Security Directory

O

Orderman GmbH

orderman.com

33

Orderman GmbH is a well-established company specializing in professional hardware and services tailored for the hospitality and retail sectors. With over 30 years of experience and a strong market position as a leader in mobile cash registers, Orderman offers a broad portfolio including handheld devices, POS systems, printers, panel PCs, kiosks, and call systems. The company operates primarily in Austria and Italy, with additional presence in Dubai, and is a subsidiary of NCR, enhancing its credibility and market reach. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the website is built on WordPress using modern frameworks such as Elementor and JetEngine, supported by Borlabs Cookie for GDPR-compliant cookie management. It integrates Google Tag Manager and Google Analytics with consent mode enabled, demonstrating a good level of digital maturity and privacy awareness. The site is mobile-optimized and performs moderately well, with good SEO practices and accessibility features. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. It employs cookie consent mechanisms and avoids exposing sensitive data. However, it lacks a dedicated security policy or incident response page, and no vulnerability disclosure or security.txt file is present. These gaps represent opportunities for improving transparency and security posture. Overall, Orderman GmbH's website is professional, trustworthy, and compliant with privacy regulations, supporting its business credibility. Strategic enhancements in security policy communication and incident response readiness would further strengthen its risk management and customer trust.

V

Vinzenz Harrer GmbH

harrer.at

11

Vinzenz Harrer GmbH is a well-established Austrian company specializing in wood construction solutions, operating for approximately 30 years. The company offers a comprehensive online shop with a wide range of products including insulation materials, system connectors, adhesives, and tools tailored for wood construction professionals and qualified craftsmen. Their market position is strong within Austria as a leading specialist, supported by a network of partner craftsmen and extensive customer service and training offerings. The website is professionally designed with clear navigation and good content quality, targeting primarily German-speaking users in Austria. Technically, the site uses ASP.NET WebForms with jQuery and modern tracking tools such as Google Analytics and Facebook Pixel, though some outdated libraries present minor security concerns. Security posture is good with HTTPS enforced and cookie consent implemented, but could be improved with updated libraries and additional security headers. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility.

Nissan Motor Corporation operates a comprehensive global website that serves as a central hub for corporate information, sustainability initiatives, investor relations, innovation, and career opportunities. The company is a major player in the transportation industry with a strong global brand and a focus on sustainable mobility and advanced automotive technologies. The website targets a broad audience including consumers, investors, partners, and potential employees. Technically, the site employs a modern technology stack including jQuery, Swiper.js, Google Tag Manager, and OneTrust for cookie consent, indicating a mature digital infrastructure. The site is mobile optimized and well-structured for user experience and SEO. Security posture is strong with HTTPS enforced and use of standard security best practices, although explicit security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site reflects a high level of professionalism and trustworthiness consistent with a large multinational corporation.

E

Exel Composites

exelcomposites.com

19

Exel Composites is a global leader in composite design and manufacturing with over 60 years of experience. The company specializes in producing high-performance composite materials using continuous manufacturing methods such as pultrusion and pull-winding. Their business model focuses on B2B industrial clients across sectors including transportation, energy, infrastructure, and manufacturing. The website reflects a mature corporate presence with multilingual support, investor relations, and comprehensive product and case study information. Technically, the site is built on WordPress with modern JavaScript libraries and SEO optimizations, delivering a good user experience with mobile responsiveness and accessibility considerations. Security posture is strong with HTTPS enforced, cookie consent mechanisms, and no visible vulnerabilities or exposed sensitive data. However, formal security policies and incident response information are not published, representing an area for improvement. Overall, the website is professional, trustworthy, and aligned with the company's market position and business objectives.

M

Masternaut Limited

masternaut.com

40

Masternaut Limited operates as a leading UK provider of fleet telematics and tracking solutions, now branded under MICHELIN Connected Fleet. The company targets fleet operators seeking to optimize operations and reduce costs, offering telematics systems and fleet management services. The website reflects a professional B2B business model with a strong market position in transportation technology. Technically, the site is built on HubSpot CMS, leveraging modern marketing and analytics tools, but suffers from critical SSL certificate issues that undermine HTTPS security. Security headers are present but cannot compensate for the lack of a valid SSL certificate. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information is available via phone and a contact form, but no explicit security or incident response policies are published. Overall, the site is functional and professional but requires urgent remediation of SSL and privacy compliance gaps.

T

Theater Regensburg

theaterregensburg.de

25

Theater Regensburg is a public theater institution located in Regensburg, Germany, offering a diverse range of cultural performances including music theater, dance, and plays. The website serves as a portal for event information, ticket sales, and community engagement, targeting local and regional audiences interested in cultural arts. The business operates primarily in the hospitality and cultural sector with a medium-sized organizational footprint. Technically, the website employs a modern frontend stack with libraries such as jQuery, Bootstrap, and Font Awesome, providing a good user experience and mobile optimization. However, the absence of a valid SSL certificate and missing DNS records represent significant technical and security shortcomings. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR. The site maintains active social media channels and provides clear contact information, enhancing business credibility. Overall, the website is functional and professional but requires urgent improvements in security infrastructure to protect user data and improve trust.

