What is the official website of National Geospatial-Intelligence Agency ?

The official website of National Geospatial-Intelligence Agency is https://www.nga.mil/social.html.

What is National Geospatial-Intelligence Agency's cybersecurity risk score?

National Geospatial-Intelligence Agency has an AI-generated cybersecurity risk score of 749 out of 1000, indicating a Moderate security posture according to Rankiteo's assessment.

How many security incidents has National Geospatial-Intelligence Agency experienced?

According to Rankiteo, National Geospatial-Intelligence Agency currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has National Geospatial-Intelligence Agency been affected by any supply chain cyber incidents ?

According to Rankiteo, National Geospatial-Intelligence Agency has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does National Geospatial-Intelligence Agency have SOC 2 Type 1 certification ?

According to Rankiteo, National Geospatial-Intelligence Agency is not certified under SOC 2 Type 1.

Does National Geospatial-Intelligence Agency have SOC 2 Type 2 certification ?

According to Rankiteo, National Geospatial-Intelligence Agency does not hold a SOC 2 Type 2 certification.

Does National Geospatial-Intelligence Agency comply with GDPR ?

According to Rankiteo, National Geospatial-Intelligence Agency is not listed as GDPR compliant.

Does National Geospatial-Intelligence Agency have PCI DSS certification ?

According to Rankiteo, National Geospatial-Intelligence Agency does not currently maintain PCI DSS compliance.

Does National Geospatial-Intelligence Agency comply with HIPAA ?

According to Rankiteo, National Geospatial-Intelligence Agency is not compliant with HIPAA regulations.

Does National Geospatial-Intelligence Agency have ISO 27001 certification ?

According to Rankiteo,National Geospatial-Intelligence Agency is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does National Geospatial-Intelligence Agency operate in ?

National Geospatial-Intelligence Agency operates primarily in the Defense and Space Manufacturing industry.

How many employees does National Geospatial-Intelligence Agency have ?

National Geospatial-Intelligence Agency employs approximately 3,168 people worldwide.

Does National Geospatial-Intelligence Agency own any subsidiaries ?

National Geospatial-Intelligence Agency presently has no subsidiaries across any sectors.

How many LinkedIn followers does National Geospatial-Intelligence Agency have ?

National Geospatial-Intelligence Agency's official LinkedIn profile has approximately 95,104 followers.

What is the NAICS classification code for National Geospatial-Intelligence Agency ?

National Geospatial-Intelligence Agency is classified under the NAICS code 336414, which corresponds to Guided Missile and Space Vehicle Manufacturing.

Does National Geospatial-Intelligence Agency have a Crunchbase profile ?

No, National Geospatial-Intelligence Agency does not have a profile on Crunchbase.

Does National Geospatial-Intelligence Agency have a LinkedIn profile ?

Yes, National Geospatial-Intelligence Agency maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/nga.

How many cybersecurity incidents has National Geospatial-Intelligence Agency experienced ?

As of June 7, 2026, Rankiteo reports that National Geospatial-Intelligence Agency has experienced 1 cybersecurity incidents.

How many peer or competitor companies does National Geospatial-Intelligence Agency have ?

National Geospatial-Intelligence Agency has an estimated 2,511 peer or competitor companies worldwide.

What types of cybersecurity incidents has National Geospatial-Intelligence Agency faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

NGA

Boost Score +25 with badge (5 left)

749

/1000

Moderate

774

/1000

Fair

National Geospatial-Intelligence Agency Vendor Cyber Rating & Cyber Score

nga.mil

Add Your Compliance Badge

Anyone who sails a ship, flies an aircraft, goes into harm’s way, makes national policy decisions, responds to disasters, or navigates with a cellphone, all rely on the National Geospatial-Intelligence Agency. NGA delivers world-class geospatial intelligence, or GEOINT, that provides a decisive advantage to warfighters, policymakers, intelligence professionals and first responders. Both an intelligence agency and a combat support agency, NGA fulfills the president’s national security priorities in partnership with the intelligence community and Department of Defense. NGA is headquartered in Springfield, Virginia and has two major locations in St. Louis and Arnold, Missouri. Hundreds of NGA employees serve on support teams at U.S.

