Subway
Company Details
Linkedin ID:
subway
Website:
Employees number:
115,155
Number of followers:
405,846
NAICS:
7225
Industry Type:
Homepage:
subway.com
IP Addresses:
0
Company ID:
SUB_2957550
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
Subway Vendor Cyber Rating & Cyber Score
subway.comSubway is one of the world's largest quick service restaurant brands, serving freshly made-to-order sandwiches, wraps, salads and bowls to millions of guests, across over 100 countries in more than 37,000 restaurants every day. Subway restaurants are owned and operated by Subway franchisees – a network that includes more than 20,000 dedicated entrepreneurs and small business owners – who are committed to delivering the best guest experience possible in their local communities. Ready to join the Subway team? There are plenty of incredible opportunities to be part of Subway, from our corporate headquarters and worldwide regional offices to our remote development teams. Our thousands of franchised restaurants across the globe offer opportunities for talented, motivated people to join their teams. Browse opportunities at our dual-headquarters offices in Shelton, CT, and Miami, FL, offices as well as regional offices at https://www.subway.com/en-US/Careers. For opportunities at Subway Restaurants around the world, please visit www.mysubwaycareer.com.
Subway A.I CyberSecurity Scoring
Subway Risk Score (AI oriented)Between 750 and 799
Subway
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Subway Global Score (TPRM)XXXX
Subway
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Subway Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Subway and Prospect Medical Holdings: FBI issues warning to Gmail, Outlook email users. Here's how to spot Medusa ransomware
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: Medusa Ransomware Attacks Escalate, Targeting Hundreds of Organizations Nationwide Federal authorities, including the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), have issued a warning about the growing threat of Medusa ransomware, a sophisticated cyberattack campaign that has compromised over 400 victims across sectors including healthcare, education, legal, insurance, technology, and manufacturing. The attacks, active since 2021, follow a double-extortion model: threat actors encrypt victims’ systems, exfiltrate sensitive data, and publicly leak samples to pressure targets into paying ransoms. Victims receive a 48-hour ultimatum via a ransom note, often followed by direct contact from attackers via phone or email. Demands range from $100,000 to $15 million, with an additional $10,000 cryptocurrency fee to extend the countdown timer. In some cases, attackers have employed triple extortion, demanding a second payment after claiming the initial ransom was stolen by a rogue negotiator. The Medusa operation has evolved into an affiliate-based model, where independent cybercriminals deploy the ransomware while core developers retain control over negotiations. Attackers gain initial access by purchasing stolen credentials from dark web marketplaces or through phishing schemes, then exploit vulnerabilities in unpatched systems. Once inside, they encrypt data and post ransom demands on a dedicated leak site, providing direct links to cryptocurrency wallets. Connecticut has seen a sharp rise in ransomware incidents, with 861 reported in 2024 up from 644 in 2023 and 562 in 2022. Since August 2021, the state has logged 2,278 attacks, including high-profile breaches at Prospect Medical Holdings (2023) and Subway (2024). While federal investigators have not named specific suspects, a group called Spearwing has claimed responsibility for some attacks, while Inc Ransom was linked to the Subway breach. Authorities emphasize that no sector is immune, though larger organizations including municipalities, corporations, and critical infrastructure remain primary targets. The FBI and CISA recommend offline backups, multifactor authentication, and regular software updates as key defenses, though they note that even prepared entities can fall victim to evolving tactics. The Medusa campaign underscores the expanding reach of ransomware-as-a-service (RaaS), where sophisticated tools are leased to less-skilled criminals, amplifying the scale and frequency of attacks. With no signs of slowing, the threat continues to disrupt operations, extract millions in ransoms, and expose sensitive data across industries.
Subway Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Subway
Incidents vs Restaurants Industry Average (This Year)
No incidents recorded for Subway in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Subway in 2026.
Incident Types Subway vs Restaurants Industry Avg (This Year)
No incidents recorded for Subway in 2026.
