Constellation
Company Details
Linkedin ID:
constellation-energy
Employees number:
9,456
Number of followers:
87,909
NAICS:
22
Industry Type:
Homepage:
constellationenergy.com
IP Addresses:
29
Company ID:
CON_1362644
Scan Status:
Completed
Constellation Company CyberSecurity Posture
constellationenergy.com
A Fortune 200 company headquartered in Baltimore, Constellation Energy Corporation (Nasdaq: CEG) is the nation’s largest producer of clean, carbon-free energy and a leading supplier of energy products and services to businesses, homes, community aggregations and public sector customers across the continental United States, including three fourths of Fortune 100 companies. With annual output that is nearly 90% carbon-free, our hydro, wind and solar facilities paired with the nation’s largest nuclear fleet have the generating capacity to power the equivalent of 15 million homes, providing about 10% of the nation’s clean energy. We are further accelerating the nation’s transition to a carbon-free future by helping our customers reach their sustainability goals, setting our own ambitious goal of achieving 100% carbon-free generation by 2040, and by investing in promising emerging technologies to eliminate carbon emissions across all sectors of the economy. https://www.constellationenergy.com/our-company/what-we-stand-for/our-purpose.htm Learn more at www.constellation.com or on Twitter at @ConstellationEG. Subscribe to our blog at www.constellation.com/subscribe
Constellation A.I CyberSecurity Scoring
Constellation Risk Score (AI oriented)Between 800 and 849
Constellation
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Constellation Global Score (TPRM)XXXX
Constellation
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Constellation Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
Constellation Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Constellation
Incidents vs Utilities Industry Average (This Year)
No incidents recorded for Constellation in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Constellation in 2025.
Incident Types Constellation vs Utilities Industry Avg (This Year)
No incidents recorded for Constellation in 2025.
Incident History — Constellation (X = Date, Y = Severity)
Constellation cyber incidents detection timeline including parent company and subsidiaries
Constellation Company Subsidiaries
A Fortune 200 company headquartered in Baltimore, Constellation Energy Corporation (Nasdaq: CEG) is the nation’s largest producer of clean, carbon-free energy and a leading supplier of energy products and services to businesses, homes, community aggregations and public sector customers across the continental United States, including three fourths of Fortune 100 companies. With annual output that is nearly 90% carbon-free, our hydro, wind and solar facilities paired with the nation’s largest nuclear fleet have the generating capacity to power the equivalent of 15 million homes, providing about 10% of the nation’s clean energy. We are further accelerating the nation’s transition to a carbon-free future by helping our customers reach their sustainability goals, setting our own ambitious goal of achieving 100% carbon-free generation by 2040, and by investing in promising emerging technologies to eliminate carbon emissions across all sectors of the economy. https://www.constellationenergy.com/our-company/what-we-stand-for/our-purpose.htm Learn more at www.constellation.com or on Twitter at @ConstellationEG. Subscribe to our blog at www.constellation.com/subscribe
Loading...
Constellation Similar Companies
Dubai Electricity & Water Authority - DEWA
Dubai Electricity and Water Authority (DEWA), established on 1 January 1992, stands at the forefront of sustainable energy and water management. With a dedicated workforce of over 11,000 employees, we ensure reliable services across the entire chain of electricity and water production, transmission,
Pacific Gas and Electric Company
Pacific Gas and Electric Company, incorporated in California in 1905, is one of the largest combination natural gas and electric utilities in the United States. Based in San Francisco, the company is a subsidiary of PG&E Corporation. There are approximately 20,000 employees who carry out Pacific
Duke Energy, a Fortune 150 company headquartered in Charlotte, N.C., is one of America’s largest energy holding companies. The company’s electric utilities serve 8.4 million customers in North Carolina, South Carolina, Florida, Indiana, Ohio and Kentucky, and collectively own 54,800 megawatts of ene
Neoenergia
Somos uma companhia de capital aberto com ações (NEOE3) negociadas na Bolsa de Valores de São Paulo. Parte do grupo espanhol Iberdrola, atuamos no Brasil desde 1997, e atualmente, somos uma das líderes do setor elétrico do país. Estamos presentes em 18 estados e no Distrito Federal, com negócios em
Eskom Holdings SOC Ltd
Company profile Eskom Holdings generates, transports and distributes approximately 95% of South Africa’s electricity – making up 60% of the total electricity consumed on the African continent. Eskom is the world’s eleventh-largest power utility in terms of generating capacity, ranks ninth in term
Westinghouse Electric Company
Westinghouse Electric Company is the world's leading supplier of safe and innovative nuclear technology. We provide our utility customers around the world with the most reliable, dependable nuclear power plants, nuclear fuel, plant automation and operating plant products and services. We are driven
As a leading electric and natural gas energy company, we offer a comprehensive portfolio of energy-related products and services to 3.4 million electricity customers and 1.9 million natural gas customers across our eight states: Colorado, Michigan, Minnesota, New Mexico, North Dakota, South Dakota,
We are a multinational company changing the face of energy, one of the world’s leading integrated utilities. As the largest private player in producing clean energy with renewable sources we have more than 88 GW of total capacity, including around 64 GW of renewables. Distributing electricity t
Enedis
Enedis est le gestionnaire du réseau public de distribution d’électricité sur 95 % du territoire français continental. Ses 38 859 collaborateurs assurent chaque jour l’exploitation, l’entretien et le développement de près de 1,3 million de kilomètres de réseau. Raccordement, mise en service, dépann
.png)
Constellation CyberSecurity News
November 12, 2025 09:18 PM
Constellation Earns CMMC Level 2 Certification Reinforcing Commitment to Cybersecurity
Baltimore (Nov. 12, 2025) — Constellation (NASDAQ: CEG), the nation's largest producer of clean energy and a leading supplier of energy products and...
