What is the official website of ORYGEN ?

The official website of ORYGEN is www.orygen.com.

What is ORYGEN's cybersecurity risk score?

ORYGEN has an AI-generated cybersecurity risk score of 757 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has ORYGEN experienced?

According to Rankiteo, ORYGEN currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has ORYGEN been affected by any supply chain cyber incidents ?

According to Rankiteo, ORYGEN has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does ORYGEN have SOC 2 Type 1 certification ?

According to Rankiteo, ORYGEN is not certified under SOC 2 Type 1.

Does ORYGEN have SOC 2 Type 2 certification ?

According to Rankiteo, ORYGEN does not hold a SOC 2 Type 2 certification.

Does ORYGEN comply with GDPR ?

According to Rankiteo, ORYGEN is not listed as GDPR compliant.

Does ORYGEN have PCI DSS certification ?

According to Rankiteo, ORYGEN does not currently maintain PCI DSS compliance.

Does ORYGEN comply with HIPAA ?

According to Rankiteo, ORYGEN is not compliant with HIPAA regulations.

Does ORYGEN have ISO 27001 certification ?

According to Rankiteo,ORYGEN is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does ORYGEN operate in ?

ORYGEN operates primarily in the Electric Power Generation industry.

How many employees does ORYGEN have ?

ORYGEN employs approximately 301 people worldwide.

Does ORYGEN own any subsidiaries ?

ORYGEN presently has no subsidiaries across any sectors.

How many LinkedIn followers does ORYGEN have ?

ORYGEN's official LinkedIn profile has approximately 33,096 followers.

What is the NAICS classification code for ORYGEN ?

ORYGEN is classified under the NAICS code 22111, which corresponds to Electric Power Generation.

Does ORYGEN have a Crunchbase profile ?

No, ORYGEN does not have a profile on Crunchbase.

Does ORYGEN have a LinkedIn profile ?

Yes, ORYGEN maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/orygenpe.

How many cybersecurity incidents has ORYGEN experienced ?

As of June 24, 2026, Rankiteo reports that ORYGEN has not experienced any cybersecurity incidents.

How many peer or competitor companies does ORYGEN have ?

ORYGEN has an estimated 184 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

ORYGEN

Boost Score +25 with badge (5 left)

757

/1000

Fair

782

/1000

Fair

ORYGEN Vendor Cyber Rating & Cyber Score

orygen.com

Add Your Compliance Badge

Somos Orygen, empresa peruana dedicada a la generación de energía sostenible, confiable y competitiva para las industrias del Perú, mediante una matriz energética diversificada con cuatro tecnologías: solar, eólica, hídrica y térmica a gas. Lideramos la generación de energía renovable en el país, con una capacidad instalada de más de 2,2GW y 13 centrales, que nos permiten producir alrededor de 10,000GWh al año de energía sostenible y evitar la emisión de más de 1 millón de toneladas de CO2 al medio ambiente en el mismo período. Operamos los complejos de tecnología solar y eólica más importantes del Perú, ubicados en Moquegua e Ica; y contamos con un portafolio de más de 12GW de proyectos solares, eólicos e híbridos, presentes en 7

ORYGEN A.I CyberSecurity Scoring

Scoring History

ORYGEN

ORYGEN CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

ORYGEN Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for ORYGEN

Incidents vs Electric Power Generation Industry Avg (This Year)

No incidents recorded for ORYGEN in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for ORYGEN in 2026.

Incident Types ORYGEN vs Electric Power Generation Industry Avg (This Year)

No incidents recorded for ORYGEN in 2026.

Incident History - ORYGEN (X = Date, Y = Severity)

Loading…

SUBSIDIARY

ORYGEN Subsidiaries

Parent Company

ORYGEN

Electric Power Generation

Website: www.orygen.com

Company Size: 301

No subsidiary data available for this company.

Loading…

ORYGEN Similar Companies

GE Vernova

linktree.com

GE Vernova is a purpose-built energy technology company on a mission to electrify to thrive and decarbonize the world. It is made up of three businesses -- Power, Wind, and Electrification -- with focus on accelerating the path to more reliable, affordable, and sustainable energy, while helping our customers power economies and deliver the electricity that is vital to health, safety, security, and improved quality of life. The world needs more energy, smarter energy. With energy demand expected to grow by more than 50% in the next 20 years, we are continuously innovating to meet the moment…like we have for the past 130 years. The Energy of Change and relentless optimism are what drive us – it’s about never giving up and seeing what’s possible so that we deliver the energy technologies the world needs right now and for generations to come. GE Vernova’s attitude and edge is embedded in its name. We retain our treasured legacy, “GE,” as an enduring and hard-earned badge of quality and ingenuity. “Ver” / “verde” signal Earth’s verdant and lush ecosystems. “Nova,” from the Latin “novus,” nods to a new, innovative era of lower carbon energy that GE Vernova will help deliver. Together, we have the energy to change the world.

Iberdrola

iberdrola.com

With more than 180 years of history, Iberdrola is today a global energy leader, the leading wind power producer and one of the largest electricity companies in the world in terms of stock market capitalisation. We have been committed to clean energy for more than 20 years with the objective of exceeding 52,000 MW of renewable capacity by 2025. The group supplies energy to nearly 100 million people in dozens of countries, has more than 600,000 shareholders, a workforce of more than 42,300 employees. We are leading the energy transition to a sustainable model through our investments in renewables, smart grids, large-scale energy storage and digital transformation to deliver the most advanced products and services to our customers. Find out more in 'Life at Iberdrola'

Loading…

NEWS

ORYGEN CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

January 29, 2026 08:00 AM

Trump's Indian-Origin Cyber Chief Uploaded Critical Files On ChatGPT: Report

The interim head of America's cyber defence agency, the very agency tasked with protecting the government's secrets, uploaded sensitive...