Incident History — Subway (X = Date, Y = Severity)
Subway cyber incidents detection timeline including parent company and subsidiaries
Subway Company Subsidiaries
Subway is one of the world's largest quick service restaurant brands, serving freshly made-to-order sandwiches, wraps, salads and bowls to millions of guests, across over 100 countries in more than 37,000 restaurants every day. Subway restaurants are owned and operated by Subway franchisees – a network that includes more than 20,000 dedicated entrepreneurs and small business owners – who are committed to delivering the best guest experience possible in their local communities. Ready to join the Subway team? There are plenty of incredible opportunities to be part of Subway, from our corporate headquarters and worldwide regional offices to our remote development teams. Our thousands of franchised restaurants across the globe offer opportunities for talented, motivated people to join their teams. Browse opportunities at our dual-headquarters offices in Shelton, CT, and Miami, FL, offices as well as regional offices at https://www.subway.com/en-US/Careers. For opportunities at Subway Restaurants around the world, please visit www.mysubwaycareer.com.
Loading...
Subway Similar Companies
ZAMP
Somos um grande ecossistema de restaurantes que reúne marcas internacionais como Burger King®, Popeyes®, Starbucks® e Subway®. E, por trás de cada receita de sucesso, estão os Zampers: gente que faz acontecer, que joga junto e que deixa sua marca todos os dias. Aqui, a gente acredita que o verdad
With strong, Midwestern family values and genuine hometown hospitality, Culver’s® has proudly served its signature ButterBurgers® and Fresh Frozen Custard since we opened our first restaurant in 1984. There are now over 1,000 Culver’s restaurants in 26 states, with more than 50,000 team members offe
Sure, we’re The Wing Experts, but it’s our flavor that defines us. You taste it in our 12 signature sauces, you see it through our bold TV commercials, and you feel it when you walk through our doors. It’s what we like to call a flavor experience, and since the opening of our first restaurant in 199
Pizza Hut, a subsidiary of Yum! Brands, Inc. (NYSE: YUM), was founded in 1958 in Wichita, Kansas, and is a global leader in the pizza category with nearly 20,000 restaurants in more than 110 markets and territories. The brand has earned a reputation as a trailblazer in innovation with the creation o
Olive Garden
Founded in 1982, Olive Garden is owned by Darden Restaurants, Inc. (NYSE:DRI), the world's largest company-owned and operated full-service restaurant company. With more than 800 restaurants, more than 92,000 employees and more than $3.5 billion in annual sales, Olive Garden is the leading restaurant
Whataburger
On Aug. 8, 1950, an adventurous and determined entrepreneur named Harmon Dobson opened up the world’s first Whataburger on Ayers Street in Corpus Christi, Texas. He had a simple goal: to serve a burger so big it took two hands to hold and so good that after one bite customers would say, “What a burg
Domino's
Domino’s is a purpose-inspired, performance-driven company powered by exceptional people who are committed to feeding the power of possible—one pizza at a time. Founded in 1960 with a single store in Ypsilanti, Michigan, Domino’s has grown into one of the most recognized and leading pizza brands in
GRSA
GRSA - Soluções em Alimentação e em Serviços de Suporte Oferecer soluções de alimentação saudáveis e equilibradas, com os mais altos padrões de qualidade e de Acordo com as necessidades de cada cliente. Estamos presentes em empresas, escolas, hospitais, terminais de passageiros e em locais re
LongHorn Steakhouse
With over 500+ restaurants across the United States, LongHorn Steakhouse has a passion for steak done the right way. Our legendary food sets us apart, but it’s our people who bring LongHorn to life. We strive to create a place where team members feel valued, listened to and appreciated. We offer of
.png)
Subway CyberSecurity News
April 01, 2026 10:09 PM
Transportation chief anticipates ramp-up of subway car production at CRRC, says workers at Springfield plant should be proud
SPRINGFIELD — With work on MBTA subway cars ready to ramp up at CRRC following a customs dispute. Phil Eng said he's working to keep the...
March 03, 2026 04:58 PM
Eyes of Iran: How the Islamic Republic secretly monitors citizens in real time
As they bomb Iran, Donald Trump and Benjamin Netanyahu are calling on its people to rise up against the dictatorial regime, which is shaken but still...
February 13, 2026 08:00 AM
Cybersecurity News: Hackers abuse Gemini, Apple patches ancient bug, CISA criticizes shutdown
A report released yesterday from the Google Threat Intelligence Group confirms that threat actors from China, Iran, North Korea and Russia...
