Comparison Overview
Xcel Energy

Xcel Energy
401 Nicollet Mall, Minneapolis, US
Last Update: 01/04/2026
A leading energy provider, dedicated to excellence. We make energy work better for our customers, helping them thrive every day. That means always raising the bar - delivering better service and providing more reliable, resilient and sustainable energy to the eight stat...

American Electric Power
1 Riverside Plaza, Columbus, OH, US, 43215
Last Update: 07/05/2026
Our team at American Electric Power is committed to improving our customers' lives with reliable, affordable power. We are investing $54 billion from 2025 through 2029 to enhance service for customers and support the growing energy needs of our communities. Our nearly 1...
Compliance Ranges Comparison

Xcel Energy







American Electric Power






Benchmark & Cyber Underwriting Signals
Incidents vs Utilities Industry Avg (This Year)
No incidents recorded for Xcel Energy in 2026.
Incidents vs Utilities Industry Avg (This Year)
No incidents recorded for American Electric Power in 2026.
Incident History - Xcel Energy (X = Date, Y = Severity)
Xcel Energy cyber incidents detection timeline including parent company and subsidiaries.
Incident History - American Electric Power (X = Date, Y = Severity)
American Electric Power cyber incidents detection timeline including parent company and subsidiaries.
Notable Incidents

Xcel Energy

American Electric Power
FAQ
Latest Global CVEs
Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.
Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.
Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network.