Comparison Overview

The Arkenstone, www.iRocks.com

VS

VAE Raleigh

The Arkenstone, www.iRocks.com

PO Box 830460, Dallas, Texas, 75083, US
Last Update: 2025-03-05 (UTC)
View Profile
Between 750 and 799
http://www.iRocks.com

The Arkenstone, a purveyor of fine minerals and crystals, started when Dr. Robert Lavinsky fell in love with minerals when he attended his first mineral show at age 14. Over the last three decades, The Arkenstone has grown from a part-time hobby to the world's largest online mineral shop. In addition to selling fine mineral specimens online, The Arkenstone has a 10,000 square foot facility in Dallas, TX that contains our 4,000 square foot gallery, custom base-making lab, several photography studios, and staff offices. We also maintain a significant presence at the world's largest mineral shows and co-sponsor of The Dallas Mineral Collecting Symposium. In 2013, The Arkenstone opened another gallery in Shanghai, China, and we enjoy traveling to visit our growing customer base in Asia.

NAICS: 711
NAICS Definition:
Employees: 10
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

VAE Raleigh

undefined, Raleigh, NC, 27601, US
Last Update: 2025-03-06 (UTC)
Between 750 and 799
http://www.vaeraleigh.org

VAE Raleigh produces, funds, and exhibits socially-engaged art through community collaboration. VAE Raleigh is a nonprofit community cultural arts organization. VAE was founded by a small group of dedicated artists in 1980. Though our name has changed and the organization has grown, VAE stays true to its core goal of developing a vibrant, equitable, and well-resourced creative community.

NAICS: 711
NAICS Definition:
Employees: 10
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/the-arkenstone---www-irocks-com.jpeg
The Arkenstone, www.iRocks.com
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/visual-art-exchange.jpeg
VAE Raleigh
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
The Arkenstone, www.iRocks.com
100%
Compliance Rate
0/4 Standards Verified
VAE Raleigh
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Artists and Writers Industry Average (This Year)

No incidents recorded for The Arkenstone, www.iRocks.com in 2025.

Incidents vs Artists and Writers Industry Average (This Year)

No incidents recorded for VAE Raleigh in 2025.

Incident History — The Arkenstone, www.iRocks.com (X = Date, Y = Severity)

The Arkenstone, www.iRocks.com cyber incidents detection timeline including parent company and subsidiaries

Incident History — VAE Raleigh (X = Date, Y = Severity)

VAE Raleigh cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/the-arkenstone---www-irocks-com.jpeg
The Arkenstone, www.iRocks.com
Incidents

No Incident

https://images.rankiteo.com/companyimages/visual-art-exchange.jpeg
VAE Raleigh
Incidents

No Incident

FAQ

The Arkenstone, www.iRocks.com company demonstrates a stronger AI Cybersecurity Score compared to VAE Raleigh company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, VAE Raleigh company has disclosed a higher number of cyber incidents compared to The Arkenstone, www.iRocks.com company.

In the current year, VAE Raleigh company and The Arkenstone, www.iRocks.com company have not reported any cyber incidents.

Neither VAE Raleigh company nor The Arkenstone, www.iRocks.com company has reported experiencing a ransomware attack publicly.

Neither VAE Raleigh company nor The Arkenstone, www.iRocks.com company has reported experiencing a data breach publicly.

Neither VAE Raleigh company nor The Arkenstone, www.iRocks.com company has reported experiencing targeted cyberattacks publicly.

Neither The Arkenstone, www.iRocks.com company nor VAE Raleigh company has reported experiencing or disclosing vulnerabilities publicly.

Neither The Arkenstone, www.iRocks.com nor VAE Raleigh holds any compliance certifications.

Neither company holds any compliance certifications.

Neither The Arkenstone, www.iRocks.com company nor VAE Raleigh company has publicly disclosed detailed information about the number of their subsidiaries.

Both The Arkenstone, www.iRocks.com company and VAE Raleigh company employ a similar number of people globally.

Neither The Arkenstone, www.iRocks.com nor VAE Raleigh holds SOC 2 Type 1 certification.

Neither The Arkenstone, www.iRocks.com nor VAE Raleigh holds SOC 2 Type 2 certification.

Neither The Arkenstone, www.iRocks.com nor VAE Raleigh holds ISO 27001 certification.

Neither The Arkenstone, www.iRocks.com nor VAE Raleigh holds PCI DSS certification.

Neither The Arkenstone, www.iRocks.com nor VAE Raleigh holds HIPAA certification.

Neither The Arkenstone, www.iRocks.com nor VAE Raleigh holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fix 001, 24.0.1 through 24.0.1 Interim Fix 004, 24.0.0 through 24.0.0 Interim Fix 006, and earlier unsupported releases IBM Business Automation Workflow is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Published
Date
2025-11-03
Updated
Date
2025-11-03
Risk Information
cvss3
Base: 6.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
References
Description

Deck Mate 2 is distributed with static, hard-coded credentials for the root shell and web user interface, while multiple management services (SSH, HTTP, Telnet, SMB, X11) are enabled by default. If an attacker can reach these interfaces - most often through local or near-local access such as connecting to the USB or Ethernet ports beneath the table - the built-in credentials permit administrative login and full control of the system. Once authenticated, an attacker can access firmware utilities, modify controller software, and establish persistent compromise. Remote attack paths via network, cellular, or telemetry links may exist in specific configurations but generally require additional capabilities or operator error. The vendor reports that USB access has been disabled in current firmware builds.

Published
Date
2025-11-03
Updated
Date
2025-11-03
Risk Information
cvss4
Base: 7.0
Severity: LOW
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A potential vulnerability was reported in some Lenovo Tablets that could allow a local authenticated user or application to gain access to sensitive device specific information.

Published
Date
2025-11-03
Updated
Date
2025-11-03
Risk Information
cvss3
Base: 5.5
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
cvss4
Base: 6.8
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Nagios XI versions prior to 2024R1.1.3, under certain circumstances, disclose sensitive user account information (including API keys and hashed passwords) to authenticated users who should not have access to that data. Exposure of API keys or password hashes could lead to account compromise, abuse of API privileges, or offline cracking attempts. CVE-2024-13995 addresses a similar vulnerability with a potentially incomplete fix for the underlying problem in earlier versions.

Published
Date
2025-11-03
Updated
Date
2025-11-03
Risk Information
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Nagios XI versions prior to 2024R1.1.3 contain a privilege escalation vulnerability in which an authenticated administrator could leverage the Migrate Server feature to obtain root privileges on the underlying XI host. By abusing the migration workflow, an admin-level attacker could execute actions outside the intended security scope of the application, resulting in full control of the operating system.

Published
Date
2025-11-03
Updated
Date
2025-11-03
Risk Information
cvss4
Base: 9.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References