Sonae
Company Details
Linkedin ID:
sonae
Website:
Employees number:
24,146
Number of followers:
351,848
NAICS:
5239
Industry Type:
Homepage:
sonae.pt
IP Addresses:
18
Company ID:
SON_1388469
Scan Status:
Completed
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
Sonae Vendor Cyber Rating & Cyber Score
sonae.ptSonae exists to create a lasting positive impact on businesses, people, communities and on the planet. Managing a diverse portfolio of businesses in retail, financial services, technology, investments, real estate and telecommunications, Sonae makes the most of its expertise and pushes itself to create the future we all want and need. Creating today a better tomorrow, for all.
Sonae A.I CyberSecurity Scoring
Sonae Risk Score (AI oriented)Between 750 and 799
Sonae
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Sonae Global Score (TPRM)XXXX
Sonae
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Sonae Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
Sonae Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Sonae
Incidents vs Investment Management Industry Average (This Year)
No incidents recorded for Sonae in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Sonae in 2026.
Incident Types Sonae vs Investment Management Industry Avg (This Year)
No incidents recorded for Sonae in 2026.
Incident History — Sonae (X = Date, Y = Severity)
Sonae cyber incidents detection timeline including parent company and subsidiaries
Sonae Company Subsidiaries
Sonae exists to create a lasting positive impact on businesses, people, communities and on the planet. Managing a diverse portfolio of businesses in retail, financial services, technology, investments, real estate and telecommunications, Sonae makes the most of its expertise and pushes itself to create the future we all want and need. Creating today a better tomorrow, for all.
Loading...
Sonae Similar Companies
Ackermans & van Haaren
Ackermans & van Haaren is a diversified group active in 4 core sectors: Marine Engineering & Contracting (DEME, one of the largest dredging companies in the world - CFE, a construction group with headquarters in Belgium), Private Banking (Delen Private Bank, one of the largest independent private as
Essar
Essar, with an entrepreneurial track record spanning 50+ years, specialises in investing and developing assets to create value in core sectors such as Energy, Infrastructure, Metals & Mining, and Technology & Retail. With a presence in eight countries, Essar generates revenues of US$15 billion and p
Sabanci Holding
Sabancı Holding is one of Turkey’s leading conglomerate, engaged in a wide variety of business activities through its subsidiaries and affiliates, mainly in the banking, financial services, energy, industrials, building materials and retail sectors. Our Group companies most of which are leaders in t
Odebrecht
Founded in 1944, Odebrecht is a Brazilian group with diverse businesses and world-class standards of quality. Its Members, guided by the Group’s own philosophy, the Odebrecht Entrepreneurial Technology (TEO), provide services and manufacture products for clients on five continents. As part of their
.png)
Sonae CyberSecurity News
September 24, 2025 07:00 AM
Duel Raises $16 Million in Series A
Duel, a New York-based brand advocacy platform for consumer retail brands, has raised $16 million in Series A funding, bringing its total...
September 03, 2025 07:00 AM
Tidal Cyber raises $10m to scale cybersecurity platform
Tidal Cyber, a Virginia-based cybersecurity company focused on Threat-Led Defence, has raised $10m in a Series A round led by Bright Pixel...
March 05, 2025 08:00 AM
Knostic Nabs $11 Million to Eliminate Enterprise AI Data Leaks
PRNewswire/ -- Knostic, the world's first provider of need-to-know access controls for Generative AI, today celebrates an $11 million...
September 25, 2024 07:00 AM
Tamnoon raises $12M Series A for cloud security remediation platform
The Israeli startup has developed a hybrid human-AI managed service that reduces cloud exposures and enhances cloud security by optimizing...
September 25, 2024 07:00 AM
Tamnoon Raises $12M Series A Fueling First Hybrid Human-AI Managed Cloud Security Remediation Service
Tamnoon, a leader in Managed Cloud Security Remediation, today announced it has raised $12 million in Series A funding.
January 17, 2024 08:00 AM
Vicarius Raises $30M Series B to Fuel AI Innovations in Vulnerability Remediation
Insider Brief Vicarius, creators of vRx, the first fully autonomous end-to-end vulnerability remediation platform, has raised $30 million in...
July 25, 2023 07:00 AM
Thales to buy app and data security firm Imperva in $3.6 billion deal
French defense and aerospace corporation Thales said Tuesday it is acquiring US-based cybersecurity company Imperva from private equity firm Thoma Bravo for $3...
May 24, 2023 07:00 AM
Cybersecurity firm Sekoia.io secures €35m in fresh funding
Sekoia.io, a Cybertech firm based in Paris, France, has successfully amassed €35m in a recent round of funding.
October 11, 2022 07:00 AM
Thales closes acquisition of important cybersecurity players Excellium and S21sec
With the acquisition of Excellium and S21Sec, Thales will accelerate its cybersecurity development roadmap and expands its footprint in...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Sonae CyberSecurity History Information
Official Website of Sonae
The official website of Sonae is http://www.sonae.pt.
Sonae’s AI-Generated Cybersecurity Score
According to Rankiteo, Sonae’s AI-generated cybersecurity score is 762, reflecting their Fair security posture.
How many security badges does Sonae’ have ?
According to Rankiteo, Sonae currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Sonae been affected by any supply chain cyber incidents ?
According to Rankiteo, Sonae has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Sonae have SOC 2 Type 1 certification ?
According to Rankiteo, Sonae is not certified under SOC 2 Type 1.
Does Sonae have SOC 2 Type 2 certification ?
According to Rankiteo, Sonae does not hold a SOC 2 Type 2 certification.
Does Sonae comply with GDPR ?
According to Rankiteo, Sonae is not listed as GDPR compliant.
Does Sonae have PCI DSS certification ?
According to Rankiteo, Sonae does not currently maintain PCI DSS compliance.
Does Sonae comply with HIPAA ?
According to Rankiteo, Sonae is not compliant with HIPAA regulations.
Does Sonae have ISO 27001 certification ?
According to Rankiteo,Sonae is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Sonae
Sonae operates primarily in the Investment Management industry.
Number of Employees at Sonae
Sonae employs approximately 24,146 people worldwide.
Subsidiaries Owned by Sonae
Sonae presently has no subsidiaries across any sectors.
Sonae’s LinkedIn Followers
Sonae’s official LinkedIn profile has approximately 351,848 followers.
NAICS Classification of Sonae
Sonae is classified under the NAICS code 5239, which corresponds to Other Financial Investment Activities.
Sonae’s Presence on Crunchbase
No, Sonae does not have a profile on Crunchbase.
Sonae’s Presence on LinkedIn
Yes, Sonae maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/sonae.
Cybersecurity Incidents Involving Sonae
As of April 04, 2026, Rankiteo reports that Sonae has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
Sonae has an estimated 5,281 peer or competitor companies worldwide.
Sonae CyberSecurity History Information
How many cyber incidents has Sonae faced ?
Total Incidents: According to Rankiteo, Sonae has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at Sonae ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers assume that the history index is always available and call blockchain.history_store.history_index().unwrap() directly. That assumption is false by construction. HistoryStoreProxy::history_index() explicitly returns None for the valid HistoryStoreProxy::WithoutIndex state. when a full node is syncing or otherwise running without the history index, a remote peer can send RequestTransactionsProof or RequestTransactionReceiptsByAddress and trigger an Option::unwrap() panic on the request path. This issue has been patched in version 1.3.0.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Description
PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95.
Risk Information
cvss3
Base: 8.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. This issue has been patched in version 4.5.97.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python thread for hundreds of seconds and causing a complete service outage. This issue has been patched in version 4.5.90.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=sonae' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
