What is the official website of QED ?

The official website of QED is http://www.qedelectric.com.

What is QED's cybersecurity risk score?

QED has an AI-generated cybersecurity risk score of 756 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has QED experienced?

According to Rankiteo, QED currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has QED been affected by any supply chain cyber incidents ?

According to Rankiteo, QED has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does QED have SOC 2 Type 1 certification ?

According to Rankiteo, QED is not certified under SOC 2 Type 1.

Does QED have SOC 2 Type 2 certification ?

According to Rankiteo, QED does not hold a SOC 2 Type 2 certification.

Does QED comply with GDPR ?

According to Rankiteo, QED is not listed as GDPR compliant.

Does QED have PCI DSS certification ?

According to Rankiteo, QED does not currently maintain PCI DSS compliance.

Does QED comply with HIPAA ?

According to Rankiteo, QED is not compliant with HIPAA regulations.

Does QED have ISO 27001 certification ?

According to Rankiteo,QED is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does QED operate in ?

QED operates primarily in the Wholesale industry.

How many employees does QED have ?

QED employs approximately 257 people worldwide.

Does QED own any subsidiaries ?

QED presently has no subsidiaries across any sectors.

How many LinkedIn followers does QED have ?

QED's official LinkedIn profile has approximately 2,174 followers.

Does QED have a Crunchbase profile ?

No, QED does not have a profile on Crunchbase.

Does QED have a LinkedIn profile ?

Yes, QED maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/qed-electric.

How many cybersecurity incidents has QED experienced ?

As of June 16, 2026, Rankiteo reports that QED has not experienced any cybersecurity incidents.

How many peer or competitor companies does QED have ?

QED has an estimated 6,653 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

QED

Boost Score +25 with badge (5 left)

756

/1000

Fair

781

/1000

Fair

QED Vendor Cyber Rating & Cyber Score

qedelectric.com

Add Your Compliance Badge

Founded in Denver in 1987, QED aims to provide high-quality products and services to the electrical industry. QED employs over 500 associates across 19 branches within Arizona and Colorado to serve residential and commercial contractors, industrial facilities, and OEM businesses. QED is part of the Sonepar Group, an independent family-owned company with global market leadership in B-to-B distribution of electrical products, solutions, and related services. Present in 40 countries with a dense network of brands, the Group is leading an ambitious transformation to make its customers’ lives easier providing them an omnichannel experience and sustainable solutions in the building, industry, and energy markets. Sonepar’s 45,000 associates are

QED A.I CyberSecurity Scoring

Scoring History

QED

QED CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

QED Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for QED

Incidents vs Wholesale Industry Avg (This Year)

No incidents recorded for QED in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for QED in 2026.

Incident Types QED vs Wholesale Industry Avg (This Year)

No incidents recorded for QED in 2026.

Incident History - QED (X = Date, Y = Severity)

