Comparison Overview

Q: Between Wincasa company and Compass company, which one has the best AI Cybersecurity Score ?

Wincasa company demonstrates a stronger AI Cybersecurity Score compared to Compass company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between Wincasa company and Compass company, which one has experienced more cyber incidents in the past ?

Compass company has historically faced a number of disclosed cyber incidents, whereas Wincasa company has not reported any.

Q: Between Wincasa company and Compass company, which one has experienced more cyber incidents this year ?

In the current year, Compass company and Wincasa company have not reported any cyber incidents.

Q: Between Wincasa company and Compass company, which one has experienced at least one ransomware attack ?

Neither Compass company nor Wincasa company has reported experiencing a ransomware attack publicly.

Q: Between Wincasa company and Compass company, which one has experienced at least one data breach ?

Compass company has disclosed at least one data breach, while Wincasa company has not reported such incidents publicly.

Q: Between Wincasa company and Compass company, which one has experienced at least one targeted cyberattack ?

Neither Compass company nor Wincasa company has reported experiencing targeted cyberattacks publicly.

Q: Between Wincasa company and Compass company, which one has experienced at least one vulnerability ?

Neither Wincasa company nor Compass company has reported experiencing or disclosing vulnerabilities publicly.

Q: Between Wincasa company and Compass company, which one holds the most compliance certifications ?

Neither Wincasa nor Compass holds any compliance certifications.

Q: Between Wincasa company and Compass company, which one has the most subsidiaries ?

Neither Wincasa company nor Compass company has publicly disclosed detailed information about the number of their subsidiaries.

Wincasa

Thurgauerstrasse 101a, None, Opfikon, Zurich, CH, 8152

Last Update: 2025-08-20 (UTC)

View Profile

Between 750 and 799

http://www.wincasa.ch

Wincasa ist der führende integrale Immobilien-Dienstleister der Schweiz. Rund 1'000 Spezialisten bieten ihren Kunden ein breites Dienstleistungsportfolio entlang des gesamten Lebenszyklus von Immobilien, von der Planung über den Bau und die Bewirtschaftung bis hin zur Revitalisierung und Repositionierung einer Liegenschaft.

NAICS: None

NAICS Definition: Others

Employees: 906

Subsidiaries: 0

12-month incidents

0

Known data breaches

0

Attack type number

0

View Profile

Compass

90 Fifth Avenue, None, New York, NY, US, 10011

Last Update: 2025-08-05 (UTC)

Between 750 and 799

http://www.compass.com/careers

Compass is a real estate technology company with a powerful end-to-end platform that supports the entire buying and selling workflow. We deliver an incomparable experience to both agents and their clients all in service of the Compass mission: to help everyone find their place in the world. Founded in 2012 by Ori Allon and Robert Reffkin, Compass operates in 22+ regions across the United States including New York, Los Angeles and Orange County, Chicago, San Francisco, Boston, Washington D.C., South Florida, The Hamptons, Santa Barbara & Montecito, San Diego, Seattle & Eastside, Philadelphia, Connecticut, Westchester, Aspen, Boulder, Denver, Atlanta, Austin & Central Texas, Dallas-Fort Worth, Houston, Nashville, and Lake Tahoe. Learn more and find your place at www.compass.com and www.compass.com/careers.

NAICS: None

NAICS Definition: Others

Employees: 31,402

Subsidiaries: 0

12-month incidents

0

Known data breaches

1

Attack type number

1

Wincasa

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Compass

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Real Estate Industry Average (This Year)

No incidents recorded for Wincasa in 2025.

Incidents vs Real Estate Industry Average (This Year)

No incidents recorded for Compass in 2025.

Incident History — Wincasa (X = Date, Y = Severity)

Wincasa cyber incidents detection timeline including parent company and subsidiaries

Incident History — Compass (X = Date, Y = Severity)

Compass cyber incidents detection timeline including parent company and subsidiaries

Wincasa

Incidents

No Incident

Compass

Incidents

Date Detected: 5/2019

Type:Breach

Attack Vector: Phishing

Blog: Blog

Wincasa company demonstrates a stronger AI Cybersecurity Score compared to Compass company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Compass company has historically faced a number of disclosed cyber incidents, whereas Wincasa company has not reported any.

