Comparison Overview

NRG Energy

VS

Glovo

NRG Energy

910 Louisiana St, Houston, Texas, 77002, US
Last Update: 2025-12-09
View Profile
Between 750 and 799
https://www.nrg.com

NRG stands at the intersection of energy and home services, where we are driven by the idea of a smarter, cleaner future. Our focus is on innovative solutions that make our customers’ lives easier—helping them power, protect, and intelligently manage their homes and businesses. Together, we create possibilities to empower the millions of customers we serve and communities where they live and work. For more information about us visit nrg.com. Connect with NRG on Facebook and follow us on Twitter and Instagram @nrgenergy.

NAICS: 81
NAICS Definition: Other Services (except Public Administration)
Employees: 14,155
Subsidiaries: 2
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Glovo

Carrer de Llull, 108, Barcelona, Catalonia, 08005, ES
Last Update: 2025-12-09
Between 750 and 799
https://about.glovoapp.com/

Glovo is a pioneering multi-category app connecting users with businesses, and couriers, offering on-demand services from local restaurants, grocers and supermarkets, and high street retail stores. Glovo’s vision is to give everyone easy access to everything within their city, so that our users can enjoy what they want, when they want, where they want. Founded in 2015 in Barcelona, it operates across 25 countries in Europe, Central Asia and Africa.

NAICS: 81
NAICS Definition: Other Services (except Public Administration)
Employees: 11,687
Subsidiaries: 0
12-month incidents
0
Known data breaches
1
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/nrg-energy.jpeg
NRG Energy
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/glovo-app.jpeg
Glovo
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
NRG Energy
100%
Compliance Rate
0/4 Standards Verified
Glovo
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Consumer Services Industry Average (This Year)

No incidents recorded for NRG Energy in 2025.

Incidents vs Consumer Services Industry Average (This Year)

No incidents recorded for Glovo in 2025.

Incident History — NRG Energy (X = Date, Y = Severity)

NRG Energy cyber incidents detection timeline including parent company and subsidiaries

Incident History — Glovo (X = Date, Y = Severity)

Glovo cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/nrg-energy.jpeg
NRG Energy
Incidents

No Incident

https://images.rankiteo.com/companyimages/glovo-app.jpeg
Glovo
Incidents

Date Detected: 5/2021
Type:Breach
Blog: Blog

FAQ

NRG Energy company demonstrates a stronger AI Cybersecurity Score compared to Glovo company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Glovo company has historically faced a number of disclosed cyber incidents, whereas NRG Energy company has not reported any.

In the current year, Glovo company and NRG Energy company have not reported any cyber incidents.

Neither Glovo company nor NRG Energy company has reported experiencing a ransomware attack publicly.

Glovo company has disclosed at least one data breach, while NRG Energy company has not reported such incidents publicly.

Neither Glovo company nor NRG Energy company has reported experiencing targeted cyberattacks publicly.

Neither NRG Energy company nor Glovo company has reported experiencing or disclosing vulnerabilities publicly.

Neither NRG Energy nor Glovo holds any compliance certifications.

Neither company holds any compliance certifications.

NRG Energy company has more subsidiaries worldwide compared to Glovo company.

NRG Energy company employs more people globally than Glovo company, reflecting its scale as a Consumer Services.

Neither NRG Energy nor Glovo holds SOC 2 Type 1 certification.

Neither NRG Energy nor Glovo holds SOC 2 Type 2 certification.

Neither NRG Energy nor Glovo holds ISO 27001 certification.

Neither NRG Energy nor Glovo holds PCI DSS certification.

Neither NRG Energy nor Glovo holds HIPAA certification.

Neither NRG Energy nor Glovo holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
Description

Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
Description

A security flaw has been discovered in CTCMS Content Management System up to 2.1.2. The impacted element is an unknown function in the library /ctcms/libs/Ct_Config.php of the component Backend System Configuration Module. The manipulation of the argument Cj_Add/Cj_Edit results in code injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss2
Base: 5.8
Severity: LOW
AV:N/AC:L/Au:M/C:P/I:P/A:P
cvss3
Base: 4.7
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in CTCMS Content Management System up to 2.1.2. The affected element is the function Save of the file /ctcms/libs/Ct_App.php of the component Backend App Configuration Module. The manipulation of the argument CT_App_Paytype leads to code injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss2
Base: 5.8
Severity: LOW
AV:N/AC:L/Au:M/C:P/I:P/A:P
cvss3
Base: 4.7
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Weblate is a web based localization tool. In versions prior to 5.15, it was possible to accept an invitation opened by a different user. Version 5.15. contains a patch. As a workaround, avoid leaving one's Weblate sessions with an invitation opened unattended.

Published
Date
2025-12-15
Updated
Date
2025-12-15
Risk Information
cvss4
Base: 1.0
Severity: HIGH
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References