Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download

Comparison Overview

XeroXero
VS
TOTVSTOTVS
Xero

Xero

19-23 Taranaki Street, Te Aro, Wellington, 6142, NZ

Last Update: 09/03/2026

View Profile
Between 750 and 799
http://www.xero.com
782/1000Fair

Accounting software to help supercharge your small business. Power your invoicing. Automate your admin. And set business efficiency to cruise control. Used by over 4.2m subscribers globally.

NAICS:5112
NAICS Definition:Software Publishers
Employees:5,923
Subsidiaries:0
12-month incidents
0
Known data breaches
0
Attack type number
0
TOTVS

TOTVS

Av Braz Leme, 1000, Sao Paulo, 02511-900, BR

Last Update: 01/04/2026

View Profile
Between 750 and 799
https://www.totvs.com
767/1000Fair

Olá, somos a TOTVS! A maior empresa de tecnologia do Brasil. 🤓 Líder absoluta em sistemas e plataformas para empresas, a TOTVS possui mais de 70 mil clientes. Indo muito além do ERP, oferece tecnologia completa para digitalização dos negócios por meio de 3 unidades de...

NAICS:5112
NAICS Definition:Software Publishers
Employees:16,566
Subsidiaries:0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Ranges Comparison

Based On Specific Ai Models Category
Xero

Xero

-
ISO 27001Not verified
ISO 27001
-
SOC2 Type 1Not verified
SOC2 Type 1
-
SOC2 Type 2Not verified
SOC2 Type 2
-
GDPRNot verified
GDPR
-
PCI DSSNot verified
PCI DSS
-
HIPAANot verified
HIPAA
TOTVS

TOTVS

-
ISO 27001Not verified
ISO 27001
-
SOC2 Type 1Not verified
SOC2 Type 1
-
SOC2 Type 2Not verified
SOC2 Type 2
-
GDPRNot verified
GDPR
-
PCI DSSNot verified
PCI DSS
-
HIPAANot verified
HIPAA

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Avg (This Year)

No incidents recorded for Xero in 2026.

Incidents

Incidents vs Software Development Industry Avg (This Year)

No incidents recorded for TOTVS in 2026.

Incidents

Incident History - Xero (X = Date, Y = Severity)

Xero cyber incidents detection timeline including parent company and subsidiaries.

No timeline data available
R - Ransomware
C - Cyber Attack
D - Data Breach
V - Vulnerability

Incident History - TOTVS (X = Date, Y = Severity)

TOTVS cyber incidents detection timeline including parent company and subsidiaries.

No timeline data available
R - Ransomware
C - Cyber Attack
D - Data Breach
V - Vulnerability

Notable Incidents

Last Cyber / HR Incidents / Global...
Xero

Xero

Incidents
No explicit notable incidents reported.
TOTVS

TOTVS

Incidents
No explicit notable incidents reported.

FAQ

Between Xero company and TOTVS company, which one has the best AI Cybersecurity Score ?
Between Xero company and TOTVS company, which one has experienced more cyber incidents in the past ?
Between Xero company and TOTVS company, which one has experienced more cyber incidents this year ?
Between Xero company and TOTVS company, which one has experienced at least one ransomware attack ?
Between Xero company and TOTVS company, which one has experienced at least one data breach ?
Between Xero company and TOTVS company, which one has experienced at least one targeted cyberattack ?
Between Xero company and TOTVS company, which one has experienced at least one vulnerability ?
Between Xero company and TOTVS company, which one holds the most compliance certifications ?
Between Xero company and TOTVS company, which one holds the fewest compliance certifications ?
Between Xero company and TOTVS company, which one has the most subsidiaries ?
Between Xero company and TOTVS company, which one has the largest number of employees ?
Between Xero and TOTVS, which company holds both SOC 2 Type 1 certifications ?
Between Xero and TOTVS, which company holds both SOC 2 Type 2 certifications ?
Which company is ISO 27001 certified - Xero or TOTVS ?
Which company is PCI DSS compliant - Xero or TOTVS ?
Between Xero and TOTVS, which company complies with HIPAA regulations for healthcare data ?
Between Xero and TOTVS, which company complies with GDPR requirements ?

Latest Global CVEs

CVE-2026-57100
SUMMARY

Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.

PUBLISHED
Date2026-07-02
UPDATED
Date2026-07-02
RISK INFORMATION (Score: 9.9)
CVSS3
Base Score: 9.9
Complexity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
IMPACT SCORE
6
EXPLOITABILITY
3.1
CVE-2026-54998
SUMMARY

Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.

PUBLISHED
Date2026-07-02
UPDATED
Date2026-07-02
RISK INFORMATION (Score: 8.8)
CVSS3
Base Score: 8.8
Complexity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
IMPACT SCORE
5.9
EXPLOITABILITY
2.8
CVE-2026-45499
SUMMARY

Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.

PUBLISHED
Date2026-07-02
UPDATED
Date2026-07-02
RISK INFORMATION (Score: 9.9)
CVSS3
Base Score: 9.9
Complexity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
IMPACT SCORE
6
EXPLOITABILITY
3.1
CVE-2026-41106
SUMMARY

Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.

PUBLISHED
Date2026-07-02
UPDATED
Date2026-07-02
RISK INFORMATION (Score: 9.3)
CVSS3
Base Score: 9.3
Complexity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
IMPACT SCORE
5.8
EXPLOITABILITY
2.8
CVE-2026-26145
SUMMARY

Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network.

PUBLISHED
Date2026-07-02
UPDATED
Date2026-07-02
RISK INFORMATION (Score: 4.8)
CVSS3
Base Score: 4.8
Complexity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
IMPACT SCORE
3.6
EXPLOITABILITY
1.2