Comparison Overview

Dropbox

VS

Trust Benefit Technologies

Dropbox

Last Update: 2024-08-12 (UTC)
View Profile
Between 700 and 749
http://www.dropbox.com

Dropbox is the one place to keep life organized and keep work moving. With more than 700 million registered users across 180 countries, we're on a mission to design a more enlightened way of working. Dropbox is headquartered in San Francisco, CA, and has offices around the world. To learn more about working at Dropbox, visit dropbox.com/jobs We also have a few simple guidelines to keep this space respectful and productive. Please avoid: - Harassing other people or using language that’s hateful, offensive, vulgar, or advocates violence - Trolling, fraud and spamming - Violating someone else’s rights or privacy - Advertising or soliciting donations - Link baiting - Posting off topic comments or thread hijacking We may remove comments that violate these guidelines.

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 3,776
Subsidiaries: 0
12-month incidents
0
Known data breaches
1
Attack type number
1
View Profile

Trust Benefit Technologies

2011 E Financial Way, Suite 220, Glendora, CA, US, 91741
Last Update: 2025-07-27 (UTC)
Between 700 and 749
http://www.tbt4solutions.com

Trust Benefit Technologies is a leading software provider for the Taft-Hartley/multiemployer benefits industry, particularly for self-administered trusts funds and third-party administrators.  For more than forty years, the Company has provided its hosted and licensed solutions that include "back-office" administration products as well as employer and participant portals that are accessible via desktop computers, tablets, and smartphones.

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 12
Subsidiaries: 0
12-month incidents
0
Known data breaches
1
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/Dropbox.jpeg
Dropbox
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/trust-benefit-technologies.jpeg
Trust Benefit Technologies
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Dropbox
100%
Compliance Rate
0/4 Standards Verified
Trust Benefit Technologies
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for Dropbox in 2025.

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for Trust Benefit Technologies in 2025.

Incident History — Dropbox (X = Date, Y = Severity)

Dropbox cyber incidents detection timeline including parent company and subsidiaries

Incident History — Trust Benefit Technologies (X = Date, Y = Severity)

Trust Benefit Technologies cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/Dropbox.jpeg
Dropbox
Incidents

Date Detected: 11/2022
Type:Breach
Attack Vector: Unauthorized Access to GitHub Repositories
Motivation: Theft of Sensitive Data
Blog: Blog
https://images.rankiteo.com/companyimages/trust-benefit-technologies.jpeg
Trust Benefit Technologies
Incidents

Date Detected: 5/2023
Type:Breach
Attack Vector: Unauthorized Access
Blog: Blog

FAQ

Dropbox company demonstrates a stronger AI Cybersecurity Score compared to Trust Benefit Technologies company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Dropbox and Trust Benefit Technologies have experienced a similar number of publicly disclosed cyber incidents.

In the current year, Trust Benefit Technologies company and Dropbox company have not reported any cyber incidents.

Neither Trust Benefit Technologies company nor Dropbox company has reported experiencing a ransomware attack publicly.

Both Trust Benefit Technologies company and Dropbox company have disclosed experiencing at least one data breach.

Neither Trust Benefit Technologies company nor Dropbox company has reported experiencing targeted cyberattacks publicly.

Neither Dropbox company nor Trust Benefit Technologies company has reported experiencing or disclosing vulnerabilities publicly.

Neither Dropbox nor Trust Benefit Technologies holds any compliance certifications.

Neither company holds any compliance certifications.

Neither Dropbox company nor Trust Benefit Technologies company has publicly disclosed detailed information about the number of their subsidiaries.

Dropbox company employs more people globally than Trust Benefit Technologies company, reflecting its scale as a Software Development.

Neither Dropbox nor Trust Benefit Technologies holds SOC 2 Type 1 certification.

Neither Dropbox nor Trust Benefit Technologies holds SOC 2 Type 2 certification.

Neither Dropbox nor Trust Benefit Technologies holds ISO 27001 certification.

Neither Dropbox nor Trust Benefit Technologies holds PCI DSS certification.

Neither Dropbox nor Trust Benefit Technologies holds HIPAA certification.

Neither Dropbox nor Trust Benefit Technologies holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Improper authentication in the API authentication middleware of HCL DevOps Loop allows authentication tokens to be accepted without proper validation of their expiration and cryptographic signature. As a result, an attacker could potentially use expired or tampered tokens to gain unauthorized access to sensitive resources and perform actions with elevated privileges.

Published
Date
2025-11-05
Updated
Date
2025-11-05
Risk Information
cvss3
Base: 8.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
References
Description

Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2023.0 through 2024.8, may expose the authentication token for DCV-based WorkSpaces to other local users on the same client machine. Under certain circumstances, a local user may be able to extract another local user's authentication token from the shared client machine and access their WorkSpace. To mitigate this issue, users should upgrade to the Amazon WorkSpaces client for Linux version 2025.0 or later.

Published
Date
2025-11-05
Updated
Date
2025-11-05
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
cvss4
Base: 8.8
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

OSSN (Open Source Social Network) 8.6 is vulnerable to SQL Injection in /action/rtcomments/status via the timestamp parameter.

Published
Date
2025-11-05
Updated
Date
2025-11-05
References
Description

A vulnerability in the XiaozhangBang Voluntary Like System V8.8 allows remote attackers to manipulate the zhekou parameter in the /topfirst.php Pay module, enabling unauthorized discounts. By sending a crafted HTTP POST request with zhekou set to an abnormally low value, an attacker can purchase votes at a reduced cost. Furthermore, by modifying the zid parameter, attackers can influence purchases made by other users, amplifying the impact. This issue stems from insufficient server-side validation of these parameters, potentially leading to economic loss and unfair manipulation of vote counts.

Published
Date
2025-11-05
Updated
Date
2025-11-05
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
References
Description

PocketVJ CP PocketVJ-CP-v3 pvj version 3.9.1 contains an unauthenticated remote code execution vulnerability in the submit_opacity.php component. The application fails to sanitize user input in the opacityValue POST parameter before passing it to a shell command, allowing remote attackers to execute arbitrary commands with root privileges on the underlying system.

Published
Date
2025-11-05
Updated
Date
2025-11-05
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References