NGA A.I CyberSecurity Scoring

Scoring History

NGA

National Geospatial-Intelligence Agency CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

National Geospatial...

Data Leak

06/2017

NAT199211123

Loading…

A.I.

NGA Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for NGA

Incidents vs Defense and Space Manufacturing Industry Avg (This Year)

No incidents recorded for National Geospatial-Intelligence Agency in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for National Geospatial-Intelligence Agency in 2026.

Incident Types NGA vs Defense and Space Manufacturing Industry Avg (This Year)

No incidents recorded for National Geospatial-Intelligence Agency in 2026.

Incident History - NGA (X = Date, Y = Severity)

Loading…

SUBSIDIARY

National Geospatial-Intelligence Agency Subsidiaries

Parent Company

NGA

Defense and Space Manufacturing

Website: https://www.nga.mil/social.html

Company Size: 10,001+ employees

No subsidiary data available for this company.

Loading…

National Geospatial-Intelligence Agency Similar Companies

UK Ministry of Defence

www.gov.uk

We protect the security, independence and interests of the United Kingdom at home and abroad. We work with our allies and partners whenever possible. Our aim is to ensure that the UK’s Armed Forces have the training, equipment and support necessary for their work, and that we keep within budget. Our priorities 2015 to 2020 are to: · protect our people · project our global influence · promote our prosperity · maintain a strategic base and integrated global support network, and manage the Department of State

BAE Systems

cb baesystems.com

At BAE Systems, we help our customers to stay a step ahead when protecting people and national security, critical infrastructure and vital information. We provide some of the world’s most advanced, technology-led defence, aerospace and security solutions and employ a skilled workforce of 107,000 people in more than 40 countries. From state of the art cyber threat detection to flight control systems that enable pilots to make better decisions, we never stop innovating to ensure that our customers maintain their advantage. This is a long-term commitment involving significant investments in skills. We also work closely with local partners to support economic development through the transfer of knowledge, skills and technology.

MBDA

mbda-systems.com

A world leader in missiles and missile systems. Our multi-national organisation is made up of around 13,000 employees working across the UK, France, Italy, Germany, Spain and the US, and is the first truly integrated European defence company. As the European champion in our sector, our vision is to continue to grow our presence as a global player. Our mission is to achieve this by establishing ourselves as an industry leader; promoting co-operation and delivering technical and operational excellence to our customer. Our values are: • Innovation: Ensuring operational and strategic advantage; • Commitment: Always delivering on our promises; • Integrity: A reliable and trusted partner with the highest professional and ethical standards; • Passion: Applying all our energy and focus to every task, recognising our role in providing mission critical capabilities; • Team Spirit: Harnessing our diversity and collective purpose to deliver competitive advantage to all of our stakeholders. We have a rich heritage of designing and producing missiles and missile systems to meet the whole range of current and future operational requirements for the three armed forces (army, navy, air force). We are proud to be a trusted partner to our armed forces and work with them to deliver a cutting-edge portfolio of products.

SAIC

cb https://www.saic.com/?utm_source=linkedin&utm_medium=sm&utm_campaign=linkedin&utm_content=link

SAIC® is a premier Fortune 500 mission integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, civilian and intelligence markets includes secure high-end solutions in mission IT, enterprise IT, engineering services and professional services. We integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives. We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.5 billion.

United States Air Force

airforce.com

The mission of the United States Air Force is to fly, fight and win … in air, space and cyberspace. To achieve that mission, the Air Force has a vision of Global Vigilance, Reach and Power. That vision orbits around three core competencies: developing Airmen, technology to war fighting and integrating operations. These core competencies make our six distinctive capabilities possible. Air and Space Superiority: With it, joint forces can dominate enemy operations in all dimensions: land, sea, air and space. Global Attack: Because of technological advances, the Air Force can attack anywhere, anytime and do so quickly and with greater precision than ever before. Rapid Global Mobility: Being able to respond quickly and decisively anywhere we're needed is key to maintaining rapid global mobility. Precision Engagement: The essence lies in the ability to apply selective force against specific targets because the nature and variety of future contingencies demand both precise and reliable use of military power with minimal risk and collateral damage. Information Superiority: The ability of joint force commanders to keep pace with information and incorporate it into a campaign plan is crucial. Agile Combat Support: Deployment and sustainment are keys to successful operations and cannot be separated. Agile combat support applies to all forces, from those permanently based to contingency buildups to expeditionary