February 10, 2026 07:46 PM
Nicole Perlroth Talks Journalism, Cybersecurity, and Mission-Driven Work
This is the 122nd article in Bears Doing Big Things, a weekly column celebrating the stories of notable M-A alumni. “I spent over a decade investigating and...
January 09, 2026 08:00 AM
Civil rights group ‘condemns’ NYC transit authority’s pursuit of AI video analytics systems
The Surveillance Technology Oversight Project claims an MTA inquiry into AI video analytics will lead to an expansion of surveillance across...
December 05, 2025 08:00 AM
Woman Hailed as Hero for Smashing Man’s Meta Smart Glasses on Subway
A New York subway rider has accused a woman of breaking his Meta smart glasses. She was later hailed as a hero.
October 17, 2025 07:00 AM
Judge orders $34M in counterterrorism funds for NYC subway be restored
In the ruling, the judge called the withholding of counterterrorism funds “arbitrary, capricious and a blatant violation of the law."
October 09, 2025 07:00 AM
Federal funding at risk helped deter 8 subway terrorist attacks since 9/11, NYPD chief says
Funds from a subway counterterrorism grant that the federal government seeks to withhold from the Metropolitan Transportation Authority this...
October 01, 2025 07:00 AM
Trump Cuts to Counterterrorism Funds for New York Reach $187 Million
Gov. Kathy Hochul of New York asked that the funding be restored, accusing the Trump administration of “walking away from the fight against...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Subway CyberSecurity History Information
Official Website of Subway
The official website of Subway is http://www.subway.com.
Subway’s AI-Generated Cybersecurity Score
According to Rankiteo, Subway’s AI-generated cybersecurity score is 769, reflecting their Fair security posture.
How many security badges does Subway’ have ?
According to Rankiteo, Subway currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Subway been affected by any supply chain cyber incidents ?
According to Rankiteo, Subway has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Subway have SOC 2 Type 1 certification ?
According to Rankiteo, Subway is not certified under SOC 2 Type 1.
Does Subway have SOC 2 Type 2 certification ?
According to Rankiteo, Subway does not hold a SOC 2 Type 2 certification.
Does Subway comply with GDPR ?
According to Rankiteo, Subway is not listed as GDPR compliant.
Does Subway have PCI DSS certification ?
According to Rankiteo, Subway does not currently maintain PCI DSS compliance.
Does Subway comply with HIPAA ?
According to Rankiteo, Subway is not compliant with HIPAA regulations.
Does Subway have ISO 27001 certification ?
According to Rankiteo,Subway is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Subway
Subway operates primarily in the Restaurants industry.
Number of Employees at Subway
Subway employs approximately 115,155 people worldwide.
Subsidiaries Owned by Subway
Subway presently has no subsidiaries across any sectors.
Subway’s LinkedIn Followers
Subway’s official LinkedIn profile has approximately 405,846 followers.
NAICS Classification of Subway
Subway is classified under the NAICS code 7225, which corresponds to Restaurants and Other Eating Places.
Subway’s Presence on Crunchbase
Yes, Subway has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/subway.
Subway’s Presence on LinkedIn
Yes, Subway maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/subway.
Cybersecurity Incidents Involving Subway
As of April 02, 2026, Rankiteo reports that Subway has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Subway has an estimated 4,932 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Subway ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
What was the total financial impact of these incidents on Subway ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $100 billion.
How does Subway detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an law enforcement notified with fbi, cisa, ms-isac..
Incident Details
Can you provide details on each incident ?
Title: Medusa Ransomware Attacks Escalate, Targeting Hundreds of Organizations Nationwide
Description: Federal authorities have issued a warning about the growing threat of Medusa ransomware, a sophisticated cyberattack campaign that has compromised over 400 victims across sectors including healthcare, education, legal, insurance, technology, and manufacturing. The attacks follow a double-extortion model, encrypting systems, exfiltrating data, and publicly leaking samples to pressure victims into paying ransoms.