In the current year, Compass company and Wincasa company have not reported any cyber incidents.

Neither Compass company nor Wincasa company has reported experiencing a ransomware attack publicly.

Compass company has disclosed at least one data breach, while Wincasa company has not reported such incidents publicly.

Neither Compass company nor Wincasa company has reported experiencing targeted cyberattacks publicly.

Neither Wincasa company nor Compass company has reported experiencing or disclosing vulnerabilities publicly.

Neither Wincasa nor Compass holds any compliance certifications.

Neither company holds any compliance certifications.

Neither Wincasa company nor Compass company has publicly disclosed detailed information about the number of their subsidiaries.

Compass company employs more people globally than Wincasa company, reflecting its scale as a Real Estate.

Neither Wincasa nor Compass holds SOC 2 Type 1 certification.

Neither Wincasa nor Compass holds SOC 2 Type 2 certification.

Neither Wincasa nor Compass holds ISO 27001 certification.

Neither Wincasa nor Compass holds PCI DSS certification.

Neither Wincasa nor Compass holds HIPAA certification.

Neither Wincasa nor Compass holds GDPR certification.

Description

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Published

Date

2025-10-23

Updated

Date

2025-10-23

Risk Information

cvss3

Base: 6.4

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

References

Description

The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files it will combine, which allows remote attackers to create very large responses that lead to a denial of service attack via the URL query string.

Published

Date

2025-10-23

Updated

Date

2025-10-23

Risk Information

cvss4

Base: 6.9

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/CVE-2025-62254

Description

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.

Published

Date

2025-10-23

Updated

Date

2025-10-23

Risk Information

cvss3

Base: 4.0

Severity: HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

cvss4

Base: 6.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.

Published

Date

2025-10-23

Updated

Date

2025-10-23

Risk Information

cvss3

Base: 4.0

Severity: HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

cvss4

Base: 6.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.

Published

Date

2025-10-23

Updated

Date

2025-10-23

Risk Information

cvss3

Base: 7.5

Severity: HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H

cvss4

Base: 8.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Wincasa

VS

Compass

Wincasa

Compass

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Real Estate Industry Average (This Year)

Incidents vs Real Estate Industry Average (This Year)

Incident History — Wincasa (X = Date, Y = Severity)

Incident History — Compass (X = Date, Y = Severity)

Notable Incidents

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-7730

Risk Information

CVE-2025-62254

Risk Information

CVE-2025-60023

Risk Information

CVE-2025-59776

Risk Information

CVE-2025-58429

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Wincasa

VS

Compass

Wincasa

Compass

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Real Estate Industry Average (This Year)

Incidents vs Real Estate Industry Average (This Year)

Incident History — Wincasa (X = Date, Y = Severity)

Incident History — Compass (X = Date, Y = Severity)

Notable Incidents

No Incident

🔒 Incident : Breach COM315080425

FAQ

Between Wincasa company and Compass company, which one has the best AI Cybersecurity Score ?

Between Wincasa company and Compass company, which one has experienced more cyber incidents in the past ?

Between Wincasa company and Compass company, which one has experienced more cyber incidents this year ?

Between Wincasa company and Compass company, which one has experienced at least one ransomware attack ?

Between Wincasa company and Compass company, which one has experienced at least one data breach ?

Between Wincasa company and Compass company, which one has experienced at least one targeted cyberattack ?

Between Wincasa company and Compass company, which one has experienced at least one vulnerability ?

Between Wincasa company and Compass company, which one holds the most compliance certifications ?

Between Wincasa company and Compass company, which one holds the fewest compliance certifications ?

Between Wincasa company and Compass company, which one has the most subsidiaries ?

Between Wincasa company and Compass company, which one has the largest number of employees ?

Between Wincasa and Compass, which company holds both SOC 2 Type 1 certifications ?

Between Wincasa and Compass, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — Wincasa or Compass ?

Which company is PCI DSS compliant — Wincasa or Compass ?

Between Wincasa and Compass, which company complies with HIPAA regulations for healthcare data ?

Between Wincasa and Compass, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-7730

Risk Information

CVE-2025-62254

Risk Information

CVE-2025-60023

Risk Information

CVE-2025-59776

Risk Information

CVE-2025-58429

Risk Information