What is the official website of Winsupply ?

The official website of Winsupply is http://www.winsupplyinc.com.

What is Winsupply's cybersecurity risk score?

Winsupply has an AI-generated cybersecurity risk score of 730 out of 1000, indicating a Moderate security posture according to Rankiteo's assessment.

How many security incidents has Winsupply experienced?

According to Rankiteo, Winsupply currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Winsupply been affected by any supply chain cyber incidents ?

According to Rankiteo, Winsupply has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Winsupply have SOC 2 Type 1 certification ?

According to Rankiteo, Winsupply is not certified under SOC 2 Type 1.

Does Winsupply have SOC 2 Type 2 certification ?

According to Rankiteo, Winsupply does not hold a SOC 2 Type 2 certification.

Does Winsupply comply with GDPR ?

According to Rankiteo, Winsupply is not listed as GDPR compliant.

Does Winsupply have PCI DSS certification ?

According to Rankiteo, Winsupply does not currently maintain PCI DSS compliance.

Does Winsupply comply with HIPAA ?

According to Rankiteo, Winsupply is not compliant with HIPAA regulations.

Does Winsupply have ISO 27001 certification ?

According to Rankiteo,Winsupply is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Winsupply operate in ?

Winsupply operates primarily in the Wholesale industry.

How many employees does Winsupply have ?

Winsupply employs approximately 1,911 people worldwide.

Does Winsupply own any subsidiaries ?

Winsupply presently has no subsidiaries across any sectors.

How many LinkedIn followers does Winsupply have ?

Winsupply's official LinkedIn profile has approximately 45,138 followers.

What is the NAICS classification code for Winsupply ?

Winsupply is classified under the NAICS code 42, which corresponds to Wholesale Trade.

Does Winsupply have a Crunchbase profile ?

No, Winsupply does not have a profile on Crunchbase.

Does Winsupply have a LinkedIn profile ?

Yes, Winsupply maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/winsupply.

How many cybersecurity incidents has Winsupply experienced ?

As of June 21, 2026, Rankiteo reports that Winsupply has experienced 1 cybersecurity incidents.

How many peer or competitor companies does Winsupply have ?

Winsupply has an estimated 6,655 peer or competitor companies worldwide.

What types of cybersecurity incidents has Winsupply faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Winsupply

Boost Score +25 with badge (5 left)

730

/1000

Moderate

755

/1000

Fair

Winsupply Vendor Cyber Rating & Cyber Score

winsupplyinc.com

Add Your Compliance Badge

Winsupply is in the business of creating and enabling entrepreneurs to achieve their dreams through wholesale distribution. We call this “The Spirit of Opportunity,” and it motivates each and every business decision that is made. As one of America’s leading suppliers of materials for residential and commercial construction, Winsupply Inc. owns a majority equity stake in more than 660 local companies across the United States. Collectively, Winsupply is known as "The Winsupply Family of Companies" and includes Win-branded locations, Noland Company, Carr Supply, APCO, and other acquired regional suppliers. Contractors across America rely on Winsupply to provide business solutions and materials in plumbing and heating; hydronics; pipes,

Winsupply A.I CyberSecurity Scoring

Scoring History

Winsupply

Winsupply CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Winsupply

Ransomware

100

7/2021

WIN353233511112...

Loading…

A.I.

Winsupply Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Winsupply

Incidents vs Wholesale Industry Avg (This Year)

No incidents recorded for Winsupply in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Winsupply in 2026.

Incident Types Winsupply vs Wholesale Industry Avg (This Year)

No incidents recorded for Winsupply in 2026.

Incident History - Winsupply (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Winsupply Subsidiaries

Parent Company

Winsupply

Wholesale

Website: http://www.winsupplyinc.com

Company Size: 1,001-5,000 employees

No subsidiary data available for this company.

Loading…

Winsupply Similar Companies

Rexel

rexel.com

Rexel, worldwide expert in the multichannel professional distribution of products and services for the energy world, addresses three main markets: residential, commercial, and industrial. The Group supports its residential, commercial, and industrial customers by providing a tailored and scalable range of products and services in energy management for construction, renovation, production, and maintenance. Rexel operates through a network of more than 1,950 branches in 17 countries, with more than 27,000 employees. The Group’s sales were €19.3 billion in 2024.

