Comparison Overview

CoStar Group

VS

SM Prime Holdings, Inc.

CoStar Group

1201 Wilson Blvd, Arlington, Virginia, 22209, US
Last Update: 2025-12-09
View Profile
Between 800 and 849
http://www.costargroup.com

Since 1986, our work has kept the customer at the center of all we do. Clients, brokers, business buyers and sellers, and people looking for their next place to live depend on our information to make informed business decisions and plans for their future. Named to the NASDAQ 100 Index and S&P 500 Index for our leadership in real estate and technology, we are the industry standard because we’ve created, refined, and perfected a language that an entire industry trusts. CoStar Group has been recognized on numerous lists, including Forbes’ 2025 America’s Best Large Employers and Richmond Times-Dispatch's 2024 Top Workplaces.

NAICS: None
NAICS Definition: Others
Employees: 8,897
Subsidiaries: 8
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

SM Prime Holdings, Inc.

7th Floor MOA Square Building, Seashell Lane corner Coral Way, MOA Complex, Pasay City Pasay, National Capital Region 1300, PH
Last Update: 2025-12-09
Between 750 and 799
https://smprime.com

SM Prime Holdings, Inc. (SMPH) is one of the largest integrated property developers in Southeast Asia that offers innovative and sustainable lifestyle cities with the development of malls, residences, offices, hotels and convention centers. It is also the largest, in terms of asset, in the Philippines. SM Prime Holdings, Inc. was incorporated in the Philippines in 1994. They started as a mall developer and operator and grew to be the biggest retail shopping center developer and operator in the Philippines. Currently, it has 72 malls in and outside Metro Manila and 7 shopping malls in China, totaling 9.5 million square meters of Gross Floor Area (GFA). In the Philippines, they have a total of 18,153 tenants and 1,940 tenants in China. SM Prime goes beyond mall development and management through its units and subsidiaries. SM Development Corporation (SMDC) is the residential business component that sells affordable condominium units. SM Prime’s commercial business units, the Commercial Property Group (CPG) is engaged in the development and leasing of office buildings in Metro Manila, as well as the operations and management of buildings and other land holdings such as Mall of Asia Arena (MOA Arena). Its Hotels and Convention Centers business unit develops and manages various hotel and convention centers across the country.

NAICS: None
NAICS Definition: Others
Employees: 10,001
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/costar-group.jpeg
CoStar Group
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/smphi.jpeg
SM Prime Holdings, Inc.
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
CoStar Group
100%
Compliance Rate
0/4 Standards Verified
SM Prime Holdings, Inc.
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Real Estate Industry Average (This Year)

No incidents recorded for CoStar Group in 2025.

Incidents vs Real Estate Industry Average (This Year)

No incidents recorded for SM Prime Holdings, Inc. in 2025.

Incident History — CoStar Group (X = Date, Y = Severity)

CoStar Group cyber incidents detection timeline including parent company and subsidiaries

Incident History — SM Prime Holdings, Inc. (X = Date, Y = Severity)

SM Prime Holdings, Inc. cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/costar-group.jpeg
CoStar Group
Incidents

No Incident

https://images.rankiteo.com/companyimages/smphi.jpeg
SM Prime Holdings, Inc.
Incidents

No Incident

FAQ

CoStar Group company demonstrates a stronger AI Cybersecurity Score compared to SM Prime Holdings, Inc. company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, SM Prime Holdings, Inc. company has disclosed a higher number of cyber incidents compared to CoStar Group company.

In the current year, SM Prime Holdings, Inc. company and CoStar Group company have not reported any cyber incidents.

Neither SM Prime Holdings, Inc. company nor CoStar Group company has reported experiencing a ransomware attack publicly.

Neither SM Prime Holdings, Inc. company nor CoStar Group company has reported experiencing a data breach publicly.

Neither SM Prime Holdings, Inc. company nor CoStar Group company has reported experiencing targeted cyberattacks publicly.

Neither CoStar Group company nor SM Prime Holdings, Inc. company has reported experiencing or disclosing vulnerabilities publicly.

Neither CoStar Group nor SM Prime Holdings, Inc. holds any compliance certifications.

Neither company holds any compliance certifications.

CoStar Group company has more subsidiaries worldwide compared to SM Prime Holdings, Inc. company.

SM Prime Holdings, Inc. company employs more people globally than CoStar Group company, reflecting its scale as a Real Estate.

Neither CoStar Group nor SM Prime Holdings, Inc. holds SOC 2 Type 1 certification.

Neither CoStar Group nor SM Prime Holdings, Inc. holds SOC 2 Type 2 certification.

Neither CoStar Group nor SM Prime Holdings, Inc. holds ISO 27001 certification.

Neither CoStar Group nor SM Prime Holdings, Inc. holds PCI DSS certification.

Neither CoStar Group nor SM Prime Holdings, Inc. holds HIPAA certification.

Neither CoStar Group nor SM Prime Holdings, Inc. holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 2.6
Severity: HIGH
AV:N/AC:H/Au:N/C:N/I:P/A:N
cvss3
Base: 3.7
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
cvss4
Base: 6.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument user_id leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References