Comparison Overview

Nancy Bond Insurance Services

VS

Sompo Group

Nancy Bond Insurance Services

201 W. Lemon Avenue, Monrovia, CA, 91016, US
Last Update: 2025-05-05 (UTC)
Between 900 and 1000
http://www.nancybondinsurance.com

Excellent

NBIS - a full-service independent insurance agency here to help serve your insurance needs! We are STELLAR with customer service, and know just how to help you save money and get top-notch coverage. We have a very knowledgeable staff, and a passion for being involved in the communities that we serve.

NAICS: 524
NAICS Definition: Insurance Carriers and Related Activities
Employees: 10
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Sompo Group

1-26-1, Nishi-Shinjuku Shinjuku-ku, Tokyo 1608338, JP
Last Update: 2025-05-17 (UTC)

Excellent

Between 900 and 1000
https://www.sompo-hd.com

Tracing our roots back to the first fire insurance company in Japan over 130 years ago, Sompo Holdings today leads a group of companies operating across different industries and geographies. The Sompo Group provides solutions in P&C insurance globally and life insurance and nursing care in Japan to serve and deliver value to our customers, society, employees, and shareholders. We strive โ€œFor a future of health, wellbeing and financial protectionโ€ โ€“ this is our Purpose.

NAICS: 524
NAICS Definition: Insurance Carriers and Related Activities
Employees: 10,001+
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/nancy-bond-insurance-services.jpeg
Nancy Bond Insurance Services
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/sompo-holdings-inc.jpeg
Sompo Group
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
Nancy Bond Insurance Services
100%
Compliance Rate
0/4 Standards Verified
Sompo Group
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Insurance Industry Average (This Year)

No incidents recorded for Nancy Bond Insurance Services in 2025.

Incidents vs Insurance Industry Average (This Year)

No incidents recorded for Sompo Group in 2025.

Incident History โ€” Nancy Bond Insurance Services (X = Date, Y = Severity)

Nancy Bond Insurance Services cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” Sompo Group (X = Date, Y = Severity)

Sompo Group cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/nancy-bond-insurance-services.jpeg
Nancy Bond Insurance Services
Incidents

No Incident

https://images.rankiteo.com/companyimages/sompo-holdings-inc.jpeg
Sompo Group
Incidents

No Incident

FAQ

Both Nancy Bond Insurance Services company and Sompo Group company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

Historically, Sompo Group company has disclosed a higher number of cyber incidents compared to Nancy Bond Insurance Services company.

In the current year, Sompo Group company and Nancy Bond Insurance Services company have not reported any cyber incidents.

Neither Sompo Group company nor Nancy Bond Insurance Services company has reported experiencing a ransomware attack publicly.

Neither Sompo Group company nor Nancy Bond Insurance Services company has reported experiencing a data breach publicly.

Neither Sompo Group company nor Nancy Bond Insurance Services company has reported experiencing targeted cyberattacks publicly.

Neither Nancy Bond Insurance Services company nor Sompo Group company has reported experiencing or disclosing vulnerabilities publicly.

Neither Nancy Bond Insurance Services company nor Sompo Group company has publicly disclosed detailed information about the number of their subsidiaries.

Nancy Bond Insurance Services company employs more people globally than Sompo Group company, reflecting its scale as a Insurance.

Latest Global CVEs (Not Company-Specific)

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in The Wikimedia Foundation MediaWiki Cargo extension allows SQL Injection.This issue affects MediaWiki Cargo extension: 1.39, 1.43, 1.44.

Published
Date
2025-10-17
Updated
Date
2025-10-17
Risk Information
cvss4
Base: 2.1
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:C/RE:M/U:Amber
References
Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki QuizGame extension allows Stored XSS.This issue affects MediaWiki QuizGame extension: 1.39, 1.43, 1.44.

Published
Date
2025-10-17
Updated
Date
2025-10-17
Risk Information
cvss4
Base: 2.0
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:C/RE:M/U:Amber
References
Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki PollNY extension allows Stored XSS.This issue affects MediaWiki PollNY extension: 1.39, 1.43, 1.44.

Published
Date
2025-10-17
Updated
Date
2025-10-17
Risk Information
cvss4
Base: 2.0
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:C/RE:M/U:Amber
References
Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation MediaWiki WebAuthn extension allows Stored XSS.This issue affects MediaWiki WebAuthn extension: 1.39, 1.43, 1.44.

Published
Date
2025-10-17
Updated
Date
2025-10-17
Risk Information
cvss4
Base: 5.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:L/U:Amber
References
Description

pyquokka is a framework for making data lakes work for time series. In versions 0.3.1 and prior, the FlightServer class directly uses pickle.loads() to deserialize action bodies received from Flight clients without any sanitization or validation in the do_action() method. The vulnerable code is located in pyquokka/flight.py at line 283 where arbitrary data from Flight clients is directly passed to pickle.loads(). When FlightServer is configured to listen on 0.0.0.0, this allows attackers across the entire network to perform arbitrary remote code execution by sending malicious pickled payloads through the set_configs action. Additional vulnerability points exist in the cache_garbage_collect, do_put, and do_get functions where pickle.loads is used to deserialize untrusted remote data.

Published
Date
2025-10-17
Updated
Date
2025-10-17
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References