GA
Company Details
Linkedin ID:
gritton-&-associates
Website:
Employees number:
25
Number of followers:
246
NAICS:
333
Industry Type:
Homepage:
gritton.com
IP Addresses:
0
Company ID:
GRI_1720701
Scan Status:
In-progress
Gritton & Associates Company CyberSecurity Posture
gritton.com
Gritton & Associates is a third-generation, family-owned company and the leading provider of HVAC, industrial, and plumbing products in the Intermountain region. With a legacy built on expertise, innovation, and exceptional service, we are committed to delivering high-quality solutions that meet the needs of contractors, engineers, and end users. For decades, we have been a trusted partner in the industry, offering top-tier products, technical support, and project management to ensure seamless system performance. Our team takes pride in fostering strong relationships, staying ahead of industry advancements, and maintaining a customer-first approach in everything we do. At Gritton & Associates, we don’t just supply products—we provide the knowledge, service, and reliability that help our customers succeed.
Gritton & Associates A.I CyberSecurity Scoring
GA Risk Score (AI oriented)Between 700 and 749
GA
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
GA Global Score (TPRM)XXXX
GA
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
GA Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
GA Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for GA
Incidents vs HVAC and Refrigeration Equipment Manufacturing Industry Average (This Year)
No incidents recorded for Gritton & Associates in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Gritton & Associates in 2025.
Incident Types GA vs HVAC and Refrigeration Equipment Manufacturing Industry Avg (This Year)
No incidents recorded for Gritton & Associates in 2025.
Incident History — GA (X = Date, Y = Severity)
GA cyber incidents detection timeline including parent company and subsidiaries
GA Company Subsidiaries
Gritton & Associates is a third-generation, family-owned company and the leading provider of HVAC, industrial, and plumbing products in the Intermountain region. With a legacy built on expertise, innovation, and exceptional service, we are committed to delivering high-quality solutions that meet the needs of contractors, engineers, and end users. For decades, we have been a trusted partner in the industry, offering top-tier products, technical support, and project management to ensure seamless system performance. Our team takes pride in fostering strong relationships, staying ahead of industry advancements, and maintaining a customer-first approach in everything we do. At Gritton & Associates, we don’t just supply products—we provide the knowledge, service, and reliability that help our customers succeed.
Loading...
GA Similar Companies
Poorman's Heating and Air Conditioning
Since 1978, Poorman’s Heating and Air Conditioning has been recognized for their quality of service throughout the Greater Fort Wayne area. When you need to replace your home's comfort system, you want to find the best system for the best value - plus, you want the best installation and service arou
WACS LTD
WACS leads in the design, construction, refurbishment, and upgrade of engineering services in the Data Centre and Commercial sectors. We provide dynamic engineering solutions for the most complex projects, from MEP to full turnkey requirements. With over 30 years of industry experience, we have bui
Newton-Metallo LLC
Newton-Metallo LLC values lasting relationships with our customers and established HVAC manufacturers as a standout HVAC Manufacturer’s Representative. Newton-Metallo’s exceptional local reputation is a result of passionate service and experience to deliver the solution in engineered product solutio
TempMaster Commercial Solutions
Exceeding your expectations requires an eye toward the future with a focus on your needs today. So that's why, when it comes to building products for businesses, we believe in focusing on quality at every stage, with every product. And it's why we closely monitor and improve processes that impact qu
Upchurch Services, LLC is a full-service mechanical contracting company. We provide exceptional service to our customers throughout the SEC region. We provide plumbing, heating, ventilating, and air conditioning services to commercial and industrial entities. We have offices in Tennessee, Mississi
BITZER Australia
In Australia and New Zealand, BITZER is a technology leader not just in compressors, but also in engineered refrigeration packages, pressure vessels and air conditioning solutions. In addition, BITZER's dedicated heat exchange business, BUFFALO TRIDENT, has a wealth of experience in designing both o
.png)
GA CyberSecurity News
November 24, 2025 08:37 PM
Doris Gritton Obituary (2025)
Doris E Gritton, a cherished soul who graced this world with her presence for 96 years, passed away peacefully on November 11, 2025.
November 23, 2025 10:23 PM
Realtor Julie Gritton honored for charitable contributions
For exceptional commitment to supporting St. Jude Children's Research Hospital, local Realtor Julie Gritton has been named a 2025 Coldwell...