Leonardo

cb leonardo.com

Leonardo is a global security company that realises multi-domain technological capabilities in AD&S. With over 60,000 employees worldwide, the company has a significant industrial presence in Italy, the UK, Poland, and the US. It also has a commercial presence in 150 countries through subsidiaries, joint ventures and investments. A key player in major international strategic programmes, it is a technological and industrial partner of governments, defence administrations, institutions and companies. In 2024, Leonardo recorded consolidated revenues of €17.8 bn, new orders for €20.9 bn and invested €2.5 bn in R&D. Innovation, continuous research, digitalisation and sustainability are the pillars of its business worldwide. Stefano Pontecorvo has been the Chairman since 9 May 2023 and Roberto Cingolani has been the CEO and General Manager since 9 May 2023. Follow Leonardo on social media: ➡️https://x.com/Leonardo_live ➡️https://www.instagram.com/leonardo_company/ ➡️https://www.youtube.com/leonardocompany

Lockheed Martin

cb lockheedmartin.com

The world relies on what we do. Headquartered in Bethesda, Maryland, with offices across the U.S. and around the globe, our team delivers solutions that strengthen national security, shape industries and push engineering and technology to new levels. We collaborate to win. We put our customers first. And we perform with excellence. The best careers are built at Lockheed Martin. Join us.

Sandia National Laboratories

cb sandia.gov

Sandia National Laboratories is the nation’s premier DOE science and engineering lab for national security and technology innovation. Our team of scientists, engineers, researchers, and business specialists apply their knowledge and skill toward delivering cutting-edge technology in an array of areas. Across our main sites in Albuquerque, NM, and Livermore, CA, our research ranges from nuclear defense and homeland and global security to innovative work in biotechnology, environmental preservation, energy, and cyber security. Our teams have shared some of the reasons they enjoy working at Sandia: • Challenging work with amazing impact that contributes to security, peace, and freedom worldwide • Extraordinary co-workers • Access to some of the best tools, equipment, and research facilities in the world (tours.sandia.gov) • Career advancement and enrichment opportunities • Work-life balance with flexible work schedules, competitive benefits, and convenient on-site amenities

Rheinmetall

rheinmetall.com

As an integrated technology group, the listed company Rheinmetall AG, headquartered in Düsseldorf, stands for a company that is as strong in substance as it is successful internationally, and that is active in various markets with an innovative range of products and services. Rheinmetall is a leading international systems supplier in the defence industry and at the same time a driver of forward-looking technological and industrial innovations in the civilian markets. The focus on sustainability is an integral part of Rheinmetall's strategy. The company aims to achieve CO2 neutrality by 2035. Through our work in various fields, we at Rheinmetall take on responsibility in a dramatically changing world. With our technologies, products and systems, we create the indispensable basis for peace, freedom and sustainable development: security. Find more Information about your career opportunities here: https://www.rheinmetall.com/en/career/career-overview IMPRINT AND DATA PROTECTION https://www.rheinmetall.com/en/meta/navigations/footer/imprint

Loading…

NEWS

National Geospatial-Intelligence Agency CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

January 29, 2026 01:02 PM

GCS Geospatial Achieves CMMC Level 2 Certification

GCS Geospatial, provider of geospatial and remote sensing technologies across defense and intelligence communities, has achieved...

Read Article

December 09, 2025 08:00 AM

Andrew McCarthy Named CISA Chief of Staff

Andrew McCarthy previously served in the U.S. Air Force, the National Reconnaissance Office and the National Geospatial-Intelligence Agency.

Read Article

December 02, 2025 08:00 AM

NSA has met 2,000-person workforce reduction goal, people familiar say

A broader Pentagon goal to shrink the nation's defense budget over the coming five years could potentially subject the agency to further...

Read Article

November 12, 2025 08:00 AM

Garfield Jones Leaves CISA, Joins QuSecure

Garfield “Gary” Jones stepped down as the associate chief of strategic technology at the Cybersecurity and Infrastructure Security Agency...

