Comparison Overview

Ruby on Rails - The Rails Foundation

VS

Booking Holdings (NASDAQ: BKNG)

Ruby on Rails - The Rails Foundation

None
Last Update: 2025-12-02
View Profile
Between 750 and 799
https://rubyonrails.org

The Rails Foundation is a non-profit foundation set up to improve the documentation, education, marketing, and events of the Ruby on Rails framework to the benefit of all new and existing Rails developers, and to ensure a prosperous ecosystem that continues to improve for decades to come. In alphabetical order, the eight founding core members of the foundation are: Cookpad, Doximity, Fleetio, GitHub, Intercom, Procore, Shopify, and 37signals.

NAICS: 513
NAICS Definition: Others
Employees: 19
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
1
View Profile

Booking Holdings (NASDAQ: BKNG)

800 Connecticut Avenue, Norwalk, CT, 06854, US
Last Update: 2025-12-01
Between 800 and 849
http://www.bookingholdings.com

Booking Holdings is the world’s leading provider of online travel & related services, provided to consumers and local partners in more than 220 countries and territories through six primary consumer-facing brands: Booking.com, Priceline, Agoda, Rentalcars.com, KAYAK and OpenTable. Collectively, Booking Holdings operates in more than 40 languages across Europe, North America, South America, the Asia-Pacific region, the Middle East and Africa. The mission of Booking Holdings is to make it easier for everyone to experience the world.

NAICS: 513
NAICS Definition: Others
Employees: 16,824
Subsidiaries: 6
12-month incidents
0
Known data breaches
0
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/ruby-on-rails-org.jpeg
Ruby on Rails - The Rails Foundation
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/bookingholdings.jpeg
Booking Holdings (NASDAQ: BKNG)
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Ruby on Rails - The Rails Foundation
100%
Compliance Rate
0/4 Standards Verified
Booking Holdings (NASDAQ: BKNG)
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Technology, Information and Internet Industry Average (This Year)

No incidents recorded for Ruby on Rails - The Rails Foundation in 2025.

Incidents vs Technology, Information and Internet Industry Average (This Year)

No incidents recorded for Booking Holdings (NASDAQ: BKNG) in 2025.

Incident History — Ruby on Rails - The Rails Foundation (X = Date, Y = Severity)

Ruby on Rails - The Rails Foundation cyber incidents detection timeline including parent company and subsidiaries

Incident History — Booking Holdings (NASDAQ: BKNG) (X = Date, Y = Severity)

Booking Holdings (NASDAQ: BKNG) cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/ruby-on-rails-org.jpeg
Ruby on Rails - The Rails Foundation
Incidents

Date Detected: 6/2022
Type:Vulnerability
Attack Vector: Cross-Site Request Forgery (CSRF)
Motivation: Unauthorized actions, Data exfiltration, Fraudulent transactions
Blog: Blog
https://images.rankiteo.com/companyimages/bookingholdings.jpeg
Booking Holdings (NASDAQ: BKNG)
Incidents

Date Detected: 6/2025
Type:Cyber Attack
Attack Vector: Mass-phishing, Infostealer trojans
Motivation: Financial gain
Blog: Blog

Date Detected: 4/2025
Type:Cyber Attack
Attack Vector: compromised email accounts, phishing links, fake reCAPTCHA challenge, malware download (PureRAT), personalized WhatsApp messages, fake Booking/Expedia websites
Motivation: financial gain, data theft, fraudulent transactions
Blog: Blog

Date Detected: 2/2025
Type:Cyber Attack
Attack Vector: malicious domain registration, social engineering, phishing emails/websites
Motivation: financial gain, theft of payment details
Blog: Blog

FAQ

Booking Holdings (NASDAQ: BKNG) company demonstrates a stronger AI Cybersecurity Score compared to Ruby on Rails - The Rails Foundation company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Booking Holdings (NASDAQ: BKNG) company has faced a higher number of disclosed cyber incidents historically compared to Ruby on Rails - The Rails Foundation company.

In the current year, Booking Holdings (NASDAQ: BKNG) company has reported more cyber incidents than Ruby on Rails - The Rails Foundation company.

Neither Booking Holdings (NASDAQ: BKNG) company nor Ruby on Rails - The Rails Foundation company has reported experiencing a ransomware attack publicly.

Neither Booking Holdings (NASDAQ: BKNG) company nor Ruby on Rails - The Rails Foundation company has reported experiencing a data breach publicly.

Booking Holdings (NASDAQ: BKNG) company has reported targeted cyberattacks, while Ruby on Rails - The Rails Foundation company has not reported such incidents publicly.

Ruby on Rails - The Rails Foundation company has disclosed at least one vulnerability, while Booking Holdings (NASDAQ: BKNG) company has not reported such incidents publicly.

