Comparison Overview

Capita

VS

AlmavivA Experience

Capita

2 Kingdom Street, First Floor, London, England, GB, W2 6BD
Last Update: 2026-01-17
View Profile
Between 550 and 599
http://www.capita.com

Capita is an outsourcer, helping clients across the public and private sectors run complex business processes more efficiently, creating better consumer experiences. Operating across eight countries, Capita’s 34,000 colleagues support primarily UK and European clients with people-based services underpinned by market-leading technology. We’re a vital support service for our clients, enabling the everyday interactions that we expect to run seamlessly, to run seamlessly. A publicly listed business with adjusted revenue of £2.4bn, Capita’s areas of focus are Central Government, Local Public Service, Defence, Learning, Fire & Security, Contact Centres and Pensions Solutions. We’re embracing change to respond to the ever-changing needs of society, creating better outcomes for all our stakeholders.

NAICS: 5415
NAICS Definition: Computer Systems Design and Related Services
Employees: 25,516
Subsidiaries: 8
12-month incidents
0
Known data breaches
1
Attack type number
3
View Profile

AlmavivA Experience

Avenida Rebouças 2728, São Paulo, 05402-500, BR
Last Update: 2026-01-21
Between 750 and 799
https://www.almavivaexperience.com.br/pt-br/

Líder em transformação digital nos mercados de Customer Experience e Debt Collection na América Latina. Combinamos tecnologia, inteligência e excelência operacional para entregar soluções completas que antecipam as necessidades dos nossos Clientes. São mais de 530 milhões de interações anuais, metade em canais digitais, para um portfólio de 60+ clientes. Siga-nos e acompanhe como transformamos experiências em resultados.

NAICS: 5415
NAICS Definition: Computer Systems Design and Related Services
Employees: 22,366
Subsidiaries: 14
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/capita.jpeg
Capita
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/almavivaexperience.jpeg
AlmavivA Experience
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Capita
100%
Compliance Rate
0/4 Standards Verified
AlmavivA Experience
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs IT Services and IT Consulting Industry Average (This Year)

No incidents recorded for Capita in 2026.

Incidents vs IT Services and IT Consulting Industry Average (This Year)

No incidents recorded for AlmavivA Experience in 2026.

Incident History — Capita (X = Date, Y = Severity)

Capita cyber incidents detection timeline including parent company and subsidiaries

Incident History — AlmavivA Experience (X = Date, Y = Severity)

AlmavivA Experience cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/capita.jpeg
Capita
Incidents

Date Detected: 6/2023
Type:Breach
Blog: Blog

Date Detected: 4/2023
Type:Data Leak
Attack Vector: Access to internal Microsoft Office 365 apps
Blog: Blog

Date Detected: 3/2023
Type:Ransomware
Attack Vector: Malicious File Download (Phishing/Social Engineering)
Motivation: Financial Gain (Ransom Demand, Data Exfiltration for Leverage)
Blog: Blog
https://images.rankiteo.com/companyimages/almavivaexperience.jpeg
AlmavivA Experience
Incidents

No Incident

FAQ

AlmavivA Experience company demonstrates a stronger AI Cybersecurity Score compared to Capita company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Capita company has historically faced a number of disclosed cyber incidents, whereas AlmavivA Experience company has not reported any.

In the current year, AlmavivA Experience company and Capita company have not reported any cyber incidents.

Capita company has confirmed experiencing a ransomware attack, while AlmavivA Experience company has not reported such incidents publicly.

Capita company has disclosed at least one data breach, while the other AlmavivA Experience company has not reported such incidents publicly.

Neither AlmavivA Experience company nor Capita company has reported experiencing targeted cyberattacks publicly.

Neither Capita company nor AlmavivA Experience company has reported experiencing or disclosing vulnerabilities publicly.

Neither Capita nor AlmavivA Experience holds any compliance certifications.

Neither company holds any compliance certifications.

AlmavivA Experience company has more subsidiaries worldwide compared to Capita company.

Capita company employs more people globally than AlmavivA Experience company, reflecting its scale as a IT Services and IT Consulting.

Neither Capita nor AlmavivA Experience holds SOC 2 Type 1 certification.

Neither Capita nor AlmavivA Experience holds SOC 2 Type 2 certification.

Neither Capita nor AlmavivA Experience holds ISO 27001 certification.

Neither Capita nor AlmavivA Experience holds PCI DSS certification.

Neither Capita nor AlmavivA Experience holds HIPAA certification.

Neither Capita nor AlmavivA Experience holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
References
Description

Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References
Description

Azure Entra ID Elevation of Privilege Vulnerability

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
References
Description

Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover LDAP entries on the server such as user IDs and user attributes. This issue has been fixed in version 0.10.0.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss4
Base: 2.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
References