T

Tecan Trading AG

tecan.com

40

Tecan Trading AG is a well-established Swiss company specializing in healthcare innovation, laboratory automation, diagnostics, and OEM partnering services. Their website reflects a strong market position with comprehensive product offerings in life sciences and diagnostics, supported by detailed investor relations and corporate policies. The digital infrastructure is built on HubSpot CMS, leveraging modern marketing and analytics tools such as Google Tag Manager and Microsoft Clarity, hosted behind Cloudflare for performance and security. However, a critical security gap exists due to an invalid or missing SSL certificate and lack of modern TLS protocol support, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, content-rich, and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

H

HOT Microfluidics (fluidXlab)

fluidxlab.com

31

fluidXlab GmbH, formerly HOT Microfluidics, is a specialized technology company focused on advanced fluidic and laboratory services primarily serving the energy sector. Their offerings include microfluidic products, turnkey microfluidic technology platforms, and laboratory services supporting enhanced oil recovery, underground hydrogen storage, and carbon capture solutions. The company positions itself as a niche leader with a strong emphasis on innovation and compliance with high HSE standards. The website reflects a professional and consistent brand image, targeting energy companies and research institutions engaged in subsurface energy challenges. Technically, the website is built on WordPress with Elementor and employs modern web technologies and performance optimizations. However, the SSL certificate is currently invalid, which poses a critical security risk. The site includes GDPR-compliant privacy and cookie policies with a consent mechanism, and integrates marketing and analytics tools such as Google Tag Manager and LinkedIn Insight. Social media presence is active on LinkedIn, X (Twitter), and YouTube. Overall, the website demonstrates good business credibility and privacy compliance but requires urgent remediation of SSL issues to improve security posture.

I

ITH icoserve technology for healthcare GmbH

ith-icoserve.com

40

ITH icoserve technology for healthcare GmbH is a medium-sized company operating in the healthcare technology sector, specializing in innovative software solutions for medical data management and healthcare networking. As a subsidiary of Siemens Healthineers, it holds a strong market position as a leading software provider in Health IT. The website is professionally designed with good content quality and clear navigation, targeting healthcare providers and IT professionals. Technically, the site is built on TYPO3 CMS with modern frontend libraries, but lacks a valid SSL certificate, which is a critical security shortfall. Security headers are properly configured, but the absence of HTTPS significantly reduces the security posture. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism via Cookiebot. Contact information is clearly presented, enhancing business credibility. Overall, the site is trustworthy but requires urgent security improvements.

The AES Corporation is a global energy company focused on delivering clean, renewable, and innovative energy solutions worldwide. The company positions itself as a Fortune 500 leader with a strong commitment to sustainability, serving diverse audiences including businesses, investors, and career seekers. Their business model emphasizes greener capacity, smart grids, carbon-free electricity, and digital solutions, supported by a broad network of regional subsidiaries. Technically, the website is built on Drupal 10 with modern frontend technologies and demonstrates good mobile optimization and accessibility. However, critical security issues exist, notably the absence of a valid SSL certificate and disabled TLS protocols, which severely impact the security posture. Privacy and cookie policies are present with consent mechanisms, and the site employs extensive analytics and marketing tools. Overall, the website is professional and content-rich but requires urgent security improvements to align with best practices.

T

TBWA

tbwa.com

40

TBWA is a globally recognized advertising agency network specializing in disruptive creativity to build strong brands. The website reflects a professional and consistent brand image, targeting businesses seeking innovative marketing solutions. The technical infrastructure is based on WordPress, leveraging modern JavaScript libraries and third-party marketing tools, hosted on WP Engine with Cloudflare CDN. While the site is well-structured and optimized for SEO and mobile, a critical security gap exists due to the absence of a valid SSL certificate and disabled TLS protocols, which significantly impacts the security posture. Privacy compliance is well addressed with cookie consent and legal policies present. Overall, the site demonstrates strong business credibility but requires urgent security improvements.

The Stadtgemeinde Mödling website serves as the official digital portal for the city of Mödling, Austria, providing residents and visitors with comprehensive municipal information, news, events, and public services. The site targets local citizens and stakeholders, offering easy access to administrative contacts, service forms, and cultural activities. The business model is that of a government entity focused on transparency and community engagement. Technically, the website employs a custom RIS CMS platform with common web technologies such as jQuery, Bootstrap, and FontAwesome, and integrates Matomo for analytics. However, the absence of HTTPS is a critical security flaw that undermines user trust and data protection. Security headers are partially implemented, but the lack of SSL/TLS and modern protocols significantly lowers the security posture. Privacy compliance is moderate, with a clear privacy policy but no cookie consent mechanism. Overall, the site is professional and trustworthy but requires urgent security upgrades.

L

Logwin AG

logwin-logistics.com

40

Logwin AG operates an international logistics and transportation services website offering a broad range of services including sea freight, air freight, warehousing, and transport management. The company targets businesses requiring reliable logistics solutions and positions itself as a professional and dedicated provider with a worldwide network. The website is built on TYPO3 CMS and uses modern frontend technologies such as jQuery and Fancybox, providing a good user experience with clear navigation and professional design. However, the technical infrastructure shows weaknesses, notably the absence of a valid SSL certificate and lack of TLS protocol support, which significantly impacts the security posture. Security headers are partially implemented, and privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Contact information is limited to a contact form, with no explicit emails or phone numbers found. Overall, the website is functional and professional but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

A

Aumayr GmbH

aumayr.com

27

Aumayr GmbH is a well-established Austrian manufacturing company specializing in ventilation and metal technology solutions with over 50 years of experience. The company offers a broad range of products and services including custom ventilation components, metal fabrication, installation, and maintenance. Their market position is strong regionally, supported by certifications such as ISO and the Austria Gütezeichen. The website reflects a professional digital presence with good content quality and clear navigation targeting industrial clients and business customers. Technically, the site is built on WordPress with modern plugins but lacks a valid SSL certificate, which is a critical security gap. Privacy compliance is well addressed through the use of a consent management platform and clear privacy and cookie policies. Overall, the business credibility is high, but the lack of HTTPS significantly impacts the security posture and overall risk profile.