Date Detected: 2021
Type: Ransomware
Attack Vector: Stolen credentials (dark web marketplaces)Phishing schemesExploitation of unpatched vulnerabilities
Vulnerability Exploited: Unpatched systems
Threat Actor: Medusa ransomware groupSpearwingInc Ransom
Motivation: Financial gainData extortion
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Stolen credentials (dark web marketplaces)Phishing schemes.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware SUBPRO1768802374
Financial Loss: Ransom demands ranging from $100,000 to $15 million
Data Compromised: Sensitive data exfiltrated and publicly leaked
Systems Affected: Encrypted systems across multiple sectors
Operational Impact: Disrupted operations across affected organizations
Identity Theft Risk: High (due to data exfiltration)
Payment Information Risk: High (if payment data was compromised)
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $100.00 billion.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Sensitive data.
Which entities were affected by each incident ?
Incident : Ransomware SUBPRO1768802374
Entity Name: Prospect Medical Holdings
Entity Type: Healthcare
Industry: Healthcare
Location: Connecticut, USA
Incident : Ransomware SUBPRO1768802374
Entity Name: Subway
Entity Type: Corporation
Industry: Food Services
Location: Connecticut, USA
Incident : Ransomware SUBPRO1768802374
Entity Type: Municipalities, Corporations, Critical Infrastructure
Industry: Healthcare, Education, Legal, Insurance, Technology, Manufacturing
Location: Nationwide (USA)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware SUBPRO1768802374
Law Enforcement Notified: FBI, CISA, MS-ISAC
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware SUBPRO1768802374
Type of Data Compromised: Sensitive data
Sensitivity of Data: High (personally identifiable information, corporate data)
Data Encryption: True
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware SUBPRO1768802374
Ransom Demanded: $100,000 to $15 million
Ransomware Strain: Medusa
Data Encryption: True
Data Exfiltration: True
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Ransomware SUBPRO1768802374
Lessons Learned: The Medusa campaign underscores the expanding reach of ransomware-as-a-service (RaaS), where sophisticated tools are leased to less-skilled criminals, amplifying the scale and frequency of attacks.
What recommendations were made to prevent future incidents ?
Incident : Ransomware SUBPRO1768802374
Recommendations: Offline backups, Multifactor authentication, Regular software updatesOffline backups, Multifactor authentication, Regular software updatesOffline backups, Multifactor authentication, Regular software updates
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are The Medusa campaign underscores the expanding reach of ransomware-as-a-service (RaaS), where sophisticated tools are leased to less-skilled criminals, amplifying the scale and frequency of attacks.
References
Where can I find more information about each incident ?
Incident : Ransomware SUBPRO1768802374
Source: FBI, CISA, MS-ISAC
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: FBI, CISA, MS-ISAC.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Ransomware SUBPRO1768802374
Investigation Status: Ongoing
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Ransomware SUBPRO1768802374
Stakeholder Advisories: Federal authorities recommend offline backups, multifactor authentication, and regular software updates as key defenses.
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Federal authorities recommend offline backups, multifactor authentication and and regular software updates as key defenses..
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Ransomware SUBPRO1768802374
Entry Point: Stolen Credentials (Dark Web Marketplaces), Phishing Schemes,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Ransomware SUBPRO1768802374
Root Causes: Exploitation Of Unpatched Vulnerabilities, Use Of Stolen Credentials, Phishing Attacks,
Corrective Actions: Offline Backups, Multifactor Authentication, Regular Software Updates,
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Offline Backups, Multifactor Authentication, Regular Software Updates, .
Additional Questions
General Information
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was $100,000 to $15 million.
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Medusa ransomware groupSpearwingInc Ransom.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2021.
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was Ransom demands ranging from $100,000 to $15 million.
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Sensitive data exfiltrated and publicly leaked.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Sensitive data exfiltrated and publicly leaked.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was $100,000 to $15 million.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was The Medusa campaign underscores the expanding reach of ransomware-as-a-service (RaaS), where sophisticated tools are leased to less-skilled criminals, amplifying the scale and frequency of attacks.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Regular software updates, Multifactor authentication and Offline backups.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are FBI, CISA and MS-ISAC.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Federal authorities recommend offline backups, multifactor authentication, and regular software updates as key defenses., .
Initial Access Broker
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=subway' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
