Comparison Overview

Bem Promotora

VS

The Max Group

Bem Promotora

Rua Siqueira Campos, 1163, Porto Alegre, RS, 90010001, BR
Last Update: 2025-03-06 (UTC)
Between 800 and 900
http://www.bempromotora.com.br

Strong

A Bem Promotora é especializada em crédito consignado para funcionários públicos federais SIAPE e aposentados e pensionistas do INSS. Além disso, a empresa trabalha com Saque Bem Antecipado FGTS e uma variada oferta de seguros. A atuação baseia-se em canais próprios e parceiros, sempre fundamentada em princípios como agilidade, bem-estar, ética e eficiência. Fundada em 2008 em Porto Alegre, a Bem Promotora já se consolidou entre os principais players do mercado brasileiro. A presença em todas as regiões do país acontece por meio de lojas próprias e de uma qualificada rede de correspondentes substabelecidos. Aos parceiros e clientes, a Bem Promotora oferece atendimento qualificado, taxas competitivas, plataforma de negócios Bem Web, segurança no processo de averbação, retorno de saldos dentro do prazo, transparência nos relatórios e uma equipe de suporte sempre pronta para entrar em ação. Buscamos sempre trabalhar para fazer da experiência dos colaboradores e clientes a melhor possível. Somos um time vencedor e com vontade de apoiar nossos públicos a realizarem seus sonhos. A Bem é uma empresa GPTW! Estamos entre as melhores empresas para trabalhar no RS e RJ e entre as melhores para mulheres trabalhar no Brasil. Acreditamos que a diversidade é a chave para a inovação e a transformação. Aqui, todos são bem-vindos para somar!

NAICS: 52
NAICS Definition:
Employees: 428
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

The Max Group

Max House 1, Dr. Jha Marg, Okhla Phase III New Delhi, Delhi 110020, IN
Last Update: 2025-05-05 (UTC)

Excellent

Between 900 and 1000
https://maxgroup.in

Max Group: The Max Group is a leading Indian multi-business conglomerate with interests in the Life Insurance, Healthcare, Real Estate and Senior Living industries. In FY2019, the Group recorded consolidated revenue of Rs. 24,134 Cr. It currently has a total customer base of 9 million, around 340 offices spread across India, an agency strength of ~46,000 and employee strength of more than 27,000. The Max Group comprises three holding companies, namely Max Financial Services, Max India and Max Ventures & Industries. The Group’s investor base includes marquee global financial institutions such as New York Life, KKR, IFC Washington, Vanguard, Ward Ferry, Briarwood Capital, Ellipsis Partners, Nomura, Aberdeen, First State Investments, Indgrowth Capital Fund, India Insight Value Fund, First Voyager, Eastspring, Target Asset Management, Baron and Doric Capital. The Max Group is led by its Founder and Chairman Mr. Analjit Singh. About Max India: Max India, a part of the leading Indian conglomerate Max Group, has a presence in the senior living and healthcare industry. It is the holding company of Antara Senior Living and an equal joint venture partner with a 49.7% in Max Healthcare along with Radiant Life Care Private Limited (Radiant). Max India’s businesses have well-entrenched positions in their respective categories and are recognized for their outstanding service standards. Max India is listed on both the Bombay Stock Exchange as well as the National Stock Exchange. For more details, visit www.maxindia.com.

NAICS: 52
NAICS Definition: Finance and Insurance
Employees: 10,001+
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/bempromotora.jpeg
Bem Promotora
ISO 27001
Not verified
SOC 2
Not verified
GDPR
No public badge
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/defaultcompany.jpeg
The Max Group
ISO 27001
Not verified
SOC 2
Not verified
GDPR
No public badge
PCI DSS
No public badge
Compliance Summary
Bem Promotora
100%
Compliance Rate
0/4 Standards Verified
The Max Group
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for Bem Promotora in 2025.

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for The Max Group in 2025.

