Comparison Overview

inDrive

VS

Sutherland

inDrive

Mountain View, 94040, US
Last Update: 2025-12-01
View Profile
Between 750 and 799
http://www.inDrive.com

inDrive is a global mobility and urban services platform. The inDrive app has been downloaded over 360 million times, and has been the second most downloaded mobility app for the third consecutive year. In addition to ride-hailing, inDrive provides an expanding list of urban services, including intercity transportation and delivery. In 2023, inDrive launched New Ventures, a venture and M&A arm. inDrive operates in 982 cities in 48 countries. Driven by its mission of challenging social injustice, the company is committed to having a positive impact on the lives of one billion people by 2030. It pursues this goal both through its core business, which supports local communities via a fair pricing model; and through the work of inVision, its non-profit arm. inVision’s community empowerment programs help to advance education, sports, arts and sciences, gender equality and other vital initiatives. For more information visit www.inDrive.com

NAICS: 5415
NAICS Definition: Computer Systems Design and Related Services
Employees: 10,185
Subsidiaries: 1
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Sutherland

1160 Pittsford-Victor Road, Pittsford (Rochester), NY, 14534, US
Last Update: 2025-11-28
Between 750 and 799
https://www.sutherlandglobal.com/

Artificial Intelligence. Automation. Cloud engineering. Advanced analytics. For business leaders, these are key factors of success. For us, they’re our core expertise. At Sutherland, we are a leading global business and digital transformation partner. Our services span a diversified range of categories, from Healthcare, Insurance, Banking & Financial Services, Communications, Media & Entertainment, Technology, Travel & Hospitality, Logistics, Retail, Energy & Utilities. We work with iconic brands worldwide, and we bring them a unique value proposition through market-leading technology and business process excellence. We’ve created over 200 unique inventions under several patents across AI and other critical technologies. Leveraging our advanced products and platforms, we drive digital transformation, optimize critical business operations, reinvent experiences and pioneer new solutions, all provided through a seamless “as a service” model. Inside Sutherland, our commitment goes beyond technology. We are a talented team of 38,000+ people working in more than 60 global delivery centers. Each and every one of us is passionate about technology and committed to results. For each company, we provide new keys for their businesses, the people they work with, and the customers they serve. We tailor proven and rapid formulas to fit their unique DNA. We bring together human expertise and artificial intelligence. In short, we do digital chemistry. It unlocks new possibilities, great client partnerships, and transformative outcomes. Sutherland Unlocking digital performance. Delivering measurable results. Know more: www.sutherlandglobal.com

NAICS: 5415
NAICS Definition: Computer Systems Design and Related Services
Employees: 56,636
Subsidiaries: 1
12-month incidents
1
Known data breaches
2
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/indrive.jpeg
inDrive
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/sutherland-global-services.jpeg
Sutherland
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
inDrive
100%
Compliance Rate
0/4 Standards Verified
Sutherland
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs IT Services and IT Consulting Industry Average (This Year)

No incidents recorded for inDrive in 2025.

Incidents vs IT Services and IT Consulting Industry Average (This Year)

Sutherland has 85.19% more incidents than the average of same-industry companies with at least one recorded incident.

Incident History — inDrive (X = Date, Y = Severity)

inDrive cyber incidents detection timeline including parent company and subsidiaries

Incident History — Sutherland (X = Date, Y = Severity)

Sutherland cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/indrive.jpeg
inDrive
Incidents

No Incident

https://images.rankiteo.com/companyimages/sutherland-global-services.jpeg
Sutherland
Incidents

Date Detected: 3/2025
Type:Breach
Attack Vector: Unauthorized Access
Motivation: Financial Gain
Blog: Blog

Date Detected: 2/2014
Type:Breach
Attack Vector: Theft of Computers
Blog: Blog

FAQ

inDrive company demonstrates a stronger AI Cybersecurity Score compared to Sutherland company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Sutherland company has historically faced a number of disclosed cyber incidents, whereas inDrive company has not reported any.

In the current year, Sutherland company has reported more cyber incidents than inDrive company.

Neither Sutherland company nor inDrive company has reported experiencing a ransomware attack publicly.

Sutherland company has disclosed at least one data breach, while inDrive company has not reported such incidents publicly.

Neither Sutherland company nor inDrive company has reported experiencing targeted cyberattacks publicly.

Neither inDrive company nor Sutherland company has reported experiencing or disclosing vulnerabilities publicly.

Neither inDrive nor Sutherland holds any compliance certifications.

Neither company holds any compliance certifications.

Both Sutherland company and inDrive company have a similar number of subsidiaries worldwide.

Sutherland company employs more people globally than inDrive company, reflecting its scale as a IT Services and IT Consulting.

Neither inDrive nor Sutherland holds SOC 2 Type 1 certification.

Neither inDrive nor Sutherland holds SOC 2 Type 2 certification.

Neither inDrive nor Sutherland holds ISO 27001 certification.

Neither inDrive nor Sutherland holds PCI DSS certification.

Neither inDrive nor Sutherland holds HIPAA certification.

Neither inDrive nor Sutherland holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

A weakness has been identified in codingWithElias School Management System up to f1ac334bfd89ae9067cc14dea12ec6ff3f078c01. Affected is an unknown function of the file /student-view.php of the component Edit Student Info Page. This manipulation of the argument First Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-11-30
Updated
Date
2025-11-30
Risk Information
cvss2
Base: 3.3
Severity: LOW
AV:N/AC:L/Au:M/C:N/I:P/A:N
cvss3
Base: 2.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

By providing a command-line argument starting with a semi-colon ; to an API endpoint created by the EnhancedCommandExecutor class of the HexStrike AI MCP server, the resultant composed command is executed directly in the context of the MCP server’s normal privilege; typically, this is root. There is no attempt to sanitize these arguments in the default configuration of this MCP server at the affected version (as of commit 2f3a5512 in September of 2025).

Published
Date
2025-11-30
Updated
Date
2025-11-30
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References
Description

A weakness has been identified in winston-dsouza Ecommerce-Website up to 87734c043269baac0b4cfe9664784462138b1b2e. Affected by this issue is some unknown functionality of the file /includes/header_menu.php of the component GET Parameter Handler. Executing manipulation of the argument Error can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-11-30
Updated
Date
2025-11-30
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in Qualitor 8.20/8.24. Affected by this vulnerability is the function eval of the file /html/st/stdeslocamento/request/getResumo.php. Performing manipulation of the argument passageiros results in code injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-11-30
Updated
Date
2025-11-30
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in Scada-LTS up to 2.7.8.1. Affected is the function Common.getHomeDir of the file br/org/scadabr/vo/exporter/ZIPProjectManager.java of the component Project Import. Such manipulation leads to path traversal. The attack may be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-11-30
Updated
Date
2025-11-30
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References