Comparison Overview

iStock

VS

Lifetouch

iStock

Suite 200 - 1240 20th Ave SE, Calgary, Alberta, CA, T2G 1M8
Last Update: 2025-12-13
View Profile
Between 750 and 799
http://www.iStock.com

iStock is an online resource for original royalty-free stock content at the right price, including photos, illustrations, vectors, videos and audio tracks. At iStock, we’re working together to put craft first and bring you the very best stock content so that you can use it to do your very best work. We’re obsessed with beautifully crafted content and have millions of handpicked stock photos, illustrations, vectors, videos and audio tracks. As our community has grown, so has our library – not just in size, but also in breadth and originality – so that there really is something for everyone. iStock frees creatives everywhere to create beautiful communications on a budget. More than half of our content comes from artists exclusive to iStock and we have over 170 dedicated creatives reviewing every piece of content that comes into the iStock library to meet legal and creative standards. Our legal guarantee keeps you protected, ensuring that every file you purchase from iStock is safe to use, and if you’re part of a large organization, our corporate accounts offer flexible purchasing and invoicing options. We are the web’s original resource for crowd sourced royalty-free stock images, media and design elements. And more than ten years later, we still offer the best content at the right price. That’s it, in a creative nutshell.

NAICS: 54192
NAICS Definition: Photographic Services
Employees: 1,071
Subsidiaries: 2
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Lifetouch

11000 Viking Drive, None, Eden Prairie, MN, US, 55344
Last Update: 2025-12-11
Between 750 and 799
http://lifetouch.com

At Lifetouch, our purpose is to help families capture life's memories. For more than 80 years, Lifetouch has been the professional photography company of choice for schools and families. Headquartered in Eden Prairie, MN., the enterprise is organized around four primary business lines operating in local communities across North America. Built on the tradition of “Picture Day”, Lifetouch captures smiling faces from preschool through high school graduation, as well as sports, special events, seniors, and yearbooks. Additional photography services are offered through JCPenney Portraits by Lifetouch, helping families capture special milestones nationwide. Lifetouch is also proud to be a part of the Shutterfly family of brands.

NAICS: 54192
NAICS Definition: Photographic Services
Employees: 4,946
Subsidiaries: 7
12-month incidents
0
Known data breaches
1
Attack type number
3

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/istockphoto.jpeg
iStock
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/lifetouch.jpeg
Lifetouch
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
iStock
100%
Compliance Rate
0/4 Standards Verified
Lifetouch
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Photography Industry Average (This Year)

No incidents recorded for iStock in 2025.

Incidents vs Photography Industry Average (This Year)

No incidents recorded for Lifetouch in 2025.

Incident History — iStock (X = Date, Y = Severity)

iStock cyber incidents detection timeline including parent company and subsidiaries

Incident History — Lifetouch (X = Date, Y = Severity)

Lifetouch cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/istockphoto.jpeg
iStock
Incidents

No Incident

https://images.rankiteo.com/companyimages/lifetouch.jpeg
Lifetouch
Incidents

Date Detected: 12/2021
Type:Ransomware
Attack Vector: Ransomware
Motivation: Data theft and ransom
Blog: Blog

Date Detected: 1/2018
Type:Breach
Blog: Blog

Date Detected: 11/2014
Type:Cyber Attack
Blog: Blog

FAQ

Lifetouch company demonstrates a stronger AI Cybersecurity Score compared to iStock company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Lifetouch company has historically faced a number of disclosed cyber incidents, whereas iStock company has not reported any.

In the current year, Lifetouch company and iStock company have not reported any cyber incidents.

Lifetouch company has confirmed experiencing a ransomware attack, while iStock company has not reported such incidents publicly.

Lifetouch company has disclosed at least one data breach, while iStock company has not reported such incidents publicly.

Lifetouch company has reported targeted cyberattacks, while iStock company has not reported such incidents publicly.

Neither iStock company nor Lifetouch company has reported experiencing or disclosing vulnerabilities publicly.

Neither iStock nor Lifetouch holds any compliance certifications.

Neither company holds any compliance certifications.

Lifetouch company has more subsidiaries worldwide compared to iStock company.

Lifetouch company employs more people globally than iStock company, reflecting its scale as a Photography.

Neither iStock nor Lifetouch holds SOC 2 Type 1 certification.

Neither iStock nor Lifetouch holds SOC 2 Type 2 certification.

Neither iStock nor Lifetouch holds ISO 27001 certification.

Neither iStock nor Lifetouch holds PCI DSS certification.

Neither iStock nor Lifetouch holds HIPAA certification.

Neither iStock nor Lifetouch holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A user‑accessible maintenance script may be executed as root via sudo and includes an application file that is writable by a lower‑privileged user. A local attacker with access to the application account can modify this file to introduce malicious code, which is then executed with elevated privileges when the script is run. Successful exploitation results in arbitrary code execution as the root user.

Published
Date
2025-12-16
Updated
Date
2025-12-16
Risk Information
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Out of bounds read and write in V8 in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published
Date
2025-12-16
Updated
Date
2025-12-16
References
Description

Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published
Date
2025-12-16
Updated
Date
2025-12-16
References
Description

SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's `NewResponseFromRequest` function that affects all normal SIP operations. The vulnerability allows remote attackers to crash any SIP application by sending a single malformed SIP request without a To header. The vulnerability occurs when SIP message parsing succeeds for a request missing the To header, but the response creation code assumes the To header exists without proper nil checks. This affects routine operations like call setup, authentication, and message handling - not just error cases. This vulnerability affects all SIP applications using the sipgo library, not just specific configurations or edge cases, as long as they make use of the `NewResponseFromRequest` function. Version 1.0.0-alpha-1 contains a patch for the issue.

Published
Date
2025-12-16
Updated
Date
2025-12-16
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

GLPI is a free asset and IT management software package. Starting in version 9.1.0 and prior to version 10.0.21, an unauthorized user with an API access can read all knowledge base entries. Users should upgrade to 10.0.21 to receive a patch.

Published
Date
2025-12-16
Updated
Date
2025-12-16
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References