Incident History — Bem Promotora (X = Date, Y = Severity)

Bem Promotora cyber incidents detection timeline including parent company and subsidiaries

Incident History — The Max Group (X = Date, Y = Severity)

The Max Group cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/bempromotora.jpeg
Bem Promotora
Incidents

No Incident

https://images.rankiteo.com/companyimages/defaultcompany.jpeg
The Max Group
Incidents

No Incident

FAQ

The Max Group company company demonstrates a stronger AI risk posture compared to Bem Promotora company company, reflecting its advanced AI governance and monitoring frameworks.

Historically, The Max Group company has disclosed a higher number of cyber incidents compared to Bem Promotora company.

In the current year, The Max Group company and Bem Promotora company have not reported any cyber incidents.

Neither The Max Group company nor Bem Promotora company has reported experiencing a ransomware attack publicly.

Neither The Max Group company nor Bem Promotora company has reported experiencing a data breach publicly.

Neither The Max Group company nor Bem Promotora company has reported experiencing targeted cyberattacks publicly.

Neither Bem Promotora company nor The Max Group company has reported experiencing or disclosing vulnerabilities publicly.

Neither Bem Promotora company nor The Max Group company has publicly disclosed detailed information about the number of their subsidiaries.

Bem Promotora company employs more people globally than The Max Group company, reflecting its scale as a Financial Services.

Latest Global CVEs (Not Company-Specific)

Description

Mastra is a Typescript framework for building AI agents and assistants. Versions 0.13.8 through 0.13.20-alpha.0 are vulnerable to a Directory Traversal attack that results in the disclosure of directory listings. The code contains a security check to prevent path traversal for reading file contents, but this check is effectively bypassed by subsequent logic that attempts to find directory suggestions. An attacker can leverage this flaw to list the contents of arbitrary directories on the user's filesystem, including the user's home directory, exposing sensitive information about the file system's structure. This issue is fixed in version 0.13.20.

Published
Date
2025-10-03
Updated
Date
2025-10-03
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
Description

KUNO CMS is a fully deployable full-stack blog application. Versions 1.3.13 and below contain validation flaws in its file upload functionality that can be exploited for stored XSS. The upload endpoint only validates file types based on Content-Type headers, lacks file content analysis and extension whitelist restrictions, allowing attackers to upload SVG files containing malicious scripts (disguised as images). When users access the uploaded resource pages, arbitrary JavaScript executes in their browsers. This issue is fixed in version 1.3.14.

Published
Date
2025-10-03
Updated
Date
2025-10-03
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
References
Description

Minecraft RCON Terminal is a VS Code extension that streamlines Minecraft server management. Versions 0.1.0 through 2.0.6 stores passwords using VS Code's configuration API which writes to settings.json in plaintext. This issue is fixed in version 2.1.0.

Published
Date
2025-10-03
Updated
Date
2025-10-03
Risk Information
cvss4
Base: 6.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Anyquery is an SQL query engine built on top of SQLite. Versions 0.4.3 and below allow attackers who have already gained access to localhost, even with low privileges, to use the http server through the port unauthenticated, and access private integration data like emails, without any warning of a foreign login from the provider. This issue is fixed in version 0.4.4.

Published
Date
2025-10-03
Updated
Date
2025-10-03
Risk Information
cvss3
Base: 7.7
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References
Description

DataChain is a Python-based AI-data warehouse for transforming and analyzing unstructured data. Versions 0.34.1 and below allow for deseriaization of untrusted data because of the way the DataChain library reads serialized objects from environment variables (such as DATACHAIN__METASTORE and DATACHAIN__WAREHOUSE) in the loader.py module. An attacker with the ability to set these environment variables can trigger code execution when the application loads. This issue is fixed in version 0.34.2.

Published
Date
2025-10-03
Updated
Date
2025-10-03
Risk Information
cvss3
Base: 2.5
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
References