Read Article

September 29, 2025 07:00 AM

Cyber Expert Warns CISA Budget Cuts Risk a National Security Crisis and CBP Drives Hiring With $30K Bonuses

Budget cuts at the Cybersecurity and Infrastructure Security Agency (CISA) could leave critical parts of the U.S. more vulnerable to...

Read Article

September 24, 2025 07:00 AM

Order Up – The First FASCSA Order Has Been Issued by ODNI

ODNI issued the first Federal Acquisition Supply Chain Security Act exclusion order against Acronis AG, requiring federal contractors to...

Read Article

September 19, 2025 07:00 AM

NGA’s AI standards work aims to avoid ATO-like process

The National Geospatial-Intelligence Agency is focused on developing responsible, but agile artificial intelligence standards, as NGA's...

Read Article

September 15, 2025 07:00 AM

Transparency is key as AI gets smarter, experts say

Cybersecurity panelists spotlighted multiple risks and threats posed by emerging frontier AI applications.

Read Article

September 11, 2025 07:00 AM

IonQ Launches IonQ Federal to Expand Quantum Services for U.S. Government and Allies

IonQ announced the launch of IonQ Federal, a dedicated business division formed to provide quantum computing and networking services to the...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-7654

SUMMARY

The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of `unserialize()` without an `allowed_classes` restriction in the `IdsToCollection::get_ids_from_string()` function, which processes attacker-controlled post meta values without proper validation. This makes it possible for authenticated attackers with Contributor-level access and above to inject a serialized PHP object into a post's custom meta field and trigger arbitrary code execution by exploiting a bundled POP gadget chain, resulting in remote code execution as the web server user.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-7523

SUMMARY

The Alba Board plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.1.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to access arbitrary private alba_card post data, including title, description, assignee, due date, tags, and comments, that is intended to be restricted to Administrators and Editors. The handler is registered via the wp_ajax_nopriv_ hook and its nonce is exposed to all site visitors through wp_localize_script on pages containing the [alba_board] shortcode, making this exploitable by unauthenticated users who can access any such page.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: 4.3)

cvss3

Base Score: 4.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Impact Score

1.4

Exploitability

2.8

REFERENCES

CVE-2026-45409

SUMMARY

Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as `"\u0660" * N` or `"\u30fb" * N + "\u6f22"` utilize the `valid_contexto` function prior to length rejection, and for high values of `N` will take a long time to process. This is the same issue as CVE-2024-3651, however the original remediation in 2024 was not a complete fix. A specially crafted argument to the `idna.encode()` function could consume significant resources. This may lead to a denial-of-service. Starting in version 3.14, the function rejects long inputs as soon as practicable prior to any further processing to minimize resource consumption. In version 3.15, this approach was extended to lesser used alternate functions (i.e. per-label conversions and codec support). A workaround is available. Domain names cannot exceed 253 characters in length. If this length limit is enforced prior to passing the domain to the `idna.encode()` function, it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 6.9

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://github.com/kjd/idna/security/advisories/GHSA-65pc-fj4g-8rjx

CVE-2026-11431

SUMMARY

A path traversal vulnerability exists in the Projects Service download endpoint shared by Altium Enterprise Server and Altium 365. An authenticated user can supply a crafted path parameter that bypasses validation, allowing arbitrary files (including entire directories returned as archives) to be read from the server filesystem. Because the readable files include service configuration and credential material, exploitation can be used to gather information enabling further compromise. The issue can be combined with CVE-2026-11424 to reach the cloud-side endpoint. On multi-tenant Altium 365 deployments, the readable configuration could have exposed credentials shared across services. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 8.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://www.altium.com/platform/security-compliance/security-advisories

CVE-2026-11429

SUMMARY

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to move arbitrary files outside the intended repository area. This file-move primitive can be used to place attacker-controlled script content into directories where it is later executed by the service, resulting in remote code execution under the Git Service account. On multi-tenant Altium 365 deployments, this could have allowed access to data belonging to other tenants on the same infrastructure node. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 9.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://www.altium.com/platform/security-compliance/security-advisories

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…