Comparison Overview

Q: Between Sberbank company and Intesa Sanpaolo company, which one has the best AI Cybersecurity Score ?

Intesa Sanpaolo company demonstrates a stronger AI Cybersecurity Score compared to Sberbank company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between Sberbank company and Intesa Sanpaolo company, which one has experienced more cyber incidents in the past ?

Historically, Intesa Sanpaolo company has disclosed a higher number of cyber incidents compared to Sberbank company.

Q: Between Sberbank company and Intesa Sanpaolo company, which one has experienced more cyber incidents this year ?

In the current year, Intesa Sanpaolo company and Sberbank company have not reported any cyber incidents.

Q: Between Sberbank company and Intesa Sanpaolo company, which one has experienced at least one ransomware attack ?

Neither Intesa Sanpaolo company nor Sberbank company has reported experiencing a ransomware attack publicly.

Q: Between Sberbank company and Intesa Sanpaolo company, which one has experienced at least one data breach ?

Neither Intesa Sanpaolo company nor Sberbank company has reported experiencing a data breach publicly.

Q: Between Sberbank company and Intesa Sanpaolo company, which one has experienced at least one targeted cyberattack ?

Neither Intesa Sanpaolo company nor Sberbank company has reported experiencing targeted cyberattacks publicly.

Q: Between Sberbank company and Intesa Sanpaolo company, which one has experienced at least one vulnerability ?

Neither Sberbank company nor Intesa Sanpaolo company has reported experiencing or disclosing vulnerabilities publicly.

Q: Between Sberbank company and Intesa Sanpaolo company, which one holds the most compliance certifications ?

Neither Sberbank nor Intesa Sanpaolo holds any compliance certifications.

Q: Between Sberbank company and Intesa Sanpaolo company, which one has the most subsidiaries ?

Intesa Sanpaolo company has more subsidiaries worldwide compared to Sberbank company.

Sberbank

RU

Last Update: 2025-12-09

View Profile

Between 800 and 849

https://sber.ru

Сбер — крупнейший банк в России, поставщик надёжных технологических решений и один из ведущих финансовых институтов страны. Мы не боимся меняться и открывать новые горизонты, но в то же время остаёмся верными принципам, сформированным за нашу 180-летнюю историю. Такой подход позволяет нам создавать и развивать десятки технологичных направлений. Нашими сервисами пользуются миллионы людей, а над их созданием и совершенствованием работают десятки тысяч сотрудников. Sber is the largest bank in Russia, supplier of reliable technological solutions and one of the leading national financial institutions. We are not afraid to change and open up new horizons, but at the same time we remain true to the principles that have been formed over our 180-year history. This approach allows us to create and develop dozens of technological areas. Our services are used by millions of people, and thousands of employees are working on their creation and improvement.

NAICS: 52211

NAICS Definition: Commercial Banking

Employees: 10,459

Subsidiaries: 1

12-month incidents

0

Known data breaches

0

Attack type number

0

View Profile

Intesa Sanpaolo

Piazza San Carlo 156, Turin, TO, 10121, IT

Last Update: 2025-12-09

Between 800 and 849

http://www.group.intesasanpaolo.com

Intesa Sanpaolo è il maggior gruppo bancario in Italia con una significativa presenza internazionale. Il suo business model distintivo la rende leader a livello europeo nel Wealth Management, Protection & Advisory e ne caratterizza l’orientamento al digitale. I’impegno in ambito ESG prevede, entro il 2025, €115 miliardi di finanziamenti impact e contributi per 500 milioni a supporto delle persone in difficoltà. Gallerie d’Italia, è la sede espositiva del patrimonio artistico della banca e di progetti artistici di riconosciuto valore. https://group.intesasanpaolo.com/it/ _______________ Intesa Sanpaolo is the largest banking group in Italy with a significant international presence. Its distinctive business model makes it a European leader in wealth management, protection and advisory and ensures its strong focus on digital. Its commitment to ESG foresees, by 2025, €115 billion of impact financing and contributions of €500 million to support people in need. Gallerie d'Italia, is the exhibition venue for the bank's artistic heritage and artistic projects of recognised value. https://group.intesasanpaolo.com/en/ _________________ Sede Legale: Piazza San Carlo 156, 10121 Torino – Sede Secondaria: Via Monte di Pietà 8, 20121 Milano Tel. 011 555.1 – mail: [email protected] pec: [email protected] Registro delle Imprese di Torino e Codice Fiscale 00799960158 – Partita Iva 10810700152 N. Iscr. Albo Banche 5361 N. Iscr. Registro degli Intermediari Assicurativi e Riassicurativi - Sez. D. 000027210, data di iscrizione 01.02.2007 - Intermediario soggetto alla vigilanza dell'IVASS: https://servizi.ivass.it/RuirPubblica Per la presentazione dei reclami e eventuali sistemi di risoluzione delle controversie https://www.intesasanpaolo.com/it/persone-e-famiglie/reclami.html. Per assistenza: https://www.intesasanpaolo.com/it/common/parla-con-noi.html. Netiquette: https://www.intesasanpaolo.com/it/common/landing/anti-phishing/netiquette.html

NAICS: 52211

NAICS Definition: Commercial Banking

Employees: 57,864

Subsidiaries: 5

12-month incidents

0

Known data breaches

0

Attack type number

0

Sberbank

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Intesa Sanpaolo

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Banking Industry Average (This Year)

No incidents recorded for Sberbank in 2025.

