What is the official website of STR Quality Assurance ?

The official website of STR Quality Assurance is http://www.strquality.com.

What is STR Quality Assurance's cybersecurity risk score?

STR Quality Assurance has an AI-generated cybersecurity risk score of 771 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has STR Quality Assurance experienced?

According to Rankiteo, STR Quality Assurance currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has STR Quality Assurance been affected by any supply chain cyber incidents ?

According to Rankiteo, STR Quality Assurance has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does STR Quality Assurance have SOC 2 Type 1 certification ?

According to Rankiteo, STR Quality Assurance is not certified under SOC 2 Type 1.

Does STR Quality Assurance have SOC 2 Type 2 certification ?

According to Rankiteo, STR Quality Assurance does not hold a SOC 2 Type 2 certification.

Does STR Quality Assurance comply with GDPR ?

According to Rankiteo, STR Quality Assurance is not listed as GDPR compliant.

Does STR Quality Assurance have PCI DSS certification ?

According to Rankiteo, STR Quality Assurance does not currently maintain PCI DSS compliance.

Does STR Quality Assurance comply with HIPAA ?

According to Rankiteo, STR Quality Assurance is not compliant with HIPAA regulations.

Does STR Quality Assurance have ISO 27001 certification ?

According to Rankiteo,STR Quality Assurance is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does STR Quality Assurance operate in ?

STR Quality Assurance operates primarily in the Consumer Services industry.

How many employees does STR Quality Assurance have ?

STR Quality Assurance employs approximately 33 people worldwide.

Does STR Quality Assurance own any subsidiaries ?

STR Quality Assurance presently has no subsidiaries across any sectors.

How many LinkedIn followers does STR Quality Assurance have ?

STR Quality Assurance's official LinkedIn profile has approximately 10,247 followers.

What is the NAICS classification code for STR Quality Assurance ?

STR Quality Assurance is classified under the NAICS code 81, which corresponds to Other Services (except Public Administration).

Does STR Quality Assurance have a Crunchbase profile ?

No, STR Quality Assurance does not have a profile on Crunchbase.

Does STR Quality Assurance have a LinkedIn profile ?

Yes, STR Quality Assurance maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/ul-str.

How many cybersecurity incidents has STR Quality Assurance experienced ?

As of June 16, 2026, Rankiteo reports that STR Quality Assurance has experienced 3 cybersecurity incidents.

How many peer or competitor companies does STR Quality Assurance have ?

STR Quality Assurance has an estimated 6,352 peer or competitor companies worldwide.

What types of cybersecurity incidents has STR Quality Assurance faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Ransomware and Breach.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

SQA

Boost Score +25 with badge (5 left)

771

/1000

Fair

796

/1000

Fair

STR Quality Assurance Vendor Cyber Rating & Cyber Score

strquality.com

Add Your Compliance Badge

STR’s Quality Assurance business was sold to UL in 2011. STR Quality Assurance provided testing, inspection, audit, and responsible sourcing services, ensuring that its clients had the highest level of confidence in the quality, safety and social standards of their products and systems.

SQA A.I CyberSecurity Scoring

Scoring History

SQA

STR Quality Assurance CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

UL Solutions

Ransomware

02/2021

UL19452322

STR Quality Assuran...

Ransomware

02/2021

ULS224071222

STR Quality Assuran...

Breach

10/2020

ULS007091825

Loading…

A.I.

SQA Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for SQA

Incidents vs Consumer Services Industry Avg (This Year)

No incidents recorded for STR Quality Assurance in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for STR Quality Assurance in 2026.

Incident Types SQA vs Consumer Services Industry Avg (This Year)

No incidents recorded for STR Quality Assurance in 2026.

Incident History - SQA (X = Date, Y = Severity)

Loading…

SUBSIDIARY

STR Quality Assurance Subsidiaries

SQA

Consumer Services

Website: http://www.strquality.com

Company Size: 33

UL SolutionsProfessional Services

Emergo by ULProfessional Services

UL Solutions RenewablesProfessional Services

UL Solutions | HOMER SoftwareProfessional Services

HOMER Microgrid NewsOil and Gas

UL Solutions in IndiaSoftware Development

UL Solutions - Software Intensive SystemsProfessional Services

StagesProfessional Services

KUGLER MAAG CIE by UL SolutionsProfessional Services

UL Solutions ProspectorProfessional Services

CERE Renewables, By UL SolutionsServicios y consultoría de TI

Method Park by UL SolutionsProfessional Services

StagesIT Services and IT Consulting

CERE, By UL SolutionsProfessional Services

UL Solutions BenchmarksProfessional Services

kVA by ULProfessional Services

Loading…

STR Quality Assurance Similar Companies

Fosun 复星

fosun.com

Fosun was founded in 1992. After more than 30 years of development, Fosun has become a global innovation-driven consumer group. Adhering to the mission of creating happier lives for families worldwide, Fosun is committed to creating a global happiness ecosystem fulfilling the needs for families in health, happiness, and wealth. In 2007, Fosun International Limited was listed on the main board of the Hong Kong Stock Exchange (HKEX stock code: 00656). As of 31 December 2024, Fosun International's total assets amounted to RMB796.5 billion and it received an AA MSCI ESG rating.

