Comparison Overview

Wincasa

VS

NEF

Wincasa

Thurgauerstrasse 101a, None, Opfikon, Zurich, CH, 8152
Last Update: 2025-08-20 (UTC)
View Profile
Between 750 and 799
http://www.wincasa.ch

Wincasa ist der führende integrale Immobilien-Dienstleister der Schweiz. Rund 1'000 Spezialisten bieten ihren Kunden ein breites Dienstleistungsportfolio entlang des gesamten Lebenszyklus von Immobilien, von der Planung über den Bau und die Bewirtschaftung bis hin zur Revitalisierung und Repositionierung einer Liegenschaft.

NAICS: None
NAICS Definition: Others
Employees: 906
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

NEF

2150 Washington Suite 100 Newton, MA 02462, US
Last Update: 2025-05-04 (UTC)
Between 750 and 799
https://www.cbre.us

NEF, Inc., is a professional services firm specializing in several key areas of IT infrastructure, including cloud, multi-national connectivity, data center and colocation, and business IT optimization. As a leading IT infrastructure advisement resource, NEF leverages decades of experience and subject-matter expertise to provide objective, data-driven advisement across planning, design, procurement and installation. Whether you're deploying new infrastructure or are seeking to bolster operations with additional services, NEF's advisors can address a variety of challenges and opportunities that emerge throughout an enterprise's life cycle. Show more Show less

NAICS: None
NAICS Definition: Others
Employees: 10,001+
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/wincasa-sa.jpeg
Wincasa
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/nef.jpeg
NEF
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Wincasa
100%
Compliance Rate
0/4 Standards Verified
NEF
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Real Estate Industry Average (This Year)

No incidents recorded for Wincasa in 2025.

Incidents vs Real Estate Industry Average (This Year)

No incidents recorded for NEF in 2025.

Incident History — Wincasa (X = Date, Y = Severity)

Wincasa cyber incidents detection timeline including parent company and subsidiaries

Incident History — NEF (X = Date, Y = Severity)

NEF cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/wincasa-sa.jpeg
Wincasa
Incidents

No Incident

https://images.rankiteo.com/companyimages/nef.jpeg
NEF
Incidents

No Incident

FAQ

Wincasa company demonstrates a stronger AI Cybersecurity Score compared to NEF company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, NEF company has disclosed a higher number of cyber incidents compared to Wincasa company.

In the current year, NEF company and Wincasa company have not reported any cyber incidents.

Neither NEF company nor Wincasa company has reported experiencing a ransomware attack publicly.

Neither NEF company nor Wincasa company has reported experiencing a data breach publicly.

Neither NEF company nor Wincasa company has reported experiencing targeted cyberattacks publicly.

Neither Wincasa company nor NEF company has reported experiencing or disclosing vulnerabilities publicly.

Neither Wincasa nor NEF holds any compliance certifications.

Neither company holds any compliance certifications.

Neither Wincasa company nor NEF company has publicly disclosed detailed information about the number of their subsidiaries.

Wincasa company employs more people globally than NEF company, reflecting its scale as a Real Estate.

Neither Wincasa nor NEF holds SOC 2 Type 1 certification.

Neither Wincasa nor NEF holds SOC 2 Type 2 certification.

Neither Wincasa nor NEF holds ISO 27001 certification.

Neither Wincasa nor NEF holds PCI DSS certification.

Neither Wincasa nor NEF holds HIPAA certification.

Neither Wincasa nor NEF holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Published
Date
2025-10-23
Updated
Date
2025-10-23
Risk Information
cvss3
Base: 6.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
References
Description

The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files it will combine, which allows remote attackers to create very large responses that lead to a denial of service attack via the URL query string.

Published
Date
2025-10-23
Updated
Date
2025-10-23
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.

Published
Date
2025-10-23
Updated
Date
2025-10-23
Risk Information
cvss3
Base: 4.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.

Published
Date
2025-10-23
Updated
Date
2025-10-23
Risk Information
cvss3
Base: 4.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.

Published
Date
2025-10-23
Updated
Date
2025-10-23
Risk Information
cvss3
Base: 7.5
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H
cvss4
Base: 8.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References