Comparison Overview

alnamic AG (now Avanade)

Habichtweg 21, 41468, Neuss, DE

Last Update: 2026-04-04

Between 750 and 799

http://www.avanade.com

Alnamic is pleased to announce that it was acquired by Avanade on April 1st, 2020. Avanade is the leading provider of innovative digital and cloud services, business solutions, and design-led experiences delivered through the power of people and the Microsoft ecosystem. Learn more at www.avanade.com. Die alnamic AG wurde zum 01.04.2020 in die Avanade Deutschland GmbH integriert. Informationen über die Avanade Deutschland GmbH finden Sie hier: https://www.linkedin.com/company/avanadedach/

NAICS: 5415

NAICS Definition: Computer Systems Design and Related Services

Employees: 8

Subsidiaries: 17

12-month incidents

Known data breaches

Attack type number

View Profile

Sopra Steria

9 rue de Presbourg, Paris, 75016, FR

Last Update: 2026-04-01

Between 600 and 649

http://www.soprasteria.com

Sopra Steria, a major Tech player in Europe with 51,000 employees in nearly 30 countries, is recognised for its consulting, digital services and solutions. It helps its clients drive their digital transformation and obtain tangible and sustainable benefits. The Group provides end-to-end solutions to make large companies and organisations more competitive by combining in-depth knowledge of a wide range of business sectors and innovative technologies with a collaborative approach. Sopra Steria places people at the heart of everything it does and is committed to putting digital to work for its clients in order to build a positive future for all. In 2024, the Group generated revenues of €5.8 billion. The world is how we shape it

NAICS: 5415

NAICS Definition: Computer Systems Design and Related Services

Employees: 46,767

Subsidiaries: 0

12-month incidents

Known data breaches

Attack type number

https://images.rankiteo.com/companyimages/alnamic-ag.jpeg

alnamic AG (now Avanade)

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Sopra Steria

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs IT Services and IT Consulting Industry Average (This Year)

No incidents recorded for alnamic AG (now Avanade) in 2026.

Incidents vs IT Services and IT Consulting Industry Average (This Year)

No incidents recorded for Sopra Steria in 2026.

Incident History — alnamic AG (now Avanade) (X = Date, Y = Severity)

alnamic AG (now Avanade) cyber incidents detection timeline including parent company and subsidiaries

Incident History — Sopra Steria (X = Date, Y = Severity)

Sopra Steria cyber incidents detection timeline including parent company and subsidiaries

alnamic AG (now Avanade)

Incidents

No Incident

Sopra Steria

Incidents

Date Detected: 5/2025

Type:Ransomware

Attack Vector: Initial Access Broker

Motivation: Financial

Blog: Blog

Date Detected: 10/2020

Type:Ransomware

Motivation: Financial Gain

Blog: Blog

alnamic AG (now Avanade) company demonstrates a stronger AI Cybersecurity Score compared to Sopra Steria company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Sopra Steria company has historically faced a number of disclosed cyber incidents, whereas alnamic AG (now Avanade) company has not reported any.

In the current year, Sopra Steria company and alnamic AG (now Avanade) company have not reported any cyber incidents.

Sopra Steria company has confirmed experiencing a ransomware attack, while alnamic AG (now Avanade) company has not reported such incidents publicly.

Neither Sopra Steria company nor alnamic AG (now Avanade) company has reported experiencing a data breach publicly.

Neither Sopra Steria company nor alnamic AG (now Avanade) company has reported experiencing targeted cyberattacks publicly.

Neither alnamic AG (now Avanade) company nor Sopra Steria company has reported experiencing or disclosing vulnerabilities publicly.

Neither alnamic AG (now Avanade) nor Sopra Steria holds any compliance certifications.

Neither company holds any compliance certifications.

alnamic AG (now Avanade) company has more subsidiaries worldwide compared to Sopra Steria company.

Sopra Steria company employs more people globally than alnamic AG (now Avanade) company, reflecting its scale as a IT Services and IT Consulting.

Neither alnamic AG (now Avanade) nor Sopra Steria holds SOC 2 Type 1 certification.

Neither alnamic AG (now Avanade) nor Sopra Steria holds SOC 2 Type 2 certification.

Neither alnamic AG (now Avanade) nor Sopra Steria holds ISO 27001 certification.

Neither alnamic AG (now Avanade) nor Sopra Steria holds PCI DSS certification.

Neither alnamic AG (now Avanade) nor Sopra Steria holds HIPAA certification.

