Comparison Overview

NASA - National Aeronautics and Space Administration

VS

CAE

NASA - National Aeronautics and Space Administration

300 E Street SW, Washington, 20546, US
Last Update: 2026-04-03
View Profile
Between 800 and 849
http://www.nasa.gov

For more than 60 years, NASA has been breaking barriers to achieve the seemingly impossible—from walking on the Moon to pushing the boundaries of human spaceflight farther than ever before. We work in space and around the world in laboratories and wind tunnels, on airfields and in control rooms to explore some of life’s fundamental mysteries: What’s out there in space? How do we get there? And what can we learn that will make life better here on Earth? We are passionate professionals united by a common purpose: to pioneer the future in space exploration, scientific discovery and aeronautics research. Today, we continue NASA’s legacy of excellence and innovation through an unprecedented array of missions. We are developing the most advanced rockets and spacecraft ever designed, studying the Earth for answers to critical challenges facing our planet, improving the air transportation experience, and so much more. Join us as we reach for new heights and reveal the unknown for the benefit of humanity.

NAICS: 3364
NAICS Definition: Aerospace Product and Parts Manufacturing
Employees: 50,451
Subsidiaries: 7
12-month incidents
0
Known data breaches
1
Attack type number
3
View Profile

CAE

8585, Chemin de la Côte-de-liesse, Montréal, H4T 1G6, CA
Last Update: 2026-04-02
Between 750 and 799
http://www.cae.com

At CAE, we exist to make the world safer. We deliver cutting-edge training, simulation, and critical operations solutions to prepare aviation professionals and defence forces for the moments that matter. Every day, we empower pilots, cabin crew, maintenance technicians, airlines, business aviation operators, and defence and security personnel to perform at their best and when the stakes are the highest. Around the globe, we’re everywhere customers need us to be with approximately 13,000 employees at around 240 sites and training locations in over 40 countries. For nearly 80 years, CAE has been at the forefront of innovation, consistently seeking to set the standard by delivering excellence in high-fidelity flight simulators and training solutions, while embedding sustainability at the heart of everything we do. By harnessing technology and enhancing human performance, we strive to be the trusted partner in advancing safety and mission readiness - today and tomorrow.

NAICS: 3364
NAICS Definition: Aerospace Product and Parts Manufacturing
Employees: 12,140
Subsidiaries: 3
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/nasa.jpeg
NASA - National Aeronautics and Space Administration
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/cae.jpeg
CAE
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
NASA - National Aeronautics and Space Administration
100%
Compliance Rate
0/4 Standards Verified
CAE
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Aviation and Aerospace Component Manufacturing Industry Average (This Year)

No incidents recorded for NASA - National Aeronautics and Space Administration in 2026.

Incidents vs Aviation and Aerospace Component Manufacturing Industry Average (This Year)

No incidents recorded for CAE in 2026.

Incident History — NASA - National Aeronautics and Space Administration (X = Date, Y = Severity)

NASA - National Aeronautics and Space Administration cyber incidents detection timeline including parent company and subsidiaries

Incident History — CAE (X = Date, Y = Severity)

CAE cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/nasa.jpeg
NASA - National Aeronautics and Space Administration
Incidents

Date Detected: 6/2025
Type:Breach
Blog: Blog

Date Detected: 5/2025
Type:Vulnerability
Attack Vector: Exploitation of vulnerabilities in software
Motivation: To compromise computer systems at NASA and other institutions using the vulnerable software
Blog: Blog

Date Detected: 6/1999
Type:Cyber Attack
Attack Vector: Unauthorized Access
Blog: Blog
https://images.rankiteo.com/companyimages/cae.jpeg
CAE
Incidents

No Incident

FAQ

NASA - National Aeronautics and Space Administration company demonstrates a stronger AI Cybersecurity Score compared to CAE company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

NASA - National Aeronautics and Space Administration company has historically faced a number of disclosed cyber incidents, whereas CAE company has not reported any.

In the current year, CAE company and NASA - National Aeronautics and Space Administration company have not reported any cyber incidents.

Neither CAE company nor NASA - National Aeronautics and Space Administration company has reported experiencing a ransomware attack publicly.

NASA - National Aeronautics and Space Administration company has disclosed at least one data breach, while the other CAE company has not reported such incidents publicly.

NASA - National Aeronautics and Space Administration company has reported targeted cyberattacks, while CAE company has not reported such incidents publicly.

NASA - National Aeronautics and Space Administration company has disclosed at least one vulnerability, while CAE company has not reported such incidents publicly.

Neither NASA - National Aeronautics and Space Administration nor CAE holds any compliance certifications.

Neither company holds any compliance certifications.

NASA - National Aeronautics and Space Administration company has more subsidiaries worldwide compared to CAE company.

NASA - National Aeronautics and Space Administration company employs more people globally than CAE company, reflecting its scale as a Aviation and Aerospace Component Manufacturing.

Neither NASA - National Aeronautics and Space Administration nor CAE holds SOC 2 Type 1 certification.

Neither NASA - National Aeronautics and Space Administration nor CAE holds SOC 2 Type 2 certification.

Neither NASA - National Aeronautics and Space Administration nor CAE holds ISO 27001 certification.

Neither NASA - National Aeronautics and Space Administration nor CAE holds PCI DSS certification.

Neither NASA - National Aeronautics and Space Administration nor CAE holds HIPAA certification.

Neither NASA - National Aeronautics and Space Administration nor CAE holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers assume that the history index is always available and call blockchain.history_store.history_index().unwrap() directly. That assumption is false by construction. HistoryStoreProxy::history_index() explicitly returns None for the valid HistoryStoreProxy::WithoutIndex state. when a full node is syncing or otherwise running without the history index, a remote peer can send RequestTransactionsProof or RequestTransactionReceiptsByAddress and trigger an Option::unwrap() panic on the request path. This issue has been patched in version 1.3.0.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
References
Description

PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 8.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
References
Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. This issue has been patched in version 4.5.97.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References
Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References
Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python thread for hundreds of seconds and causing a complete service outage. This issue has been patched in version 4.5.90.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References