November 20, 2025 08:21 PM
Julie Gritton Team welcomes Jamillya Scott
The Julie Gritton Team at Coldwell Banker Premier Lewes recently announced Jamillya Scott has joined the group. Scott brings a powerful...
October 22, 2025 07:00 AM
Danville soccer playing in memory of athletic director Gary Gritton
Danville soccer playing in memory of athletic director Gary Gritton ... CHAMPAIGN, Ill. (WCIA) – A win in the regional semifinals may not seem...
October 21, 2025 07:00 AM
Littlehampton wedding photographer who focuses on capturing 'authentic, emotional moments' is up for top award '
Darren Gritton, a deaf and hard of hearing wedding photographer, has been named as a finalist in TWIA (The Wedding Industry Awards) regional...
October 18, 2025 07:00 AM
AUTO RACING: Mears to wear Gritton decal at Talladega
Marvin Holman ... NASCAR driver Casey Mears will have a special decal on his car when he races this weekend at Talladega SuperSpeedway. Mears will...
September 29, 2025 07:00 AM
Special concert to mark 250th anniversary of Jane Austen's birth
These pieces, once enjoyed by Austen family members, are now a part of what is described as the Jane Austen Songbook and are kept at Jane Austen...
September 27, 2025 07:00 AM
Gary Gritton Obituary (2025) - Danville, IL - The News-Gazette
Gary Gritton Obituary. DANVILLE - Gary Wayne Gritton, 49, of Danville, passed away at his home on Sept. 22, 2025, at 3:57 p.m.. Gary was born on...
September 25, 2025 07:00 AM
Danville mourns the passing of Gary Gritton
Danville mourns the passing of Gary Gritton ... DANVILLE — “The world is going to miss this guy.” Those were the words of Adam Decker, a longtime...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
GA CyberSecurity History Information
Official Website of Gritton & Associates
The official website of Gritton & Associates is http://www.gritton.com.
Gritton & Associates’s AI-Generated Cybersecurity Score
According to Rankiteo, Gritton & Associates’s AI-generated cybersecurity score is 745, reflecting their Moderate security posture.
How many security badges does Gritton & Associates’ have ?
According to Rankiteo, Gritton & Associates currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Gritton & Associates have SOC 2 Type 1 certification ?
According to Rankiteo, Gritton & Associates is not certified under SOC 2 Type 1.
Does Gritton & Associates have SOC 2 Type 2 certification ?
According to Rankiteo, Gritton & Associates does not hold a SOC 2 Type 2 certification.
Does Gritton & Associates comply with GDPR ?
According to Rankiteo, Gritton & Associates is not listed as GDPR compliant.
Does Gritton & Associates have PCI DSS certification ?
According to Rankiteo, Gritton & Associates does not currently maintain PCI DSS compliance.
Does Gritton & Associates comply with HIPAA ?
According to Rankiteo, Gritton & Associates is not compliant with HIPAA regulations.
Does Gritton & Associates have ISO 27001 certification ?
According to Rankiteo,Gritton & Associates is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Gritton & Associates
Gritton & Associates operates primarily in the HVAC and Refrigeration Equipment Manufacturing industry.
Number of Employees at Gritton & Associates
Gritton & Associates employs approximately 25 people worldwide.
Subsidiaries Owned by Gritton & Associates
Gritton & Associates presently has no subsidiaries across any sectors.
Gritton & Associates’s LinkedIn Followers
Gritton & Associates’s official LinkedIn profile has approximately 246 followers.
Gritton & Associates’s Presence on Crunchbase
No, Gritton & Associates does not have a profile on Crunchbase.
Gritton & Associates’s Presence on LinkedIn
Yes, Gritton & Associates maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/gritton-&-associates.
Cybersecurity Incidents Involving Gritton & Associates
As of November 28, 2025, Rankiteo reports that Gritton & Associates has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
Gritton & Associates has an estimated 150 peer or competitor companies worldwide.
Gritton & Associates CyberSecurity History Information
How many cyber incidents has Gritton & Associates faced ?
Total Incidents: According to Rankiteo, Gritton & Associates has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at Gritton & Associates ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=gritton-&-associates' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
