Microsoft and Google are the two technology vendors whose products are most frequently targeted by threat actors, according to new insurer data. Apple and Linux ranked third and fourth respectively in Coalition’s list of most vulnerable vendors. Released today, the insurer’s Risky Tech Ranking was compiled to support better decision-making around the technologies businesses adopt.

Updated quarterly, the ranking scores vendors by multiplying the number of vulnerabilities impacting a vendor’s products by the average Coalition Exploit Scoring System (Coalition ESS) score.

The 10 most risky vendors for Q1 2025, are:

1. Microsoft (98.3)
2. Google (32.2)
3. Apple (30.9)
4. Linux (30.3)
5. Adobe (25.5)
6. Cisco (24.7)
7. Oracle (23.6)
8. Apache (21.5)
9. D-Link (20.6)
10. Ivanti (20.2)

“The severity of today’s cyber landscape warrants greater visibility across technology providers selling to businesses globally,” said Tiago Henriques, chief underwriting officer at Coalition. “The Risky Tech Ranking is meant to serve as an educational tool for businesses and an impetus for technology providers to make popular technologies more secure. We hope this not only provides businesses worldwide with greater peace of mind when making enterprise purchasing decisions, but also contributes to a safer digital environment for everyone.”

Coalition also released this week the second iteration of its patented vulnerability scoring system, Coalition ESS, to help risk managers mitigate potential cyber threats. Coalition ESS is a security risk prioritisation scoring system that uses real-time monitoring and dynamic scoring to help businesses prioritise patching.

---