Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download

Comparison Overview

Marsh McLennanMarsh McLennan
VS
AonAon
Marsh McLennan

Marsh McLennan

1166 Avenue of the Americas, New York, NY, US, 10036

Last Update: 05/04/2026

View Profile
808/1000Good

Marsh (NYSE: MRSH) is a global leader in risk, strategy and people, advising clients in 130 countries across four businesses: Marsh Risk, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue over $24 billion and more than 90,000 ...

NAICS:52
NAICS Definition:Finance and Insurance
Employees:45,730
Subsidiaries:0
12-month incidents
0
Known data breaches
1
Attack type number
2
Aon

Aon

122 Leadenhall Street, London, GB, EC3V 4AN

Last Update: 19/06/2026

View Profile
Between 700 and 749
http://www.aon.com
729/1000Moderate

We exist to shape decisions for the better — to protect and enrich the lives of people around the world. Through actionable analytic insight, globally integrated Risk Capital and Human Capital expertise, and locally relevant solutions, our colleagues provide clients in ...

NAICS:52
NAICS Definition:Finance and Insurance
Employees:90,093
Subsidiaries:11
12-month incidents
0
Known data breaches
2
Attack type number
4

Compliance Ranges Comparison

Based On Specific Ai Models Category
Marsh McLennan

Marsh McLennan

-
ISO 27001Not verified
ISO 27001
-
SOC2 Type 1Not verified
SOC2 Type 1
-
SOC2 Type 2Not verified
SOC2 Type 2
-
GDPRNot verified
GDPR
-
PCI DSSNot verified
PCI DSS
-
HIPAANot verified
HIPAA
Aon

Aon

-
ISO 27001Not verified
ISO 27001
-
SOC2 Type 1Not verified
SOC2 Type 1
-
SOC2 Type 2Not verified
SOC2 Type 2
-
GDPRNot verified
GDPR
-
PCI DSSNot verified
PCI DSS
-
HIPAANot verified
HIPAA

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Avg (This Year)

No incidents recorded for Marsh McLennan in 2026.

Incidents

Incidents vs Financial Services Industry Avg (This Year)

No incidents recorded for Aon in 2026.

Incidents

Incident History - Marsh McLennan (X = Date, Y = Severity)

Marsh McLennan cyber incidents detection timeline including parent company and subsidiaries.

R - Ransomware
C - Cyber Attack
D - Data Breach
V - Vulnerability

Incident History - Aon (X = Date, Y = Severity)

Aon cyber incidents detection timeline including parent company and subsidiaries.

R - Ransomware
C - Cyber Attack
D - Data Breach
V - Vulnerability

Notable Incidents

Last Cyber / HR Incidents / Global...
Marsh McLennan

Marsh McLennan

Incidents
🔒 Incident : Data Leak
MAR18242223
🔒 Incident : Breach
MAR307072525
Aon

Aon

Incidents
🔒 Incident : Ransomware
OFCK&LAONPROKIRSHEPWCMOV1781843490
🔒 Incident : Data Leak
AON20209723
🔒 Incident : Cyber Attack
AON19301322

FAQ

Between Marsh McLennan company and Aon company, which one has the best AI Cybersecurity Score ?
Between Marsh McLennan company and Aon company, which one has experienced more cyber incidents in the past ?
Between Marsh McLennan company and Aon company, which one has experienced more cyber incidents this year ?
Between Marsh McLennan company and Aon company, which one has experienced at least one ransomware attack ?
Between Marsh McLennan company and Aon company, which one has experienced at least one data breach ?
Between Marsh McLennan company and Aon company, which one has experienced at least one targeted cyberattack ?
Between Marsh McLennan company and Aon company, which one has experienced at least one vulnerability ?
Between Marsh McLennan company and Aon company, which one holds the most compliance certifications ?
Between Marsh McLennan company and Aon company, which one holds the fewest compliance certifications ?
Between Marsh McLennan company and Aon company, which one has the most subsidiaries ?
Between Marsh McLennan company and Aon company, which one has the largest number of employees ?
Between Marsh McLennan and Aon, which company holds both SOC 2 Type 1 certifications ?
Between Marsh McLennan and Aon, which company holds both SOC 2 Type 2 certifications ?
Which company is ISO 27001 certified - Marsh McLennan or Aon ?
Which company is PCI DSS compliant - Marsh McLennan or Aon ?
Between Marsh McLennan and Aon, which company complies with HIPAA regulations for healthcare data ?
Between Marsh McLennan and Aon, which company complies with GDPR requirements ?

Latest Global CVEs

CVE-2026-58523
SUMMARY

Improper access control in Microsoft Edge for Android allows an unauthorized attacker to bypass a security feature over a network.

PUBLISHED
Date2026-07-03
UPDATED
Date2026-07-03
RISK INFORMATION (Score: 6.5)
CVSS3
Base Score: 6.5
Complexity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
IMPACT SCORE
3.6
EXPLOITABILITY
2.8
CVE-2026-14617
SUMMARY

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer._filter_and_accumulate of the file gateway/stream_consumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case sensitivity. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is told to be difficult. The exploit has been disclosed publicly and may be used. The project decided to not implement a dedicated fix: "[T]he analysis and the fix are both sound. It just lands below the bar for the maintenance cost of a duplicated scrub path."

PUBLISHED
Date2026-07-03
UPDATED
Date2026-07-03
RISK INFORMATION (Score: 3.1)
CVSS2
Base Score: 2.1
Complexity: HIGH
AV:N/AC:H/Au:S/C:P/I:N/A:N
CVSS3
Base Score: 3.1
Complexity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS4
Base Score: 1.3
Complexity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
IMPACT SCORE
1.4
EXPLOITABILITY
1.6
CVE-2026-58597
SUMMARY

Insufficient ui warning of dangerous operations in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

PUBLISHED
Date2026-07-03
UPDATED
Date2026-07-03
RISK INFORMATION (Score: 4.3)
CVSS3
Base Score: 4.3
Complexity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
IMPACT SCORE
1.4
EXPLOITABILITY
2.8
CVE-2026-58524
SUMMARY

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

PUBLISHED
Date2026-07-03
UPDATED
Date2026-07-03
RISK INFORMATION (Score: 5.4)
CVSS3
Base Score: 5.4
Complexity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
IMPACT SCORE
2.5
EXPLOITABILITY
2.8
CVE-2026-58522
SUMMARY

Relative path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally.

PUBLISHED
Date2026-07-03
UPDATED
Date2026-07-03
RISK INFORMATION (Score: 6.8)
CVSS3
Base Score: 6.8
Complexity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
IMPACT SCORE
4.2
EXPLOITABILITY
2.5