Comparison Overview

Summit Financial Group, Inc.

VS

SunTrust

Summit Financial Group, Inc.

5420 LBJ Freeway, Suite 1940, None, Dallas, Texas, US, 75240
Last Update: 2025-08-05 (UTC)
View Profile
Between 700 and 749
http://www.yoursummit.com/

At Summit, we design and strategically implement professional benefits, insurance, and investment solutions that help secure a healthy financial future for our clients. Founded on the vision of creating a full-service benefits firm, Summit utilizes many years of industry knowledge coupled with bright, hard-working, and extremely credentialed employees to take satisfaction to a new “Summit”. Investment Advisor Representative offering securities and advisory services through Cetera Advisor Networks LLC, member FINRA/SIPC. Cetera is under separate ownership from any other named entity.

NAICS: 52
NAICS Definition: Finance and Insurance
Employees: 135
Subsidiaries: 0
12-month incidents
0
Known data breaches
1
Attack type number
1
View Profile

SunTrust

Last Update: 2024-07-01 (UTC)
Between 750 and 799
http://www.truist.com

We’d love to stay connected with you! Please follow our Truist company page and unfollow this page which is no longer active. BB&T and SunTrust formed Truist with a shared purpose—to inspire and build better lives and communities. With our combined resources, collective passion, and commitment to innovation, we’re creating a better financial experience to help people and businesses achieve more. With 275 years of combined BB&T and SunTrust history, Truist serves approximately 12 million households with leading market share in many high growth markets in the country. The company offers a wide range of services including retail, small business and commercial banking; asset management; capital markets; commercial real estate; corporate and institutional banking; insurance; mortgage; payments; specialized lending; and wealth management. Headquartered in Charlotte, North Carolina, Truist is the sixth-largest commercial bank in the U.S. Truist Bank, Member FDIC. Learn more at Truist.com and see social media terms and conditions at Truist.com/SocialTerms.

NAICS: 52
NAICS Definition: Finance and Insurance
Employees: 11,872
Subsidiaries: 1
12-month incidents
0
Known data breaches
0
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/summit-financial-group.jpeg
Summit Financial Group, Inc.
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/suntrustnowtruist.jpeg
SunTrust
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Summit Financial Group, Inc.
100%
Compliance Rate
0/4 Standards Verified
SunTrust
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for Summit Financial Group, Inc. in 2025.

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for SunTrust in 2025.

Incident History — Summit Financial Group, Inc. (X = Date, Y = Severity)

Summit Financial Group, Inc. cyber incidents detection timeline including parent company and subsidiaries

Incident History — SunTrust (X = Date, Y = Severity)

SunTrust cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/summit-financial-group.jpeg
Summit Financial Group, Inc.
Incidents

Date Detected: 1/2015
Type:Breach
Attack Vector: Human Error
Blog: Blog
https://images.rankiteo.com/companyimages/suntrustnowtruist.jpeg
SunTrust
Incidents

Date Detected: 4/2018
Type:Data Leak
Attack Vector: Insider Threat
Motivation: Unspecified
Blog: Blog

FAQ

SunTrust company demonstrates a stronger AI Cybersecurity Score compared to Summit Financial Group, Inc. company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Summit Financial Group, Inc. and SunTrust have experienced a similar number of publicly disclosed cyber incidents.

In the current year, SunTrust company and Summit Financial Group, Inc. company have not reported any cyber incidents.

Neither SunTrust company nor Summit Financial Group, Inc. company has reported experiencing a ransomware attack publicly.

Summit Financial Group, Inc. company has disclosed at least one data breach, while the other SunTrust company has not reported such incidents publicly.

Neither SunTrust company nor Summit Financial Group, Inc. company has reported experiencing targeted cyberattacks publicly.

Neither Summit Financial Group, Inc. company nor SunTrust company has reported experiencing or disclosing vulnerabilities publicly.

Neither Summit Financial Group, Inc. nor SunTrust holds any compliance certifications.

Neither company holds any compliance certifications.

SunTrust company has more subsidiaries worldwide compared to Summit Financial Group, Inc. company.

SunTrust company employs more people globally than Summit Financial Group, Inc. company, reflecting its scale as a Financial Services.

Neither Summit Financial Group, Inc. nor SunTrust holds SOC 2 Type 1 certification.

Neither Summit Financial Group, Inc. nor SunTrust holds SOC 2 Type 2 certification.

Neither Summit Financial Group, Inc. nor SunTrust holds ISO 27001 certification.

Neither Summit Financial Group, Inc. nor SunTrust holds PCI DSS certification.

Neither Summit Financial Group, Inc. nor SunTrust holds HIPAA certification.

Neither Summit Financial Group, Inc. nor SunTrust holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Cursor is a code editor built for programming with AI. In versions 1.7.44 and below, various NTFS path quirks allow a prompt injection attacker to circumvent sensitive file protections and overwrite files which Cursor requires human approval to overwrite. Modification of some of the protected files can lead to RCE. Must be chained with a prompt injection or malicious model attach. Only affects systems supporting NTFS. This issue is fixed in version 2.0.

Published
Date
2025-11-04
Updated
Date
2025-11-04
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
Description

Cursor is a code editor built for programming with AI. In versions 1.7.52 and below, manipulating internal settings may lead to RCE. Cursor detects path manipulation via forward slashes (./.cursor/./././././mcp.json etc.), and requires human approval to complete the operation. However, the same kind of manipulation using backslashes was not correctly detected, allowing an attacker who had already achieved prompt injection or some other level of control to overwrite sensitive editor files without approval on Windows machines. This issue is fixed in version 2.0.

Published
Date
2025-11-04
Updated
Date
2025-11-04
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
Description

Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enables specially crafted deep-links to bypass the standard security warnings and conceal executed commands from users if they choose to accept the server. If an attacker is able to convince a victim to navigate to a malicious deeplink, the victim will not see the correct speedbump modal, and if they choose to accept, will execute commands specified by the attackers deeplink.

Published
Date
2025-11-04
Updated
Date
2025-11-04
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
Description

LinkAce is a self-hosted archive to collect website links. In versions 2.3.1 and below, the social media sharing functionality contains a Stored Cross-Site Scripting (XSS) vulnerability that allows any authenticated user to inject arbitrary JavaScript by creating a link with malicious HTML in the title field. When a user views the link details page and the shareable links are rendered, the malicious JavaScript executes in their browser. This vulnerability affects multiple sharing services and can be exploited to steal session cookies, perform actions on behalf of users, or deliver malware. This issue is fixed in version 2.4.0.

Published
Date
2025-11-04
Updated
Date
2025-11-04
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

CVE-2025-59596 is a denial-of-service vulnerability in Secure Access Windows client versions 12.0 to 14.10 that is addressed in version 14.12. If a local networking policy is active, attackers on an adjacent network may be able to send a crafted packet and cause the client system to crash.

Published
Date
2025-11-04
Updated
Date
2025-11-04
Risk Information
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References