Comparison Overview

Q: Between MITRE company and CEA company, which one has the best AI Cybersecurity Score ?

CEA company demonstrates a stronger AI Cybersecurity Score compared to MITRE company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between MITRE company and CEA company, which one has experienced more cyber incidents in the past ?

MITRE company has historically faced a number of disclosed cyber incidents, whereas CEA company has not reported any.

Q: Between MITRE company and CEA company, which one has experienced more cyber incidents this year ?

In the current year, CEA company and MITRE company have not reported any cyber incidents.

Q: Between MITRE company and CEA company, which one has experienced at least one ransomware attack ?

Neither CEA company nor MITRE company has reported experiencing a ransomware attack publicly.

Q: Between MITRE company and CEA company, which one has experienced at least one data breach ?

Neither CEA company nor MITRE company has reported experiencing a data breach publicly.

Q: Between MITRE company and CEA company, which one has experienced at least one targeted cyberattack ?

Neither CEA company nor MITRE company has reported experiencing targeted cyberattacks publicly.

Q: Between MITRE company and CEA company, which one has experienced at least one vulnerability ?

MITRE company has disclosed at least one vulnerability, while CEA company has not reported such incidents publicly.

Q: Between MITRE company and CEA company, which one holds the most compliance certifications ?

Neither MITRE nor CEA holds any compliance certifications.

Q: Between MITRE company and CEA company, which one has the most subsidiaries ?

MITRE company has more subsidiaries worldwide compared to CEA company.

MITRE

7515 Colshire Dr, McLean, 22102, US

Last Update: 2026-01-23

View Profile

Between 750 and 799

http://www.mitre.org/

The MITRE Corporation is working to solve some of the nation’s biggest challenges in defense, cybersecurity, healthcare, homeland security, the judiciary and transportation. MITRE is a not-for-profit corporation committed to the public interest, operating federally funded R&D centers on behalf of U.S. government sponsors. To learn more, visit www.mitre.org.

NAICS: 5417

NAICS Definition: Scientific Research and Development Services

Employees: 9,312

Subsidiaries: 7

12-month incidents

0

Known data breaches

0

Attack type number

1

View Profile

CEA

Bâtiment Le Ponant D, Paris, 75015, FR

Last Update: 2026-01-18

Between 750 and 799

http://www.cea.fr

The CEA is the French Alternative Energies and Atomic Energy Commission ("Commissariat à l'énergie atomique et aux énergies alternatives"). It is a public body established in October 1945 by General de Gaulle. A leader in research, development and innovation, the CEA mission statement has two main objectives: To become the leading technological research organization in Europe and to ensure that the nuclear deterrent remains effective in the future. The CEA is active in four main areas: low-carbon energies, defense and security, information technologies and health technologies. In each of these fields, the CEA maintains a cross-disciplinary culture of engineers and researchers, building on the synergies between fundamental and technological research. The civilian programs of the CEA received 49% of their funding from the French government, and 30% from external sources (partner companies and the European Union). The CEA had a budget of 4,3 billion euros. The CEA is based in ten research centers in France, each specializing in specific fields. The laboratories are located in the Paris region, the Rhône-Alpes, the Rhône valley, the Provence-Alpes-Côte d'Azur region, Aquitaine, Central France and Burgundy. The CEA benefits from the strong regional identities of these laboratories and the partnerships forged with other research centers, local authorities and universities.

NAICS: 5417

NAICS Definition: Scientific Research and Development Services

Employees: 18,601

Subsidiaries: 1

12-month incidents

0

Known data breaches

0

Attack type number

0

MITRE

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

https://images.rankiteo.com/companyimages/cea.jpeg

CEA

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Research Services Industry Average (This Year)

No incidents recorded for MITRE in 2026.

Incidents vs Research Services Industry Average (This Year)

No incidents recorded for CEA in 2026.

Incident History — MITRE (X = Date, Y = Severity)

MITRE cyber incidents detection timeline including parent company and subsidiaries

Incident History — CEA (X = Date, Y = Severity)

CEA cyber incidents detection timeline including parent company and subsidiaries

MITRE

Incidents

Date Detected: 6/2025

Type:Vulnerability

Attack Vector: Misconfigured GitHub Actions workflows (pull_request_target)

Blog: Blog

Date Detected: 5/2025

Type:Vulnerability

Blog: Blog

CEA

Incidents

No Incident

CEA company demonstrates a stronger AI Cybersecurity Score compared to MITRE company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

MITRE company has historically faced a number of disclosed cyber incidents, whereas CEA company has not reported any.

