What is the official website of OpenInvest, a J.P. Morgan company ?

The official website of OpenInvest, a J.P. Morgan company is https://openinvest.com/.

What is OpenInvest, a J.P. Morgan company's cybersecurity risk score?

OpenInvest, a J.P. Morgan company has an AI-generated cybersecurity risk score of 753 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has OpenInvest, a J.P. Morgan company experienced?

According to Rankiteo, OpenInvest, a J.P. Morgan company currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has OpenInvest, a J.P. Morgan company been affected by any supply chain cyber incidents ?

According to Rankiteo, OpenInvest, a J.P. Morgan company has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does OpenInvest, a J.P. Morgan company have SOC 2 Type 1 certification ?

According to Rankiteo, OpenInvest, a J.P. Morgan company is not certified under SOC 2 Type 1.

Does OpenInvest, a J.P. Morgan company have SOC 2 Type 2 certification ?

According to Rankiteo, OpenInvest, a J.P. Morgan company does not hold a SOC 2 Type 2 certification.

Does OpenInvest, a J.P. Morgan company comply with GDPR ?

According to Rankiteo, OpenInvest, a J.P. Morgan company is not listed as GDPR compliant.

Does OpenInvest, a J.P. Morgan company have PCI DSS certification ?

According to Rankiteo, OpenInvest, a J.P. Morgan company does not currently maintain PCI DSS compliance.

Does OpenInvest, a J.P. Morgan company comply with HIPAA ?

According to Rankiteo, OpenInvest, a J.P. Morgan company is not compliant with HIPAA regulations.

Does OpenInvest, a J.P. Morgan company have ISO 27001 certification ?

According to Rankiteo,OpenInvest, a J.P. Morgan company is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does OpenInvest, a J.P. Morgan company operate in ?

OpenInvest, a J.P. Morgan company operates primarily in the Financial Services industry.

How many employees does OpenInvest, a J.P. Morgan company have ?

OpenInvest, a J.P. Morgan company employs approximately 68 people worldwide.

Does OpenInvest, a J.P. Morgan company own any subsidiaries ?

OpenInvest, a J.P. Morgan company presently has no subsidiaries across any sectors.

How many LinkedIn followers does OpenInvest, a J.P. Morgan company have ?

OpenInvest, a J.P. Morgan company's official LinkedIn profile has approximately 4,823 followers.

Does OpenInvest, a J.P. Morgan company have a Crunchbase profile ?

Yes, OpenInvest, a J.P. Morgan company has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/openinvest.

Does OpenInvest, a J.P. Morgan company have a LinkedIn profile ?

Yes, OpenInvest, a J.P. Morgan company maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/open-invest.

How many cybersecurity incidents has OpenInvest, a J.P. Morgan company experienced ?

As of June 6, 2026, Rankiteo reports that OpenInvest, a J.P. Morgan company has not experienced any cybersecurity incidents.

How many peer or competitor companies does OpenInvest, a J.P. Morgan company have ?

OpenInvest, a J.P. Morgan company has an estimated 31,987 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

OJMC

Boost Score +25 with badge (5 left)

753

/1000

Fair

778

/1000

Fair

OpenInvest, a J.P. Morgan company Vendor Cyber Rating & Cyber Score

openinvest.com

cb in

Add Your Compliance Badge

OpenInvest is a fast-growing fintech with a mission to align capital with values. Formerly a Public Benefit Corporation backed by firms like Andreessen Horowitz and YCombinator, OpenInvest is now an independent subsidiary of J.P. Morgan Chase. Important Information and disclosures can be found here: https://privatebank.jpmorgan.com/gl/en/disclosures/social-media-important-information https://www.jpmorgan.com/content/dam/jpm/global/disclosures/disclosure-notice/social_media_policy.pdf

OJMC A.I CyberSecurity Scoring

Scoring History

OJMC

OpenInvest, a J.P. Morgan company CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

OJMC Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for OJMC

Incidents vs Financial Services Industry Avg (This Year)

No incidents recorded for OpenInvest, a J.P. Morgan company in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for OpenInvest, a J.P. Morgan company in 2026.

Incident Types OJMC vs Financial Services Industry Avg (This Year)

No incidents recorded for OpenInvest, a J.P. Morgan company in 2026.

Incident History - OJMC (X = Date, Y = Severity)

Loading…

SUBSIDIARY

OpenInvest, a J.P. Morgan company Subsidiaries

Parent Company

OJMC

Financial Services

Website: https://openinvest.com/

Company Size: 68

No subsidiary data available for this company.

