Comparison Overview

Cleo

VS

Example, Inc

Cleo

4949 Harrison Ave, None, Rockford, Illinois, US, None
Last Update: 2025-08-05 (UTC)
View Profile
Between 700 and 749
https://www.cleo.com

Here at Cleo, we always say Cleo … never stops. It’s a fitting way to do business because, in these disruptive times, as organizations look to digitally transform, their ecosystem interactions and business relationships are vitally important to their success. By working with Cleo, they know they’re in good hands no matter how much or how fast their business situation changes. What’s novel about our approach is that Cleo gives customers strategic, “outside-in” visibility into the critical end-to-end business flows happening across their ecosystems -- of partners and customers, marketplaces, and internal cloud and on-premise applications – so they can connect, integrate, and analyze what’s happening at each and every integration touchpoint. This way, Cleo creates value by empowering organizations to drive business agility, accelerate onboarding, facilitate modernization of key business processes, and capture new revenue streams by reimagining and remastering their B2B, application, and data integrations. Like we said. Different.

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 525
Subsidiaries: 0
12-month incidents
0
Known data breaches
1
Attack type number
1
View Profile

Example, Inc

None
Last Update: 2025-05-14 (UTC)
Between 750 and 799
https://example.com

None

NAICS: 5112
NAICS Definition: Software Publishers
Employees: 0
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/cleo-communications.jpeg
Cleo
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/defaultcompany.jpeg
Example, Inc
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Cleo
100%
Compliance Rate
0/4 Standards Verified
Example, Inc
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for Cleo in 2025.

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for Example, Inc in 2025.

Incident History — Cleo (X = Date, Y = Severity)

Cleo cyber incidents detection timeline including parent company and subsidiaries

Incident History — Example, Inc (X = Date, Y = Severity)

Example, Inc cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/cleo-communications.jpeg
Cleo
Incidents

Date Detected: 10/2022
Type:Breach
Attack Vector: Hacking
Blog: Blog
https://images.rankiteo.com/companyimages/defaultcompany.jpeg
Example, Inc
Incidents

Date Detected: 3/2024
Type:Cyber Attack
Attack Vector: MOVEit file transfer system
Blog: Blog

FAQ

Example, Inc company demonstrates a stronger AI Cybersecurity Score compared to Cleo company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Cleo and Example, Inc have experienced a similar number of publicly disclosed cyber incidents.

In the current year, Example, Inc company and Cleo company have not reported any cyber incidents.

Neither Example, Inc company nor Cleo company has reported experiencing a ransomware attack publicly.

Cleo company has disclosed at least one data breach, while the other Example, Inc company has not reported such incidents publicly.

Example, Inc company has reported targeted cyberattacks, while Cleo company has not reported such incidents publicly.

Neither Cleo company nor Example, Inc company has reported experiencing or disclosing vulnerabilities publicly.

Neither Cleo nor Example, Inc holds any compliance certifications.

Neither company holds any compliance certifications.

Neither Cleo company nor Example, Inc company has publicly disclosed detailed information about the number of their subsidiaries.

Cleo company employs more people globally than Example, Inc company, reflecting its scale as a Software Development.

Neither Cleo nor Example, Inc holds SOC 2 Type 1 certification.

Neither Cleo nor Example, Inc holds SOC 2 Type 2 certification.

Neither Cleo nor Example, Inc holds ISO 27001 certification.

Neither Cleo nor Example, Inc holds PCI DSS certification.

Neither Cleo nor Example, Inc holds HIPAA certification.

Neither Cleo nor Example, Inc holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to 10.1.1, the default HTML editor provider allows unauthenticated file uploads and images can overwrite existing files. An unauthenticated user can upload and replace existing files allowing defacing a website and combined with other issue, injection XSS payloads. This vulnerability is fixed in 10.1.1.

Published
Date
2025-10-28
Updated
Date
2025-10-28
Risk Information
cvss3
Base: 10.0
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
References
Description

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to 10.1.1, sanitization of the content of uploaded SVG files was not covering all possible XSS scenarios. This vulnerability exists because of an incomplete fix for CVE-2025-48378. This vulnerability is fixed in 10.1.1.

Published
Date
2025-10-28
Updated
Date
2025-10-28
Risk Information
cvss3
Base: 6.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
References
Description

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to 10.1.1, the out-of-box experience for HTML editing allows unauthenticated users to upload files. This opens a potential vector to other security issues and is not needed on most implementations. This vulnerability is fixed in 10.1.1.

Published
Date
2025-10-28
Updated
Date
2025-10-28
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
References
Description

FastMCP is the standard framework for building MCP applications. Versions prior to 2.13.0, a command-injection vulnerability lets any attacker who can influence the server_name field of an MCP execute arbitrary OS commands on Windows hosts that run fastmcp install cursor. This vulnerability is fixed in 2.13.0.

Published
Date
2025-10-28
Updated
Date
2025-10-28
Risk Information
cvss4
Base: 5.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

FastMCP is the standard framework for building MCP applications. Versions prior to 2.13.0 have a reflected cross-site scripting vulnerability in the OAuth client callback page (oauth_callback.py) where unescaped user-controlled values are inserted into the generated HTML, allowing arbitrary JavaScript execution in the callback server origin. The issue is fixed in version 2.13.0.

Published
Date
2025-10-28
Updated
Date
2025-10-28
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References