Comparison Overview
Covenant Health

Covenant Health
100 Fort Sanders West Blvd, Knoxville, TN, US, 37922
Last Update: 03/04/2026
Covenant Health is a not-for-profit, locally owned integrated healthcare enterprise with a mission to improve the quality of life in our communities through better health. Covenant Health serves a 25-county region of Tennessee and has more than 2 million patient encount...

UPMC
US Steel Tower, 600 Grant Street, Pittsburgh, PA, US, 15219
Last Update: 01/04/2026
UPMC is a world-renowned, nonprofit health care provider and insurer committed to delivering exceptional, people-centered care and community services. Headquartered in Pittsburgh and affiliated with the University of Pittsburgh Schools of the Health Sciences, UPMC is sh...
Compliance Ranges Comparison

Covenant Health







UPMC






Benchmark & Cyber Underwriting Signals
Incidents vs Hospitals and Health Care Industry Avg (This Year)
Covenant Health has 31.03% fewer incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs Hospitals and Health Care Industry Avg (This Year)
UPMC has 5.66% fewer incidents than the average of all companies with at least one recorded incident.
Incident History - Covenant Health (X = Date, Y = Severity)
Covenant Health cyber incidents detection timeline including parent company and subsidiaries.
Incident History - UPMC (X = Date, Y = Severity)
UPMC cyber incidents detection timeline including parent company and subsidiaries.
Notable Incidents

Covenant Health

UPMC
FAQ
Latest Global CVEs
Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.
Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.
Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network.