Comparison Overview

The Portico Group

VS

HES Consulting Engineers

The Portico Group

1500 4th Avenue, Suite 510, Seattle, WA, 98101, US
Last Update: 2025-03-07 (UTC)
Between 900 and 1000
http://www.porticogroup.com

Excellent

As an interdisciplinary firm from 1984 to 2016, The Portico Group capitalized on the inspiration found in collaboration. Our work expressed our place-based approach to design, which is linked to the physical, environmental and cultural characteristics of the project location. Each place, and each person who cares about that place, has a story. We are committed to telling those stories, and designing the perfect venue for each story to be experienced. Providing master planning, programming, design and construction observation to mission-driven clients around the world. For over 30 years, our Seattle based firm specialized in spaces for community, interpretation and informal education. Our team of architects, landscape architects, interpretive planners, exhibit designers and design visualization specialists, allowed us to explore and illuminate the relationship between the built and natural environments. Clients: Aquaria & Zoos | Museums & Visitor Centers | Public Gardens | Parks & Recreation Facilities In January of 2017, The Portico Group merged with multidisciplinary, Berkeley-based, MIG, Inc. - we now have the ability for constant collaboration with our cohorts with expertise in planning, design, management, communications and technology.

NAICS: 541
NAICS Definition:
Employees: 13
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

HES Consulting Engineers

2626 Cole Ave Suite 350 Dallas, Texas 75204, US
Last Update: 2025-05-06 (UTC)

Excellent

Between 900 and 1000
http://www.hesengr.com

About Us HES is a consulting engineering firm committed to State of the Art Design. We are dedicated to a Holistic approach encompassing Quality, Innovation, Sustainability, Customer Service, and Dependability. Location Dallas, Texas Our Vision Our vision is to partner with clients and collaborate in a built environment to achieve mutual goals resulting in long term continuous relationships. Our Mission HES exists to service our community and market through our vocation with ingenuity, integrity, intelligence, precision, and fidelity. Our Process HES approaches every project with excellence and brilliance as a fresh new opportunity and innovative endeavor. We also treat every client and employee with understanding, devotion, allegiance, friendship, camaraderie, dedication, and care with all honesty. Sustainability Stewardship of the environment is chief importance. Every project is considered a sustainable project to preserve the earthโ€™s resources: utilities, materials, energy and monetary cost. Design Services: Mechanical Engineering Electrical Engineering Plumbing Engineering Medical Gas Design Technology/Communications/Low Voltage Sustainable Solutions Commissioning Firm Registration #F-15468 www.hesengr.com Dallas Office - 214-884-5070

NAICS: 54131
NAICS Definition: Architectural Services
Employees: 10,001+
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/the-portico-group.jpeg
The Portico Group
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/hes.jpeg
HES Consulting Engineers
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
The Portico Group
100%
Compliance Rate
0/4 Standards Verified
HES Consulting Engineers
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Architecture and Planning Industry Average (This Year)

No incidents recorded for The Portico Group in 2025.

Incidents vs Architecture and Planning Industry Average (This Year)

No incidents recorded for HES Consulting Engineers in 2025.

Incident History โ€” The Portico Group (X = Date, Y = Severity)

The Portico Group cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” HES Consulting Engineers (X = Date, Y = Severity)

HES Consulting Engineers cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/the-portico-group.jpeg
The Portico Group
Incidents

No Incident

https://images.rankiteo.com/companyimages/hes.jpeg
HES Consulting Engineers
Incidents

No Incident

FAQ

Both The Portico Group company and HES Consulting Engineers company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

Historically, HES Consulting Engineers company has disclosed a higher number of cyber incidents compared to The Portico Group company.

In the current year, HES Consulting Engineers company and The Portico Group company have not reported any cyber incidents.

Neither HES Consulting Engineers company nor The Portico Group company has reported experiencing a ransomware attack publicly.

Neither HES Consulting Engineers company nor The Portico Group company has reported experiencing a data breach publicly.

Neither HES Consulting Engineers company nor The Portico Group company has reported experiencing targeted cyberattacks publicly.

Neither The Portico Group company nor HES Consulting Engineers company has reported experiencing or disclosing vulnerabilities publicly.

Neither The Portico Group company nor HES Consulting Engineers company has publicly disclosed detailed information about the number of their subsidiaries.

The Portico Group company employs more people globally than HES Consulting Engineers company, reflecting its scale as a Architecture and Planning.

Latest Global CVEs (Not Company-Specific)

Description

An issue was discovered in chinabugotech hutool before 5.8.4 allowing attackers to execute arbitrary expressions that lead to arbitrary method invocation and potentially remote code execution (RCE) via the QLExpressEngine class.

Published
Date
2025-09-25
Updated
Date
2025-09-25
References
Description

A weakness has been identified in JeecgBoot up to 3.8.2. The impacted element is an unknown function of the file /sys/role/exportXls. This manipulation causes improper authorization. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in JeecgBoot up to 3.8.2. The affected element is an unknown function of the file /sys/user/exportXls of the component Filter Handler. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 2.1
Severity: HIGH
AV:N/AC:H/Au:S/C:P/I:N/A:N
cvss3
Base: 3.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was determined in JeecgBoot up to 3.8.2. This issue affects some unknown processing of the file /api/getDepartUserList. Executing manipulation of the argument departId can lead to improper authorization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 2.1
Severity: HIGH
AV:N/AC:H/Au:S/C:P/I:N/A:N
cvss3
Base: 3.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References