Loading…

OpenInvest, a J.P. Morgan company Similar Companies

Block

block.xyz

Block is one company built from many blocks, all united by the same purpose of economic empowerment. The blocks that form our foundational teams — People, Finance, Counsel, Hardware, Information Security, Platform Infrastructure Engineering, and more — provide support and guidance at the corporate level. They work across business groups and around the globe, spanning time zones and disciplines to develop inclusive People policies, forecast finances, give legal counsel, safeguard systems, nurture new initiatives, and more. Every challenge creates possibilities, and we need different perspectives to see them all. Bring yours to Block.

OTP Group

otpgroup.info

OTP Group is one of the fastest growing, leading independent banking groups in Central and Eastern Europe with a bridgehead in Central Asia. It operates in 11 countries - 10 in CEE region and 1 in Uzbekistan, employing nearly 40,000 people and providing universal financial services to 17 million customers. OTP Group has an outstanding profitability and a stable capital and liquidity position. The Group stands on the top spot on The Banker’s Magazine Top 100 CEE Banks 2024 ranked by Tier 1 capital and is the 4th most stress-resilient banking group in Europe, according to the CET1 rate decrease under three years stress scenario based on the European Banking Authority’s European banking stress test 2023. S&P Global Market Intelligence published the ranking of the best performing banks in Europe and for the first time among 50 largest European banks OTP Group was a top performer in 2023. As the most active consolidator in the banking sector of the CEE region, the Group has successfully acquired and integrated 25 banks since the early 2000s. Headquartered in Hungary, OTP Group has a very diversified and transparent ownership structure, without strategic investors and any state ownership. It has been listed on the Budapest Stock Exchange since 1995. With unique knowledge of the region and a lasting commitment to it, OTP Group is working towards helping the development of the region to become the continent’s growth engine. Linkedin Policy: https://www.otpbank.hu/static/portal/sw/file/otp-linkedin-policy.pdf

Lars Larsen Group

larslarsengroup.com

Lars Larsen Group is owned by the Brunsborg family, descendants of JYSK founder Lars Larsen. The Group owns companies within a number of business areas including furniture, interior design, restaurants and hotels, and is also an active investor in equities, funds, and real estate. The Group is to this day operated in accordance with the family’s fundamental values of tradesmanship, responsibility and growth.

Discovery Limited

discovery.co.za

Imagine a world where people live healthier, more enhanced and protected lives… A world in which each organisation is a powerful influencer and responsible corporate citizen, committed to being a force for social good. As a leading innovator in healthcare, wellness, insurance, investments, financial and life planning, Discovery works ceaselessly to make this vision a reality. Fuelled by our passion for enhancing lives and our desire to innovate, Discovery consistently sets global standards, creating shared value through shared intellectual capital. A testament to this is our Vitality programme, which is both a platform to incentivise people to live healthier lives as well as a channel through which shared value is delivered. We are a proudly South African-born, global company with health, life and short term insurance operations in South Africa and the United Kingdom, and a presence in Germany, France, the United States, Canada, Australia, Singapore, Hong Kong, Philippines, Thailand, Malaysia, China and Japan through our Global Vitality Network. We uphold our promise of shared value by being a positive disruptor that focusses on bringing about sustainable change in the lives of the people and communities we serve across the globe. Our Vitality Shared-Value Insurance model has received international recognition, including being ranked 17th in Fortune’s index of 51 companies “changing the world” in August 2015, and named a leading health innovator at the World Economic Forum in January 2017. Our values of leadership, honesty, innovation and fairness act as our compass, directing our business practices to take advantage of every opportunity while looking for ways to dazzle clients. With an unwavering commitment to being the best shared value insurance organisation in the world, Discovery is a powerful force for social good.

Sicoob

sicoob.com.br

O Sicoob é o maior sistema financeiro cooperativo do país, com mais de 9 milhões de cooperados e mais de 4,6 mil pontos de atendimento distribuídos em todo o Brasil. Somos uma cooperativa financeira que oferece aos cooperados serviços de conta corrente, crédito, investimento, cartões, previdência, consórcio, seguros, cobrança bancária, adquirência de meios eletrônicos de pagamento, entre outros. Ou seja, temos um portfólio completo para atender o nosso público. Somos reconhecidos como a terceira melhor instituição financeira do Brasil segundo o ranking “Melhores Bancos do Mundo 2024”, realizado pela Forbes em parceria com a empresa de estudos de mercado Statista. Para oferecer esse atendimento, não abrimos mão do nosso propósito de conectar pessoas para promover justiça financeira e prosperidade. Acreditamos que, para promover uma nova economia, temos que ser uma instituição diferente, é por isso que aqui cada colaborador e cooperado tem voz ativa para crescermos juntos! Deseja falar com a gente? Confira nossos números para contato: Central de Atendimento: Capitais e regiões metropolitanas: 4000 1111* Demais localidades: 0800 642 0000 *Caso a localidade não possua o serviço 4000 ou 4007, informe o número da operadora mais o DDD 61: (0xx61 4000 1111). Para informações, dúvidas, reclamações e comunicação de ocorrência de fraude, ligue para o nosso SAC 24 horas: 0800 724 4420 Deseja falar com a Ouvidoria? Para reclamações, elogios e sugestões: 0800 725 0996 (de segunda a sexta, das 8h às 20h) Deficientes auditivos ou de fala: 0800 940 0458 (de segunda a sexta, das 8h às 20h)