Neither alnamic AG (now Avanade) nor Sopra Steria holds GDPR certification.

Description

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers assume that the history index is always available and call blockchain.history_store.history_index().unwrap() directly. That assumption is false by construction. HistoryStoreProxy::history_index() explicitly returns None for the valid HistoryStoreProxy::WithoutIndex state. when a full node is syncing or otherwise running without the history index, a remote peer can send RequestTransactionsProof or RequestTransactionReceiptsByAddress and trigger an Option::unwrap() panic on the request path. This issue has been patched in version 1.3.0.

Published

Date

2026-04-03

Updated

Date

2026-04-03

Risk Information

cvss3

Base: 5.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References

Description

PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95.

Published

Date

2026-04-03

Updated

Date

2026-04-03

Risk Information

cvss3

Base: 8.6

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

References

https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-44c2-3rw4-5gvh

Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. This issue has been patched in version 4.5.97.

Published

Date

2026-04-03

Updated

Date

2026-04-03

Risk Information

cvss3

Base: 9.1

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

References

https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-98f9-fqg5-hvq5

Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97.

Published

Date

2026-04-03

Updated

Date

2026-04-03

Risk Information

cvss3

Base: 9.1

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

References

https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-cfh6-vr3j-qc3g

Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python thread for hundreds of seconds and causing a complete service outage. This issue has been patched in version 4.5.90.

Published

Date

2026-04-03

Updated

Date

2026-04-03

Risk Information

cvss3

Base: 6.5

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-8w9j-hc3g-3g7f

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

alnamic AG (now Avanade)

VS

Sopra Steria

alnamic AG (now Avanade)

Sopra Steria

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs IT Services and IT Consulting Industry Average (This Year)

Incidents vs IT Services and IT Consulting Industry Average (This Year)

Incident History — alnamic AG (now Avanade) (X = Date, Y = Severity)

Incident History — Sopra Steria (X = Date, Y = Severity)

Notable Incidents

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2026-35468

Risk Information

CVE-2026-34954

Risk Information

CVE-2026-34953

Risk Information

CVE-2026-34952

Risk Information

CVE-2026-34939

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

alnamic AG (now Avanade)

VS

Sopra Steria

alnamic AG (now Avanade)

Sopra Steria

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs IT Services and IT Consulting Industry Average (This Year)

Incidents vs IT Services and IT Consulting Industry Average (This Year)

Incident History — alnamic AG (now Avanade) (X = Date, Y = Severity)

Incident History — Sopra Steria (X = Date, Y = Severity)

Notable Incidents

No Incident

🔒 Incident : Ransomware SOP526062025

🔒 Incident : Ransomware SOP215691122

FAQ

Between alnamic AG (now Avanade) company and Sopra Steria company, which one has the best AI Cybersecurity Score ?

Between alnamic AG (now Avanade) company and Sopra Steria company, which one has experienced more cyber incidents in the past ?

Between alnamic AG (now Avanade) company and Sopra Steria company, which one has experienced more cyber incidents this year ?

Between alnamic AG (now Avanade) company and Sopra Steria company, which one has experienced at least one ransomware attack ?

Between alnamic AG (now Avanade) company and Sopra Steria company, which one has experienced at least one data breach ?

Between alnamic AG (now Avanade) company and Sopra Steria company, which one has experienced at least one targeted cyberattack ?

Between alnamic AG (now Avanade) company and Sopra Steria company, which one has experienced at least one vulnerability ?

Between alnamic AG (now Avanade) company and Sopra Steria company, which one holds the most compliance certifications ?

Between alnamic AG (now Avanade) company and Sopra Steria company, which one holds the fewest compliance certifications ?

Between alnamic AG (now Avanade) company and Sopra Steria company, which one has the most subsidiaries ?

Between alnamic AG (now Avanade) company and Sopra Steria company, which one has the largest number of employees ?

Between alnamic AG (now Avanade) and Sopra Steria, which company holds both SOC 2 Type 1 certifications ?

Between alnamic AG (now Avanade) and Sopra Steria, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — alnamic AG (now Avanade) or Sopra Steria ?

Which company is PCI DSS compliant — alnamic AG (now Avanade) or Sopra Steria ?

Between alnamic AG (now Avanade) and Sopra Steria, which company complies with HIPAA regulations for healthcare data ?

Between alnamic AG (now Avanade) and Sopra Steria, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2026-35468

Risk Information

CVE-2026-34954

Risk Information

CVE-2026-34953

Risk Information

CVE-2026-34952

Risk Information

CVE-2026-34939

Risk Information