Comparison Overview

AU SMALL FINANCE BANK

VS

Bank Alfalah Limited

AU SMALL FINANCE BANK

19-A, DULESHWAR GARDEN, AJMER ROAD, JAIPUR, RAJASTHAN, IN, 302001
Last Update: 2025-12-09
View Profile
Between 750 and 799
https://www.au.bank.in/

The dream started two decades ago by Mr. Sanjay Agarwal, a merit holder Chartered Accountant and a first generation entrepreneur, along with his proficient team. Together, the dexterous team embarked on a journey of excellence while enriching lives along the way. What started off as a dream to be one of the fastest growing NBFCs, AU Financiers is now AU SMALL FINANCE BANK. Throughout our journey we have focused on solutions, completely based on our customers’ needs. As we grow, we continue to be farsighted, aligning the interest of our community at large.

NAICS: 52211
NAICS Definition: Commercial Banking
Employees: 33,336
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Bank Alfalah Limited

B.A. Building, I I Chundrigar Road, Karachi, Sindh, undefined, PK
Last Update: 2025-12-09
Between 750 and 799
http://www.bankalfalah.com

Bank Alfalah is one of the largest private Banks in Pakistan with a network of over 1100 branches in more than 200 cities across Pakistan with an international presence in Afghanistan, Bangladesh, Bahrain, and a representative office in the UAE. The Bank is owned and operated by the Abu Dhabi Group. The International Finance Corporation (IFC) of the World Bank partnered with the Bank in 2014 and holds a 15 percent stake in Bank Alfalah. Incorporated as a public limited company on 21st June 1992, under the Companies Ordinance, 1984, Bank Alfalah commenced banking operations from 1st November 1997. The Bank provides financial solutions to consumers, corporations, institutions, and governments through a broad spectrum of products and services, including corporate and investment banking, consumer banking and credit, securities brokerage, commercial, SME, agri-finance, Islamic and asset financing. JCR-VIS has assigned an entity rating of ‘AA+’ (double-A plus) for the long-term and ‘A1+’ (One plus) for the short-term, with a stable outlook. PACRA has assigned Bank Alfalah ‘AA+’ (double-A plus) entity rating for the long-term and ‘A1+’ (One plus) for the short-term, with a positive outlook. The Bank is listed on the Pakistan Stock Exchange.

NAICS: 52211
NAICS Definition: Commercial Banking
Employees: 14,583
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/aubank.jpeg
AU SMALL FINANCE BANK
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/bank-alfalah-limited.jpeg
Bank Alfalah Limited
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
AU SMALL FINANCE BANK
100%
Compliance Rate
0/4 Standards Verified
Bank Alfalah Limited
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Banking Industry Average (This Year)

No incidents recorded for AU SMALL FINANCE BANK in 2025.

Incidents vs Banking Industry Average (This Year)

No incidents recorded for Bank Alfalah Limited in 2025.

Incident History — AU SMALL FINANCE BANK (X = Date, Y = Severity)

AU SMALL FINANCE BANK cyber incidents detection timeline including parent company and subsidiaries

Incident History — Bank Alfalah Limited (X = Date, Y = Severity)

Bank Alfalah Limited cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/aubank.jpeg
AU SMALL FINANCE BANK
Incidents

No Incident

https://images.rankiteo.com/companyimages/bank-alfalah-limited.jpeg
Bank Alfalah Limited
Incidents

No Incident

FAQ

AU SMALL FINANCE BANK company demonstrates a stronger AI Cybersecurity Score compared to Bank Alfalah Limited company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, Bank Alfalah Limited company has disclosed a higher number of cyber incidents compared to AU SMALL FINANCE BANK company.

In the current year, Bank Alfalah Limited company and AU SMALL FINANCE BANK company have not reported any cyber incidents.

Neither Bank Alfalah Limited company nor AU SMALL FINANCE BANK company has reported experiencing a ransomware attack publicly.

Neither Bank Alfalah Limited company nor AU SMALL FINANCE BANK company has reported experiencing a data breach publicly.

Neither Bank Alfalah Limited company nor AU SMALL FINANCE BANK company has reported experiencing targeted cyberattacks publicly.

Neither AU SMALL FINANCE BANK company nor Bank Alfalah Limited company has reported experiencing or disclosing vulnerabilities publicly.

Neither AU SMALL FINANCE BANK nor Bank Alfalah Limited holds any compliance certifications.

Neither company holds any compliance certifications.

Neither AU SMALL FINANCE BANK company nor Bank Alfalah Limited company has publicly disclosed detailed information about the number of their subsidiaries.

AU SMALL FINANCE BANK company employs more people globally than Bank Alfalah Limited company, reflecting its scale as a Banking.

Neither AU SMALL FINANCE BANK nor Bank Alfalah Limited holds SOC 2 Type 1 certification.

Neither AU SMALL FINANCE BANK nor Bank Alfalah Limited holds SOC 2 Type 2 certification.

Neither AU SMALL FINANCE BANK nor Bank Alfalah Limited holds ISO 27001 certification.

Neither AU SMALL FINANCE BANK nor Bank Alfalah Limited holds PCI DSS certification.

Neither AU SMALL FINANCE BANK nor Bank Alfalah Limited holds HIPAA certification.

Neither AU SMALL FINANCE BANK nor Bank Alfalah Limited holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 8.1
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
References
Description

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 2.9
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
References
Description

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 4.5
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L
References
Description

A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).

Published
Date
2025-12-14
Updated
Date
2025-12-14
Risk Information
cvss3
Base: 5.8
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
References