What is the official website of OKRA.ai ?

The official website of OKRA.ai is https://www.envisionpharmagroup.com/technology/okra-ai.

What is OKRA.ai's cybersecurity risk score?

OKRA.ai has an AI-generated cybersecurity risk score of 750 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has OKRA.ai experienced?

According to Rankiteo, OKRA.ai currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has OKRA.ai been affected by any supply chain cyber incidents ?

According to Rankiteo, OKRA.ai has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does OKRA.ai have SOC 2 Type 1 certification ?

According to Rankiteo, OKRA.ai is not certified under SOC 2 Type 1.

Does OKRA.ai have SOC 2 Type 2 certification ?

According to Rankiteo, OKRA.ai does not hold a SOC 2 Type 2 certification.

Does OKRA.ai comply with GDPR ?

According to Rankiteo, OKRA.ai is not listed as GDPR compliant.

Does OKRA.ai have PCI DSS certification ?

According to Rankiteo, OKRA.ai does not currently maintain PCI DSS compliance.

Does OKRA.ai comply with HIPAA ?

According to Rankiteo, OKRA.ai is not compliant with HIPAA regulations.

Does OKRA.ai have ISO 27001 certification ?

According to Rankiteo,OKRA.ai is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does OKRA.ai operate in ?

OKRA.ai operates primarily in the Software Development industry.

How many employees does OKRA.ai have ?

OKRA.ai employs approximately 24 people worldwide.

Does OKRA.ai own any subsidiaries ?

OKRA.ai presently has no subsidiaries across any sectors.

How many LinkedIn followers does OKRA.ai have ?

OKRA.ai's official LinkedIn profile has approximately 5,216 followers.

What is the NAICS classification code for OKRA.ai ?

OKRA.ai is classified under the NAICS code 5112, which corresponds to Software Publishers.

Does OKRA.ai have a Crunchbase profile ?

Yes, OKRA.ai has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/okra.

Does OKRA.ai have a LinkedIn profile ?

Yes, OKRA.ai maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/okra-technologies.

How many cybersecurity incidents has OKRA.ai experienced ?

As of June 16, 2026, Rankiteo reports that OKRA.ai has experienced 1 cybersecurity incidents.

How many peer or competitor companies does OKRA.ai have ?

OKRA.ai has an estimated 30,086 peer or competitor companies worldwide.

What types of cybersecurity incidents has OKRA.ai faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

OKRA.ai

Boost Score +25 with badge (5 left)

750

/1000

Fair

775

/1000

Fair

OKRA.ai Vendor Cyber Rating & Cyber Score

envisionpharmagroup.com

cb in

Add Your Compliance Badge

Okra.ai at Envision Pharma Group: The Future of Combined Intelligence. At Envision Pharma Group, the integration of Okra marks a bold step into the future of agentic AI in life sciences. We’re not simply embedding artificial intelligence, we’re redefining how it’s built and applied with the deep medical expertise of a thousand medical specialists to create truly combined intelligence. With our modular approach, we can move with the agility of a start-up, backed up by the scale and strength of a global enterprise. However this isn’t just about speed, it’s about precision, context and impact. We focus on delivering the right information, at the right time, to drive meaningful actions for your drug product teams. Across Medical

OKRA.ai A.I CyberSecurity Scoring

Scoring History

OKRA.ai

OKRA.ai CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

OKRA.ai

Breach

1/2021

ENV507072725

Loading…

A.I.

OKRA.ai Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for OKRA.ai

Incidents vs Software Development Industry Avg (This Year)

No incidents recorded for OKRA.ai in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for OKRA.ai in 2026.

Incident Types OKRA.ai vs Software Development Industry Avg (This Year)

No incidents recorded for OKRA.ai in 2026.

Incident History - OKRA.ai (X = Date, Y = Severity)

Loading…

SUBSIDIARY

OKRA.ai Subsidiaries

OKRA.ai

Software Development

Website: https://www.envisionpharmagroup.com/technology/okra-ai

Company Size: 11-50 employees

Envision Pharma GroupPharmaceutical Manufacturing

doDOCSoftware Development

Loading…

OKRA.ai Similar Companies

Booking.com

booking.com

A career at Booking.com is all about the journey, helping you explore new challenges in a place where you can be your best self. With plenty of exciting twists, turns and opportunities along the way. We’ve always been pioneers, on a mission to shape the future of travel through cutting edge technology, to make it easier for everyone to enjoy amazing experiences wherever they go. Under a desert sky, or in the heart of a bustling city. Discovering the perfect hideaway, or the perfect paella. When you join us, you’ll be part of a community where taking a different path and trying something new is celebrated and supported. And where making a difference counts. We’re determined to make the world of travel more sustainable, more accessible, and more inclusive, to create a positive impact on a global scale. That’s why we’re always looking for people who search for better solutions, the ones eager to stray off the beaten path to find new ways of doing things. Because at Booking.com it’s more than a job, it’s a journey we’re on together.

