Comparison Overview

zeroheight

VS

Microsoft

zeroheight

undefined, London, England, undefined, GB
Last Update: 2026-02-19
View Profile
Between 750 and 799
http://www.zeroheight.com

zeroheight helps teams create, manage and maintain their design systems. Using zeroheight, designers, engineers, and product teams can collaborate and build design systems that can be easily shared across teams. Create a centralized repository of styles, tokens, guidelines, code, components, and patterns, integrated and synced between the tools you already use. zeroheight makes maintaining consistency across different products easier and reduces the time and effort needed to stand up new brands and products confidently. We offer features that suit teams from startup to enterprise, from governance to analytics to automation.

NAICS: 511
NAICS Definition:
Employees: 52
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Microsoft

1 Microsoft Way, Redmond, Washington, US, 98052
Last Update: 2026-04-01
Between 650 and 699
https://news.microsoft.com/

Every company has a mission. What's ours? To empower every person and every organization to achieve more. We believe technology can and should be a force for good and that meaningful innovation contributes to a brighter world in the future and today. Our culture doesn’t just encourage curiosity; it embraces it. Each day we make progress together by showing up as our authentic selves. We show up with a learn-it-all mentality. We show up cheering on others, knowing their success doesn't diminish our own. We show up every day open to learning our own biases, changing our behavior, and inviting in differences. Because impact matters. Microsoft operates in 190 countries and is made up of approximately 228,000 passionate employees worldwide.

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 226,477
Subsidiaries: 51
12-month incidents
4
Known data breaches
15
Attack type number
5

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/zero-height.jpeg
zeroheight
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/microsoft.jpeg
Microsoft
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
zeroheight
100%
Compliance Rate
0/4 Standards Verified
Microsoft
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for zeroheight in 2026.

Incidents vs Software Development Industry Average (This Year)

Microsoft has 238.98% more incidents than the average of same-industry companies with at least one recorded incident.

Incident History — zeroheight (X = Date, Y = Severity)

zeroheight cyber incidents detection timeline including parent company and subsidiaries

Incident History — Microsoft (X = Date, Y = Severity)

Microsoft cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/zero-height.jpeg
zeroheight
Incidents

No Incident

https://images.rankiteo.com/companyimages/microsoft.jpeg
Microsoft
Incidents

Date Detected: 4/2026
Type:Cyber Attack
Attack Vector: Remote Code Execution (RCE)
Blog: Blog

Date Detected: 4/2026
Type:Vulnerability
Attack Vector: Exposed API credentials in public-facing web content
Blog: Blog

Date Detected: 4/2026
Type:Vulnerability
Attack Vector: Malicious HTML page (phishing/social engineering)
Blog: Blog

FAQ

zeroheight company demonstrates a stronger AI Cybersecurity Score compared to Microsoft company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Microsoft company has historically faced a number of disclosed cyber incidents, whereas zeroheight company has not reported any.

In the current year, Microsoft company has reported more cyber incidents than zeroheight company.

Microsoft company has confirmed experiencing a ransomware attack, while zeroheight company has not reported such incidents publicly.

Microsoft company has disclosed at least one data breach, while zeroheight company has not reported such incidents publicly.

Microsoft company has reported targeted cyberattacks, while zeroheight company has not reported such incidents publicly.

Microsoft company has disclosed at least one vulnerability, while zeroheight company has not reported such incidents publicly.

Neither zeroheight nor Microsoft holds any compliance certifications.

Neither company holds any compliance certifications.

Microsoft company has more subsidiaries worldwide compared to zeroheight company.

Microsoft company employs more people globally than zeroheight company, reflecting its scale as a Software Development.

Neither zeroheight nor Microsoft holds SOC 2 Type 1 certification.

Neither zeroheight nor Microsoft holds SOC 2 Type 2 certification.

Neither zeroheight nor Microsoft holds ISO 27001 certification.

Neither zeroheight nor Microsoft holds PCI DSS certification.

Neither zeroheight nor Microsoft holds HIPAA certification.

Neither zeroheight nor Microsoft holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability.

Published
Date
2026-04-02
Updated
Date
2026-04-02
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of the encryption credentials.

Published
Date
2026-04-02
Updated
Date
2026-04-02
References
Description

XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services

Published
Date
2026-04-02
Updated
Date
2026-04-02
References
Description

Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters.

Published
Date
2026-04-02
Updated
Date
2026-04-02
References
Description

A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda parameter.

Published
Date
2026-04-02
Updated
Date
2026-04-02
References