Incidents vs Banking Industry Average (This Year)

No incidents recorded for Intesa Sanpaolo in 2025.

Incident History — Sberbank (X = Date, Y = Severity)

Sberbank cyber incidents detection timeline including parent company and subsidiaries

Incident History — Intesa Sanpaolo (X = Date, Y = Severity)

Intesa Sanpaolo cyber incidents detection timeline including parent company and subsidiaries

Sberbank

Incidents

No Incident

Intesa Sanpaolo

Incidents

No Incident

Intesa Sanpaolo company demonstrates a stronger AI Cybersecurity Score compared to Sberbank company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, Intesa Sanpaolo company has disclosed a higher number of cyber incidents compared to Sberbank company.

In the current year, Intesa Sanpaolo company and Sberbank company have not reported any cyber incidents.

Neither Intesa Sanpaolo company nor Sberbank company has reported experiencing a ransomware attack publicly.

Neither Intesa Sanpaolo company nor Sberbank company has reported experiencing a data breach publicly.

Neither Intesa Sanpaolo company nor Sberbank company has reported experiencing targeted cyberattacks publicly.

Neither Sberbank company nor Intesa Sanpaolo company has reported experiencing or disclosing vulnerabilities publicly.

Neither Sberbank nor Intesa Sanpaolo holds any compliance certifications.

Neither company holds any compliance certifications.

Intesa Sanpaolo company has more subsidiaries worldwide compared to Sberbank company.

Intesa Sanpaolo company employs more people globally than Sberbank company, reflecting its scale as a Banking.

Neither Sberbank nor Intesa Sanpaolo holds SOC 2 Type 1 certification.

Neither Sberbank nor Intesa Sanpaolo holds SOC 2 Type 2 certification.

Neither Sberbank nor Intesa Sanpaolo holds ISO 27001 certification.

Neither Sberbank nor Intesa Sanpaolo holds PCI DSS certification.

Neither Sberbank nor Intesa Sanpaolo holds HIPAA certification.

Neither Sberbank nor Intesa Sanpaolo holds GDPR certification.

Description

NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 8.1

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

References

https://docs.nxlog.co/agent/current/release-notes.html#nxlog-agent-6-11

Description

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 2.9

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

References

Description

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss2

Base: 5.0

Severity: LOW

AV:N/AC:L/Au:N/C:N/I:P/A:N

cvss3

Base: 4.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

cvss4

Base: 5.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 4.5

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L

References

https://github.com/mjmlio/mjml/issues/3018

Description

A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 5.8

Severity: HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Sberbank

VS

Intesa Sanpaolo

Sberbank

Intesa Sanpaolo

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Banking Industry Average (This Year)

Incidents vs Banking Industry Average (This Year)

Incident History — Sberbank (X = Date, Y = Severity)

Incident History — Intesa Sanpaolo (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-67900

Risk Information

CVE-2025-67899

Risk Information

CVE-2025-14691

Risk Information

CVE-2025-67898

Risk Information

CVE-2025-13281

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Sberbank

VS

Intesa Sanpaolo

Sberbank

Intesa Sanpaolo

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Banking Industry Average (This Year)

Incidents vs Banking Industry Average (This Year)

Incident History — Sberbank (X = Date, Y = Severity)

Incident History — Intesa Sanpaolo (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Between Sberbank company and Intesa Sanpaolo company, which one has the best AI Cybersecurity Score ?

Between Sberbank company and Intesa Sanpaolo company, which one has experienced more cyber incidents in the past ?

Between Sberbank company and Intesa Sanpaolo company, which one has experienced more cyber incidents this year ?

Between Sberbank company and Intesa Sanpaolo company, which one has experienced at least one ransomware attack ?

Between Sberbank company and Intesa Sanpaolo company, which one has experienced at least one data breach ?

Between Sberbank company and Intesa Sanpaolo company, which one has experienced at least one targeted cyberattack ?

Between Sberbank company and Intesa Sanpaolo company, which one has experienced at least one vulnerability ?

Between Sberbank company and Intesa Sanpaolo company, which one holds the most compliance certifications ?

Between Sberbank company and Intesa Sanpaolo company, which one holds the fewest compliance certifications ?

Between Sberbank company and Intesa Sanpaolo company, which one has the most subsidiaries ?

Between Sberbank company and Intesa Sanpaolo company, which one has the largest number of employees ?

Between Sberbank and Intesa Sanpaolo, which company holds both SOC 2 Type 1 certifications ?

Between Sberbank and Intesa Sanpaolo, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — Sberbank or Intesa Sanpaolo ?

Which company is PCI DSS compliant — Sberbank or Intesa Sanpaolo ?

Between Sberbank and Intesa Sanpaolo, which company complies with HIPAA regulations for healthcare data ?

Between Sberbank and Intesa Sanpaolo, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-67900

Risk Information

CVE-2025-67899

Risk Information

CVE-2025-14691

Risk Information

CVE-2025-67898

Risk Information

CVE-2025-13281

Risk Information