commitment to our communities, too. We live and work in the same cities you call home, so we share a passion to keep them strong and healthy. From fundraising events and community cleanups to educational outreach and mentorship — especially when it comes to sharing our passion for STEM — our professionals work to make our communities thrive.

PCL Construction

pcl.com

PCL is a group of independent construction companies that carries out work across Canada, the United States, the Caribbean, and in Australia. These diverse operations in the civil infrastructure, heavy industrial, and buildings markets are supported by a strategic presence in 31 major centers. PCL is 100% employee-owned. Watch us build at www.pcl.com

GMR Group

cb gmrgroup.in

GMR Group is a leading Indian infrastructure conglomerate with a diversified presence across Airports, Energy, Transportation, Urban Infrastructure, and Sports. With over two decades of experience, the Group has built world-class assets and pioneered innovations in sustainable infrastructure development. GMR Airports Limited (GAL), the Group’s airport arm, is a leading global airport platform company with extensive experience in designing, constructing, and operating world-class, sustainable airports. Operating under the brand name “GMR AERO”, GAL offers pioneering aviation solutions in retail, aero services, and real estate. In 2020, Groupe ADP joined as a strategic partner and is now a co-promoter in GAL, strengthening its global reach and expertise. As Asia’s largest private airport operator and the second-largest globally, GAL operates key airports in Delhi, Hyderabad, Goa, and Medan (Indonesia), while developing greenfield projects in Bhogapuram (India) and Crete (Greece). It also provides integrated aviation services, including MRO, cargo, digital innovation through GMR Innovex, and aviation training through GMR Aero Academy. In the energy and infrastructure space, GMR Power and Urban Infra Limited (GPUIL) leads with a diverse portfolio in clean and renewable energy, smart metering, EV infrastructure, and surface transport projects, backed by strong engineering and EPC capabilities. Under GMR Sports, the Group promotes talent and drives fan engagement through its ownership of iconic teams like Delhi Capitals (IPL), UP Yoddhas (Pro Kabaddi), and international franchises including Dubai Capitals, Seattle Orcas, and more. Committed to inclusive growth, the Group’s CSR arm, GMR Varalakshmi Foundation, works across education, skill development, and healthcare, positively impacting communities across its areas of operation.

Hassan Allam Holding

hassanallam.com

Hassan Allam Holding is a leading group with a focus on engineering and construction, and investment and development. The Group operates in diverse sectors including infrastructure, energy, water, industrial, logistics, petrochemical, and complex large-scale projects in Egypt and the MENA region. The founders of Hassan Allam Holding commenced operations in 1936, making the oldest construction franchise in the MENA region with a solid reputation, superior technical capabilities, and a diversified portfolio. With a legacy of identifying and investing in attractive infrastructure projects, in the past five years, it has delivered over 70 projects and has a current backlog exceeding USD 5 billion. The Group is named among the Engineering News-Record (ENR) list of the top 250 global contractors. Today, we continue to lead our industry with a large dynamic business, employing more than 50,000 employees in Egypt and the MENA Region.

Loading…

NEWS

KDC Inc. CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

November 07, 2021 07:00 AM

KdcSponge, NGLite, Godzilla Webshell Used in Targeted Attack Campaign

Targeted attack campaign against ManageEngine ADSelfService Plus delivers Godzilla webshells, NGLite Trojan and KdcSponge stealer.

Read Article

February 20, 2020 08:00 AM

Ontario Teachers’ buys stake in cybersecurity firm, Caisse portfolio companies make acquisitions

The Ontario Teachers' Pension Plan is joining a consortium to purchase RSA Security in an all-cash transaction for more than $2.07 billion.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…