Comparison Overview

Match

VS

VMware

Match

8750 N Central Expy, Dallas, Texas, 75231, US
Last Update: 2025-03-04 (UTC)
Between 800 and 900
http://www.lifeatmatch.com

Strong

Match pioneered the concept of online dating when we launched in 1995. Today, we're part of Match Group - a family of dozens of brands like Tinder and Hinge that are creating new ways to meet people, make friends, and build relationships that are fundamental to happiness. Millions of singles have found a meaningful connection using our products! HQโ€™d in Dallas, with offices in LA & NYC, Match is made up of teams from coast to coast. For three years in a row, weโ€™ve been recognized by the Dallas Morning News as a Top 100 Place to Work in Dallas. In 2022, over 5,000 companies competed for a spot in the Top 100 - this puts Match in the top 2% of companies to work for in DFW.

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 916
Subsidiaries: 11
12-month incidents
0
Known data breaches
0
Attack type number
2

VMware

3401 Hillview Ave, None, Palo Alto, CA, US, 94304
Last Update: 2025-08-14 (UTC)

Strong

Between 800 and 900
https://www.broadcom.com/info/vmware

VMware by Broadcom delivers software that unifies and streamlines hybrid cloud environments for the worldโ€™s most complex organizations. By combining public-cloud scale and agility with private-cloud security and performance, we empower our customers to modernize, optimize and protect their apps and businesses everywhere. Capable of deployment in the software-defined data center, cloud environments, any app and the enterprise edge, our comprehensive software portfolio makes global enterprises more innovative, connected, resilient and secure.

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 13,658
Subsidiaries: 36
12-month incidents
6
Known data breaches
1
Attack type number
4

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/match-com.jpeg
Match
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/vmware.jpeg
VMware
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
Match
100%
Compliance Rate
0/4 Standards Verified
VMware
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for Match in 2025.

Incidents vs Software Development Industry Average (This Year)

VMware has 1176.6% more incidents than the average of same-industry companies with at least one recorded incident.

Incident History โ€” Match (X = Date, Y = Severity)

Match cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” VMware (X = Date, Y = Severity)

VMware cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/match-com.jpeg
Match
Incidents

Date Detected: 02/2017
Type:Data Leak
Attack Vector: Cloudbleed Security Flaw
Blog: Blog

Date Detected: 08/2015
Type:Cyber Attack
Attack Vector: Malicious Advertisement
Blog: Blog
https://images.rankiteo.com/companyimages/vmware.jpeg
VMware
Incidents

Date Detected: 7/2025
Type:Ransomware
Attack Vector: Phishing, Spearphishing, Vishing, SIM Swap Attacks, Push Bombing
Motivation: Data theft for extortion, financial gain
Blog: Blog

Date Detected: 7/2025
Type:Vulnerability
Attack Vector: Unauthenticated Remote Code Execution (RCE)
Blog: Blog

Date Detected: 5/2025
Type:Ransomware
Attack Vector: Ransomware
Motivation: Data theft and ransom
Blog: Blog

FAQ

Both Match company and VMware company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

VMware company has faced a higher number of disclosed cyber incidents historically compared to Match company.

In the current year, VMware company has reported more cyber incidents than Match company.

VMware company has confirmed experiencing a ransomware attack, while Match company has not reported such incidents publicly.

VMware company has disclosed at least one data breach, while Match company has not reported such incidents publicly.

Both VMware company and Match company have reported experiencing targeted cyberattacks.

VMware company has disclosed at least one vulnerability, while Match company has not reported such incidents publicly.

VMware company has more subsidiaries worldwide compared to Match company.

VMware company employs more people globally than Match company, reflecting its scale as a Software Development.

Latest Global CVEs (Not Company-Specific)

Description

Mastra is a Typescript framework for building AI agents and assistants. Versions 0.13.8 through 0.13.20-alpha.0 are vulnerable to a Directory Traversal attack that results in the disclosure of directory listings. The code contains a security check to prevent path traversal for reading file contents, but this check is effectively bypassed by subsequent logic that attempts to find directory suggestions. An attacker can leverage this flaw to list the contents of arbitrary directories on the user's filesystem, including the user's home directory, exposing sensitive information about the file system's structure. This issue is fixed in version 0.13.20.

Published
Date
2025-10-03
Updated
Date
2025-10-03
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
Description

KUNO CMS is a fully deployable full-stack blog application. Versions 1.3.13 and below contain validation flaws in its file upload functionality that can be exploited for stored XSS. The upload endpoint only validates file types based on Content-Type headers, lacks file content analysis and extension whitelist restrictions, allowing attackers to upload SVG files containing malicious scripts (disguised as images). When users access the uploaded resource pages, arbitrary JavaScript executes in their browsers. This issue is fixed in version 1.3.14.

Published
Date
2025-10-03
Updated
Date
2025-10-03
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
References
Description

Minecraft RCON Terminal is a VS Code extension that streamlines Minecraft server management. Versions 0.1.0 through 2.0.6 stores passwords using VS Code's configuration API which writes to settings.json in plaintext. This issue is fixed in version 2.1.0.

Published
Date
2025-10-03
Updated
Date
2025-10-03
Risk Information
cvss4
Base: 6.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Anyquery is an SQL query engine built on top of SQLite. Versions 0.4.3 and below allow attackers who have already gained access to localhost, even with low privileges, to use the http server through the port unauthenticated, and access private integration data like emails, without any warning of a foreign login from the provider. This issue is fixed in version 0.4.4.

Published
Date
2025-10-03
Updated
Date
2025-10-03
Risk Information
cvss3
Base: 7.7
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References
Description

DataChain is a Python-based AI-data warehouse for transforming and analyzing unstructured data. Versions 0.34.1 and below allow for deseriaization of untrusted data because of the way the DataChain library reads serialized objects from environment variables (such as DATACHAIN__METASTORE and DATACHAIN__WAREHOUSE) in the loader.py module. An attacker with the ability to set these environment variables can trigger code execution when the application loads. This issue is fixed in version 0.34.2.

Published
Date
2025-10-03
Updated
Date
2025-10-03
Risk Information
cvss3
Base: 2.5
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
References