Rover.com

rover.com

At Rover, everyone has ownership of their work and the opportunity to make a true impact. We believe that being diverse and inclusive is key to our success and encourage every employee to share their unique perspective while being their true self. We believe everyone deserves the unconditional love of a pet, and Rover exists to make it easier to experience that love. We’re supporting dog owners and empowering dog sitters to run thriving pet-care businesses in your neighborhoods. The Rover app and website connect dog and cat parents with loving pet sitters and dog walkers in neighborhoods across the US, Canada, and Europe.

Glovo

glovoapp.com

Glovo is a pioneering multi-category app connecting users with businesses, and couriers, offering on-demand services from local restaurants, grocers and supermarkets, and high street retail stores. Glovo’s vision is to give everyone easy access to everything within their city, so that our users can enjoy what they want, when they want, where they want. Founded in 2015 in Barcelona, it operates across 22 countries in Europe, Central Asia and Africa.

Australia Post

auspost.com.au

Connecting businesses with consumers is the heart of commercial prosperity and the cornerstone of Australia Post's commitment to Australian businesses. As connectivity transforms our lives, Australia Post is evolving to meet the future needs of businesses by providing trusted service solutions in etailing, retailing, communications, financial services and postal. Continuous improvement of these services is our relentless objective. On LinkedIn, Australia Post only collects, uses and stores your personal information that relates to providing information in response to your queries. Without this information, Australia Post will be unable to look into your query. Your personal information may also be disclosed to third party service providers to facilitate this process. Your personal information is managed in accordance with Australia Post’s Privacy Policy. This sets out how you may seek access to and correction of your personal information and how to make complaints. A copy is available at auspost.com.au/privacy. Australia Post may only disclose the information provided by you if required or authorised by law, or in accordance with our Privacy Policy. Please refer to the Privacy Policy or contact the Privacy Contact Officer, Australia Post, GPO Box 1777, Melbourne, Vic 3000 for any privacy related queries.

Great Clips Inc.

greatclips.com

Established in Minneapolis in 1982, Great Clips has grown to be the world's largest and fastest growing salon brand. There are more than 4,400 salons throughout the United States and Canada -- all of them owned by franchisees. Visit us at www.greatclips.com Employment Information for Corporate Employees: - Competitive medical, dental, flexible spending and disability benefits - Flexible work options like compressed work weeks, and telecommuting - Award-winning wellness programs and tuition assistance - View corporate opportunities at: https://jobs.greatclips.com/corporate Stylists/Salon Managers can find employment information at: https://jobs.greatclips.com For more information on Great Clips franchises, visit www.GreatClipsFranchise.com

Care.com

care.com

Care.com is where families go to find care and where caregivers go to find meaningful work. Since 2007, over 45 million people have turned to Care.com—across child care, senior care, adult care, pet care and housekeeping. We’re here to make care simpler, smarter and more personal. Through Care for Business, Care.com empowers over 700 companies to provide family care benefits to their employees. With HomePay, we make it easier for families to manage household taxes and payroll. As moms, dads, pet parents, sons and daughters ourselves, we’re a passionate team of innovators and problem-solvers. We utilize data, AI and cutting-edge solutions to address universal care challenges and build connections. If you’re driven to apply your talents where innovative tech meets heart and want to contribute to a platform that has supported millions of families (and counting!), explore a career with us. Care.com is proud to be part of the IAC family.

RP Sanjiv Goenka Group

rpsg.in

The RPSG Group is one of India's fastest growing conglomerates with a significant global presence. The Group's businesses include power and energy, carbon black manufacturing, retail, IT-enabled services, FMCG, media and entertainment, and agriculture. In the last few years, the group has grown exponentially in revenue, market cap and profitability. We have made all our businesses, leaders in their respective sectors.

Verisure

verisure.com

Verisure is the leading provider of peace of mind and protection to residential and small business customers across Europe and Latin America. We deliver professionally-monitored security services to over 6 million customers in 18 countries across Europe and Latin America, with a team of more than 30,000 colleagues. Verisure’s brand family includes: Securitas Direct in Spain and Portugal (*), AlertAlarm, Falck Alarms, Mediaveil, TeleAtlantic and NorAlarm to name a few! Our alarms are the most widely installed home security systems in Europe. A strong focus on quality and service means our customers are among the most satisfied in the industry! GROWTH Verisure enjoyed consistent growth over the past 35 years as a result of its highly entrepreneurial and innovative approach to business. We also continue to expand internationally. - Strong and visionary Management Team and a robust business plan for value creation. - We are a big company with a start-up mindset, fast, agile and lean, merit based, high-performance and value-driven INNOVATION - We continuously invest more in new innovation to provide effective, intelligent and reliable security solutions. - Offer a breakthrough product & service proposition: identify, research, develop, test & refine advanced security solutions. - Develop exclusive hardware and software features. - Research & Development centers in Madrid, Geneva and Malmö. - +1700 Technologists… and growing! PEOPLE Our successful growth is dependent on our talent pipeline. Our People are our business! We are: - Passionate in everything we do - Committed to making a difference - Always Innovating - Winning as a Team - With Trust & Responsibility