Primerica

Primerica is a leading provider of financial products and services in North America, with over 2,800 corporate employees who support over 151,000 licensed independent representatives providing financial education and offering financial products and services to their clients. Primerica was founded 48 years ago and is publicly traded on the New York Stock Exchange (NYSE) under the symbol "PRI". Primerica’s focus is on serving the needs of middle-income families by providing products such as term life insurance, mutual funds, annuities, and mortgages. In addition to the products and services we offer, Primerica also offers entrepreneurial-minded individuals the opportunity to build their own financial services business. More information about Primerica's Business Opportunity can be found on www.primericabusinessopportunity.com. Headquartered in Duluth, GA, Primerica operates throughout the U.S., Canada, and the territories of Puerto Rico and Guam. We believe financial security should be possible for everyone, so we strive to meet families where they are today and help them be better prepared for their future.

Capital One

cb capitalone.com

At Capital One, we're making things better for our customers and associates through innovation and collaboration. We were founded on the belief that everyone deserves financial freedom—and are dedicated to a world where all have equal opportunity to prosper. Banking is in our DNA, but we are so much more than a bank. We always think about what’s next—and how we can bring our customers the tools needed to improve their financial lives. Your ideas, experiences and skills will help make banking better. You’ll be part of a supportive culture while earning amazing benefits. That’s life at Capital One. Capital One is an equal opportunity employer (EOE, including disability/vet) committed to non-discrimination in compliance with applicable federal, state, and local laws. View our Social Media Community Guidelines https://www.capitalone.com/digital/social-media/

Bajaj Finserv

cb bajajfinserv.in

Founded in April 2007, Bajaj Finserv is the financial arm of the Bajaj group. We believe in a simple philosophy to never settle for good and go for great. This reflects in our extensive product portfolio that spans across 3 broad categories- lending, insurance and wealth advisory. With 24 products spread across 12 product lines, we're one of the fastest growing and most diversified NBFCs in India. Our footprint spans the length and breadth of India.

Principal Financial Group

principal.com

Principal Financial Group® is dedicated to improving the wealth and well-being of people and businesses around the world—helping more than 62M customers plan, protect, invest, and retire as of December 31, 2023. Along the way, we commit to supporting the communities where we do business. Improving our planet. And building a diverse, inclusive workforce. We’re proud to be recognized as a Best Place to Work in Money Management by Pensions & Investments for the 11th consecutive year, an Ethisphere World’s Most Ethical Companies for the 12th time and as Forbes The Best Employers for Diversity 2023. Disclosure: Insurance products issued by Principal National Life Insurance Company (except in NY) and Principal Life Insurance Company®. Plan administrative services offered by Principal Life. Principal Funds, Inc. is distributed by Principal Funds Distributor, Inc. Securities offered through Principal Securities, Inc., member SIPC and/or independent broker/dealers. Investment advisory services are offered through Principal Global Investors, LLC or its affiliates. Principal Asset Management℠ is a trade name of Principal Global Investors, LLC. Referenced companies are members of the Principal Financial Group®, Des Moines, IA 50392. ©2024 Principal Financial Services, Inc. Principal Financial Group Foundation, Inc. ("Principal® Foundation") is a duly recognized 501(c)(3) entity focused on providing philanthropic support to programs that build financial security in the communities where Principal Financial Group, Inc. ("Principal") operates. While Principal Foundation receives funding from Principal, Principal Foundation is a distinct, independent, charitable entity. Principal Foundation does not practice any form of investment advisory services and is not authorized to do so. https://www.principal.com/social-media-disclosures

Loading…

NEWS

OpenInvest, a J.P. Morgan company CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

July 31, 2025 07:00 AM

Michael Ovitz Joins $60 Million Funding Round for FinTech Salient

Andreesen Horowitz partner Alex Rampell expressed faith in Salient, as the San Francisco-based fintech startup closed a $60 million Series A...

