STRABAG
Company Details
Linkedin ID:
strabag
Website:
Employees number:
15,074
Number of followers:
335,341
NAICS:
23
Industry Type:
Homepage:
strabag.com
IP Addresses:
0
Company ID:
STR_4786281
Scan Status:
In-progress
STRABAG Company CyberSecurity Posture
strabag.com
At STRABAG around 86,000 people working on progress at more than 2,400 locations worldwide. Uniqueness and individual strengths characterise both our projects and each of us as individuals. Whether its building construction, civil engineering, road construction, underground engineering, bridge building, tunnelling, construction material production, project development or building management – we are always one step ahead so that we can become the most innovative and sustainable construction technology company in Europe. Diversity, inclusion and equal opportunities are integral to this, who we are as a company and how we work. Together we work as partners to complete projects successfully and grow with new challenges. Together we achieve great things. Let’s progress!
STRABAG A.I CyberSecurity Scoring
STRABAG Risk Score (AI oriented)Between 750 and 799
STRABAG
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
STRABAG Global Score (TPRM)XXXX
STRABAG
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
STRABAG Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
STRABAG Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for STRABAG
Incidents vs Construction Industry Average (This Year)
No incidents recorded for STRABAG in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for STRABAG in 2025.
Incident Types STRABAG vs Construction Industry Avg (This Year)
No incidents recorded for STRABAG in 2025.
Incident History — STRABAG (X = Date, Y = Severity)
STRABAG cyber incidents detection timeline including parent company and subsidiaries
STRABAG Company Subsidiaries
At STRABAG around 86,000 people working on progress at more than 2,400 locations worldwide. Uniqueness and individual strengths characterise both our projects and each of us as individuals. Whether its building construction, civil engineering, road construction, underground engineering, bridge building, tunnelling, construction material production, project development or building management – we are always one step ahead so that we can become the most innovative and sustainable construction technology company in Europe. Diversity, inclusion and equal opportunities are integral to this, who we are as a company and how we work. Together we work as partners to complete projects successfully and grow with new challenges. Together we achieve great things. Let’s progress!
Loading...
STRABAG Similar Companies
ALEC Holdings
ALEC Holdings, part of the Investment Corporate of Dubai (ICD), is a leading construction and related businesses group operating in the UAE and KSA. The company builds and provides construction solutions that set industry benchmarks for quality, safety, functionality, and aesthetics. ALEC Holdings
Al Jaber Group
Al Jaber Group (AJC) is a privately owned, multi-disciplinary conglomerate, based in Abu Dhabi and with branches in the Kingdom of Saudi Arabia and Qatar. AJC provides its professional services in the construction, heavy lifting and logistics, manufacturing and trading sectors. With a workforce i
Bouygues Construction
With 32,500 employees working in 60 countries, Bouygues Construction designs, builds and rehabilitates the infrastructures and buildings that are essential for a sustainable society. All over the world, the teams support the development of low-carbon energy production and public transport infrastruc
Founded in 1952 by Francis Bouygues, Bouygues is a diversified services group operating in over 80 countries with 200,000 employees all working to make life better every day. Its business activities in construction (Bouygues Construction, Bouygues Immobilier, Colas); energies & services (Equans); me
KEC International Ltd.
KEC International Limited, the flagship company of RPG Enterprises is a diversified global infrastructure Engineering, Procurement & Construction (EPC) major, with a presence in the verticals of Power Transmission & Distribution, Railways, Civil, Urban Infrastructure, Oil & Gas Pipelines, Solar, Sma
Andrade Gutierrez S.A.
Fundada em Belo Horizonte, Minas Gerais, a Andrade Gutierrez tem reconhecida expertise no segmento de construção pesada. Na década de 1990 iniciou a diversificação dos negócios com investimentos nas áreas de Concessões e Telecomunicações. Hoje o Grupo Andrade Gutierrez é um dos maiores conglomer
VINCI
VINCI is a world leader in concessions, energy and construction, employing 280.000 people in some 120 countries. We design, finance, build and operate infrastructure and facilities that help improve daily life and mobility for all. Because we believe in all-round performance, above and beyond eco
Burns & McDonnell
At Burns & McDonnell, our engineers, construction professionals, architects, planners, technologists and scientists do more than plan, design and construct. With a mission unchanged since 1898 — make our clients successful — we partner with you on the toughest challenges, constantly working to make
America's Builder is a lofty title, but it's a goal we work toward every day. D.R. Horton started in 1978 in Fort Worth, Texas, and has grown into a national Fortune 500 company. Since 2002, D.R. Horton has been the number one homebuilder in America. We build across the country, bringing our home
.png)
STRABAG CyberSecurity News
December 20, 2024 08:00 AM
Rohrdorf Group's application to acquire stake in Asamer Baustoffe Holding GMBH approved.
The Rohrdorf Group's application to acquire a controlling 49% stake in Asamer Baustoffe Holding GmbH (ABHO) has been approved by the...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
STRABAG CyberSecurity History Information
Official Website of STRABAG
The official website of STRABAG is https://karriere.strabag.com.
STRABAG’s AI-Generated Cybersecurity Score
According to Rankiteo, STRABAG’s AI-generated cybersecurity score is 781, reflecting their Fair security posture.
How many security badges does STRABAG’ have ?
According to Rankiteo, STRABAG currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does STRABAG have SOC 2 Type 1 certification ?
According to Rankiteo, STRABAG is not certified under SOC 2 Type 1.
Does STRABAG have SOC 2 Type 2 certification ?
According to Rankiteo, STRABAG does not hold a SOC 2 Type 2 certification.
Does STRABAG comply with GDPR ?
According to Rankiteo, STRABAG is not listed as GDPR compliant.
Does STRABAG have PCI DSS certification ?
According to Rankiteo, STRABAG does not currently maintain PCI DSS compliance.
Does STRABAG comply with HIPAA ?
According to Rankiteo, STRABAG is not compliant with HIPAA regulations.
Does STRABAG have ISO 27001 certification ?
According to Rankiteo,STRABAG is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of STRABAG
STRABAG operates primarily in the Construction industry.
Number of Employees at STRABAG
STRABAG employs approximately 15,074 people worldwide.
Subsidiaries Owned by STRABAG
STRABAG presently has no subsidiaries across any sectors.
STRABAG’s LinkedIn Followers
STRABAG’s official LinkedIn profile has approximately 335,341 followers.
NAICS Classification of STRABAG
STRABAG is classified under the NAICS code 23, which corresponds to Construction.
STRABAG’s Presence on Crunchbase
No, STRABAG does not have a profile on Crunchbase.
STRABAG’s Presence on LinkedIn
Yes, STRABAG maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/strabag.
Cybersecurity Incidents Involving STRABAG
As of December 11, 2025, Rankiteo reports that STRABAG has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
STRABAG has an estimated 39,116 peer or competitor companies worldwide.
STRABAG CyberSecurity History Information
How many cyber incidents has STRABAG faced ?
Total Incidents: According to Rankiteo, STRABAG has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at STRABAG ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Description
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=strabag' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
