Comparison Overview

Q: Between NN Group company and Swedbank company, which one has the best AI Cybersecurity Score ?

Swedbank company demonstrates a stronger AI Cybersecurity Score compared to NN Group company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between NN Group company and Swedbank company, which one has experienced more cyber incidents in the past ?

Historically, Swedbank company has disclosed a higher number of cyber incidents compared to NN Group company.

Q: Between NN Group company and Swedbank company, which one has experienced more cyber incidents this year ?

In the current year, Swedbank company and NN Group company have not reported any cyber incidents.

Q: Between NN Group company and Swedbank company, which one has experienced at least one ransomware attack ?

Neither Swedbank company nor NN Group company has reported experiencing a ransomware attack publicly.

Q: Between NN Group company and Swedbank company, which one has experienced at least one data breach ?

Neither Swedbank company nor NN Group company has reported experiencing a data breach publicly.

Q: Between NN Group company and Swedbank company, which one has experienced at least one targeted cyberattack ?

Neither Swedbank company nor NN Group company has reported experiencing targeted cyberattacks publicly.

Q: Between NN Group company and Swedbank company, which one has experienced at least one vulnerability ?

Neither NN Group company nor Swedbank company has reported experiencing or disclosing vulnerabilities publicly.

Q: Between NN Group company and Swedbank company, which one holds the most compliance certifications ?

Neither NN Group nor Swedbank holds any compliance certifications.

Q: Between NN Group company and Swedbank company, which one has the most subsidiaries ?

NN Group company has more subsidiaries worldwide compared to Swedbank company.

NN Group

Schenkkade 65, Den Haag, Zuid-Holland, 2595, NL

Last Update: 2025-11-21

View Profile

Between 750 and 799

https://www.nn-group.com

NN Group is an international financial services company, active in 10 countries, with a strong presence in a number of European countries and Japan. Our roots lie in the Netherlands, with a rich history of more than 175 years. With our 16,000 employees, NN Group provides retirement services, pensions, insurance, banking and investments to approximately 19 million customers. NN Group includes Nationale-Nederlanden, NN, ABN AMRO Insurance, Movir, AZL, BeFrank, OHRA and Woonnu. NN Group opened for trading on 2 July 2014 on Euronext Amsterdam under the symbol ‘NN’ after its initial public offering (IPO). For more than 175 years, our company has merged, grown and changed, but the core of who we are has remained the same. At NN Group, we put our resources, expertise, and networks to use for the well-being of our customers, the advancement of our communities, the preservation of our planet, and for the promotion of a stable, inclusive, and sustainable economy. Our purpose is to help people care for what matters most to them. Because what matters to them matters to us.

NAICS: 52

NAICS Definition:

Employees: 22,213

Subsidiaries: 7

12-month incidents

0

Known data breaches

0

Attack type number

0

View Profile

Swedbank

Landsvägen 40, SE-172 63, undefined, Sundbyberg, SE

Last Update: 2025-11-20

Between 800 and 849

http://www.swedbank.com

Since 1820 Swedbank has been the bank for the many households and businesses. We are a modern financial services platform focused on customer satisfaction. Our goal is to encourage people to save for a better future and we aim to help people, businesses and society to grow by promoting a healthy and sustainable economy. As an equal opportunity employer we believe that diversity and equality help us to grow and achieve our goals. We encourage a culture built on trust, respect and our values - open, simple and caring. With 7.4 million private customers and more than 600,000 corporate and organisational customers we have a leading position in our home markets of Sweden, Estonia, Latvia and Lithuania. That position also enables us to offer our employees great opportunities to grow and develop. Working here is about creating value for our customers, our colleagues and society. Inspiring and learning from one another is what moves us forward and by working together we make a difference. Find our policy for social media here: www.swedbank.se/om-oss/policy-fb

NAICS: 52

NAICS Definition: Finance and Insurance

Employees: 14,977

Subsidiaries: 3

12-month incidents

0

Known data breaches

0

Attack type number

0

NN Group

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Swedbank

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for NN Group in 2025.

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for Swedbank in 2025.

