Comparison Overview

Q: Between Grab company and IDEMIA company, which one has the best AI Cybersecurity Score ?

Grab company demonstrates a stronger AI Cybersecurity Score compared to IDEMIA company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between Grab company and IDEMIA company, which one has experienced more cyber incidents in the past ?

Historically, IDEMIA company has disclosed a higher number of cyber incidents compared to Grab company.

Q: Between Grab company and IDEMIA company, which one has experienced more cyber incidents this year ?

In the current year, IDEMIA company and Grab company have not reported any cyber incidents.

Q: Between Grab company and IDEMIA company, which one has experienced at least one ransomware attack ?

Neither IDEMIA company nor Grab company has reported experiencing a ransomware attack publicly.

Q: Between Grab company and IDEMIA company, which one has experienced at least one data breach ?

Neither IDEMIA company nor Grab company has reported experiencing a data breach publicly.

Q: Between Grab company and IDEMIA company, which one has experienced at least one targeted cyberattack ?

Neither IDEMIA company nor Grab company has reported experiencing targeted cyberattacks publicly.

Q: Between Grab company and IDEMIA company, which one has experienced at least one vulnerability ?

Neither Grab company nor IDEMIA company has reported experiencing or disclosing vulnerabilities publicly.

Q: Between Grab company and IDEMIA company, which one holds the most compliance certifications ?

Neither Grab nor IDEMIA holds any compliance certifications.

Q: Between Grab company and IDEMIA company, which one has the most subsidiaries ?

Grab company has more subsidiaries worldwide compared to IDEMIA company.

Grab

3 Media Close, Grab HQ #01-03/06 , Singapore, Singapore, SG, 138498

Last Update: 2025-12-09

View Profile

Between 800 and 849

https://grab.careers

Grab is Southeast Asia’s leading superapp, offering a suite of services consisting of deliveries, mobility, financial services, enterprise and others. Grabbers come from all over the world, and we are united by a common mission: to drive Southeast Asia forward by creating economic empowerment for everyone. At Grab, every Grabber is guided by The Grab Way, which explains our mission and the operating principles on how we can achieve it together. We call these principles the 4Hs: Heart We work together as OneGrab to serve communities in Southeast Asia Hunger We work to understand ground truths and drive improvements, big and small Honour We keep our word and steward our resources wisely to build and sustain trust Humility We are a constant work-in-progress, and we never stop learning to get better

NAICS: 5112

NAICS Definition: Software Publishers

Employees: 52,680

Subsidiaries: 5

12-month incidents

0

Known data breaches

0

Attack type number

0

View Profile

IDEMIA

2 place Samuel Champlain, Courbevoie, Ile de France, 92400, FR

Last Update: 2025-12-09

Between 750 and 799

https://www.idemia.com/

IDEMIA Group unlocks simpler and safer ways to pay, connect, access, identify, travel and protect public places. With its long-standing expertise in biometrics and cryptography, IDEMIA develops technologies of excellence with an impactful, ethical, and socially responsible approach. Every day, IDEMIA secures billions of interactions in the physical and digital worlds. IDEMIA Group brings together three market-leading businesses that enable mission-critical solutions: • IDEMIA Secure Transactions is the leading technology provider who unlocks safer and easier ways to pay and connect. For more information, visit www.idemia.com/business/idemia-secure-transactions • IDEMIA Public Security is a leading global provider of biometric solutions that unlock convenient and secure travel, access, and protection. For more information, visit www.idemia.com/business/idemia-public-security • IDEMIA Smart Identity leverages the power of cryptographic and biometric technologies to unlock a single trusted identity for all. For more information, visit www.idemia.com/business/idemia-smart-identity With a global team of nearly 15,000 employees, IDEMIA Group is trusted by over 600 governmental organizations and more than 2,400 enterprises in over 180 countries. For more information, visit www.idemia.com and follow @IDEMIAGroup on X.

NAICS: 5112

NAICS Definition: Software Publishers

Employees: 13,546

Subsidiaries: 2

12-month incidents

0

Known data breaches

0

Attack type number

0

Grab

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

IDEMIA

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for Grab in 2025.