Just Eat Takeaway.com

justeattakeaway.com

Just Eat Takeaway.com is a leading global online delivery marketplace, connecting consumers and restaurants through our platform in 16 countries. Like a dinner table, working at JET brings our office employees and couriers together. From coding to customer service to couriers, JET is a fun, fast-paced and supportive place where you can be yourself. No day is the same. Our days are filled with new experiences. We see every challenge that comes our way as a chance to grow, both the business, and ourselves. We’re connected to millions of food-lovers, hundreds of thousands of connected partners and some of the best-known brands of the planet. When you take your seat here, you’ll find that a simple scribble on a napkin can turn into something seen by millions. Together we transform, create, reinvent and empower every food moment. As a leading online food tech company, JET brings together the stability of a global business, with the agility of a start-up. We got here by always staying one step ahead of the competition. So load up your plate with ideas that get you excited, because at JET everything is on the table. https://careers.justeattakeaway.com

NiCE

nice.com

NiCE is transforming the world with AI that puts people first. Our purpose-built AI-powered platforms automate engagements into proactive, safe, intelligent actions, empowering individuals and organizations to innovate and act, from interaction to resolution. Trusted by organizations throughout 150+ countries worldwide, NiCE’s platforms are widely adopted across industries connecting people, systems, and workflows to work smarter at scale, elevating performance across the organization, delivering proven measurable outcomes.

Daraz

cb daraz.com

Founded in 2015, Daraz is the leading e-commerce platform in South Asia with operations in Pakistan, Bangladesh, Sri Lanka, Nepal, and Myanmar. It provides sellers and consumers with cutting-edge marketplace technology, targeting a rapidly growing region of over 500 million people. By building an integrated infrastructure covering e-commerce, logistics, payment and financial services, the company aims to deliver an immersive, personalized shopping experience and uplift South Asian communities through the power of commerce. Daraz has consistently invested in building an e-commerce ecosystem in South Asia through advancements in technology, logistics and digital payments. As digital penetration and consumer awareness have surged, the region is now ready for a transformative leap. Leveraging new-age advancements such as AI, Daraz is poised to further enhance the platform’s efficiency to enable a seamless experience for its consumers and sellers. Visit https://www.daraz.com/ to learn more.

DiDi

didiglobal.com

DiDi Global Inc. is a leading mobility technology platform. It offers a wide range of app-based services across Asia Pacific, Latin America, and other global markets, including ride hailing, taxi hailing, designated driving, hitch and other forms of shared mobility as well as certain energy and vehicle services, food delivery, and intra-city freight services. DiDi provides car owners, drivers, and delivery partners with flexible work and income opportunities. It is committed to collaborating with policymakers, the taxi industry, the automobile industry, and the communities to solve the world’s transportation, environmental, and employment challenges through the use of AI technology and localized smart transportation innovations. DiDi strives to create better life experiences and greater social value, by building a safe, inclusive, and sustainable transportation and local services ecosystem for cities of the future.

Agoda

careersatagoda.com

At Agoda, we bridge the world through travel. We aim to make it easy and rewarding for more travelers to explore and experience the amazing world we live in. We do so by enabling more people to see the world for less – with our best-value deals across our 6,000,000+ hotels and holiday properties, 130,000+ flight routes, 360,000+ activities, and more. Agoda was founded in 2005 in Thailand by two lifelong friends with a shared passion for travel. Today, Agoda is part of Booking Holdings [BKNG], and we have more than 7,000 employees from 90 nationalities in offices across Asia Pacific, the Middle East, Europe, and the Americas. In every department – from engineering to customer support – you’ll find that data and technology are at the heart of our culture. There’s never a boring day at Agoda as we aim to make travel hassle-free for everyone. If you’re ready to begin your best journey with us and help us build travel for the world, join us. For properties seeking partnership with Agoda, visit https://connect.agoda.com

Avaya

cb tinyurl.com

At Avaya, we give our customers the freedom to take their business in the directions that benefit them most. We provide the paths for both customers and their employees where every moment big and small can drive in the moment, memorable experiences. The journey is theirs at the pace that makes sense for them with the innovation without disruption they need now and the solutions they can invest in the future.

