Comparison Overview

Isthmus

VS

Wells Media Group, Inc.

Isthmus

P.O. Box 1542, Madison, Wisconsin, 53701, US
Last Update: 2025-11-25
View Profile
Between 750 and 799
https://www.isthmus.com

Isthmus is an independent, 501(c)(3) nonprofit news source in Madison, Wisconsin. In print monthly, online all the time. Smart, original, timely content covering news, politics, arts, music, food, sports — and more — all integral to life in the capital region. We emphasize storytelling, journalistic excellence and high quality design, along with a sharply honed instinct for local happenings, and the best events calendar in town. Always free! Isthmus Publishing Company was founded on April 9, 1976, by Vincent P. O'Hern and Fred Milverstedt. On July 10, 2014, Craig Bartlett, Jeff Haupt and Mark Tauscher, partners in Madison-based Red Card Media, purchased the publishing company. During the COVID-19 pandemic, Isthmus paused publishing and converted to a 501(c)(3) nonprofit, with help from Bartlett and Haupt donating the company's intellectual property. Operating now as Isthmus Community Media, Inc., the paper returned to print as a monthly in August 2021 under the leadership of editor and president Judith Davidoff, associate editor Linda Falkenstein, senior staff writer Dylan Brogan, calendar editor Bob Koch and publisher Jason Joyce. Isthmus distributes 35,000 high-quality copies throughout the greater Madison area and is a member of the Institute for Nonprofit News and Association of Alternative Newsmedia.

NAICS: 511
NAICS Definition: Publishing Industries (except Internet)
Employees: 55
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Wells Media Group, Inc.

3570 Camino del Rio N. Suite 200, San Diego, 92108, US
Last Update: 2025-11-21
Between 750 and 799
http://www.wellsmedia.com

Wells Media Group, Inc. is a business-to-business media company with a focus on the property casualty insurance industry. We report news, provide access to resources and foster communities to inform and connect our audiences. OUR PRODUCTS Insurance Journal: A national print, online & tablet magazine, website, email newsletters, classifieds and events for the property/casualty industry. InsuranceJournal.com is the highest-trafficked P/C insurance news website in the world. Claims Journal: The latest P/C claims news, trends, and analysis for the P/C claims industry. ClaimsJournal.com is the #1 P/C claims-specific news website in the world. MyNewMarkets.com: An interactive directory of insurance markets combined with an online community of 31,000+ registered property/casualty professionals. Where markets go to be found and where agents go to find markets. The highest-trafficked P/C insurance market community. Academy of Insurance: The Academy offers a wide variety of high-quality insurance training taught by successful industry experts, streamed directly to students as an interactive webinar. Learn from the best without leaving your desk. Carrier Management: Critical info for P/C insurance company boards of directors and all members of the C-suite who aspire to be better leaders and managers. Our mission is to inspire and challenge P/C executives to excel in business and in life.

NAICS: 511
NAICS Definition: Publishing Industries (except Internet)
Employees: 50
Subsidiaries: 1
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/isthmus.jpeg
Isthmus
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/wells-media.jpeg
Wells Media Group, Inc.
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Isthmus
100%
Compliance Rate
0/4 Standards Verified
Wells Media Group, Inc.
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Book and Periodical Publishing Industry Average (This Year)

No incidents recorded for Isthmus in 2025.

Incidents vs Book and Periodical Publishing Industry Average (This Year)

No incidents recorded for Wells Media Group, Inc. in 2025.

Incident History — Isthmus (X = Date, Y = Severity)

Isthmus cyber incidents detection timeline including parent company and subsidiaries

Incident History — Wells Media Group, Inc. (X = Date, Y = Severity)

Wells Media Group, Inc. cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/isthmus.jpeg
Isthmus
Incidents

No Incident

https://images.rankiteo.com/companyimages/wells-media.jpeg
Wells Media Group, Inc.
Incidents

No Incident

FAQ

Both Isthmus company and Wells Media Group, Inc. company demonstrate a comparable AI Cybersecurity Score, with strong governance and monitoring frameworks in place.

Historically, Wells Media Group, Inc. company has disclosed a higher number of cyber incidents compared to Isthmus company.

In the current year, Wells Media Group, Inc. company and Isthmus company have not reported any cyber incidents.

Neither Wells Media Group, Inc. company nor Isthmus company has reported experiencing a ransomware attack publicly.

Neither Wells Media Group, Inc. company nor Isthmus company has reported experiencing a data breach publicly.

Neither Wells Media Group, Inc. company nor Isthmus company has reported experiencing targeted cyberattacks publicly.

Neither Isthmus company nor Wells Media Group, Inc. company has reported experiencing or disclosing vulnerabilities publicly.

Neither Isthmus nor Wells Media Group, Inc. holds any compliance certifications.

Neither company holds any compliance certifications.

Wells Media Group, Inc. company has more subsidiaries worldwide compared to Isthmus company.

Isthmus company employs more people globally than Wells Media Group, Inc. company, reflecting its scale as a Book and Periodical Publishing.

Neither Isthmus nor Wells Media Group, Inc. holds SOC 2 Type 1 certification.

Neither Isthmus nor Wells Media Group, Inc. holds SOC 2 Type 2 certification.

Neither Isthmus nor Wells Media Group, Inc. holds ISO 27001 certification.

Neither Isthmus nor Wells Media Group, Inc. holds PCI DSS certification.

Neither Isthmus nor Wells Media Group, Inc. holds HIPAA certification.

Neither Isthmus nor Wells Media Group, Inc. holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

ThingsBoard in versions prior to v4.2.1 allows an authenticated user to upload malicious SVG images via the "Image Gallery", leading to a Stored Cross-Site Scripting (XSS) vulnerability. The exploit can be triggered when any user accesses the public API endpoint of the malicious SVG images, or if the malicious images are embedded in an `iframe` element, during a widget creation, deployed to any page of the platform (e.g., dashboards), and accessed during normal operations. The vulnerability resides in the `ImageController`, which fails to restrict the execution of JavaScript code when an image is loaded by the user's browser. This vulnerability can lead to the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and allowing unauthorized actions.

Published
Date
2025-11-27
Updated
Date
2025-11-27
Risk Information
cvss4
Base: 6.2
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email address used when switching authentication methods and sending a request to the /users/login/sso/code-exchange endpoint. The vulnerability requires ExperimentalEnableAuthenticationTransfer to be enabled (default: enabled) and RequireEmailVerification to be disabled (default: disabled).

Published
Date
2025-11-27
Updated
Date
2025-11-27
Risk Information
cvss3
Base: 9.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References
Description

Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to sanitize team email addresses to be visible only to Team Admins, which allows any authenticated user to view team email addresses via the GET /api/v4/channels/{channel_id}/common_teams endpoint

Published
Date
2025-11-27
Updated
Date
2025-11-27
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References
Description

Exposure of email service credentials to users without administrative rights in Devolutions Server.This issue affects Devolutions Server: before 2025.2.21, before 2025.3.9.

Published
Date
2025-11-27
Updated
Date
2025-11-27
References
Description

Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8.

Published
Date
2025-11-27
Updated
Date
2025-11-27
References