V

VISITECH a.s.

visitech.cz

25

VISITECH a.s. is a Czech-based technology company specializing in cybersecurity, IT infrastructure, and enterprise systems. The company positions itself as a reliable partner for digital transformation and cybersecurity services, offering unique solutions such as the SOC365 security monitoring service. Their market position is strong within the Czech Republic, supported by partnerships with leading global IT vendors and a portfolio of case studies demonstrating successful implementations. The website content is professionally crafted, targeting business clients seeking advanced IT and security solutions. Technically, the website is built on WordPress with modern plugins and frameworks such as Yoast SEO, Bootstrap, and Slick Carousel, indicating a mature digital infrastructure. However, the lack of a valid SSL certificate and HTTPS support is a critical security flaw that undermines trust and exposes users to risks. The site includes GDPR-compliant privacy and cookie policies with a consent mechanism, reflecting good privacy practices. Security posture is currently weak due to missing HTTPS and modern TLS protocols, absence of HSTS, and no OCSP stapling. While content security policy headers are present, the overall SSL/TLS configuration requires urgent improvement. No explicit incident response or vulnerability disclosure information is available, which could be enhanced to improve security transparency. Overall, VISITECH a.s. demonstrates a solid business and technical foundation but must prioritize securing its web presence with proper SSL/TLS implementation to maintain credibility and protect client data. Strategic recommendations include immediate SSL deployment, enhanced security headers, and publishing incident response contacts.

K

KAUFMANN S.A

kaufmann.cl

36

Kaufmann S.A is a leading automotive company in Chile specializing in the sale and servicing of automobiles, commercial vehicles, and related products. The website reflects a comprehensive digital presence with extensive content covering various vehicle categories, after-sales services, and customer support. The company maintains a strong market position with a wide network of branches across Chile and partnerships with recognized brands and service providers. Technically, the site is built on the Liferay CMS platform, utilizing modern web technologies such as React and jQuery, but suffers from a critical lack of HTTPS support due to an invalid or missing SSL certificate, which significantly impacts its security posture. Security headers are present but insufficient without proper SSL/TLS implementation. Privacy compliance is moderate with a clear privacy policy but no visible cookie consent mechanism. Overall, the site offers good user experience and content quality but requires urgent security improvements to protect user data and enhance trust.

C

Calderys

calderys.com

40

Calderys is a globally recognized enterprise specializing in refractory products and thermal protection solutions for industries operating under high temperature conditions, primarily serving the energy and manufacturing sectors. The company offers a comprehensive range of products and services including steel casting enhancement, metallurgical fluxes, and refractory services, supported by a broad international network of offices and experts. The website reflects a mature business with a strong market position and a recent strategic alliance with HarbisonWalker International, enhancing its footprint in the refractory industry. Technically, the website is built on Drupal 10 and incorporates modern front-end libraries and tools such as Google Tag Manager and Slick Carousel. While the site is mobile-optimized and SEO-friendly with good content quality and navigation, performance metrics indicate slow loading times. Accessibility is basic but present. The hosting is provided by Vox Teneo Web Engine. From a security perspective, the site lacks a valid SSL certificate and does not support any TLS protocols, which is a critical vulnerability exposing users to risks and undermining trust. Although some security headers like Content Security Policy and X-Frame-Options are implemented, the absence of HTTPS and HSTS significantly lowers the security posture. Privacy compliance is well addressed with GDPR-compliant cookie consent mechanisms and clear privacy policies. Business credibility is high with detailed contact information, social media presence, and consistent branding. Overall, the website is professionally designed and content-rich but suffers from critical security shortcomings that must be addressed urgently to protect user data and maintain trust. Strategic recommendations include immediate SSL/TLS deployment, enabling modern security protocols, and enhancing security headers and incident response capabilities.

F

FinTech Connector

fintechconnector.com

40

FinTech Connector is a US-based fintech community platform that connects financial services professionals, organizations, and fintech entrepreneurs globally to collaborate and innovate in financial services. The platform offers matchmaking, collaboration marketplaces, funding portals, and hosts fintech events to foster innovation and impact. The website is professionally designed and hosted on Squarespace, leveraging modern web technologies and social media integration to engage its target audience effectively. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security vulnerability. Privacy and cookie policies are present but lack a full consent mechanism, indicating partial privacy compliance. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and content-rich but requires urgent security improvements to protect user data and trust.

F

First Advisory

first.li

40

First Advisory is a well-established financial advisory and wealth management firm with over 70 years of private ownership and a strong presence in Liechtenstein and international financial centers. The company offers a broad range of services including asset structuring, legal and tax consulting, investment advisory, and family office services, targeting private and corporate clients seeking comprehensive financial solutions. The website reflects a mature digital presence built on Concrete CMS, with modern web technologies and a focus on user experience and multilingual support. Security posture is solid with appropriate HTTP security headers and cookie consent mechanisms, though DNSSEC and CAA records are absent and could be improved. Contact information is clearly provided with GDPR-compliant forms and multiple international office contacts. Overall, the site demonstrates high professionalism and trustworthiness, aligning well with the company's long-standing market position.