September 23, 2025 07:00 AM
Constellation West and Patero partner to help federal agencies accelerate post-quantum security readiness
C, vendor of mission-critical cybersecurity, nuclear deterrence support, and trusted solutions for the highest echelons of U.S. military...
September 19, 2025 07:00 AM
Constellation West and Patero Partner on Post-Quantum Readiness
Constellation West and Patero are partnering to help federal agencies prepare for the shift to quantum computing.
September 12, 2025 07:00 AM
Chip-Level Security: How Hackers, AI Risks & Space Cybersecurity Threaten Enterprises | DisrupTV Ep. 410
Chip-Level Security: How Hackers, AI Risks & Space Cybersecurity Threaten Enterprises | DisrupTV Ep. 410 In this episode of DisrupTV...
September 02, 2025 07:00 AM
Protecting AI Workloads: Microsoft's Vision for Cybersecurity
As AI transforms cybersecurity, it's crucial to understand its impact. AI is altering the economics of cyberattacks, presenting new challenges.
August 29, 2025 07:00 AM
BT150 zeitgeist: Inside a ransomware attack, AI project success
CxOs in the BT150 recount recovering from a ransomware attack and the ingredients for successful AI projects. In our August BT150 meetup,...
August 27, 2025 07:00 AM
CrowdStrike acquires Onum, reports strong Q2
CrowdStrike said it will acquire Onum, a company that specializes in real-time telemetry data pipelines, in a move that will bring more data...
August 25, 2025 07:00 AM
Secure browsers will matter more with AI agents
Palo Alto Networks CEO Nikesh Arora said agentic AI means that enterprises will need secure browsers and the company is seeing strong demand...
August 11, 2025 07:00 AM
Why is China Taking Measures to Counter SpaceX's Starlink?
Chinese scientists are exploring military countermeasures including stealth submarines and attack satellites to neutralise Elon Musk's...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Constellation CyberSecurity History Information
Official Website of Constellation
The official website of Constellation is http://www.constellationenergy.com.
Constellation’s AI-Generated Cybersecurity Score
According to Rankiteo, Constellation’s AI-generated cybersecurity score is 826, reflecting their Good security posture.
How many security badges does Constellation’ have ?
According to Rankiteo, Constellation currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Constellation have SOC 2 Type 1 certification ?
According to Rankiteo, Constellation is not certified under SOC 2 Type 1.
Does Constellation have SOC 2 Type 2 certification ?
According to Rankiteo, Constellation does not hold a SOC 2 Type 2 certification.
Does Constellation comply with GDPR ?
According to Rankiteo, Constellation is not listed as GDPR compliant.
Does Constellation have PCI DSS certification ?
According to Rankiteo, Constellation does not currently maintain PCI DSS compliance.
Does Constellation comply with HIPAA ?
According to Rankiteo, Constellation is not compliant with HIPAA regulations.
Does Constellation have ISO 27001 certification ?
According to Rankiteo,Constellation is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Constellation
Constellation operates primarily in the Utilities industry.
Number of Employees at Constellation
Constellation employs approximately 9,456 people worldwide.
Subsidiaries Owned by Constellation
Constellation presently has no subsidiaries across any sectors.
Constellation’s LinkedIn Followers
Constellation’s official LinkedIn profile has approximately 87,909 followers.
NAICS Classification of Constellation
Constellation is classified under the NAICS code 22, which corresponds to Utilities.
Constellation’s Presence on Crunchbase
No, Constellation does not have a profile on Crunchbase.
Constellation’s Presence on LinkedIn
Yes, Constellation maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/constellation-energy.
Cybersecurity Incidents Involving Constellation
As of November 27, 2025, Rankiteo reports that Constellation has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
Constellation has an estimated 4,130 peer or competitor companies worldwide.
Constellation CyberSecurity History Information
How many cyber incidents has Constellation faced ?
Total Incidents: According to Rankiteo, Constellation has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at Constellation ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=constellation-energy' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