Neither Ruby on Rails - The Rails Foundation nor Booking Holdings (NASDAQ: BKNG) holds any compliance certifications.

Neither company holds any compliance certifications.

Booking Holdings (NASDAQ: BKNG) company has more subsidiaries worldwide compared to Ruby on Rails - The Rails Foundation company.

Booking Holdings (NASDAQ: BKNG) company employs more people globally than Ruby on Rails - The Rails Foundation company, reflecting its scale as a Technology, Information and Internet.

Neither Ruby on Rails - The Rails Foundation nor Booking Holdings (NASDAQ: BKNG) holds SOC 2 Type 1 certification.

Neither Ruby on Rails - The Rails Foundation nor Booking Holdings (NASDAQ: BKNG) holds SOC 2 Type 2 certification.

Neither Ruby on Rails - The Rails Foundation nor Booking Holdings (NASDAQ: BKNG) holds ISO 27001 certification.

Neither Ruby on Rails - The Rails Foundation nor Booking Holdings (NASDAQ: BKNG) holds PCI DSS certification.

Neither Ruby on Rails - The Rails Foundation nor Booking Holdings (NASDAQ: BKNG) holds HIPAA certification.

Neither Ruby on Rails - The Rails Foundation nor Booking Holdings (NASDAQ: BKNG) holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM Otherwise accessing them can cause a crash.

Published
Date
2025-12-06
Updated
Date
2025-12-06
References
Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices Previously, APU platforms (and other scenarios with uninitialized VRAM managers) triggered a NULL pointer dereference in `ttm_resource_manager_usage()`. The root cause is not that the `struct ttm_resource_manager *man` pointer itself is NULL, but that `man->bdev` (the backing device pointer within the manager) remains uninitialized (NULL) on APUs—since APUs lack dedicated VRAM and do not fully set up VRAM manager structures. When `ttm_resource_manager_usage()` attempts to acquire `man->bdev->lru_lock`, it dereferences the NULL `man->bdev`, leading to a kernel OOPS. 1. **amdgpu_cs.c**: Extend the existing bandwidth control check in `amdgpu_cs_get_threshold_for_moves()` to include a check for `ttm_resource_manager_used()`. If the manager is not used (uninitialized `bdev`), return 0 for migration thresholds immediately—skipping VRAM-specific logic that would trigger the NULL dereference. 2. **amdgpu_kms.c**: Update the `AMDGPU_INFO_VRAM_USAGE` ioctl and memory info reporting to use a conditional: if the manager is used, return the real VRAM usage; otherwise, return 0. This avoids accessing `man->bdev` when it is NULL. 3. **amdgpu_virt.c**: Modify the vf2pf (virtual function to physical function) data write path. Use `ttm_resource_manager_used()` to check validity: if the manager is usable, calculate `fb_usage` from VRAM usage; otherwise, set `fb_usage` to 0 (APUs have no discrete framebuffer to report). This approach is more robust than APU-specific checks because it: - Works for all scenarios where the VRAM manager is uninitialized (not just APUs), - Aligns with TTM's design by using its native helper function, - Preserves correct behavior for discrete GPUs (which have fully initialized `man->bdev` and pass the `ttm_resource_manager_used()` check). v4: use ttm_resource_manager_used(&adev->mman.vram_mgr.manager) instead of checking the adev->gmc.is_app_apu flag (Christian)

Published
Date
2025-12-06
Updated
Date
2025-12-06
References
Description

In the Linux kernel, the following vulnerability has been resolved: exfat: fix improper check of dentry.stream.valid_size We found an infinite loop bug in the exFAT file system that can lead to a Denial-of-Service (DoS) condition. When a dentry in an exFAT filesystem is malformed, the following system calls — SYS_openat, SYS_ftruncate, and SYS_pwrite64 — can cause the kernel to hang. Root cause analysis shows that the size validation code in exfat_find() does not check whether dentry.stream.valid_size is negative. As a result, the system calls mentioned above can succeed and eventually trigger the DoS issue. This patch adds a check for negative dentry.stream.valid_size to prevent this vulnerability.

Published
Date
2025-12-06
Updated
Date
2025-12-06
References
Description

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible memory leak in smb2_read() Memory leak occurs when ksmbd_vfs_read() fails. Fix this by adding the missing kvfree().

Published
Date
2025-12-06
Updated
Date
2025-12-06
References
Description

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible refcount leak in smb2_sess_setup() Reference count of ksmbd_session will leak when session need reconnect. Fix this by adding the missing ksmbd_user_session_put().

Published
Date
2025-12-06
Updated
Date
2025-12-06
References