J

Jebsen & Co. Ltd.

jebsen.com

40

Jebsen & Co. Ltd. is a well-established company founded in 1895, specializing in marketing, distribution, and investment of premium brands primarily in Greater China. The company operates across diversified sectors including Motors, Beverage, Consumer, and Capital investments, positioning itself as a bridge between Eastern and Western markets. The website reflects a mature digital presence with comprehensive business information, multilingual support, and strong branding consistency. Technically, the site is built on WordPress with modern SEO and user experience features, though performance metrics are unavailable. Security posture is currently weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which poses risks to data confidentiality and user trust. Privacy compliance is partially met with a privacy policy and incident response contact, but lacks cookie consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to align with best practices.

M

MUSO TNT

muso.com

40

MUSO TNT is a UK-based company specializing in data-driven content intelligence and content protection solutions for the media and entertainment industry. The company offers services including audience demand measurement, piracy intelligence, and automated protection for independent content creators. It holds a strong market position, trusted by major global media companies and industry associations. The website is professionally designed, content-rich, and targets enterprise clients and indie creators alike. Technically, the site is built on HubSpot CMS, uses Cloudflare for hosting and CDN, and integrates various marketing and analytics tools such as Google Analytics 4 and LinkedIn Insight Tag. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which poses risks to data confidentiality and user trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website demonstrates good business credibility and digital maturity but requires urgent improvements in SSL/TLS configuration to enhance security.

R

Rupp Austria GmbH

rupp.at

19

Rupp Austria GmbH is a well-established cheese product manufacturer and retailer based in Austria with over 100 years of history. The company offers a variety of cheese products and engages consumers through recipes and branded content. The website is professionally designed, content-rich, and optimized for SEO with structured data and social media integration. However, the absence of a valid SSL certificate and HTTPS support is a critical security vulnerability that undermines user trust and data protection. The site implements GDPR-compliant cookie consent mechanisms and provides comprehensive privacy and terms of service documentation. Overall, the business demonstrates strong market positioning in the retail cheese sector with a medium-sized operational scale.

The Würth Group is a globally recognized leader in the manufacturing and distribution of assembly and fastening materials, operating over 400 companies in 80 countries with more than 2,800 branches. Their website reflects a mature digital presence with comprehensive corporate information, career opportunities, and sustainability initiatives targeting B2B customers and industrial partners. Technically, the site employs modern frameworks such as Bootstrap and integrates advanced analytics via Piwik PRO, ensuring a responsive and user-friendly experience. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which poses risks to data confidentiality and user trust. Privacy and cookie policies are well implemented, demonstrating GDPR compliance. Overall, the site is professional and trustworthy but requires urgent SSL remediation to enhance security.

K

Kemira Oyj

kemira.com

40

Kemira Oyj is a global leader specializing in sustainable chemical solutions primarily for water-intensive industries such as pulp & paper, water treatment, and energy sectors. The company offers a comprehensive portfolio including water treatment chemicals, fiber production solutions, industrial chemicals, and digital services aimed at process optimization. Their website reflects a mature digital presence with strong emphasis on sustainability, investor relations, and corporate governance, targeting industry professionals, investors, suppliers, and potential employees. The company is headquartered in Helsinki, Finland, and maintains a large operational scale with over 4,700 employees.

T

Thöni Industriebetriebe GmbH

thoeni.com

22

Thöni Industriebetriebe GmbH is a well-established family-owned industrial group based in Austria, specializing in aluminum manufacturing, automotive components, environmental energy technology, machinery and plant construction, and hose production. The company operates internationally with multiple production sites across Austria, Germany, Italy, and the USA. The website reflects a professional and comprehensive digital presence, targeting industrial clients and partners in related sectors. Technically, the site is built on WordPress with modern frontend frameworks and plugins, but suffers from a critical lack of HTTPS support due to an invalid or missing SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the business credibility and content quality are high, but the security deficiencies pose a risk to user trust and data protection.

D

DIS AG

dis-ag.com

40

DIS AG is a leading personnel placement and recruitment company operating primarily in Germany and Austria, with a strong market position supported by over 90 branches and a parent company, The Adecco Group. The website provides comprehensive information about their services, including temporary employment, personnel placement, and training programs, targeting job seekers and companies. Technically, the site uses modern JavaScript libraries and consent management tools but suffers from a lack of valid SSL/TLS configuration, impacting security posture. Privacy compliance is well implemented with clear cookie and privacy policies. Overall, the site is professional and trustworthy but requires urgent improvements in security infrastructure to protect user data and enhance trust.

