Comparison Overview

TES 2000 Ltd

VS

Amtrak

TES 2000 Ltd

TES House, Heath Business Park, Colchester, Essex, co2 8gu, GB
Last Update: 2025-05-06 (UTC)
Between 800 and 900
http://www.tes2000.co.uk

Strong

TES 2000 Ltd is a long established, highly regarded contractor to the rail industry. With our Head Office based in Colchester, Essex and regional offices in Peterborough and Doncaster, we undertake a range of services on Network Rail's infrastructure. What we do Safety is our number one priority and we work collaboratively with our clients and industry safety bodies to develop and deliver innovative approaches that will enhance safety performance and strengthen the overall safety culture. We have developed high levels of expertise and provide national coverage in the delivery of Possession Management, Electrification, Technical Services, Track Renewals and Maintenance. Our People We provide our people with the very best quality training through our modern, fully equipped training centres in Colchester and Doncaster. We invest time and resource into developing our people, enabling us to provide a multi-skilled and versatile service to our clients, whilst ensuring our employees have access to excellent training and career progression opportunities. We provide a structured reward package and competitive rates of pay. Services & Expertise Our teams are experts in their fields and provide a high quality service in the delivery of Possession Management, Electrification, LXA, Technical Services, Track Renewals and Maintenance. In addition to our suite of operational services we also provide Safety Critical training through our NSAR accredited โ€˜Outstandingโ€™ Training Department.

NAICS: 482
NAICS Definition: Rail Transportation
Employees: 174
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Amtrak

1 Massachusetts Ave NW, None, Washington, District of Columbia, US, 20002
Last Update: 2025-08-05 (UTC)

Strong

Between 800 and 900
http://www.amtrak.com

Moving America Where it wants to go. We are not just a railroad; we are a company that moves people. With 21,000 route miles in 46 states, the District of Columbia and three Canadian provinces, Amtrak operates more than 300 trains each day โ€“ at speeds up to 150 mph โ€“ to more than 500 destinations. We move customers where they want to go by responding to their wants and needs. And by doing so, we connect communities, economies and families that make our nation great. We employ more than 20,000 diverse, energetic professionals in a variety of career fields throughout the Unites States. Our mission is to provide safe transportation in the most efficient way possible, while ensuring that our customers get a consistent, high quality experience. Carrying out this mission, and ultimately achieving our vision, hinges on our employees. The future rides with us. Amtrak is an equal employment opportunity employer.

NAICS: 482
NAICS Definition: Rail Transportation
Employees: 13,573
Subsidiaries: 0
12-month incidents
0
Known data breaches
3
Attack type number
2

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/tes-2000-ltd.jpeg
TES 2000 Ltd
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/amtrak.jpeg
Amtrak
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
TES 2000 Ltd
100%
Compliance Rate
0/4 Standards Verified
Amtrak
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Rail Transportation Industry Average (This Year)

No incidents recorded for TES 2000 Ltd in 2025.

Incidents vs Rail Transportation Industry Average (This Year)

No incidents recorded for Amtrak in 2025.

Incident History โ€” TES 2000 Ltd (X = Date, Y = Severity)

TES 2000 Ltd cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” Amtrak (X = Date, Y = Severity)

Amtrak cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/tes-2000-ltd.jpeg
TES 2000 Ltd
Incidents

No Incident

https://images.rankiteo.com/companyimages/amtrak.jpeg
Amtrak
Incidents

Date Detected: 7/2020
Type:Breach
Attack Vector: External System Breach (Hacking)
Blog: Blog

Date Detected: 7/2020
Type:Breach
Attack Vector: Unauthorized Access
Blog: Blog

Date Detected: 4/2020
Type:Breach
Attack Vector: Unauthorized Access
Blog: Blog

FAQ

Both TES 2000 Ltd company and Amtrak company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

Amtrak company has historically faced a number of disclosed cyber incidents, whereas TES 2000 Ltd company has not reported any.

In the current year, Amtrak company and TES 2000 Ltd company have not reported any cyber incidents.

Neither Amtrak company nor TES 2000 Ltd company has reported experiencing a ransomware attack publicly.

Amtrak company has disclosed at least one data breach, while TES 2000 Ltd company has not reported such incidents publicly.

Neither Amtrak company nor TES 2000 Ltd company has reported experiencing targeted cyberattacks publicly.

Neither TES 2000 Ltd company nor Amtrak company has reported experiencing or disclosing vulnerabilities publicly.

Neither TES 2000 Ltd company nor Amtrak company has publicly disclosed detailed information about the number of their subsidiaries.

Amtrak company employs more people globally than TES 2000 Ltd company, reflecting its scale as a Rail Transportation.

Latest Global CVEs (Not Company-Specific)

Description

Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems from a token validation routine that only decodes JWTs (jwt.decode) without verifying their signatures. Both the email verification token login path and the password reset server action use the same validator, which does not check the tokenโ€™s signature, expiration, issuer, or audience. If an attacker learns the victimโ€™s actual user.id, they can craft an arbitrary JWT with an alg: "none" header and use it to authenticate and reset the victimโ€™s password. This issue has been patched in version 4.0.1.

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
References
Description

Apollo Studio Embeddable Explorer & Embeddable Sandbox are website embeddable software solutions from Apollo GraphQL. Prior to Apollo Sandbox version 2.7.2 and Apollo Explorer version 3.7.3, a cross-site request forgery (CSRF) vulnerability was identified. The vulnerability arises from missing origin validation in the client-side code that handles window.postMessage events. A malicious website can send forged messages to the embedding page, causing the victimโ€™s browser to execute arbitrary GraphQL queries or mutations against their GraphQL server while authenticated with the victimโ€™s cookies. This issue has been patched in Apollo Sandbox version 2.7.2 and Apollo Explorer version 3.7.3.

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N
References
Description

A security vulnerability has been detected in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /consulta-dispensas. Such manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file /module/Api/aluno. This manipulation of the argument aluno_id causes improper authorization. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in Tencent WeKnora 0.1.0. This impacts the function testEmbeddingModel of the file /api/v1/initialization/embedding/test. The manipulation of the argument baseUrl results in server-side request forgery. The attack can be launched remotely. The exploit has been released to the public and may be exploited. It is advisable to upgrade the affected component. The vendor responds: "We have confirmed that the issue mentioned in the report does not exist in the latest releases".

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References