COOEY // HUBcompliance · community · intelligence

FAIL // hall of shame

The security failures of FedRAMP vendors, their competitors, and the hardware they ship — ranked by zero-days, remote code execution, active exploitation, sheer embarrassment, and False-Claims-Act recoveries. A dex.sgc.ai RAG curator writes each event's summary and scores how avoidable the failure was; every name links to its dossier.

722
on the board
1
zero-days
243
RCEs
102
exploited
554
assessed
$82M
FCA recovered
Overview☣ Most embarrassing◐ Most zero-days⚡ Most RCEs⌖ Most exploited⚖ Biggest FCA recoveries
All playersCompaniesVendorsProducts / HW ◧ FedRAMP only

☣ Most embarrassing

Ranked by how avoidable and reputation-shredding their worst failure was — the dex curator's grounded 0–100 verdict.

  1. 01
    PTC FedRAMP company
    ⚡ 1 ⌖ 1 shame 85
    85shame
  2. 02
    Ivanti FedRAMP company
    ⚡ 3 ⌖ 4 shame 85
    85shame
  3. 03
    Adobe FedRAMP company
    ◐ 1 ⚡ 4 ⌖ 4 shame 85
    85shame
  4. 04
    Palo Alto Networks, Inc. FedRAMP company
    ⚡ 1 ⌖ 2 shame 85
    85shame
  5. 05
    Oracle FedRAMP company
    ⚡ 1 ⌖ 2 ☣ 1 shame 85
    85shame
  6. 06
    Cisco Systems Inc. FedRAMP company
    ⚡ 5 ⌖ 9 ☣ 1 shame 85
    85shame
  7. 07
    Microsoft FedRAMP company
    ⚡ 11 ⌖ 17 ☣ 2 shame 85
    85shame
  8. 08
    Google FedRAMP company
    ⚡ 4 ⌖ 4 shame 85
    85shame
  9. 09
    Splunk FedRAMP company
    ⌖ 1 shame 65
    65shame
  10. 10
    BMC Software FedRAMP company
    ⚡ 1 shame 50
    50shame
  11. 11
    Trend Micro Inc. FedRAMP company
    ⌖ 1 shame 45
    45shame
  12. 12
    Citrix FedRAMP company
    ⌖ 1 shame 45
    45shame
  13. 13
    IBM FedRAMP company
    ⚡ 3 shame 45
    45shame
  14. 14
    BeyondTrust FedRAMP company
    shame 35
    35shame
  15. 15
    ESRI FedRAMP company
    ⚡ 1 shame 35
    35shame
◄ prev page 1 / 1 next ► · 15 total