HelloFresh

cb hellofresh.com

HelloFresh is on a mission to change the way people eat, forever! From our 2011 founding in Europe’s vibrant tech hub Berlin, we’re evolving from the world’s leading meal kit company to the world's leading food solutions group. We delivered 243.3 million meals and reached 7.5 million active customers around the world in Q3 2022. HelloFresh Group consists of six brands that provide customers with high quality food and recipes for different meal occasions. Every ingredient needed for our meals are carefully planned, responsibly sourced and delivered to your door when it’s most convenient for you. Only HelloFresh gives you the tools to achieve something delicious every day. Making a meal a delicious achievement - not just fuel for your day - takes a lot of work and smart people. From Designers and Copywriters to Data Scientists and DevOps Engineers, to potato farmers, pasta makers and the people who ensure every box is perfectly packed for every customer, we’re collectively disrupting the food supply chain and the multi-trillion-dollar food tech industry. Our more than 21,000 high-performing and ambitious employees across the globe from New York to Berlin, London to Sydney and Toronto to Milan enjoy a number of benefits including flexible working arrangements, discounts on our boxes, health and well-being and learning and development programs. We’re always looking for quality ingredients to perfect our recipe, so join us now! https://www.hellofresh.com/careers/locations

Loading…

NEWS

STR Quality Assurance CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-53430

SUMMARY

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Message modules) allows a denial of service via a gzip decompression bomb. This vulnerability is associated with program files lib/grpc/compressor/gzip.ex, lib/grpc/message.ex and program routines 'Elixir.GRPC.Compressor.Gzip':decompress/1, 'Elixir.GRPC.Message':from_data/2. 'Elixir.GRPC.Compressor.Gzip':decompress/1 calls :zlib.gunzip/1 directly on attacker-controlled bytes with no decompressed-size limit, ratio check, or incremental decoding. Because this module is the registered gzip GRPC.Compressor implementation, it is invoked automatically whenever an incoming gRPC frame carries the grpc-encoding: gzip header. :zlib.gunzip/1 allocates the entire decompressed result as a single binary, so a small highly compressible payload (for example a few kilobytes of zeros, which gzip compresses at roughly 1000:1) expands to multiple gigabytes inside a single call. The max_receive_message_length limit is enforced only against the already-decompressed message, so it provides no protection. An unauthenticated remote peer can send a single crafted frame to exhaust the BEAM node's heap and trigger an out-of-memory kill. This issue affects grpc: from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48854

SUMMARY

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BEAM's memory and crash the server by streaming a large or slow-trickle unary request body. 'Elixir.GRPC.Server.Adapters.Cowboy.Handler':read_full_body/3 (lib/grpc/server/adapters/cowboy/handler.ex) accumulates every received chunk into a single growing binary with no size cap. Additionally, when the client omits the grpc-timeout header, the per-chunk read timeout resolves to :infinity, allowing a slow-trickle client to keep the connection alive indefinitely while memory grows. A single connection is sufficient to exhaust server memory and crash the node. This issue affects grpc from 0.3.1 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48853

SUMMARY

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unauthenticated attackers to crash the BEAM node via atom table exhaustion and, when a decoded term flows into a call site that invokes it, achieve remote code execution on the server. 'Elixir.GRPC.Codec.Erlpack':decode/2 (lib/grpc/codec/erlpack.ex) calls :erlang.binary_to_term/1 on the raw gRPC message body without the :safe option, no size bound, and no type guard. Any unauthenticated peer that sends a request with Content-Type: application/grpc+erlpack can send a crafted payload that mints arbitrary new atoms (which are never garbage-collected, exhausting the bounded atom table and crashing the VM) or that encodes a fun term which, if applied anywhere downstream, executes attacker-controlled code inside the server process. This issue affects grpc from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 9.2

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48723

SUMMARY

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable to OS command injection via the cypress_config_file configuration parameter. In readCypressConfigUtil.js, the loadJsFile() function constructs a shell command by interpolating the user-controlled cypress_config_filepath value into a template literal, then executes it via child_process.execSync(). Shell metacharacters in the config path (specifically " and ;) allow breaking out of the quoted argument and injecting arbitrary commands. This issue has been fixed in version 1.36.6.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: 7.8)

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-48599

SUMMARY

Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. In 'Elixir.GRPC.Server.Transcode':map_request/5 (lib/grpc/server/transcode.ex), all three clauses use Map.merge/2 with path bindings as the first argument, giving them the lowest merge precedence. A request such as GET /users/me/profile?user_id=victim (or a POST with {"user_id": "victim"} when body: "*") yields a decoded protobuf struct where the path-bound field carries the attacker-supplied value rather than the router-extracted value. Any handler that uses the path-bound field for authorization, multi-tenancy scoping, or ownership checks is silently bypassed. This issue affects grpc from 0.8.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 7.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…