Loading…

SUBSIDIARY

QED Subsidiaries

QED

Wholesale

Website: http://www.qedelectric.com

Company Size: 257

Sonepar USAWholesale

SoneparWholesale

Viking ElectricWholesale

Crawford Electric SupplyWholesale

Irby Co.Wholesale

OneSource DistributorsWholesale

Cooper ElectricAppliances, Electrical, and Electronics Manufacturing

Cooper Power SystemsElectric Power Generation

Capital ElectricWholesale

NorthEast ElectricalWholesale

North Coast ElectricWholesale

World Electric SupplyElectrical Equipment Manufacturing

Irby UtilitiesUtilities

Springfield ElectricWholesale

Electric SupplyWholesale

Billows Electric SupplyConstruction

Professional Electric Products Company (PEPCO)Wholesale

Richards ElectricWholesale

Nedco SupplyWholesale

HOLT Electrical SupplyWholesale

Independent Electric SupplyWholesale

Codale Electric Supply, Inc.Wholesale

Loading…

QED Similar Companies

Porsche Holding

porsche-holding.com

Porsche Holding Salzburg is the largest and most successful automotive distributor in Europe. Our roots are in Salzburg, but we now also operate in 29 countries on three continents. Our core expertise: global automotive distribution. Our business divisions: automotive wholesale, automotive retail, financial services and IT systems. From a humble family business to one of the largest sales organizations in the world. Driven by our passion for the automobile since the company formation in 1947, Porsche Holding has grown from a family business into the leading mobility partner with dealerships and offices in 23 countries across Europe as well as in Chile, Colombia, China, Singapore, Malaysia, and Japan. Our corporate headquarters is still located where our company's rich history began, in the beautiful Austrian city of Salzburg. As a fully-owned subsidiary of Volkswagen AG, our business focuses on the VW Group brands Volkswagen Passenger Cars and Commercial Vehicles, Škoda, SEAT, CUPRA, Audi, Lamborghini, Bentley, Ducati and Porsche. We shape the future of mobility. Join the Porsche Holding team and be part of it.

Rexel

rexel.com

Rexel, worldwide expert in the multichannel professional distribution of products and services for the energy world, addresses three main markets: residential, commercial, and industrial. The Group supports its residential, commercial, and industrial customers by providing a tailored and scalable range of products and services in energy management for construction, renovation, production, and maintenance. Rexel operates through a network of more than 1,950 branches in 17 countries, with more than 27,000 employees. The Group’s sales were €19.3 billion in 2024.

Atacadão

atacadao.com.br

O Atacadão é uma empresa do Grupo Carrefour Brasil, com mais de 370 unidades de autosserviço e 36 atacados de entrega e centros de distribuição, que garantem o abastecimento de comerciantes, transformadores e consumidores finais, e está em contínua expansão. Com base nos pilares estratégicos de combate à fome e às desigualdades, diversidade e inclusão e proteção ao planeta & biodiversidade, o Atacadão tem o compromisso de oferecer produtos de qualidade a preços justos aos seus clientes. Com 62 anos de história, mais de 70 mil colaboradores e presença em mais de 220 municípios, também atua no e-commerce com o seu próprio canal de vendas online. Em 2023, a rede conquistou importantes prêmios para o setor, como o 1º lugar na categoria atacadista no Top of Mind, da Folha de S. Paulo, o primeiro lugar no ranking de varejo, supermercados e e-commerce do Prêmio BandNews e a 10ª colocação do ranking geral das 1000 Maiores Empresas do País, do Valor Econômico. O Atacadão também lidera o Ranking ABAAS (Associação Brasileira dos Atacadistas de Autosserviço) e da ABAD (Associação Brasileira de Atacadistas e Distribuidores de Produtos Industrializados). Racismo é crime. Denuncie. Disque 100 ou procure a Delegacia de Polícia Civil mais próxima ou o Ministério Público.

Fastenal

fastenal.com

By providing three things – truly local service, the world’s largest vending program, and unmatched inventory management – Fastenal saves your business time and money. Who are Fastenal's customers? • Organizations wanting to strengthen their supply chains. • Businesses looking to streamline their operations. • Campuses planning for tomorrow. In a world of disruptions, Fastenal is a supply chain partner you can count on.

METRO/MAKRO

metroag.de

METRO is a leading international wholesale company with food and non-food assortments that specialises in serving the needs of hotels, restaurants and caterers (HoReCa) as well as independent traders. Around the world, METRO has 15 million customers who can choose whether to shop in one of the large-format stores, order online and collect their purchases at the store or have them delivered. METRO also supports the competitiveness of entrepreneurs and independent businesses with digital solutions and thereby contributes to cultural diversity in trade and the hospitality industry. The company operates in more than 30 countries and employs more than 85,000 people worldwide. In financial year 2022/23, METRO generated a group revenue of €31 billion. More information: https://careers.metroag.de Imprint: https://careers.metroag.de/imprint Data Privacy: https://careers.metroag.de/privacy-policy

HD Supply

hdsupply.com

HD Supply, a wholly owned subsidiary of The Home Depot, is a leading wholesale distribution company serving customers and their communities across the Multifamily, Institutional, Hospitality, Trades, Government Housing, Healthcare, Building Services and Education industries through an expansive network of over 100 distribution centers across the U.S. & Canada. We offer our customers a vast assortment of over 100,000 MRO, full-line janitorial and OS&E products from high-quality, national and private brands, all at competitive prices. Combined with our industry-leading services and solutions – including localized jobsite delivery, renovation programs, direct-ship options and innovative digital tools and capabilities, as well as dedicated sales and customer care teams – you can see why our more than 250,000 customers continue to trust HD Supply as their supplier of choice for serving their communities where people live, learn, work and play. Equally as important is empowering our associates to grow professionally while providing competitive benefits and compensation. If you're ready to find a rewarding career and achieve your full potential with a growing industry leader, HD Supply is ready for you!

