Comparison Overview

Oracle

VS

Zoom

Oracle

2300 Oracle Way, Austin, Texas, US, 78741
Last Update: 2025-12-11
View Profile
Between 0 and 549
http://www.oracle.com

We’re a cloud technology company that provides organizations around the world with computing infrastructure and software to help them innovate, unlock efficiencies and become more effective. We also created the world’s first – and only – autonomous database to help organize and secure our customers’ data. Oracle Cloud Infrastructure offers higher performance, security, and cost savings. It is designed so businesses can move workloads easily from on-premises systems to the cloud, and between cloud and on-premises and other clouds. Oracle Cloud applications provide business leaders with modern applications that help them innovate, attain sustainable growth, and become more resilient. The work we do is not only transforming the world of business--it's helping defend governments, and advance scientific and medical research. From nonprofits to companies of all sizes, millions of people use our tools to streamline supply chains, make HR more human, quickly pivot to a new financial plan, and connect data and people around the world. At work, we embrace diversity, encourage personal and professional growth, and celebrate a global team of passionate people developing innovative technologies that help people and companies tackle real-world problems head-on. If you’d like to join us, please visit our Careers page: https://www.oracle.com/corporate/careers/ For investor news, SEC filings, and financial information about Oracle (NYSE:ORCL), please visit https://investor.oracle.com/home/. Follow us on X: x.com/oracle Like our page on Facebook: facebook.com/Oracle/ Follow us on Instagram: instagram.com/oracle/

NAICS: 5415
NAICS Definition: Computer Systems Design and Related Services
Employees: 197,946
Subsidiaries: 33
12-month incidents
9
Known data breaches
9
Attack type number
4
View Profile

Zoom

Last Update: 2025-12-11
Between 750 and 799
https://www.zoom.us

Bring teams together, reimagine workspaces, engage new audiences, and delight your customers –– all on the Zoom platform you know and love. 💙 Zoomies help people stay connected so they can get more done together. We set out on a mission to make video communications frictionless and secure by building the world’s best video product for the enterprise, but we didn’t stop there. With products like AI Companion, Team Chat, Contact Center, Phone, Events, Rooms, Webinar, and more, we bring innovation to a wide variety of customers, from the conference room to the classroom, from doctor’s offices to financial institutions to government agencies, from global brands to small businesses. We do what we do because of our core value of Care: care for our community, our customers, our company, our teammates, and ourselves. Our global employees help our customers meet happier, communicate better, and create meaningful connections the world over. Zoomies are problem-solvers and self-starters, working hard to get results and moving quickly to design solutions with our customers and users in mind. Here, you’ll work across teams to dig deep into impactful projects that are changing the way people communicate, and find room to grow with opportunities to stretch your skills and advance your career in a diverse, inclusive environment. Learn more about careers at Zoom by visiting our careers site: https://careers.zoom.us/home

NAICS: 5415
NAICS Definition: Computer Systems Design and Related Services
Employees: 10,882
Subsidiaries: 1
12-month incidents
1
Known data breaches
0
Attack type number
2

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/oracle.jpeg
Oracle
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/zoom-video-communications.jpeg
Zoom
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Oracle
100%
Compliance Rate
0/4 Standards Verified
Zoom
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs IT Services and IT Consulting Industry Average (This Year)

Oracle has 1150.0% more incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs IT Services and IT Consulting Industry Average (This Year)

Zoom has 38.89% more incidents than the average of same-industry companies with at least one recorded incident.

Incident History — Oracle (X = Date, Y = Severity)

Oracle cyber incidents detection timeline including parent company and subsidiaries

Incident History — Zoom (X = Date, Y = Severity)

Zoom cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/oracle.jpeg
Oracle
Incidents

Date Detected: 11/2025
Type:Breach
Attack Vector: Phishing, Software Vulnerability Exploitation
Motivation: Financial Gain, Espionage
Blog: Blog

Date Detected: 10/2025
Type:Ransomware
Attack Vector: Exploitation of Critical Vulnerability in Oracle’s E-Business Suite
Motivation: Financial Gain, Disruption of Healthcare Services, Data Theft
Blog: Blog

Date Detected: 9/2025
Type:Cyber Attack
Attack Vector: malicious advertisements (malvertising), typosquatted domains, fake login pages, social engineering
Motivation: financial gain, data theft, fraud (e.g., unauthorized bookings), sale of credentials on dark web
Blog: Blog
https://images.rankiteo.com/companyimages/zoom-video-communications.jpeg
Zoom
Incidents

Date Detected: 4/2025
Type:Vulnerability
Attack Vector: Cross-Site Scripting (XSS)
Motivation: Inject malicious scripts, Cause denial of service
Blog: Blog

Date Detected: 04/2020
Type:Data Leak
Attack Vector: Credential Stuffing
Motivation: Financial gain by selling accounts on the dark web
Blog: Blog

FAQ

Zoom company demonstrates a stronger AI Cybersecurity Score compared to Oracle company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Oracle company has faced a higher number of disclosed cyber incidents historically compared to Zoom company.

In the current year, Oracle company has reported more cyber incidents than Zoom company.

Oracle company has confirmed experiencing a ransomware attack, while Zoom company has not reported such incidents publicly.

Oracle company has disclosed at least one data breach, while the other Zoom company has not reported such incidents publicly.

Oracle company has reported targeted cyberattacks, while Zoom company has not reported such incidents publicly.

Both Oracle company and Zoom company have disclosed vulnerabilities.

Neither Oracle nor Zoom holds any compliance certifications.

Neither company holds any compliance certifications.

Oracle company has more subsidiaries worldwide compared to Zoom company.

Oracle company employs more people globally than Zoom company, reflecting its scale as a IT Services and IT Consulting.

Neither Oracle nor Zoom holds SOC 2 Type 1 certification.

Neither Oracle nor Zoom holds SOC 2 Type 2 certification.

Neither Oracle nor Zoom holds ISO 27001 certification.

Neither Oracle nor Zoom holds PCI DSS certification.

Neither Oracle nor Zoom holds HIPAA certification.

Neither Oracle nor Zoom holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.

Published
Date
2025-12-10
Updated
Date
2025-12-10
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.

Published
Date
2025-12-10
Updated
Date
2025-12-10
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
References
Description

Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.

Published
Date
2025-12-10
Updated
Date
2025-12-10
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
References
Description

Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.

Published
Date
2025-12-10
Updated
Date
2025-12-10
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
References
Description

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.

Published
Date
2025-12-10
Updated
Date
2025-12-10
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
References