Comparison Overview

Philz Coffee

VS

REWE

Philz Coffee

1258 Minnesota Street, San Francisco, CA, 94107, US
Last Update: 2025-05-06 (UTC)
Between 800 and 900
http://www.philzcoffee.com

Strong

It all started with a dream to create a really great cup of coffee personalized for you... Philz Coffee is a San Francisco-based coffee company that attracts people who are passionate - about life, about others, about the communities they live and work in...and about coffee! Our core values: Put the customer experience first Our customers are our top priority. If we put people first, we cannot fail. Be quality driven and progress focused Be proud of your work. Be committed to doing the very best with passion and focus. Be kind and keep it real We are kind-hearted, positive, humble, and human. Be yourself. Be sincere. A genuine connection will outperform formality. We make sure that every Philz is a fun, creative and vibrant workplace. A spot where you can be yourself, dress the way you want, and have flexibility in your schedule to live your best life. Most importantly, you’ll be part of an environment dedicated to bettering people’s days and building community.

NAICS: 43
NAICS Definition: Retail Trade
Employees: 781
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

REWE

Domstraße 20 Köln, Nordrhein-Westfalen 50668, DE
Last Update: 2025-03-15 (UTC)

Moderate

Between 600 and 700
http://www.rewe.de

Als Teil der REWE Group und mit über 3.700 Märkten sind wir Gastgeber, die mit kompetenter Beratung unsere Kunden jeden Tag aufs Neue begeistern. Als Arbeitgeber für mehr als 161.000 Mitarbeitende fördern wir den Unternehmergeist in den eigenen Reihen. Darum unterstützen wir Mitarbeitende dabei, Ideen einzubringen und Beruf und Familie individuell zu vereinbaren. Als starke Gemeinschaft stehen wir mit unseren genossenschaftlichen Wurzeln für Kontinuität und Sicherheit und fördern auf dieser Basis selbständige Existenzen. Nicht selten führt eine Karriere bei uns bis zum eigenen Markt. Hier kann jeder auf seinem eigenen Weg echt was erreichen! Kontakt: Auf rewe.de/karriere findest du alle Informationen zu REWE als Arbeitgeber, unseren Ausbildungs- und Jobangeboten sowie Ansprechpartnerinnen und Ansprechpartner. Wir freuen uns auf deine Bewerbung! Impressum/Datenschutz: Diese Informationen sind unter bit.ly/REWE_Rechtliches zu finden.

NAICS: 452
NAICS Definition:
Employees: 10,001+
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/philz-coffee.jpeg
Philz Coffee
ISO 27001
Not verified
SOC 2
Not verified
GDPR
No public badge
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/rewe.jpeg
REWE
ISO 27001
Not verified
SOC 2
Not verified
GDPR
No public badge
PCI DSS
No public badge
Compliance Summary
Philz Coffee
100%
Compliance Rate
0/4 Standards Verified
REWE
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Retail Industry Average (This Year)

No incidents recorded for Philz Coffee in 2025.

Incidents vs Retail Industry Average (This Year)

No incidents recorded for REWE in 2025.

Incident History — Philz Coffee (X = Date, Y = Severity)

Philz Coffee cyber incidents detection timeline including parent company and subsidiaries

Incident History — REWE (X = Date, Y = Severity)

REWE cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/philz-coffee.jpeg
Philz Coffee
Incidents

No Incident

https://images.rankiteo.com/companyimages/rewe.jpeg
REWE
Incidents

No Incident

FAQ

Philz Coffee company company demonstrates a stronger AI risk posture compared to REWE company company, reflecting its advanced AI governance and monitoring frameworks.

Historically, REWE company has disclosed a higher number of cyber incidents compared to Philz Coffee company.

In the current year, REWE company and Philz Coffee company have not reported any cyber incidents.

Neither REWE company nor Philz Coffee company has reported experiencing a ransomware attack publicly.

Neither REWE company nor Philz Coffee company has reported experiencing a data breach publicly.

Neither REWE company nor Philz Coffee company has reported experiencing targeted cyberattacks publicly.

Neither Philz Coffee company nor REWE company has reported experiencing or disclosing vulnerabilities publicly.

Neither Philz Coffee company nor REWE company has publicly disclosed detailed information about the number of their subsidiaries.

Philz Coffee company employs more people globally than REWE company, reflecting its scale as a Retail.

Latest Global CVEs (Not Company-Specific)

Description

Improper Protection Against Voltage and Clock Glitches in FPGA devices, could allow an attacker with physical access to undervolt the platform resulting in a loss of confidentiality.

Published
Date
2025-09-24
Updated
Date
2025-09-24
Risk Information
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Malicious code was inserted into the Nx (build system) package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo under user's accounts.

Published
Date
2025-09-24
Updated
Date
2025-09-24
Risk Information
cvss3
Base: 9.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
References
Description

Flag Forge is a Capture The Flag (CTF) platform. In versions from 2.1.0 to before 2.3.0, the API endpoint GET /api/problems/:id returns challenge hints in plaintext within the question object, regardless of whether the user has unlocked them via point deduction. Users can view all hints for free, undermining the business logic of the platform and reducing the integrity of the challenge system. This issue has been patched in version 2.3.0.

Published
Date
2025-09-24
Updated
Date
2025-09-24
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References
Description

Flag Forge is a Capture The Flag (CTF) platform. In version 2.1.0, the /api/admin/assign-badge endpoint lacks proper access control, allowing any authenticated user to assign high-privilege badges (e.g., Staff) to themselves. This could lead to privilege escalation and impersonation of administrative roles. This issue has been patched in version 2.2.0.

Published
Date
2025-09-24
Updated
Date
2025-09-24
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
References
Description

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.

Published
Date
2025-09-24
Updated
Date
2025-09-24
References