Comparison Overview

Versoft Consulting

VS

Citi

Versoft Consulting

20055 SW Pacific Hwy Ste 209, Sherwood, Oregon, 97140, US
Last Update: 2025-03-06 (UTC)
Between 800 and 900
https://versoftconsulting.com/

Strong

Versoft Consulting was formed in 2015 to help clients get the full value from their portfolio management software. Our versatile team will help you implement best practices by updating, streamlining, and optimizing workflows and reports which will increase your efficiency while empowering you to provide a higher level of service to your clients. At Versoft, we pride ourselves on being vendor-agnostic. While other software consultants in the FinTech space may suggest whomever is paying the most, Versoft is committed to developing solutions and integrations based on the unique needs of your business. We are confident that after working with our team you will trust us to keep your tools updated and your business running smoothly.

NAICS: 52
NAICS Definition:
Employees: 9
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Citi

388 Greenwich Street, New York, New York, US, 10013
Last Update: 2025-10-03 (UTC)

Strong

Between 800 and 900
http://www.citigroup.com

Citi's mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients. We have over 200 years of experience helping our clients meet the world's toughest challenges and embrace its greatest opportunities. We are Citi, the global bank โ€“ an institution connecting millions of people across hundreds of countries and cities. For information on Citiโ€™s commitment to privacy, visit on.citi/privacy.

NAICS: 52
NAICS Definition: Finance and Insurance
Employees: 197,159
Subsidiaries: 2
12-month incidents
0
Known data breaches
1
Attack type number
2

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/versoft-inc-.jpeg
Versoft Consulting
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/citi.jpeg
Citi
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
Versoft Consulting
100%
Compliance Rate
0/4 Standards Verified
Citi
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for Versoft Consulting in 2025.

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for Citi in 2025.

Incident History โ€” Versoft Consulting (X = Date, Y = Severity)

Versoft Consulting cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” Citi (X = Date, Y = Severity)

Citi cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/versoft-inc-.jpeg
Versoft Consulting
Incidents

No Incident

https://images.rankiteo.com/companyimages/citi.jpeg
Citi
Incidents

Date Detected: 02/2022
Type:Cyber Attack
Attack Vector: Email
Motivation: Financial Gain
Blog: Blog

Date Detected: 3/2013
Type:Breach
Attack Vector: Accidental Exposure
Blog: Blog

FAQ

Both Versoft Consulting company and Citi company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

Citi company has historically faced a number of disclosed cyber incidents, whereas Versoft Consulting company has not reported any.

In the current year, Citi company and Versoft Consulting company have not reported any cyber incidents.

Neither Citi company nor Versoft Consulting company has reported experiencing a ransomware attack publicly.

Citi company has disclosed at least one data breach, while Versoft Consulting company has not reported such incidents publicly.

Citi company has reported targeted cyberattacks, while Versoft Consulting company has not reported such incidents publicly.

Neither Versoft Consulting company nor Citi company has reported experiencing or disclosing vulnerabilities publicly.

Citi company has more subsidiaries worldwide compared to Versoft Consulting company.

Citi company employs more people globally than Versoft Consulting company, reflecting its scale as a Financial Services.

Latest Global CVEs (Not Company-Specific)

Description

PyVista provides 3D plotting and mesh analysis through an interface for the Visualization Toolkit (VTK). Version 0.46.3 of the PyVista Project is vulnerable to remote code execution via dependency confusion. Two pieces of code use`--extra-index-url`. But when `--extra-index-url` is used, pip always checks for the PyPI index first, and then the external index. One package listed in the code is not published in PyPI. If an attacker publishes a package with higher version in PyPI, the malicious code from the attacker controlled package may be pulled, leading to remote code execution and a supply chain attack. As of time of publication, a patched version is unavailable.

Published
Date
2025-10-06
Updated
Date
2025-10-06
Risk Information
cvss4
Base: 9.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

KUNO CMS is a fully deployable full-stack blog application. In versions prior to 1.3.15, an SSRF (Server-Side Request Forgery) vulnerability exists in the Media module of the Kuno CMS administrative panel. A logged-in administrator can upload a specially crafted SVG file containing an external image reference, causing the server to initiate an outgoing connection to an arbitrary external URL. This can lead to information disclosure or internal network probing. Version 1.3.15 contains a fix for the issue.

Published
Date
2025-10-06
Updated
Date
2025-10-06
Risk Information
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

The Profile widget in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, and older unsupported versions uses a userโ€™s name in the โ€œContent-Dispositionโ€ header, which allows remote authenticated users to change the file extension when a vCard file is downloaded.

Published
Date
2025-10-06
Updated
Date
2025-10-06
Risk Information
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

The YoSmart YoLink API through 2025-10-02 uses an endpoint URL that is derived from a device's MAC address along with an MD5 hash of non-secret information, such as a key that begins with cf50.

Published
Date
2025-10-06
Updated
Date
2025-10-06
Risk Information
cvss3
Base: 5.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
References
Description

The YoSmart YoLink application through 2025-10-02 has session tokens with unexpectedly long lifetimes.

Published
Date
2025-10-06
Updated
Date
2025-10-06
Risk Information
cvss3
Base: 3.5
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
References