Comparison Overview

Rheinmetall

VS

Thales

Rheinmetall

Rheinmetall Platz 1, Düsseldorf, Nordrhein Westfalen, DE, 40476
Last Update: 2026-04-01
View Profile
Between 750 and 799
https://www.rheinmetall.com/career

As an integrated technology group, the listed company Rheinmetall AG, headquartered in Düsseldorf, stands for a company that is as strong in substance as it is successful internationally, and that is active in various markets with an innovative range of products and services. Rheinmetall is a leading international systems supplier in the defence industry and at the same time a driver of forward-looking technological and industrial innovations in the civilian markets. The focus on sustainability is an integral part of Rheinmetall's strategy. The company aims to achieve CO2 neutrality by 2035. Through our work in various fields, we at Rheinmetall take on responsibility in a dramatically changing world. With our technologies, products and systems, we create the indispensable basis for peace, freedom and sustainable development: security. Find more Information about your career opportunities here: https://www.rheinmetall.com/en/career/career-overview IMPRINT AND DATA PROTECTION https://www.rheinmetall.com/en/meta/navigations/footer/imprint

NAICS: 336414
NAICS Definition: Guided Missile and Space Vehicle Manufacturing
Employees: 14,311
Subsidiaries: 1
12-month incidents
0
Known data breaches
0
Attack type number
2
View Profile

Thales

6, Rue de la Verrerie, Meudon, 92190, FR
Last Update: 2026-04-02
Between 750 and 799
http://www.thalesgroup.com/

Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion. The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies. Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.

NAICS: 336414
NAICS Definition: Guided Missile and Space Vehicle Manufacturing
Employees: 62,949
Subsidiaries: 10
12-month incidents
0
Known data breaches
3
Attack type number
4

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/rheinmetall.jpeg
Rheinmetall
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/thales.jpeg
Thales
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Rheinmetall
100%
Compliance Rate
0/4 Standards Verified
Thales
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Defense and Space Manufacturing Industry Average (This Year)

No incidents recorded for Rheinmetall in 2026.

Incidents vs Defense and Space Manufacturing Industry Average (This Year)

No incidents recorded for Thales in 2026.

Incident History — Rheinmetall (X = Date, Y = Severity)

Rheinmetall cyber incidents detection timeline including parent company and subsidiaries

Incident History — Thales (X = Date, Y = Severity)

Thales cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/rheinmetall.jpeg
Rheinmetall
Incidents

Date Detected: 04/2023
Type:Ransomware
Blog: Blog

Date Detected: 03/2023
Type:Cyber Attack
Motivation: Political
Blog: Blog
https://images.rankiteo.com/companyimages/thales.jpeg
Thales
Incidents

Date Detected: 3/2026
Type:Cyber Attack
Attack Vector: Website Exploitation, DDoS
Motivation: Political, Propaganda, Disruption
Blog: Blog

Date Detected: 2/2026
Type:Breach
Motivation: Financial Gain, Espionage, Fraud
Blog: Blog

Date Detected: 9/2025
Type:Breach
Attack Vector: Unremediated vulnerability
Blog: Blog

FAQ

Rheinmetall company demonstrates a stronger AI Cybersecurity Score compared to Thales company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Thales company has faced a higher number of disclosed cyber incidents historically compared to Rheinmetall company.

In the current year, Thales company has reported more cyber incidents than Rheinmetall company.

Both Thales company and Rheinmetall company have confirmed experiencing at least one ransomware attack.

Thales company has disclosed at least one data breach, while Rheinmetall company has not reported such incidents publicly.

Both Thales company and Rheinmetall company have reported experiencing targeted cyberattacks.

Neither Rheinmetall company nor Thales company has reported experiencing or disclosing vulnerabilities publicly.

Neither Rheinmetall nor Thales holds any compliance certifications.

Neither company holds any compliance certifications.

Thales company has more subsidiaries worldwide compared to Rheinmetall company.

Thales company employs more people globally than Rheinmetall company, reflecting its scale as a Defense and Space Manufacturing.

Neither Rheinmetall nor Thales holds SOC 2 Type 1 certification.

Neither Rheinmetall nor Thales holds SOC 2 Type 2 certification.

Neither Rheinmetall nor Thales holds ISO 27001 certification.

Neither Rheinmetall nor Thales holds PCI DSS certification.

Neither Rheinmetall nor Thales holds HIPAA certification.

Neither Rheinmetall nor Thales holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers assume that the history index is always available and call blockchain.history_store.history_index().unwrap() directly. That assumption is false by construction. HistoryStoreProxy::history_index() explicitly returns None for the valid HistoryStoreProxy::WithoutIndex state. when a full node is syncing or otherwise running without the history index, a remote peer can send RequestTransactionsProof or RequestTransactionReceiptsByAddress and trigger an Option::unwrap() panic on the request path. This issue has been patched in version 1.3.0.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
References
Description

PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 8.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
References
Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. This issue has been patched in version 4.5.97.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References
Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References
Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python thread for hundreds of seconds and causing a complete service outage. This issue has been patched in version 4.5.90.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References