Comparison Overview

Parkland Corporation

VS

Eram Holdings

Parkland Corporation

240 4 Ave SW, Calgary, Alberta, T2P 4H4, CA
Last Update: 2025-05-06 (UTC)
Between 800 and 900
http://www.parkland.ca

Strong

As an employer, we offer tremendous career opportunities to people who love to solve problems and build scalable, efficient solutions that drive our continued growth. Careers at Parkland span diverse geographies, areas of specialization and expertise. If you thrive in high-growth environments and are searching for an opportunity to put your skills, talents, and passion to work โ€“ we encourage you to regularly visit our careers page at Power Your Journey at Parkland - Parkland. Parkland is a high-growth global business with operations in 25 countries. From humble beginnings in the 1960โ€™s, we have grown to become a leading convenience store business and supplier, marketer and retailer of fuel and related products. Our almost 6,000 employees are focused on advancing our purpose, which is to Power Journeys and Energize Communities. Our business includes 3,200 retail service stations which stretch coast to coast in Canada, across many states in the U.S., and 23 countries in the Caribbean region. While you may not recognize the Parkland name, you are likely among the over one million customers per day who transact with our consumer and commercial brands. In Canada, 85 percent of the population live within 15-minutes of a Parkland location. We are playing a leadership role in the energy transition by providing our customers with the mobility and essential products they depend on, but with lower carbon intensity. Our Refinery was the first in North America to use existing infrastructure to manufacture renewable fuels, while our soon to be launched Ultra-fast Electric Vehicle charging network is positioned to meet emerging demand in British Columbia.

NAICS: 211
NAICS Definition: Oil and Gas Extraction
Employees: 2,465
Subsidiaries: 6
12-month incidents
0
Known data breaches
0
Attack type number
1

Eram Holdings

6th Floor, Khobar Business Gate - Tower A P.O Box 4955 Al Khobar, SA
Last Update: 2025-03-15 (UTC)

Strong

Between 800 and 900
http://www.eramgroup.com

Eram Holdings, since its humble beginning in the 1990s, has experienced significant growth. Today, we have expanded into a business conglomerate operating in 9 business verticals with headquarters in Saudi Arabia, regional offices in India, UAE and with over 150 offices spread across 13 countries in Asia and Europe. Our journey continues to evolve as we seek new opportunities and embrace innovative strategies to further enhance our global presence. We are recognized in the industry for exemplary customer service and our subsidiaries have won several industry leading awards, reflecting our commitment to excellence. We have a strong team led by a functional board and experienced strategic business unit heads who have decades of experience backed by over 8000 employees from 25 different nationalities. Our regional presence has positioned us as a key industry partner for our clients. Job creation, creating value in the society we thrive, is the core theme of our operations. We believe in responsible business practices, inspiring the future, and placing a keen focus on localization in the countries we operate in. Our localization scores continue to increase every year which shows our commitment for development of localized value chain and ecosystem by investments and strategic acquisitions. We are dedicated to sustainability and shaping a future where everyone benefits, communities flourish, and the environment is protected. In the days ahead, all of Eram's entities are committed to ensuring compliance with ESG standards, enhancing environmental performance, minimizing our ecological footprint, and upholding strong governance to demonstrate our commitment to sustainable business practices across all operations. We are recognized for various humanitarian activities including initiatives and eร”ยจร„orts to provide quality education to the less privileged.

NAICS: 211
NAICS Definition:
Employees: 10,001+
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/parkland-fuel-corporation.jpeg
Parkland Corporation
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/eram-group.jpeg
Eram Holdings
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
Parkland Corporation
100%
Compliance Rate
0/4 Standards Verified
Eram Holdings
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Oil and Gas Industry Average (This Year)

No incidents recorded for Parkland Corporation in 2025.

Incidents vs Oil and Gas Industry Average (This Year)

No incidents recorded for Eram Holdings in 2025.

Incident History โ€” Parkland Corporation (X = Date, Y = Severity)

Parkland Corporation cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” Eram Holdings (X = Date, Y = Severity)

Eram Holdings cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/parkland-fuel-corporation.jpeg
Parkland Corporation
Incidents

Date Detected: 11/2020
Type:Ransomware
Motivation: Financial Gain
Blog: Blog
https://images.rankiteo.com/companyimages/eram-group.jpeg
Eram Holdings
Incidents

No Incident

FAQ

Both Parkland Corporation company and Eram Holdings company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

Parkland Corporation company has historically faced a number of disclosed cyber incidents, whereas Eram Holdings company has not reported any.

In the current year, Eram Holdings company and Parkland Corporation company have not reported any cyber incidents.

Parkland Corporation company has confirmed experiencing a ransomware attack, while Eram Holdings company has not reported such incidents publicly.

Neither Eram Holdings company nor Parkland Corporation company has reported experiencing a data breach publicly.

Neither Eram Holdings company nor Parkland Corporation company has reported experiencing targeted cyberattacks publicly.

Neither Parkland Corporation company nor Eram Holdings company has reported experiencing or disclosing vulnerabilities publicly.

Parkland Corporation company has more subsidiaries worldwide compared to Eram Holdings company.

Parkland Corporation company employs more people globally than Eram Holdings company, reflecting its scale as a Oil and Gas.

Latest Global CVEs (Not Company-Specific)

Description

Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems from a token validation routine that only decodes JWTs (jwt.decode) without verifying their signatures. Both the email verification token login path and the password reset server action use the same validator, which does not check the tokenโ€™s signature, expiration, issuer, or audience. If an attacker learns the victimโ€™s actual user.id, they can craft an arbitrary JWT with an alg: "none" header and use it to authenticate and reset the victimโ€™s password. This issue has been patched in version 4.0.1.

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
References
Description

Apollo Studio Embeddable Explorer & Embeddable Sandbox are website embeddable software solutions from Apollo GraphQL. Prior to Apollo Sandbox version 2.7.2 and Apollo Explorer version 3.7.3, a cross-site request forgery (CSRF) vulnerability was identified. The vulnerability arises from missing origin validation in the client-side code that handles window.postMessage events. A malicious website can send forged messages to the embedding page, causing the victimโ€™s browser to execute arbitrary GraphQL queries or mutations against their GraphQL server while authenticated with the victimโ€™s cookies. This issue has been patched in Apollo Sandbox version 2.7.2 and Apollo Explorer version 3.7.3.

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N
References
Description

A security vulnerability has been detected in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /consulta-dispensas. Such manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file /module/Api/aluno. This manipulation of the argument aluno_id causes improper authorization. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in Tencent WeKnora 0.1.0. This impacts the function testEmbeddingModel of the file /api/v1/initialization/embedding/test. The manipulation of the argument baseUrl results in server-side request forgery. The attack can be launched remotely. The exploit has been released to the public and may be exploited. It is advisable to upgrade the affected component. The vendor responds: "We have confirmed that the issue mentioned in the report does not exist in the latest releases".

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References