Atacadão

atacadao.com.br

O Atacadão é uma empresa do Grupo Carrefour Brasil, com mais de 370 unidades de autosserviço e 36 atacados de entrega e centros de distribuição, que garantem o abastecimento de comerciantes, transformadores e consumidores finais, e está em contínua expansão. Com base nos pilares estratégicos de combate à fome e às desigualdades, diversidade e inclusão e proteção ao planeta & biodiversidade, o Atacadão tem o compromisso de oferecer produtos de qualidade a preços justos aos seus clientes. Com 62 anos de história, mais de 70 mil colaboradores e presença em mais de 220 municípios, também atua no e-commerce com o seu próprio canal de vendas online. Em 2023, a rede conquistou importantes prêmios para o setor, como o 1º lugar na categoria atacadista no Top of Mind, da Folha de S. Paulo, o primeiro lugar no ranking de varejo, supermercados e e-commerce do Prêmio BandNews e a 10ª colocação do ranking geral das 1000 Maiores Empresas do País, do Valor Econômico. O Atacadão também lidera o Ranking ABAAS (Associação Brasileira dos Atacadistas de Autosserviço) e da ABAD (Associação Brasileira de Atacadistas e Distribuidores de Produtos Industrializados). Racismo é crime. Denuncie. Disque 100 ou procure a Delegacia de Polícia Civil mais próxima ou o Ministério Público.

Sonepar

sonepar.com

Sonepar is an independent family-owned company standing as the world leader in B-to-B distribution of electrical equipment, solutions, and services. In 2024, Sonepar achieved sales of €32.5 billion. Present in 40 countries with a dense network of brands, the Group is leading an ambitious transformation to make its customers’ lives easier, providing them with an omnichannel experience and sustainable solutions in the building, industry, and energy markets. Sonepar’s 46,000 associates are committed to accelerating the world’s electrification and driven by a shared Purpose: Powering Progress for Future Generations.

Assaí Atacadista

cb assai.com.br

Crescimento, oportunidade, valorização e respeito. Isso é Ser Assaí! Muito prazer, somos o Assaí Atacadista, empresa de atacado de autosserviço que está entre as maiores empregadoras privadas do país, que também carrega uma das Marcas Mais Valiosas do Brasil, segundo o ranking da Interbrand! Hoje, temos mais de 290 lojas, com mais de 80 mil colaboradores(as) que atuam com muita paixão por atender nossos(as) clientes, desde pequenos(as) e médios(as) comerciantes(as) e transformadores(as), até consumidores(as) finais que buscam por variedade e economia, cumprindo a nossa missão de abastecer os lares de milhares de brasileiros(as) com alimentos e itens básicos. Somos uma empresa que cuida da Nossa Gente, zela pela simplicidade, valoriza o Ser Humano e acredita no poder da diversidade e inclusão, atitudes que fazem parte dos valores da Nossa Cultura e, mais do que isso, são vivenciadas e praticadas no dia a dia de toda a Nossa Gente! E com o nosso processo de expansão acelerado, estamos crescendo e trazendo cada vez mais pessoas para fazerem parte do nosso time. Afinal, o crescimento do Nosso Negócio significa o crescimento da Nossa Gente! Por isso, buscamos profissionais que tenham muita vontade de se desenvolver em um ambiente inclusivo, que respeita todos e todas, jeitos, raças, cores e crenças, além de muito dinâmico, repleto de desafios e oportunidades! #VemSerAssaí: acesse assai.gupy.io e cadastre seu CV!

HD Supply

hdsupply.com

HD Supply, a wholly owned subsidiary of The Home Depot, is a leading wholesale distribution company serving customers and their communities across the Multifamily, Institutional, Hospitality, Trades, Government Housing, Healthcare, Building Services and Education industries through an expansive network of over 100 distribution centers across the U.S. & Canada. We offer our customers a vast assortment of over 100,000 MRO, full-line janitorial and OS&E products from high-quality, national and private brands, all at competitive prices. Combined with our industry-leading services and solutions – including localized jobsite delivery, renovation programs, direct-ship options and innovative digital tools and capabilities, as well as dedicated sales and customer care teams – you can see why our more than 250,000 customers continue to trust HD Supply as their supplier of choice for serving their communities where people live, learn, work and play. Equally as important is empowering our associates to grow professionally while providing competitive benefits and compensation. If you're ready to find a rewarding career and achieve your full potential with a growing industry leader, HD Supply is ready for you!

Ferguson

ferguson.com

Since 1953, Ferguson has been a leading source of quality supplies for a variety of industries. We are proud to provide world-class products and services to a customer base that is as vast and varied as our inventory. The professionals we serve help transform the world we live in, and we are their trusted partners with the scale, expertise and solutions to provide peace of mind. Ferguson is part of Ferguson Enterprises Inc., which has approximately 35,000 associates across 1,700 locations and serves customers in all 50 states, Canada, Puerto Rico, Mexico and the Caribbean.

Wesco

wesco.com

At Wesco, we believe life should run smoothly. As a leading provider of business-to-business distribution, logistics services and supply chain solutions, we create a world that you can depend on. Harnessing 100 years of ingenuity and expertise, we increase profitability, improve productivity and mitigate risk for approximately 150,000 customers worldwide. With millions of products and locations in more than 50 countries, Wesco is your partner in progress. Our company’s greatest asset is our people. From our corporate and field offices to our distribution sites, Wesco employs over 20,000 professionals around the globe. We’re committed to fostering diversity and inclusion across our workforce by embracing the unique perspectives, authenticity, and individuality our team members contribute to the company. Headquartered in Pittsburgh, Wesco is a publicly traded (NYSE: WCC) FORTUNE 500® company with 2023 net sales of $22.4 billion.