V

VAV Versicherungs-Aktiengesellschaft

vav.at

40

VAV Versicherungs-Aktiengesellschaft is an established Austrian insurance company offering a broad range of insurance products for private customers, including auto, household, home, legal protection, accident, and liability insurances. The website provides online calculators and direct purchase options, supported by a professional design and consistent branding. The company enjoys strong market positioning evidenced by multiple industry awards and high customer satisfaction ratings. Technically, the website is built on Magnolia CMS and uses common JavaScript libraries such as jQuery and Slick Carousel. However, the site suffers from slow loading times and lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

M

Medek & Schörner GmbH

medek.at

36

Medek & Schörner GmbH is a medium-sized Austrian manufacturing company specializing in high-tech cable printing machines and coating systems for optical fibers. The company positions itself as a world market leader in its niche, targeting industrial B2B customers requiring advanced cable marking and coating solutions. Their website reflects a professional and consistent brand image with clear navigation and relevant content focused on their products and industry events. Technically, the website uses a PHP backend with nginx server, Bootstrap for styling, and includes marketing and analytics tools such as HubSpot and Google Tag Manager. However, the site lacks HTTPS support, which is a significant security concern. The security posture is weak due to the absence of SSL/TLS, no HSTS, and no modern TLS protocols enabled. Privacy compliance is basic, with a privacy policy and cookie consent mechanism present but no explicit GDPR compliance indicators or data protection officer contact. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

S

STUDEN & CO Holding

sco-group.com

23

STUDEN & CO Holding is an international agribusiness holding company specializing in the processing, trading, and distribution of agricultural commodities such as sugar, edible oils, oilseeds, and grains. The company operates through subsidiaries including AGRANA-STUDEN Group and BIMAL Group, targeting agribusiness stakeholders and investors. The website presents a professional corporate image with multilingual support and clear business descriptions. Technically, the site is built on WordPress with common plugins like Yoast SEO and Visual Composer, but suffers from outdated PHP and lack of HTTPS, impacting security and performance. Security posture is weak due to missing SSL, no modern TLS support, and absence of advanced security headers. Privacy compliance is minimal with no visible privacy policy but a cookie consent banner is present. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

D

Dr. Thomas Schneider

dr-thomas-schneider.com

37

Dr. Thomas Schneider operates a specialized medical practice focused on prevention, sports medicine, occupational and traffic medicine in Lauf a.d.P., Germany. The website presents a comprehensive range of healthcare services targeting health-conscious individuals, athletes, and local businesses. The practice emphasizes holistic health coaching, orthomolecular medicine, and complementary therapies such as acupuncture and chiropractic care. Technically, the site is built on TYPO3 CMS with common JavaScript libraries like jQuery and Slick Carousel, hosted likely by Ionos. However, the website suffers from critical security shortcomings, notably the absence of HTTPS and a valid SSL certificate, exposing visitors to potential risks. Privacy compliance is minimal, with no cookie consent mechanisms or detailed GDPR indicators. Overall, the site is professionally designed and content-rich but requires urgent security and privacy improvements to meet modern standards.

I

ISG

isg-one.com

40

ISG is a global AI-centered technology research and IT advisory firm providing comprehensive sourcing, benchmarking, governance, and research services to enterprise clients. The company positions itself as a leader in AI-driven technology advisory, offering SaaS platforms to govern third-party relationships and benchmark IT landscapes. The website content is professionally designed, rich in relevant business information, and targets enterprises seeking operational excellence through technology. Technically, the site employs modern JavaScript frameworks and integrates multiple third-party services, but suffers from slow load times and lacks a valid SSL certificate, which critically impacts security posture. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Social media presence is strong, enhancing trust and engagement. However, the absence of direct contact emails or phone numbers limits immediate contact options.

F

Flowserve Corporation

flowserve.com

40

Flowserve Corporation is a global enterprise specializing in manufacturing and servicing industrial flow control products such as pumps, valves, seals, and actuators. The company serves critical industries including energy, chemicals, water management, and oil & gas, positioning itself as a market leader with a comprehensive product portfolio and strong brand presence. The website reflects a mature digital infrastructure built on Drupal 10, with modern front-end technologies and multi-language support, indicating a high level of digital maturity and user experience focus. Security posture is mixed; while security headers and policies are well implemented, the SSL certificate is invalid or missing, and no modern TLS protocols are enabled, which poses a significant risk to secure communications. Privacy compliance is strong with clear policies and consent mechanisms in place. Overall, the website is professional, content-rich, and trustworthy but requires urgent remediation of SSL/TLS issues to improve security and user trust.

L

Lakeside Labs GmbH

lakeside-labs.com

35

Lakeside Labs GmbH operates as a research and innovation hub specializing in self-organizing networked systems. The organization targets researchers, technology innovators, and academic-industry partners, offering research projects, publications, and collaborative partnerships. The website reflects a medium-sized technology entity based in Austria with a professional online presence and consistent branding. Technically, the site is built on WordPress with common plugins and libraries, but suffers from slow performance and basic mobile optimization. Security posture is weak due to the absence of a valid SSL certificate and missing DNS records, which undermines trust and exposes the site to potential risks. Privacy compliance is minimal, lacking cookie consent and comprehensive GDPR indicators. Overall, the site is functional but requires significant improvements in security and compliance to enhance trustworthiness and protect user data.

S

SPAR International

spar-international.com

32

SPAR International is a well-established global voluntary food retail group founded in 1932, operating over 13,900 stores across 48 countries. The business model focuses on licensed wholesalers and retailers working in partnership to deliver diverse store formats and retail solutions. The website reflects a mature digital presence with comprehensive content, clear navigation, and a focus on partner engagement and responsible retailing. Technically, the site is built on WordPress with common plugins and libraries, but suffers from significant security shortcomings including lack of a valid SSL certificate and DNS configuration issues. Privacy compliance is well addressed through Cookiebot consent management and a comprehensive privacy policy. However, the absence of HTTPS and security headers poses risks to user data and trust. Overall, the site is professional and content-rich but requires urgent security improvements to align with best practices and user expectations.