Wesco

wesco.com

At Wesco, we believe life should run smoothly. As a leading provider of business-to-business distribution, logistics services and supply chain solutions, we create a world that you can depend on. Harnessing 100 years of ingenuity and expertise, we increase profitability, improve productivity and mitigate risk for approximately 150,000 customers worldwide. With millions of products and locations in more than 50 countries, Wesco is your partner in progress. Our company’s greatest asset is our people. From our corporate and field offices to our distribution sites, Wesco employs over 20,000 professionals around the globe. We’re committed to fostering diversity and inclusion across our workforce by embracing the unique perspectives, authenticity, and individuality our team members contribute to the company. Headquartered in Pittsburgh, Wesco is a publicly traded (NYSE: WCC) FORTUNE 500® company with 2023 net sales of $22.4 billion.

Ferguson

ferguson.com

Since 1953, Ferguson has been a leading source of quality supplies for a variety of industries. We are proud to provide world-class products and services to a customer base that is as vast and varied as our inventory. The professionals we serve help transform the world we live in, and we are their trusted partners with the scale, expertise and solutions to provide peace of mind. Ferguson is part of Ferguson Enterprises Inc., which has approximately 35,000 associates across 1,700 locations and serves customers in all 50 states, Canada, Puerto Rico, Mexico and the Caribbean.

Sonepar

sonepar.com

Sonepar is an independent family-owned company standing as the world leader in B-to-B distribution of electrical equipment, solutions, and services. In 2024, Sonepar achieved sales of €32.5 billion. Present in 40 countries with a dense network of brands, the Group is leading an ambitious transformation to make its customers’ lives easier, providing them with an omnichannel experience and sustainable solutions in the building, industry, and energy markets. Sonepar’s 46,000 associates are committed to accelerating the world’s electrification and driven by a shared Purpose: Powering Progress for Future Generations.

Loading…

NEWS

QED CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 12, 2026 08:00 AM

Bolanle Austen-Peters’ Wire Wire selected for 2026 Joburg Film Festival

Filmmaker Bolanle Austen-Peters' Wire Wire has been selected to screen at the 2026 Joburg Film Festival in Johannesburg, South Africa.

Read Article

January 27, 2026 10:30 AM

AI platform Zocks lands $45M from Lightspeed, QED to scale advisor workflows

San Francisco's Zocks raises $45M Series B led by Lightspeed and QED to expand AI automation for financial advisors, saving 10+ hours/week...

Read Article

January 02, 2026 08:00 AM

CISA Issues Warning on WHILL Model C2 Wheelchair Takeover Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a severe security flaw in WHILL Model C2...

Read Article

November 05, 2025 08:00 AM

Fidelity Backs $10 Billion Quantum Firm Quantinuum in Oversubscribed Round

Fidelity International has made its first investment in Quantinuum, joining an oversubscribed $800 million funding round.

Read Article

October 22, 2025 07:00 AM

Federal Funding Fuels Quantum: Big Gains for IBM, IONQ, RGTI in 2025?

The quantum computing industry in 2025 is moving decisively from research to commercialization. Major U.S. agencies are backing the field as...

Read Article

September 05, 2025 07:00 AM

ESG News Recap: Quantinuum Hits $10B Valuation

Quantinuum Valued at $10B After $600M Raise: Backed by Nvidia and QED, the firm eyes breakthroughs in AI, drug discovery, and cybersecurity.

Read Article

September 04, 2025 07:00 AM

Nvidia’s Venture Arm Invests in Honeywell’s Quantinuum

Nvidia Corp.'s venture capital arm is investing in Quantinuum for the first time, valuing the quantum computing company controlled by...