In the current year, CEA company and MITRE company have not reported any cyber incidents.

Neither CEA company nor MITRE company has reported experiencing a ransomware attack publicly.

Neither CEA company nor MITRE company has reported experiencing a data breach publicly.

Neither CEA company nor MITRE company has reported experiencing targeted cyberattacks publicly.

MITRE company has disclosed at least one vulnerability, while CEA company has not reported such incidents publicly.

Neither MITRE nor CEA holds any compliance certifications.

Neither company holds any compliance certifications.

MITRE company has more subsidiaries worldwide compared to CEA company.

CEA company employs more people globally than MITRE company, reflecting its scale as a Research Services.

Neither MITRE nor CEA holds SOC 2 Type 1 certification.

Neither MITRE nor CEA holds SOC 2 Type 2 certification.

Neither MITRE nor CEA holds ISO 27001 certification.

Neither MITRE nor CEA holds PCI DSS certification.

Neither MITRE nor CEA holds HIPAA certification.

Neither MITRE nor CEA holds GDPR certification.

Description

Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Published

Date

2026-01-22

Updated

Date

2026-01-22

Risk Information

cvss3

Base: 9.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24307

Description

Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.

Published

Date

2026-01-22

Updated

Date

2026-01-22

Risk Information

cvss3

Base: 9.8

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24306

Description

Azure Entra ID Elevation of Privilege Vulnerability

Published

Date

2026-01-22

Updated

Date

2026-01-22

Risk Information

cvss3

Base: 9.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24305

Description

Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover LDAP entries on the server such as user IDs and user attributes. This issue has been fixed in version 0.10.0.

Published

Date

2026-01-22

Updated

Date

2026-01-22

Risk Information

cvss4

Base: 2.7

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.

Published

Date

2026-01-22

Updated

Date

2026-01-22

Risk Information

cvss3

Base: 8.0

Severity: HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

MITRE

VS

CEA

MITRE

CEA

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Research Services Industry Average (This Year)

Incidents vs Research Services Industry Average (This Year)

Incident History — MITRE (X = Date, Y = Severity)

Incident History — CEA (X = Date, Y = Severity)

Notable Incidents

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2026-24307

Risk Information

CVE-2026-24306

Risk Information

CVE-2026-24305

Risk Information

CVE-2026-24130

Risk Information

CVE-2026-24129

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

MITRE

VS

CEA

MITRE

CEA

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Research Services Industry Average (This Year)

Incidents vs Research Services Industry Average (This Year)

Incident History — MITRE (X = Date, Y = Severity)

Incident History — CEA (X = Date, Y = Severity)

Notable Incidents

🔒 Incident : Vulnerability SPOMITSPL1767777752

🔒 Incident : Vulnerability MIT3490134112625

No Incident

FAQ

Between MITRE company and CEA company, which one has the best AI Cybersecurity Score ?

Between MITRE company and CEA company, which one has experienced more cyber incidents in the past ?

Between MITRE company and CEA company, which one has experienced more cyber incidents this year ?

Between MITRE company and CEA company, which one has experienced at least one ransomware attack ?

Between MITRE company and CEA company, which one has experienced at least one data breach ?

Between MITRE company and CEA company, which one has experienced at least one targeted cyberattack ?

Between MITRE company and CEA company, which one has experienced at least one vulnerability ?

Between MITRE company and CEA company, which one holds the most compliance certifications ?

Between MITRE company and CEA company, which one holds the fewest compliance certifications ?

Between MITRE company and CEA company, which one has the most subsidiaries ?

Between MITRE company and CEA company, which one has the largest number of employees ?

Between MITRE and CEA, which company holds both SOC 2 Type 1 certifications ?

Between MITRE and CEA, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — MITRE or CEA ?

Which company is PCI DSS compliant — MITRE or CEA ?

Between MITRE and CEA, which company complies with HIPAA regulations for healthcare data ?

Between MITRE and CEA, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2026-24307

Risk Information

CVE-2026-24306

Risk Information

CVE-2026-24305

Risk Information

CVE-2026-24130

Risk Information

CVE-2026-24129

Risk Information