A

Amomed Pharma GmbH

amomed.com

25

Amomed Pharma GmbH is a medium-sized healthcare company specializing in pharmaceutical products for intensive care, emergency medicine, anesthesia, psychiatry, and neurology. The company operates as a member of the AOP Health Group, providing critical care medications aimed at reducing mortality and improving quality of life. The website targets healthcare professionals and institutions, offering product information and therapy solutions. Technically, the website is built on WordPress with a PHP backend and uses common web technologies such as jQuery, Bootstrap, and Font Awesome. However, the site lacks a valid SSL certificate, resulting in no proper HTTPS support, which is a significant security concern. Security headers are partially implemented, but critical configurations like TLS protocols and cipher suites are missing. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Contact information is not readily visible on the homepage, limiting user trust and engagement. Overall, the website demonstrates moderate digital maturity but requires urgent improvements in security and privacy to meet modern standards.

L

Lorencic GmbH Nfg. & Co KG

lorencic.com

39

Lorencic GmbH Nfg. & Co KG operates as a medium-sized company specializing in construction services and products, including workwear, reinforcement fabrics, construction profiles, diamond cutting discs, and rental of construction machinery. The company targets construction professionals and contractors primarily in Austria and surrounding European countries, as evidenced by multiple country-specific domains. The website presents a professional design with clear navigation and relevant content, supporting its business model as a B2B supplier and rental service provider. Technically, the website runs on an Apache server with Ubuntu, utilizing common JavaScript libraries such as jQuery and Bootstrap for frontend functionality. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. Performance metrics are unavailable, and mobile optimization is basic but functional. The site includes cookie consent mechanisms and basic privacy policy compliance, though more advanced privacy and security policies are lacking. From a security perspective, the lack of HTTPS is a critical vulnerability, exposing users to potential data interception risks. No advanced security headers or incident response information is published, and session management could be improved. The site uses Matomo analytics with user consent, indicating moderate user tracking with some privacy compliance. Overall, the security posture is weak and requires urgent improvements. Strategically, the company should prioritize implementing HTTPS with a valid certificate, enhance security headers, and publish clear security and incident response policies. Improving privacy compliance and expanding trust indicators will also strengthen business credibility and user confidence.

E

Eti

etietieti.com

39

Eti is a well-established Turkish food manufacturing company with a strong market presence and a diverse product portfolio including biscuits, chocolates, and health-oriented food products. The website serves as a comprehensive corporate portal providing product information, recipes, corporate governance details, career opportunities, and social responsibility initiatives. The site targets consumers interested in quality food products and healthy nutrition, leveraging a consistent brand identity and multiple language options for international reach. Technically, the website is built on ASP.NET WebForms and uses modern JavaScript libraries for UI enhancements. However, performance metrics are lacking and the site suffers from a critical security issue: the absence of a valid SSL certificate and HTTPS support, which significantly impacts user trust and security posture. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR requirements. Social media integration and partner links enhance the brand's digital ecosystem. Overall, Eti's website is professional and content-rich but requires urgent security improvements to meet modern standards.

W

World Data Lab

worlddata.io

54

World Data Lab is a mature data analytics company specializing in global consumer and demographic insights, offering detailed forecasting across numerous categories and geographies. Their platform, World Data Pro, leverages advanced data science and peer-reviewed methodologies to provide credible and consistent intelligence to businesses and policymakers. The company maintains a professional digital presence with clear navigation, consistent branding, and integration of modern marketing and analytics tools, hosted on HubSpot and protected by Cloudflare. However, a critical security gap exists due to the absence of a valid SSL certificate and proper HTTPS configuration, which undermines user trust and data security. Privacy compliance is partial, with a privacy policy present but no detected cookie consent mechanism. Contact information is primarily via web forms, with no direct emails or phone numbers published. Social media presence is active on major platforms. Overall, the website is functional and credible but requires urgent security improvements to meet modern standards.

B

BE-terna

be-terna.com

56

BE-terna is a medium-sized technology solutions provider specializing in ERP, CRM, business intelligence, data analytics, and automation solutions. The company partners with leading global technology providers such as Microsoft, Infor, Qlik, and UiPath, positioning itself as a trusted partner for businesses seeking digital transformation across multiple industries including manufacturing, retail, energy, and financial services. The website reflects a professional and comprehensive digital presence with strong branding and relevant content tailored to its target audience. Technically, the website is built on a modern stack including Webflow CMS, jQuery, and various JavaScript libraries for UI enhancements. However, the site suffers from critical SSL/TLS misconfigurations, lacking a valid certificate and modern TLS protocol support, which significantly impacts its security posture and user trust. Performance is moderate with good mobile optimization and SEO practices, but accessibility could be improved. Security-wise, while several security headers are implemented, the absence of a valid SSL certificate and lack of explicit security policies or incident response information are notable weaknesses. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks cookie consent mechanisms. Contact information is primarily via forms, with no explicit emails or phone numbers displayed. Overall, BE-terna presents a credible and professional business front with strong industry partnerships and content quality but requires urgent improvements in SSL configuration and privacy compliance to enhance security and trustworthiness.