Incident History — NN Group (X = Date, Y = Severity)

NN Group cyber incidents detection timeline including parent company and subsidiaries

Incident History — Swedbank (X = Date, Y = Severity)

Swedbank cyber incidents detection timeline including parent company and subsidiaries

NN Group

Incidents

No Incident

Swedbank

Incidents

No Incident

Swedbank company demonstrates a stronger AI Cybersecurity Score compared to NN Group company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, Swedbank company has disclosed a higher number of cyber incidents compared to NN Group company.

In the current year, Swedbank company and NN Group company have not reported any cyber incidents.

Neither Swedbank company nor NN Group company has reported experiencing a ransomware attack publicly.

Neither Swedbank company nor NN Group company has reported experiencing a data breach publicly.

Neither Swedbank company nor NN Group company has reported experiencing targeted cyberattacks publicly.

Neither NN Group company nor Swedbank company has reported experiencing or disclosing vulnerabilities publicly.

Neither NN Group nor Swedbank holds any compliance certifications.

Neither company holds any compliance certifications.

NN Group company has more subsidiaries worldwide compared to Swedbank company.

NN Group company employs more people globally than Swedbank company, reflecting its scale as a Financial Services.

Neither NN Group nor Swedbank holds SOC 2 Type 1 certification.

Neither NN Group nor Swedbank holds SOC 2 Type 2 certification.

Neither NN Group nor Swedbank holds ISO 27001 certification.

Neither NN Group nor Swedbank holds PCI DSS certification.

Neither NN Group nor Swedbank holds HIPAA certification.

Neither NN Group nor Swedbank holds GDPR certification.

Description

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.

Published

Date

2025-11-26

Updated

Date

2025-11-26

Risk Information

cvss4

Base: 7.7

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.

Published

Date

2025-11-26

Updated

Date

2025-11-26

Risk Information

cvss4

Base: 8.7

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.

Published

Date

2025-11-26

Updated

Date

2025-11-26

Risk Information

cvss4

Base: 6.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.

Published

Date

2025-11-26

Updated

Date

2025-11-26

Risk Information

cvss3

Base: 7.5

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Description

Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.

Published

Date

2025-11-26

Updated

Date

2025-11-26

Risk Information

cvss3

Base: 7.5

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

NN Group

VS

Swedbank

NN Group

Swedbank

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Average (This Year)

Incidents vs Financial Services Industry Average (This Year)

Incident History — NN Group (X = Date, Y = Severity)

Incident History — Swedbank (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-66035

Risk Information

CVE-2025-66031

Risk Information

CVE-2025-66030

Risk Information

CVE-2025-64344

Risk Information

CVE-2025-64335

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

NN Group

VS

Swedbank

NN Group

Swedbank

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Average (This Year)

Incidents vs Financial Services Industry Average (This Year)

Incident History — NN Group (X = Date, Y = Severity)

Incident History — Swedbank (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Between NN Group company and Swedbank company, which one has the best AI Cybersecurity Score ?

Between NN Group company and Swedbank company, which one has experienced more cyber incidents in the past ?

Between NN Group company and Swedbank company, which one has experienced more cyber incidents this year ?

Between NN Group company and Swedbank company, which one has experienced at least one ransomware attack ?

Between NN Group company and Swedbank company, which one has experienced at least one data breach ?

Between NN Group company and Swedbank company, which one has experienced at least one targeted cyberattack ?

Between NN Group company and Swedbank company, which one has experienced at least one vulnerability ?

Between NN Group company and Swedbank company, which one holds the most compliance certifications ?

Between NN Group company and Swedbank company, which one holds the fewest compliance certifications ?

Between NN Group company and Swedbank company, which one has the most subsidiaries ?

Between NN Group company and Swedbank company, which one has the largest number of employees ?

Between NN Group and Swedbank, which company holds both SOC 2 Type 1 certifications ?

Between NN Group and Swedbank, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — NN Group or Swedbank ?

Which company is PCI DSS compliant — NN Group or Swedbank ?

Between NN Group and Swedbank, which company complies with HIPAA regulations for healthcare data ?

Between NN Group and Swedbank, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-66035

Risk Information

CVE-2025-66031

Risk Information

CVE-2025-66030

Risk Information

CVE-2025-64344

Risk Information

CVE-2025-64335

Risk Information