Read Article

April 12, 2025 03:21 AM

JP Morgan to acquire fintech start-up OpenInvest

US banking giant JP Morgan has agreed to buy financial technology start-up OpenInvest. openinvest-180x180.jpg. OpenInvest offers environmental, social and...

Read Article

February 12, 2025 12:16 AM

JPMorgan Agrees to Purchase Values-Investing Fintech OpenInvest

JPMorgan Chase & Co. agreed to buy OpenInvest, a financial-technology firm that offers services for values-based investing.

Read Article

September 17, 2021 07:00 AM

From timber to restaurant guides: JPMorgan Chase's eclectic acquisitions

Already in 2021, the nation's largest bank by assets has purchased more than 30 companies, including both fintechs and firms that are more...

Read Article

June 30, 2021 07:00 AM

JPMorgan (JPM) on Expansion Spree, to Acquire OpenInvest

JPMorgan (JPM) has been expanding through strategic buyouts. The deal to acquire OpenInvest will support the company's environmental,...

Read Article

June 29, 2021 07:00 AM

JPMorgan is buying an ESG investing platform in bank’s third fintech acquisition of the past year

JPMorgan Chase has agreed to buy OpenInvest, a San Francisco-based start-up backed by Andreessen Horowitz and founded by former Bridgewater...

Read Article

June 29, 2021 07:00 AM

JPMorgan to buy ESG-focused fintech startup OpenInvest

JPMorgan Chase & Co (JPM.N) said on Tuesday it would buy OpenInvest, a fintech startup backed by Andreessen Horowitz and Y Combinator.

Read Article

June 29, 2021 07:00 AM

JPMorgan buys ESG fintech platform OpenInvest

JPMorgan Chase is buying fintech start-up OpenInvest, an investing platform backed by Andreessen Horowitz and founded by former employees of...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-7654

SUMMARY

The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of `unserialize()` without an `allowed_classes` restriction in the `IdsToCollection::get_ids_from_string()` function, which processes attacker-controlled post meta values without proper validation. This makes it possible for authenticated attackers with Contributor-level access and above to inject a serialized PHP object into a post's custom meta field and trigger arbitrary code execution by exploiting a bundled POP gadget chain, resulting in remote code execution as the web server user.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-7523

SUMMARY

The Alba Board plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.1.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to access arbitrary private alba_card post data, including title, description, assignee, due date, tags, and comments, that is intended to be restricted to Administrators and Editors. The handler is registered via the wp_ajax_nopriv_ hook and its nonce is exposed to all site visitors through wp_localize_script on pages containing the [alba_board] shortcode, making this exploitable by unauthenticated users who can access any such page.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: 4.3)

cvss3

Base Score: 4.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Impact Score

1.4

Exploitability

2.8

REFERENCES

CVE-2026-45409

SUMMARY

Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as `"\u0660" * N` or `"\u30fb" * N + "\u6f22"` utilize the `valid_contexto` function prior to length rejection, and for high values of `N` will take a long time to process. This is the same issue as CVE-2024-3651, however the original remediation in 2024 was not a complete fix. A specially crafted argument to the `idna.encode()` function could consume significant resources. This may lead to a denial-of-service. Starting in version 3.14, the function rejects long inputs as soon as practicable prior to any further processing to minimize resource consumption. In version 3.15, this approach was extended to lesser used alternate functions (i.e. per-label conversions and codec support). A workaround is available. Domain names cannot exceed 253 characters in length. If this length limit is enforced prior to passing the domain to the `idna.encode()` function, it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 6.9

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://github.com/kjd/idna/security/advisories/GHSA-65pc-fj4g-8rjx

CVE-2026-11431

SUMMARY

A path traversal vulnerability exists in the Projects Service download endpoint shared by Altium Enterprise Server and Altium 365. An authenticated user can supply a crafted path parameter that bypasses validation, allowing arbitrary files (including entire directories returned as archives) to be read from the server filesystem. Because the readable files include service configuration and credential material, exploitation can be used to gather information enabling further compromise. The issue can be combined with CVE-2026-11424 to reach the cloud-side endpoint. On multi-tenant Altium 365 deployments, the readable configuration could have exposed credentials shared across services. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 8.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://www.altium.com/platform/security-compliance/security-advisories

CVE-2026-11429

SUMMARY

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to move arbitrary files outside the intended repository area. This file-move primitive can be used to place attacker-controlled script content into directories where it is later executed by the service, resulting in remote code execution under the Git Service account. On multi-tenant Altium 365 deployments, this could have allowed access to data belonging to other tenants on the same infrastructure node. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 9.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://www.altium.com/platform/security-compliance/security-advisories

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…