S

System Industrie Electronic GmbH

sie.at

33

System Industrie Electronic GmbH (S.I.E) is a market-leading specialist in the development and manufacturing of embedded and cyber-physical systems. The company offers a comprehensive portfolio of services including ideation, engineering, production, and quality lifecycle management, targeting industrial clients requiring customized embedded solutions. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site is built on WordPress with modern plugins and integrations such as Google Analytics, Google Tag Manager, and OneSignal push notifications. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which poses a significant risk to data confidentiality and user trust. Privacy compliance is well addressed with comprehensive cookie consent mechanisms and GDPR-aligned privacy policies. Overall, the business demonstrates strong credibility and market positioning, but urgent improvements in SSL/TLS configuration are necessary to enhance security and trust.

P

PACEup Management-Consulting GmbH

paceup.at

24

PACEup Management-Consulting GmbH is an Austrian owner-managed consulting boutique specializing in Controlling & Finance, Organization & Processes, and strategic decision-making. The company serves a diverse clientele including industrial, trade, infrastructure, energy, logistics, and public sector organizations. Their key services include tailored consulting solutions and interim management, positioning them as a niche player in the Austrian consulting market. The website is professionally designed with clear navigation and relevant content targeting German-speaking business clients. Technically, the site runs on WordPress with common libraries like jQuery and Slick Carousel, but suffers from a critical lack of a valid SSL certificate, resulting in no proper HTTPS support. This significantly impacts the security posture and trustworthiness of the site. Security headers are minimal, and no incident response or security policies are published. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates moderate business credibility but requires urgent security improvements to protect user data and enhance trust.

B

Bullhorn

invenias.com

40

Bullhorn is a well-established enterprise SaaS provider specializing in cloud-based staffing and recruitment software solutions, including the Invenias executive search platform. The company serves a global customer base with a comprehensive suite of products designed to streamline recruitment processes, enhance compliance, and improve business development efforts. The website reflects a mature digital presence with strong branding, professional content, and targeted messaging for staffing firms and executive search professionals. Technically, the site leverages WordPress CMS, integrates marketing automation tools like Marketo, and employs standard web technologies such as jQuery and Slick Carousel. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which is a critical vulnerability that undermines user trust and data protection. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent via OneTrust, and GDPR adherence. Overall, the site is professional and credible but requires urgent remediation of SSL issues to ensure secure user interactions.

Edgewell Personal Care operates a global corporate website showcasing its portfolio of personal care brands. The site targets consumers and stakeholders interested in the company's products, culture, and sustainability efforts. Technically, the site is built on Shopify with Cloudflare CDN and security services, leveraging modern web technologies and cookie consent mechanisms. However, a critical security weakness is the absence of a valid SSL certificate and disabled TLS protocols, which undermines secure communications. Privacy compliance is well addressed with OneTrust cookie consent and GDPR indicators. Overall, the site presents a professional and trustworthy business image but requires urgent remediation of SSL and TLS issues to ensure secure user interactions.

B

Bloomerang

initlive.com

63

Bloomerang operates as a leading provider of cloud-based donor management and fundraising software tailored for nonprofit organizations. The company offers a comprehensive suite of tools including donor CRM, fundraising, and volunteer management solutions, positioning itself as a trusted partner to over 26,000 nonprofits. Their market presence is reinforced by multiple industry awards and strong customer testimonials, reflecting a mature and well-established business model focused on SaaS delivery. Technically, the website is built on WordPress and leverages a modern technology stack including Yoast SEO, Google Tag Manager, and various marketing and analytics integrations such as Marketo and Microsoft Clarity. Hosting is provided via WP Engine with Cloudflare CDN, ensuring good infrastructure support. The site demonstrates excellent design quality, mobile optimization, and SEO practices, contributing to a positive user experience and strong digital maturity. From a security perspective, the site currently lacks a valid SSL certificate and does not support modern TLS protocols, which significantly undermines its security posture. While some security headers are present, critical improvements are needed to secure data transmission and protect user privacy. Privacy and cookie policies are comprehensive and GDPR compliant, indicating attention to regulatory requirements. Contact information is clearly provided, enhancing business credibility. Overall, Bloomerang's website reflects a professional and trustworthy nonprofit software provider with strong business credibility and digital presence. However, the absence of HTTPS and modern encryption protocols presents a critical security risk that should be addressed promptly to protect users and maintain trust.

S

SimTech GmbH

simtechnology.com

31

SimTech GmbH is a specialized software company providing advanced simulation technology primarily for energy and chemical engineering sectors. With over 30 years of experience, the company offers simulation software (IPSEpro), model libraries, consulting, and training services targeted at plant manufacturers, consultants, and R&D organizations. The website reflects a professional and consistent brand with clear business information and reputable client references. Technically, the site is built on Joomla CMS with modern frameworks but lacks HTTPS, which is a critical security gap. Security headers are present but insufficient without SSL/TLS. Privacy compliance is good with a clear privacy policy, though no cookie consent mechanism is implemented. Overall, the site is content-rich and trustworthy but requires urgent security improvements to protect user data and enhance trust.

B

Baumit.com

baumit.com

36

Baumit.com is an established international company specializing in building materials, facade insulation, and innovative construction technologies such as 3D concrete printing. The company emphasizes sustainability and healthy living environments, supported by research initiatives like the VIVA Research Park. The website presents a professional and consistent brand image with good content quality and navigation. Technically, the site uses a variety of modern JavaScript libraries and custom CMS solutions, but the main domain lacks HTTPS, which is a significant security concern. The subdomain int.baumit.com uses HTTPS properly. Security posture is weak due to missing SSL on the main domain and lack of security headers. Privacy compliance is well addressed with clear cookie consent and privacy policies. Business credibility is supported by consistent WHOIS data and structured organization information. Overall, the site is functional and professional but requires urgent security improvements to protect users and enhance trust.