Incidents vs Software Development Industry Average (This Year)

No incidents recorded for IDEMIA in 2025.

Incident History — Grab (X = Date, Y = Severity)

Grab cyber incidents detection timeline including parent company and subsidiaries

Incident History — IDEMIA (X = Date, Y = Severity)

IDEMIA cyber incidents detection timeline including parent company and subsidiaries

Grab

Incidents

No Incident

IDEMIA

Incidents

No Incident

Grab company demonstrates a stronger AI Cybersecurity Score compared to IDEMIA company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, IDEMIA company has disclosed a higher number of cyber incidents compared to Grab company.

In the current year, IDEMIA company and Grab company have not reported any cyber incidents.

Neither IDEMIA company nor Grab company has reported experiencing a ransomware attack publicly.

Neither IDEMIA company nor Grab company has reported experiencing a data breach publicly.

Neither IDEMIA company nor Grab company has reported experiencing targeted cyberattacks publicly.

Neither Grab company nor IDEMIA company has reported experiencing or disclosing vulnerabilities publicly.

Neither Grab nor IDEMIA holds any compliance certifications.

Neither company holds any compliance certifications.

Grab company has more subsidiaries worldwide compared to IDEMIA company.

Grab company employs more people globally than IDEMIA company, reflecting its scale as a Software Development.

Neither Grab nor IDEMIA holds SOC 2 Type 1 certification.

Neither Grab nor IDEMIA holds SOC 2 Type 2 certification.

Neither Grab nor IDEMIA holds ISO 27001 certification.

Neither Grab nor IDEMIA holds PCI DSS certification.

Neither Grab nor IDEMIA holds HIPAA certification.

Neither Grab nor IDEMIA holds GDPR certification.

Description

NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 8.1

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

References

https://docs.nxlog.co/agent/current/release-notes.html#nxlog-agent-6-11

Description

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 2.9

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

References

Description

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss2

Base: 5.0

Severity: LOW

AV:N/AC:L/Au:N/C:N/I:P/A:N

cvss3

Base: 4.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

cvss4

Base: 5.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 4.5

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L

References

https://github.com/mjmlio/mjml/issues/3018

Description

A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 5.8

Severity: HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Grab

VS

IDEMIA

Grab

IDEMIA

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

Incidents vs Software Development Industry Average (This Year)

Incident History — Grab (X = Date, Y = Severity)

Incident History — IDEMIA (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-67900

Risk Information

CVE-2025-67899

Risk Information

CVE-2025-14691

Risk Information

CVE-2025-67898

Risk Information

CVE-2025-13281

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Grab

VS

IDEMIA

Grab

IDEMIA

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Average (This Year)

Incidents vs Software Development Industry Average (This Year)

Incident History — Grab (X = Date, Y = Severity)

Incident History — IDEMIA (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Between Grab company and IDEMIA company, which one has the best AI Cybersecurity Score ?

Between Grab company and IDEMIA company, which one has experienced more cyber incidents in the past ?

Between Grab company and IDEMIA company, which one has experienced more cyber incidents this year ?

Between Grab company and IDEMIA company, which one has experienced at least one ransomware attack ?

Between Grab company and IDEMIA company, which one has experienced at least one data breach ?

Between Grab company and IDEMIA company, which one has experienced at least one targeted cyberattack ?

Between Grab company and IDEMIA company, which one has experienced at least one vulnerability ?

Between Grab company and IDEMIA company, which one holds the most compliance certifications ?

Between Grab company and IDEMIA company, which one holds the fewest compliance certifications ?

Between Grab company and IDEMIA company, which one has the most subsidiaries ?

Between Grab company and IDEMIA company, which one has the largest number of employees ?

Between Grab and IDEMIA, which company holds both SOC 2 Type 1 certifications ?

Between Grab and IDEMIA, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — Grab or IDEMIA ?

Which company is PCI DSS compliant — Grab or IDEMIA ?

Between Grab and IDEMIA, which company complies with HIPAA regulations for healthcare data ?

Between Grab and IDEMIA, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-67900

Risk Information

CVE-2025-67899

Risk Information

CVE-2025-14691

Risk Information

CVE-2025-67898

Risk Information

CVE-2025-13281

Risk Information