Comparison Overview

CodeTwo

VS

UST

CodeTwo

Last Update: 2024-06-29 (UTC)
Between 800 and 900
http://www.codetwo.com

Strong

CodeTwo develops software solutions for Microsoft 365, Exchange Server and Outlook. We focus mainly on email signature & branding management, mailbox migration and backup. Since 2007, CodeTwo solutions have been used by 120,000+ companies in 170+ countries. Our flagship products have been critically acclaimed and mentioned by Gartner, Newsweek and Forbes. We are Microsoft Gold Partner and we won Microsoft Partner of the Year Award in the ISV category and were named Microsoft Customer Experience Award Finalist.

NAICS: 5415
NAICS Definition: Computer Systems Design and Related Services
Employees: 74
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

UST

5 Polaris Way, Aliso Viejo, CA, 92656, US
Last Update: 2025-05-06 (UTC)

Strong

Between 800 and 900
http://www.ust.com

UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the worldโ€™s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clientsโ€™ organizations. With over 30K+ employees in 30+ countries, UST builds for boundless impactโ€”touching billions of lives in the process.

NAICS: 5415
NAICS Definition: Computer Systems Design and Related Services
Employees: 36,536
Subsidiaries: 6
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/codetwo.jpeg
CodeTwo
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/ust-global.jpeg
UST
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
CodeTwo
100%
Compliance Rate
0/4 Standards Verified
UST
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs IT Services and IT Consulting Industry Average (This Year)

No incidents recorded for CodeTwo in 2025.

Incidents vs IT Services and IT Consulting Industry Average (This Year)

No incidents recorded for UST in 2025.

Incident History โ€” CodeTwo (X = Date, Y = Severity)

CodeTwo cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” UST (X = Date, Y = Severity)

UST cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/codetwo.jpeg
CodeTwo
Incidents

No Incident

https://images.rankiteo.com/companyimages/ust-global.jpeg
UST
Incidents

No Incident

FAQ

Both CodeTwo company and UST company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

Historically, UST company has disclosed a higher number of cyber incidents compared to CodeTwo company.

In the current year, UST company and CodeTwo company have not reported any cyber incidents.

Neither UST company nor CodeTwo company has reported experiencing a ransomware attack publicly.

Neither UST company nor CodeTwo company has reported experiencing a data breach publicly.

Neither UST company nor CodeTwo company has reported experiencing targeted cyberattacks publicly.

Neither CodeTwo company nor UST company has reported experiencing or disclosing vulnerabilities publicly.

UST company has more subsidiaries worldwide compared to CodeTwo company.

UST company employs more people globally than CodeTwo company, reflecting its scale as a IT Services and IT Consulting.

Latest Global CVEs (Not Company-Specific)

Description

An issue was discovered in chinabugotech hutool before 5.8.4 allowing attackers to execute arbitrary expressions that lead to arbitrary method invocation and potentially remote code execution (RCE) via the QLExpressEngine class.

Published
Date
2025-09-25
Updated
Date
2025-09-25
References
Description

A weakness has been identified in JeecgBoot up to 3.8.2. The impacted element is an unknown function of the file /sys/role/exportXls. This manipulation causes improper authorization. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in JeecgBoot up to 3.8.2. The affected element is an unknown function of the file /sys/user/exportXls of the component Filter Handler. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 2.1
Severity: HIGH
AV:N/AC:H/Au:S/C:P/I:N/A:N
cvss3
Base: 3.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was determined in JeecgBoot up to 3.8.2. This issue affects some unknown processing of the file /api/getDepartUserList. Executing manipulation of the argument departId can lead to improper authorization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 2.1
Severity: HIGH
AV:N/AC:H/Au:S/C:P/I:N/A:N
cvss3
Base: 3.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References