Tesnila GK d.o.o. is a medium-sized Slovenian manufacturer specializing in rubber parts and elastomer solutions primarily for the automotive industry, with expanding applications in other sectors. The company emphasizes quality through ISO and IATF certifications and invests in research, development, and automated production. Their website reflects a professional business presence with detailed product and company information, multiple contact channels, and social media engagement. Technically, the site is built on DotNetNuke CMS with common web technologies but suffers from critical security shortcomings, notably the absence of HTTPS and valid SSL/TLS configuration. This exposes visitors and business communications to potential risks. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy, though terms of service and incident response policies are not evident. Overall, the business appears legitimate and well-established, but urgent security improvements are necessary to protect data and maintain trust.

J

Job-TransFair gemeinnützige GmbH

jobtransfair.at

27

Job-TransFair gemeinnützige GmbH is a Vienna-based non-profit organization dedicated to supporting disadvantaged individuals in the labor market by facilitating permanent employment opportunities. The organization collaborates with a large network of partner companies and receives financial support from the AMS Wien and the City of Vienna. Their website provides comprehensive information about their services, success stories, and job offers, targeting both job seekers and employers. The content is well-structured, professionally presented, and primarily in German. Technically, the site is built on the Contao CMS platform with modern frontend technologies like Bootstrap and jQuery, but suffers from a critical lack of HTTPS support due to an invalid or missing SSL certificate, which significantly impacts its security posture. Privacy compliance is strong, with Cookiebot implemented for consent management and clear privacy and cookie policies. The site also integrates Google Tag Manager for analytics and marketing purposes. Overall, the business is credible and transparent, with clear contact information and trust indicators such as certifications and partnerships.

P

Patheon pharma services - Global CDMO

patheon.com

39

Patheon pharma services, a brand under Thermo Fisher Scientific, operates as a global contract development and manufacturing organization (CDMO) serving the pharmaceutical, biotech, and life sciences industries. The website presents a comprehensive portfolio of services including small and large molecule development, advanced therapies, clinical trial services, and commercial manufacturing. Positioned as a trusted partner with a global footprint, Patheon emphasizes integrated solutions and innovative drug development approaches to accelerate treatments to market. The business model focuses on end-to-end drug development and manufacturing partnerships, targeting pharmaceutical and biotech companies worldwide. The domain is mature and strongly protected, reflecting a stable and legitimate enterprise presence. Technically, the website is built on Adobe Experience Manager (AEM) and leverages modern JavaScript libraries such as jQuery, FontAwesome, and Slick Carousel, alongside marketing and analytics tools like Adobe Target and Genesys Messenger. Hosting and content delivery are managed via Akamai CDN, ensuring global reach and performance. The site is mobile optimized with good SEO practices and structured data for enhanced search visibility. However, performance metrics are not explicitly available. From a security perspective, the site lacks a valid SSL/TLS certificate and does not serve content over HTTPS, which is a critical vulnerability impacting user trust and data security. While some security headers are present, the misconfiguration of HSTS and absence of modern TLS protocols and cipher suites significantly weaken the security posture. Privacy compliance is well addressed through comprehensive privacy and cookie policies linked to the parent company’s domain, with GDPR compliance implied. Contact information is primarily via web forms, with no direct emails or phone numbers prominently displayed. Overall, the website demonstrates strong business credibility and professional digital presence but requires urgent remediation of its SSL/TLS and HTTPS implementation to meet modern security standards and protect user data. Strategic improvements in security configuration and explicit contact channels would enhance trust and compliance.

D

DSC Doralt Seist Csoklich Rechtsanwälte GmbH

dsc.at

25

DSC Doralt Seist Csoklich Rechtsanwälte GmbH is a well-established Austrian law firm with over 30 years of experience, offering comprehensive legal consulting services across a broad spectrum of legal fields. The firm positions itself as a top 20 law firm in Austria, emphasizing efficiency and holistic solutions for its clients. The website reflects a professional and consistent brand image, targeting clients seeking expert legal advice primarily in Austria. The business model is focused on providing high-quality legal services with a client-centric approach. Technically, the website is built on a PHP backend with nginx server infrastructure and uses several JavaScript libraries including jQuery, Slick Carousel, Flexslider, and AOS for animations. The site employs Matomo for analytics, indicating a preference for privacy-conscious tracking. However, the website lacks a valid SSL certificate, resulting in no HTTPS support, which is a significant security shortfall. Performance metrics are not available, but the presence of multiple large images and older JavaScript libraries suggests moderate to slow loading times. From a security perspective, the absence of HTTPS and security headers such as Content-Security-Policy and HSTS reduces the overall security posture. No critical vulnerabilities or exposed sensitive data were detected, but the lack of modern security best practices is notable. Privacy compliance is well addressed with clear privacy and cookie policies, cookie consent mechanisms, and GDPR compliance indicators. Contact information is complete and clearly presented, enhancing trustworthiness. Overall, the website is professional and credible but requires urgent improvements in SSL/TLS configuration and security headers to enhance user trust and data protection. Strategic recommendations include implementing a valid SSL certificate, enabling HSTS, adding security headers, and continuing to maintain privacy compliance and transparent contact information.