Comparison Overview

Exelon

VS

American Electric Power

Exelon

10 S. Dearborn, Chicago, IL, 60603, US
Last Update: 2025-12-09
View Profile
Between 800 and 849
http://www.exeloncorp.com

Exelon Corporation (Nasdaq: EXC) is the nation’s largest utility company, serving more than 10 million customers through six fully regulated utilities. We believe that reliable and affordable energy is essential to a brighter, more sustainable future. We are a FORTUNE 250 company operating across a large urban footprint, serving major metro areas in Delaware, the District of Columbia, Illinois, Maryland, New Jersey and Pennsylvania. Exelon is recognized as an industry leader with best-in-class operations, a firm commitment to maintaining energy affordability, a track record of top-quartile reliability performance, strong ESG leadership and principles, and a deep dedication to supporting and investing in the communities we serve.

NAICS: 22
NAICS Definition: Utilities
Employees: 18,586
Subsidiaries: 4
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

American Electric Power

1 Riverside Plaza, Columbus, OH, US, 43215
Last Update: 2025-12-09
Between 800 and 849
http://AEP.com

Our team at American Electric Power is committed to improving our customers' lives with reliable, affordable power. We are investing $54 billion from 2025 through 2029 to enhance service for customers and support the growing energy needs of our communities. Our nearly 16,000 employees operate and maintain the nation's largest electric transmission system with 40,000 line miles, along with more than 225,000 miles of distribution lines to deliver energy to 5.6 million customers in 11 states. AEP also is one of the nation's largest electricity producers with approximately 29,000 megawatts of diverse generating capacity. We are focused on safety and operational excellence, creating value for our stakeholders and bringing opportunity to our service territory through economic development and community engagement. Our family of companies includes AEP Ohio, AEP Texas, Appalachian Power (in Virginia and West Virginia), AEP Appalachian Power (in Tennessee), Indiana Michigan Power, Kentucky Power, Public Service Company of Oklahoma, and Southwestern Electric Power Company (in Arkansas, Louisiana, east Texas and the Texas Panhandle). AEP also owns AEP Energy, which provides innovative competitive energy solutions nationwide. AEP is headquartered in Columbus, Ohio. For more information, visit aep.com.

NAICS: 22
NAICS Definition: Utilities
Employees: 12,468
Subsidiaries: 8
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/exelon.jpeg
Exelon
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/american-electric-power.jpeg
American Electric Power
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Exelon
100%
Compliance Rate
0/4 Standards Verified
American Electric Power
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Utilities Industry Average (This Year)

No incidents recorded for Exelon in 2025.

Incidents vs Utilities Industry Average (This Year)

No incidents recorded for American Electric Power in 2025.

Incident History — Exelon (X = Date, Y = Severity)

Exelon cyber incidents detection timeline including parent company and subsidiaries

Incident History — American Electric Power (X = Date, Y = Severity)

American Electric Power cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/exelon.jpeg
Exelon
Incidents

No Incident

https://images.rankiteo.com/companyimages/american-electric-power.jpeg
American Electric Power
Incidents

No Incident

FAQ

American Electric Power company demonstrates a stronger AI Cybersecurity Score compared to Exelon company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, American Electric Power company has disclosed a higher number of cyber incidents compared to Exelon company.

In the current year, American Electric Power company and Exelon company have not reported any cyber incidents.

Neither American Electric Power company nor Exelon company has reported experiencing a ransomware attack publicly.

Neither American Electric Power company nor Exelon company has reported experiencing a data breach publicly.

Neither American Electric Power company nor Exelon company has reported experiencing targeted cyberattacks publicly.

Neither Exelon company nor American Electric Power company has reported experiencing or disclosing vulnerabilities publicly.

Neither Exelon nor American Electric Power holds any compliance certifications.

Neither company holds any compliance certifications.

American Electric Power company has more subsidiaries worldwide compared to Exelon company.

Exelon company employs more people globally than American Electric Power company, reflecting its scale as a Utilities.

Neither Exelon nor American Electric Power holds SOC 2 Type 1 certification.

Neither Exelon nor American Electric Power holds SOC 2 Type 2 certification.

Neither Exelon nor American Electric Power holds ISO 27001 certification.

Neither Exelon nor American Electric Power holds PCI DSS certification.

Neither Exelon nor American Electric Power holds HIPAA certification.

Neither Exelon nor American Electric Power holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edition prior to 17.0.99.1763126988 and Tuleap Enterprise Edition prior to 17.0-3 and 16.13-8 have missing CSRF protections which allow attackers to create or remove tracker triggers. This issue is fixed in Tuleap Community Edition version 17.0.99.1763126988 and Tuleap Enterprise Edition versions 17.0-3 and 16.13-8.

Published
Date
2025-12-08
Updated
Date
2025-12-08
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
Description

Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon versions prior to 17.0.99.1762456922 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 are vulnerable to CSRF attacks through planning management API. Attackers have access to create, edit or remove plans. This issue is fixed in Tuleap Community Edition version 17.0.99.1762456922 and Tuleap Enterprise Edtion versions 17.0-2, 16.13-7 and 16.12-10.

Published
Date
2025-12-08
Updated
Date
2025-12-08
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
Description

Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below 17.0.99.1762444754 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 allow attackers trick victims into changing tracker general settings. This issue is fixed in version Tuleap Community Edition version 17.0.99.1762444754 and Tuleap Enterprise Edition versions 17.0-2, 16.13-7 and 16.12-10.

Published
Date
2025-12-08
Updated
Date
2025-12-08
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
Description

Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not have access to. This issue is fixed in version 17.0.99.1762431347 of the Tuleap Community Edition and versions 17.0-2, 16.13-7 and 16.12-10 of Tuleap Enterprise Edition.

Published
Date
2025-12-08
Updated
Date
2025-12-08
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
Description

IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user to cause a denial of service through ingestion pods due to improper allocation of resources without limits.

Published
Date
2025-12-08
Updated
Date
2025-12-08
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References