METRO/MAKRO

metroag.de

METRO is a leading international wholesale company with food and non-food assortments that specialises in serving the needs of hotels, restaurants and caterers (HoReCa) as well as independent traders. Around the world, METRO has 15 million customers who can choose whether to shop in one of the large-format stores, order online and collect their purchases at the store or have them delivered. METRO also supports the competitiveness of entrepreneurs and independent businesses with digital solutions and thereby contributes to cultural diversity in trade and the hospitality industry. The company operates in more than 30 countries and employs more than 85,000 people worldwide. In financial year 2022/23, METRO generated a group revenue of €31 billion. More information: https://careers.metroag.de Imprint: https://careers.metroag.de/imprint Data Privacy: https://careers.metroag.de/privacy-policy

Fastenal

fastenal.com

By providing three things – truly local service, the world’s largest vending program, and unmatched inventory management – Fastenal saves your business time and money. Who are Fastenal's customers? • Organizations wanting to strengthen their supply chains. • Businesses looking to streamline their operations. • Campuses planning for tomorrow. In a world of disruptions, Fastenal is a supply chain partner you can count on.

Loading…

NEWS

Winsupply CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

September 21, 2018 07:00 AM

Optimizing value with a win-win supply chain

The winners of today's supply chains have made the shift to focusing on value creation, enabled by true end-to-end collaboration and win-win pricing models.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-56355

SUMMARY

GNU Savannah Administration Savane through 3.17 uses untrusted data as part of authorization.

Published

Date2026-06-20

Updated

Date2026-06-20

RISK INFORMATION (Score: 3.7)

cvss3

Base Score: 3.7

Complexity: HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Impact Score

1.4

Exploitability

2.2

REFERENCES

CVE-2026-56347

SUMMARY

AVideo TopMenu plugin through version 26.0 contains a stored cross-site scripting vulnerability in menu item rendering due to missing output encoding of icon classes, URLs, and text labels. Attackers can inject malicious JavaScript through unescaped menu item fields that execute for all site visitors, potentially stealing session cookies or performing unauthorized actions.

Published

Date2026-06-20

Updated

Date2026-06-20

RISK INFORMATION (Score: 6.1)

cvss3

Base Score: 6.1

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

cvss4

Base Score: 5.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

2.7

Exploitability

2.8

REFERENCES

CVE-2026-56346

SUMMARY

AVideo through version 25.0 contains an authentication bypass vulnerability in the decryptMessage.json.php endpoint that allows unauthenticated users to decrypt PGP messages. Remote attackers can submit private keys, ciphertext, and passphrases to perform server-side decryption without credentials, exposing key material to logs and enabling resource exhaustion attacks.

Published

Date2026-06-20

Updated

Date2026-06-20

RISK INFORMATION (Score: 6.5)

cvss3

Base Score: 6.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

cvss4

Base Score: 6.9

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

2.5

Exploitability

3.9

REFERENCES

CVE-2026-56345

SUMMARY

AVideo through 29.0 contains an authorization bypass vulnerability in the Meet plugin's uploadRecordedVideo.json.php endpoint that derives the target users_id from the uploaded filename without verification. An attacker with knowledge of the Meet shared secret can craft a malicious file upload with a filename containing an arbitrary users_id to invoke passwordless User->login() and establish an authenticated session as any user including admin. Attackers can obtain the Meet shared secret through path-traversal vulnerabilities or timing attacks against checkToken.json.php, then POST a crafted file to uploadRecordedVideo.json.php with a filename like '1-anything.mp4' to hijack admin sessions and gain full account takeover.

Published

Date2026-06-20

Updated

Date2026-06-20

RISK INFORMATION (Score: 8.1)

cvss3

Base Score: 8.1

Complexity: HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.2

Complexity: HIGH

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.2

REFERENCES

CVE-2026-56342

SUMMARY

AVideo through version 27.0 contains a server-side request forgery vulnerability in plugin/Live/test.php that allows authenticated administrators to read arbitrary URLs via the statsURL parameter, which lacks isSSRFSafeURL() validation and accepts requests to private IP ranges and cloud metadata endpoints. Attackers can exploit this by crafting requests to internal services, cloud metadata endpoints like 169.254.169.254, and localhost to retrieve sensitive information including IAM credentials, internal service responses, and network configuration details.

Published

Date2026-06-20

Updated

Date2026-06-20

RISK INFORMATION (Score: 6.8)

cvss3

Base Score: 6.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

cvss4

Base Score: 6.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

2.3

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…