Shopee

shopee.com

Shopee is the leading e-commerce platform in Southeast Asia and Taiwan. It is a platform tailored for the region, providing customers with an easy, secure and fast online shopping experience through strong payment and logistical support. Shopee aims to continually enhance its platform and become the region’s e-commerce destination of choice via ongoing product optimisation and localised user-centered strategies. Shopee, a Sea company, was first launched in Singapore in 2015, and has since expanded its reach to Malaysia, Thailand, Taiwan, Indonesia, Vietnam and the Philippines. Sea is a leader in digital entertainment, e-commerce and digital financial services across Greater Southeast Asia. Sea's mission is to better the lives of consumers and small businesses with technology, and is listed on the NYSE under the symbol SE. The Shopee team is rapidly expanding across the region and we are constantly on the lookout for talents who have the passion and drive to become part of a fast-moving and dynamic team. Do check out our career website http://careers.shopee.com for our available positions!

Red Hat

redhat.com

Red Hat is the world’s leading provider of enterprise open source solutions, using a community-powered approach to deliver high-performing Linux, hybrid cloud, edge, and Kubernetes technologies. We hire creative, passionate people who are ready to contribute their ideas, help solve complex problems, and make an impact. Opportunities are open. Join us.

Loading…

NEWS

OKRA.ai CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

June 24, 2019 07:00 AM

OKRA Technologies: accessible AI for smarter healthcare

OKRA Technologies has developed an artificial intelligence platform which can use environmental and health data to tell pharmaceutical...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-53430

SUMMARY

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Message modules) allows a denial of service via a gzip decompression bomb. This vulnerability is associated with program files lib/grpc/compressor/gzip.ex, lib/grpc/message.ex and program routines 'Elixir.GRPC.Compressor.Gzip':decompress/1, 'Elixir.GRPC.Message':from_data/2. 'Elixir.GRPC.Compressor.Gzip':decompress/1 calls :zlib.gunzip/1 directly on attacker-controlled bytes with no decompressed-size limit, ratio check, or incremental decoding. Because this module is the registered gzip GRPC.Compressor implementation, it is invoked automatically whenever an incoming gRPC frame carries the grpc-encoding: gzip header. :zlib.gunzip/1 allocates the entire decompressed result as a single binary, so a small highly compressible payload (for example a few kilobytes of zeros, which gzip compresses at roughly 1000:1) expands to multiple gigabytes inside a single call. The max_receive_message_length limit is enforced only against the already-decompressed message, so it provides no protection. An unauthenticated remote peer can send a single crafted frame to exhaust the BEAM node's heap and trigger an out-of-memory kill. This issue affects grpc: from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48854

SUMMARY

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BEAM's memory and crash the server by streaming a large or slow-trickle unary request body. 'Elixir.GRPC.Server.Adapters.Cowboy.Handler':read_full_body/3 (lib/grpc/server/adapters/cowboy/handler.ex) accumulates every received chunk into a single growing binary with no size cap. Additionally, when the client omits the grpc-timeout header, the per-chunk read timeout resolves to :infinity, allowing a slow-trickle client to keep the connection alive indefinitely while memory grows. A single connection is sufficient to exhaust server memory and crash the node. This issue affects grpc from 0.3.1 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48853

SUMMARY

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unauthenticated attackers to crash the BEAM node via atom table exhaustion and, when a decoded term flows into a call site that invokes it, achieve remote code execution on the server. 'Elixir.GRPC.Codec.Erlpack':decode/2 (lib/grpc/codec/erlpack.ex) calls :erlang.binary_to_term/1 on the raw gRPC message body without the :safe option, no size bound, and no type guard. Any unauthenticated peer that sends a request with Content-Type: application/grpc+erlpack can send a crafted payload that mints arbitrary new atoms (which are never garbage-collected, exhausting the bounded atom table and crashing the VM) or that encodes a fun term which, if applied anywhere downstream, executes attacker-controlled code inside the server process. This issue affects grpc from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 9.2

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48723

SUMMARY

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable to OS command injection via the cypress_config_file configuration parameter. In readCypressConfigUtil.js, the loadJsFile() function constructs a shell command by interpolating the user-controlled cypress_config_filepath value into a template literal, then executes it via child_process.execSync(). Shell metacharacters in the config path (specifically " and ;) allow breaking out of the quoted argument and injecting arbitrary commands. This issue has been fixed in version 1.36.6.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: 7.8)

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-48599

SUMMARY

Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. In 'Elixir.GRPC.Server.Transcode':map_request/5 (lib/grpc/server/transcode.ex), all three clauses use Map.merge/2 with path bindings as the first argument, giving them the lowest merge precedence. A request such as GET /users/me/profile?user_id=victim (or a POST with {"user_id": "victim"} when body: "*") yields a decoded protobuf struct where the path-bound field carries the attacker-supplied value rather than the router-extracted value. Any handler that uses the path-bound field for authorization, multi-tenancy scoping, or ownership checks is silently bypassed. This issue affects grpc from 0.8.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 7.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…