Comparison Overview

inDrive

VS

Gainwell Technologies

inDrive

Mountain View, 94040, US
Last Update: 2025-12-01
View Profile
Between 750 and 799
http://www.inDrive.com

inDrive is a global mobility and urban services platform. The inDrive app has been downloaded over 360 million times, and has been the second most downloaded mobility app for the third consecutive year. In addition to ride-hailing, inDrive provides an expanding list of urban services, including intercity transportation and delivery. In 2023, inDrive launched New Ventures, a venture and M&A arm. inDrive operates in 982 cities in 48 countries. Driven by its mission of challenging social injustice, the company is committed to having a positive impact on the lives of one billion people by 2030. It pursues this goal both through its core business, which supports local communities via a fair pricing model; and through the work of inVision, its non-profit arm. inVision’s community empowerment programs help to advance education, sports, arts and sciences, gender equality and other vital initiatives. For more information visit www.inDrive.com

NAICS: 5415
NAICS Definition: Computer Systems Design and Related Services
Employees: 10,185
Subsidiaries: 1
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Gainwell Technologies

United States, US
Last Update: 2025-12-01
Between 700 and 749
http://www.gainwelltechnologies.com

For 50 years, our nation’s federal Medicaid program has worked to improve the health, safety and well-being of America’s most vulnerable populations: low-income families, women and children, seniors, and those with disabilities. With positive health and cost outcomes that pierce inequities and impact economies, the success of these programs is inextricably tied to the prosperity of communities, individual states and the nation as a whole. We think that demands respect and, more importantly, is deserving of a lifetime commitment from innovators who can help those who operate within and around health and human services evolve — in any market at any stage. At Gainwell Technologies, that’s our sole focus. Built across more than five decades, Gainwell has intentionally seized opportunities to advance its digitally enabled services to meet agencies, health plans and MCOs where they are on their modernization journeys and propel them into the future of public health. Our commitment to innovation, deep experience and ability to leverage insights from customers across 50 states has allowed us to expand on next-generation, cloud-enabled technologies. Today, Gainwell offers one of the most comprehensive suites of scalable services and solutions on the market — all proven to deliver cost savings, better patient outcomes and an improved provider experience. Equally important to our expanding technologies and results: We bring ideas that bring policies to life.

NAICS: 5415
NAICS Definition: Computer Systems Design and Related Services
Employees: 10,068
Subsidiaries: 0
12-month incidents
0
Known data breaches
2
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/indrive.jpeg
inDrive
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/gainwell-technologies.jpeg
Gainwell Technologies
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
inDrive
100%
Compliance Rate
0/4 Standards Verified
Gainwell Technologies
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs IT Services and IT Consulting Industry Average (This Year)

No incidents recorded for inDrive in 2025.

Incidents vs IT Services and IT Consulting Industry Average (This Year)

No incidents recorded for Gainwell Technologies in 2025.

Incident History — inDrive (X = Date, Y = Severity)

inDrive cyber incidents detection timeline including parent company and subsidiaries

Incident History — Gainwell Technologies (X = Date, Y = Severity)

Gainwell Technologies cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/indrive.jpeg
inDrive
Incidents

No Incident

https://images.rankiteo.com/companyimages/gainwell-technologies.jpeg
Gainwell Technologies
Incidents

Date Detected: 7/2024
Type:Breach
Attack Vector: Social Engineering (Unauthorized Caller Access to Reimbursement Account)
Motivation: Unknown (Potential Financial or Data Theft)
Blog: Blog

Date Detected: 01/2021
Type:Breach
Blog: Blog

FAQ

inDrive company demonstrates a stronger AI Cybersecurity Score compared to Gainwell Technologies company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Gainwell Technologies company has historically faced a number of disclosed cyber incidents, whereas inDrive company has not reported any.

In the current year, Gainwell Technologies company and inDrive company have not reported any cyber incidents.

Neither Gainwell Technologies company nor inDrive company has reported experiencing a ransomware attack publicly.

Gainwell Technologies company has disclosed at least one data breach, while inDrive company has not reported such incidents publicly.

Neither Gainwell Technologies company nor inDrive company has reported experiencing targeted cyberattacks publicly.

Neither inDrive company nor Gainwell Technologies company has reported experiencing or disclosing vulnerabilities publicly.

Neither inDrive nor Gainwell Technologies holds any compliance certifications.

Neither company holds any compliance certifications.

inDrive company has more subsidiaries worldwide compared to Gainwell Technologies company.

inDrive company employs more people globally than Gainwell Technologies company, reflecting its scale as a IT Services and IT Consulting.

Neither inDrive nor Gainwell Technologies holds SOC 2 Type 1 certification.

Neither inDrive nor Gainwell Technologies holds SOC 2 Type 2 certification.

Neither inDrive nor Gainwell Technologies holds ISO 27001 certification.

Neither inDrive nor Gainwell Technologies holds PCI DSS certification.

Neither inDrive nor Gainwell Technologies holds HIPAA certification.

Neither inDrive nor Gainwell Technologies holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A weakness has been identified in codingWithElias School Management System up to f1ac334bfd89ae9067cc14dea12ec6ff3f078c01. Affected is an unknown function of the file /student-view.php of the component Edit Student Info Page. This manipulation of the argument First Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-11-30
Updated
Date
2025-11-30
Risk Information
cvss2
Base: 3.3
Severity: LOW
AV:N/AC:L/Au:M/C:N/I:P/A:N
cvss3
Base: 2.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

By providing a command-line argument starting with a semi-colon ; to an API endpoint created by the EnhancedCommandExecutor class of the HexStrike AI MCP server, the resultant composed command is executed directly in the context of the MCP server’s normal privilege; typically, this is root. There is no attempt to sanitize these arguments in the default configuration of this MCP server at the affected version (as of commit 2f3a5512 in September of 2025).

Published
Date
2025-11-30
Updated
Date
2025-11-30
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References
Description

A weakness has been identified in winston-dsouza Ecommerce-Website up to 87734c043269baac0b4cfe9664784462138b1b2e. Affected by this issue is some unknown functionality of the file /includes/header_menu.php of the component GET Parameter Handler. Executing manipulation of the argument Error can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-11-30
Updated
Date
2025-11-30
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in Qualitor 8.20/8.24. Affected by this vulnerability is the function eval of the file /html/st/stdeslocamento/request/getResumo.php. Performing manipulation of the argument passageiros results in code injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-11-30
Updated
Date
2025-11-30
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in Scada-LTS up to 2.7.8.1. Affected is the function Common.getHomeDir of the file br/org/scadabr/vo/exporter/ZIPProjectManager.java of the component Project Import. Such manipulation leads to path traversal. The attack may be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-11-30
Updated
Date
2025-11-30
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References