Read Article

August 29, 2025 07:00 AM

FTC chair claims Google shunting GOP emails into spam folder

The Trump administration has accused Google of discriminating against Republicans' emails and warned that the tech giant could be in line...

Read Article

August 06, 2025 07:00 AM

FutureCon Cybersecurity Conference Flies Through The Mile High City

The most recent FutureCon conference was held last week at the Ritz Carlton in Denver, Colo. The keynote speaker, Billy Rios, managing partner at QED Secure...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-53430

SUMMARY

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Message modules) allows a denial of service via a gzip decompression bomb. This vulnerability is associated with program files lib/grpc/compressor/gzip.ex, lib/grpc/message.ex and program routines 'Elixir.GRPC.Compressor.Gzip':decompress/1, 'Elixir.GRPC.Message':from_data/2. 'Elixir.GRPC.Compressor.Gzip':decompress/1 calls :zlib.gunzip/1 directly on attacker-controlled bytes with no decompressed-size limit, ratio check, or incremental decoding. Because this module is the registered gzip GRPC.Compressor implementation, it is invoked automatically whenever an incoming gRPC frame carries the grpc-encoding: gzip header. :zlib.gunzip/1 allocates the entire decompressed result as a single binary, so a small highly compressible payload (for example a few kilobytes of zeros, which gzip compresses at roughly 1000:1) expands to multiple gigabytes inside a single call. The max_receive_message_length limit is enforced only against the already-decompressed message, so it provides no protection. An unauthenticated remote peer can send a single crafted frame to exhaust the BEAM node's heap and trigger an out-of-memory kill. This issue affects grpc: from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48854

SUMMARY

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BEAM's memory and crash the server by streaming a large or slow-trickle unary request body. 'Elixir.GRPC.Server.Adapters.Cowboy.Handler':read_full_body/3 (lib/grpc/server/adapters/cowboy/handler.ex) accumulates every received chunk into a single growing binary with no size cap. Additionally, when the client omits the grpc-timeout header, the per-chunk read timeout resolves to :infinity, allowing a slow-trickle client to keep the connection alive indefinitely while memory grows. A single connection is sufficient to exhaust server memory and crash the node. This issue affects grpc from 0.3.1 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48853

SUMMARY

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unauthenticated attackers to crash the BEAM node via atom table exhaustion and, when a decoded term flows into a call site that invokes it, achieve remote code execution on the server. 'Elixir.GRPC.Codec.Erlpack':decode/2 (lib/grpc/codec/erlpack.ex) calls :erlang.binary_to_term/1 on the raw gRPC message body without the :safe option, no size bound, and no type guard. Any unauthenticated peer that sends a request with Content-Type: application/grpc+erlpack can send a crafted payload that mints arbitrary new atoms (which are never garbage-collected, exhausting the bounded atom table and crashing the VM) or that encodes a fun term which, if applied anywhere downstream, executes attacker-controlled code inside the server process. This issue affects grpc from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 9.2

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48723

SUMMARY

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable to OS command injection via the cypress_config_file configuration parameter. In readCypressConfigUtil.js, the loadJsFile() function constructs a shell command by interpolating the user-controlled cypress_config_filepath value into a template literal, then executes it via child_process.execSync(). Shell metacharacters in the config path (specifically " and ;) allow breaking out of the quoted argument and injecting arbitrary commands. This issue has been fixed in version 1.36.6.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: 7.8)

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-48599

SUMMARY

Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. In 'Elixir.GRPC.Server.Transcode':map_request/5 (lib/grpc/server/transcode.ex), all three clauses use Map.merge/2 with path bindings as the first argument, giving them the lowest merge precedence. A request such as GET /users/me/profile?user_id=victim (or a POST with {"user_id": "victim"} when body: "*") yields a decoded protobuf struct where the path-bound field carries the attacker-supplied value rather than the router-extracted value. Any handler that uses the path-bound field for authorization, multi-tenancy scoping, or ownership checks is silently bypassed. This issue affects grpc from 0.8.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 7.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…