Comparison Overview

ConocoPhillips

VS

PEMEX

ConocoPhillips

925 N Eldridge Pkwy, Houston, 77079, US
Last Update: 2026-04-01
View Profile
Between 800 and 849
https://www.conocophillips.com/?utm_source=LinkedIn&utm_medium=osocial&utm_campaign=profile&utm_content=visit_website

We are a global oil and gas company tasked with an important job—to safely find and deliver energy for the world. We’re experts in what we do—from the well site to the office. Across our operations and activities in 13 countries, we never forget our responsibility to be a great neighbor, and a great place to work. Guided by our SPIRIT Values—Safety, People, Integrity, Responsibility, Innovation and Teamwork—we deliver strong performance, keeping our promises to our stakeholders, communities and each other. We solve problems and develop new approaches together, as a team of people—not job titles. That’s ConocoPhillips. It’s not just what we do. It’s how we do it. At ConocoPhillips, we believe it is important to foster a safe and constructive online environment for our community. To do so, we encourage visitors to contribute to conversations by following a few guidelines: - Please contribute to the dialogue by keeping your comments relevant to the community and on topic. - Direct your comments at issues, rather than individuals. Any of the following violations of these guidelines may warrant, without prior notice, actions such as removing posts and comments or blocking an account: - Comments that are spam, defamatory or offensive (e.g., obscene, indecent, profane, violent, cruel or discriminatory) will be removed. - Content that violates the terms of use stipulated by each social media operating company. - Any other behavior ConocoPhillips deems inappropriate. Community policy: https://bit.ly/3mrTG4d

NAICS: 211
NAICS Definition: Oil and Gas Extraction
Employees: 16,502
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

PEMEX

Marina Nacional #329,, México, 11311, MX
Last Update: 2026-04-03
Between 750 and 799
https://www.pemex.com

Petróleos Mexicanos es la mayor empresa de México, el mayor contribuyente fiscal del país, así como una de las empresas más grandes de América Latina. Es de las pocas empresas petroleras del mundo que desarrolla toda la cadena productiva de la industria, desde la exploración, hasta la distribución y comercialización de productos finales, incluyendo la petroquímica. Pemex contribuye el 35% del PEF, en otras palabras aporta 1 de cada 3 pesos para la construcción de escuelas, carreteras y hospitales. La tasa de éxito en exploración en aguas profundas es del 50% siendo superior al estándar internacional. En el 2014 las inversiones fueron por más de 25 mil millones de dólares. Pemex generó más de medio millón de empleos indirectos. Anualmente Pemex invierte cerca de 140 millones de dólares en donativos

NAICS: 211
NAICS Definition: Oil and Gas Extraction
Employees: 45,054
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/conocophillips.jpeg
ConocoPhillips
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/pemex.jpeg
PEMEX
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
ConocoPhillips
100%
Compliance Rate
0/4 Standards Verified
PEMEX
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Oil and Gas Industry Average (This Year)

No incidents recorded for ConocoPhillips in 2026.

Incidents vs Oil and Gas Industry Average (This Year)

No incidents recorded for PEMEX in 2026.

Incident History — ConocoPhillips (X = Date, Y = Severity)

ConocoPhillips cyber incidents detection timeline including parent company and subsidiaries

Incident History — PEMEX (X = Date, Y = Severity)

PEMEX cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/conocophillips.jpeg
ConocoPhillips
Incidents

No Incident

https://images.rankiteo.com/companyimages/pemex.jpeg
PEMEX
Incidents

Date Detected: 11/2019
Type:Ransomware
Attack Vector: DoppelPaymer Ransomware
Motivation: Financial Gain
Blog: Blog

FAQ

ConocoPhillips company demonstrates a stronger AI Cybersecurity Score compared to PEMEX company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

PEMEX company has historically faced a number of disclosed cyber incidents, whereas ConocoPhillips company has not reported any.

In the current year, PEMEX company and ConocoPhillips company have not reported any cyber incidents.

PEMEX company has confirmed experiencing a ransomware attack, while ConocoPhillips company has not reported such incidents publicly.

Neither PEMEX company nor ConocoPhillips company has reported experiencing a data breach publicly.

Neither PEMEX company nor ConocoPhillips company has reported experiencing targeted cyberattacks publicly.

Neither ConocoPhillips company nor PEMEX company has reported experiencing or disclosing vulnerabilities publicly.

Neither ConocoPhillips nor PEMEX holds any compliance certifications.

Neither company holds any compliance certifications.

Neither ConocoPhillips company nor PEMEX company has publicly disclosed detailed information about the number of their subsidiaries.

PEMEX company employs more people globally than ConocoPhillips company, reflecting its scale as a Oil and Gas.

Neither ConocoPhillips nor PEMEX holds SOC 2 Type 1 certification.

Neither ConocoPhillips nor PEMEX holds SOC 2 Type 2 certification.

Neither ConocoPhillips nor PEMEX holds ISO 27001 certification.

Neither ConocoPhillips nor PEMEX holds PCI DSS certification.

Neither ConocoPhillips nor PEMEX holds HIPAA certification.

Neither ConocoPhillips nor PEMEX holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers assume that the history index is always available and call blockchain.history_store.history_index().unwrap() directly. That assumption is false by construction. HistoryStoreProxy::history_index() explicitly returns None for the valid HistoryStoreProxy::WithoutIndex state. when a full node is syncing or otherwise running without the history index, a remote peer can send RequestTransactionsProof or RequestTransactionReceiptsByAddress and trigger an Option::unwrap() panic on the request path. This issue has been patched in version 1.3.0.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
References
Description

PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 8.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
References
Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. This issue has been patched in version 4.5.97.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References
Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References
Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python thread for hundreds of seconds and causing a complete service outage. This issue has been patched in version 4.5.90.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References