Comparison Overview

Allegheny Millwork

VS

PORR Group

Allegheny Millwork

104 Commerce Blvd, Lawrence , PA, 15055, US
Last Update: 2025-03-05 (UTC)
Between 900 and 1000
http://www.alleghenymillwork.com

Excellent

For nearly 40 years, Allegheny Millwork has earned a national reputation as a leader in the custom millwork industry, by distinguishing ourselves through: โ€ขThe size and production capacity of our facilities โ€ขThe consistently high quality of our work โ€ขOur focus on communication, customer service and on-schedule completion of projects. โ€ขOur ability to integrate specialty materials into our millwork packages โ€ขA professional staff, expert in the use of professional tools and controls โ€ขOur high bonding capacity โ€ขOur company history. โ€ขAn extensive resume of successful projects and satisfied customers. โ€ขFSC Certification โ€ขAWI Certification Allegheny Millwork has not only invested heavily over the years in state of the art technology to improve efficiencies, but we have also invested heavily into the training of our craftsman in order to preserve the true art of woodworking.

NAICS: 23
NAICS Definition: Construction
Employees: 108
Subsidiaries: 1
12-month incidents
0
Known data breaches
0
Attack type number
0

PORR Group

Absberggasse 47 Vienna, A-1100, AT
Last Update: 2025-05-06 (UTC)

Excellent

Between 900 and 1000
https://porr-group.com

Driving innovation for excellence รขโ‚ฌโ€œ thatรขโ‚ฌโ„ขs what PORR stands for since already over 150 years. With around 20,000 employees and a production output of around EUR 6.5 to 6.7 billion (as at 31.12.2023), it is one of the largest construction companies in Austria and among Europeรขโ‚ฌโ„ขs leading providers in the sector. As a full-service provider, PORR offers every service in building construction, civil engineering and infrastructure construction, covering the entire value chain. PORR focuses on its home markets Austria, Germany, Switzerland, Poland, Czech Republic, Slovakia and Romania. On selected international project markets such as in Norway, the UK and Qatar, PORR focuses on export products in tunnel construction, railway construction and civil engineering. The PORR share is listed on the prime market of the Vienna Stock Exchange.

NAICS: 23
NAICS Definition: Construction
Employees: 10,001+
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/allegheny-millwork.jpeg
Allegheny Millwork
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/porr-ag.jpeg
PORR Group
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
Allegheny Millwork
100%
Compliance Rate
0/4 Standards Verified
PORR Group
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Construction Industry Average (This Year)

No incidents recorded for Allegheny Millwork in 2025.

Incidents vs Construction Industry Average (This Year)

No incidents recorded for PORR Group in 2025.

Incident History โ€” Allegheny Millwork (X = Date, Y = Severity)

Allegheny Millwork cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” PORR Group (X = Date, Y = Severity)

PORR Group cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/allegheny-millwork.jpeg
Allegheny Millwork
Incidents

No Incident

https://images.rankiteo.com/companyimages/porr-ag.jpeg
PORR Group
Incidents

No Incident

FAQ

Both Allegheny Millwork company and PORR Group company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

Historically, PORR Group company has disclosed a higher number of cyber incidents compared to Allegheny Millwork company.

In the current year, PORR Group company and Allegheny Millwork company have not reported any cyber incidents.

Neither PORR Group company nor Allegheny Millwork company has reported experiencing a ransomware attack publicly.

Neither PORR Group company nor Allegheny Millwork company has reported experiencing a data breach publicly.

Neither PORR Group company nor Allegheny Millwork company has reported experiencing targeted cyberattacks publicly.

Neither Allegheny Millwork company nor PORR Group company has reported experiencing or disclosing vulnerabilities publicly.

Allegheny Millwork company has more subsidiaries worldwide compared to PORR Group company.

Allegheny Millwork company employs more people globally than PORR Group company, reflecting its scale as a Construction.

Latest Global CVEs (Not Company-Specific)

Description

Multiple stored cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.4.3.15 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 15 through update 92 allow remote attackers to inject arbitrary web script or HTML via crafted payload injected into a Terms and Condition's Name text field to (1) Payment Terms, or (2) the Delivery Term on the view order page.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/invoices.php. Performing manipulation of the argument delid results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Affected by this issue is some unknown functionality of the file /admin/customer-list.php. Such manipulation of the argument delid leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses this issue. Patch name: aeaaa9af6359c8e394ce9cf24911fec4f4d23703. It is advisable to upgrade the affected component.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss2
Base: 1.7
Severity: LOW
AV:L/AC:L/Au:S/C:N/I:N/A:P
cvss3
Base: 3.3
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Cross-site scripting (XSS) vulnerability in the Commerce Search Result widget in Liferay Portal 7.4.0 through 7.4.3.111, and Liferay DXP 2023.Q4 before patch 6, 2023.Q3 before patch 9, and 7.4 GA through update 92 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a Commerce Product's Name text field.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References