Read Article

January 29, 2026 08:00 AM

Trump’s Indian-Origin Cybersecurity Chief Uploaded SENSITIVE Docs To ChatGPT

US Cybersecurity Chief Madhu Gottumukkala Under Fire for Uploading Sensitive Files to ChatGPT! Indian-origin technocrat, Trump's trusted...

Read Article

January 29, 2026 08:00 AM

Indian-origin US cyber agency chief uploaded sensitive files to ChatGPT

The acting head of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Madhu Gottumukkala, has come under scrutiny after...

Read Article

January 15, 2026 08:00 AM

CloudSEK Becomes First Indian-Origin Cybersecurity Company to Receive Investment from a U.S. State Fund

CloudSEK Raises $19 Million in Series B1 Funding to Scale Predictive Cybersecurity Platform. CloudSEK, a leader in AI-powered cyber threat...

Read Article

January 15, 2026 08:00 AM

Indian cybersecurity firm to establish regional U.S. HQ in CT following CI investment

Connecticut Innovations, the state's quasi-public venture investment firm, has invested in Indian cybersecurity firm CloudSEK, which said it...

Read Article

January 15, 2026 08:00 AM

Cybersecurity Firm CloudSEK Bags USD 10 Mn to Expand US Presence

The funding comes after CloudSEK was selected as a top startup at VentureClash, a global investment pitch competition organised by...

Read Article

January 14, 2026 08:00 AM

CloudSEK Raises $10 Million from Connecticut Innovations, Marks First Indian-Origin Cybersecurity Firm Backed by a US State Fund

Bengaluru-based cybersecurity company CloudSEK has raised $10 million in funding from Connecticut Innovations (CI), the strategic venture.

Read Article

January 14, 2026 08:00 AM

CloudSEK secures $10 million strategic investment from Connecticut Innovations (CI)

CloudSEK, a Bengaluru, India-based cybersecurity firm has secured a strategic investment from Connecticut Innovations (CI), the strategic...

Read Article

January 13, 2026 08:00 AM

Bengaluru-based cybersecurity firm CloudSEK gets $10M in funding from US state-backed fund

CloudSEK, a Bengaluru based cybersecurity firm has raised $10 million from Connecticut Innovations (CI), the venture capital arm of the...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-56785

SUMMARY

FlatPress versions prior to commit 10be83c, contains a stored cross-site scripting vulnerability in comment and contact forms where name, URL, and email fields are rendered without proper output encoding in Smarty templates. Attackers can inject arbitrary HTML and JavaScript through these fields to execute malicious scripts in browsers of viewers including administrators, or bypass URL scheme validation to inject javascript: or data: URIs.

Published

Date2026-06-23

Updated

Date2026-06-23

RISK INFORMATION (Score: 8.2)

cvss3

Base Score: 8.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N

cvss4

Base Score: 8.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-54588

SUMMARY

Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 use the attacker-controlled `HTTP_HOST` request header as the authoritative source for building callback URLs in its OIDC, SAML, and logout authentication flows without any validation. An unauthenticated attacker can poison the `redirect_uri` sent to the Identity Provider, causing the IdP to redirect the victim's authorization code to an attacker-controlled server - resulting in full account takeover with no credentials required. Versions 4.2.4 and 4.3.3 patch the issue.

Published

Date2026-06-23

Updated

Date2026-06-23

RISK INFORMATION (Score: 9.6)

cvss3

Base Score: 9.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

Impact Score

Exploitability

2.8

REFERENCES

CVE-2026-48493

SUMMARY

Snipe-IT is an IT asset/license management system. In versions prior to 8.6.0, a user with only users.edit can send a PATCH to /api/v1/users/{their_own_id} and grant themselves any permission except admin and superuser — for example `assets.view`, `assets.create`, `reports.view`, import, etc. The issue is patched in version 8.6.0.

Published

Date2026-06-23

Updated

Date2026-06-23

RISK INFORMATION (Score: 5.5)

cvss3

Base Score: 5.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N

Impact Score

4.2

Exploitability

1.2

REFERENCES

CVE-2026-47693

SUMMARY

Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 are vulnerable to CSV Injection (Formula Injection) in its log export functionality. User-controlled data — specifically the username field — is written to exported CSV files without sanitizing formula trigger characters (=, +, -, @). When an administrator exports activity logs and opens the resulting CSV in a spreadsheet application (Microsoft Excel, LibreOffice Calc, Google Sheets), any formula stored in a username is executed by the application. This can be used for phishing attacks against administrators or data exfiltration. Versions 4.2.4 and 4.3.3 patch the issue.

Published

Date2026-06-23

Updated

Date2026-06-23

RISK INFORMATION (Score: 6.9)

cvss3

Base Score: 6.9

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N

Impact Score

4.7

Exploitability

1.7

REFERENCES

CVE-2026-12164

SUMMARY

Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission relationships.

Published

Date2026-06-23

Updated

Date2026-06-23

RISK INFORMATION (Score: 4.4)

cvss3

Base Score: 4.4

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Impact Score

3.6

Exploitability

0.8

REFERENCES

https://www.fortra.com/security/advisories/product-security/fi-2026-010

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…