Comparison Overview

Abri Group

VS

Save the Children International

Abri Group

Collins House, Eastleigh, GB
Last Update: 2026-01-03
View Profile
Between 700 and 749
https://www.abri.co.uk/

We’re Abri, a housing association based in the south of England. One of the largest in fact. We own own and manage more than 58,000 homes and various community assets, serving around 113,000 customers across the South of England. There aren’t enough homes for everyone who needs one. And we don’t think that’s right. So we build, own, look after and sell homes that people can afford. Including homes for affordable and social rent. And homes to buy through things like Shared Ownership and Help to Buy. We also have houses for market rent and sale too. And that’s not the half of it… Find out more about what we do on our website!

NAICS: 8135
NAICS Definition: Others
Employees: 902
Subsidiaries: 0
12-month incidents
1
Known data breaches
1
Attack type number
1
View Profile

Save the Children International

30 Orange Street, London, England, GB
Last Update: 2026-01-04
Between 750 and 799
http://www.savethechildren.net

Save the Children Save the Children is the world's leading independent organisation for children. We work in around 120 countries. Our vision is to live in a world in which every child attains the right to survival, protection, development and participation. Last year Save the Children's programmes and campaigns reached more than 55 million children directly around the world, through our and our partners'​ work. We work to inspire breakthroughs in the way the world treats children and to achieve immediate and lasting change in their lives. Across all of our work, we pursue several core values: accountability, ambition, collaboration, creativity and integrity.

NAICS: 8135
NAICS Definition: Others
Employees: 17,224
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/abri-group.jpeg
Abri Group
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/save-the-children-international.jpeg
Save the Children International
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Abri Group
100%
Compliance Rate
0/4 Standards Verified
Save the Children International
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Non-profit Organizations Industry Average (This Year)

Abri Group has 0.0% fewer incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs Non-profit Organizations Industry Average (This Year)

No incidents recorded for Save the Children International in 2026.

Incident History — Abri Group (X = Date, Y = Severity)

Abri Group cyber incidents detection timeline including parent company and subsidiaries

Incident History — Save the Children International (X = Date, Y = Severity)

Save the Children International cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/abri-group.jpeg
Abri Group
Incidents

Date Detected: 1/2026
Type:Breach
Blog: Blog
https://images.rankiteo.com/companyimages/save-the-children-international.jpeg
Save the Children International
Incidents

Date Detected: 9/2023
Type:Ransomware
Motivation: Financial Gain
Blog: Blog

FAQ

Save the Children International company demonstrates a stronger AI Cybersecurity Score compared to Abri Group company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Abri Group and Save the Children International have experienced a similar number of publicly disclosed cyber incidents.

In the current year, Abri Group company has reported more cyber incidents than Save the Children International company.

Save the Children International company has confirmed experiencing a ransomware attack, while Abri Group company has not reported such incidents publicly.

Abri Group company has disclosed at least one data breach, while the other Save the Children International company has not reported such incidents publicly.

Neither Save the Children International company nor Abri Group company has reported experiencing targeted cyberattacks publicly.

Neither Abri Group company nor Save the Children International company has reported experiencing or disclosing vulnerabilities publicly.

Neither Abri Group nor Save the Children International holds any compliance certifications.

Neither company holds any compliance certifications.

Neither Abri Group company nor Save the Children International company has publicly disclosed detailed information about the number of their subsidiaries.

Save the Children International company employs more people globally than Abri Group company, reflecting its scale as a Non-profit Organizations.

Neither Abri Group nor Save the Children International holds SOC 2 Type 1 certification.

Neither Abri Group nor Save the Children International holds SOC 2 Type 2 certification.

Neither Abri Group nor Save the Children International holds ISO 27001 certification.

Neither Abri Group nor Save the Children International holds PCI DSS certification.

Neither Abri Group nor Save the Children International holds HIPAA certification.

Neither Abri Group nor Save the Children International holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

REDAXO is a PHP-based content management system. Prior to version 5.20.2, authenticated users with backup permissions can read arbitrary files within the webroot via path traversal in the Backup addon's file export functionality. The Backup addon does not validate the `EXPDIR` POST parameter against the UI-generated allowlist of permitted directories. An attacker can supply relative paths containing `../` sequences (or even absolute paths inside the document root) to include any readable file in the generated `.tar.gz` archive. Version 5.20.2 fixes this issue.

Published
Date
2026-01-07
Updated
Date
2026-01-07
Risk Information
cvss4
Base: 8.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

MONAI (Medical Open Network for AI) is an AI toolkit for health care imaging. In versions up to and including 1.5.1, a Path Traversal (Zip Slip) vulnerability exists in MONAI's `_download_from_ngc_private()` function. The function uses `zipfile.ZipFile.extractall()` without path validation, while other similar download functions in the same codebase properly use the existing `safe_extract_member()` function. Commit 4014c8475626f20f158921ae0cf98ed259ae4d59 fixes this issue.

Published
Date
2026-01-07
Updated
Date
2026-01-07
Risk Information
cvss3
Base: 5.3
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
References
Description

axios4go is a Go HTTP client library. Prior to version 0.6.4, a race condition vulnerability exists in the shared HTTP client configuration. The global `defaultClient` is mutated during request execution without synchronization, directly modifying the shared `http.Client`'s `Transport`, `Timeout`, and `CheckRedirect` properties. Impacted applications include that that use axios4go with concurrent requests (multiple goroutines, `GetAsync`, `PostAsync`, etc.), those where different requests use different proxy configurations, and those that handle sensitive data (authentication credentials, tokens, API keys). Version 0.6.4 fixes this issue.

Published
Date
2026-01-07
Updated
Date
2026-01-07
Risk Information
cvss4
Base: 8.2
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

pnpm is a package manager. Versions 6.25.0 through 10.26.2 have a Command Injection vulnerability when using environment variable substitution in .npmrc configuration files with tokenHelper settings. An attacker who can control environment variables during pnpm operations could achieve Remote Code Execution (RCE) in build environments. This issue is fixed in version 10.27.0.

Published
Date
2026-01-07
Updated
Date
2026-01-07
Risk Information
cvss3
Base: 7.5
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
References
Description

User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an authorized attacker to perform spoofing over a network.

Published
Date
2026-01-07
Updated
Date
2026-01-07
Risk Information
cvss3
Base: 5.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
References