Security Directory

C

ConVista Consulting AG

convista.com

40

ConVista Consulting AG is a leading SAP and IT consulting firm based in Germany, specializing in digital transformation across multiple industries including insurance, energy, healthcare, and manufacturing. The company offers comprehensive end-to-end solutions, combining deep industry expertise with technological innovation. Their market position is strong, supported by multiple industry awards and certifications such as SAP Gold Partner and Great Place to Work recognitions. The website reflects a professional and well-branded presence targeting enterprise clients seeking SAP and IT consulting services. Technically, the website is built on WordPress with modern optimization tools like WP Rocket and uses a variety of JavaScript libraries including jQuery and Swiper.js. The site is mobile-optimized and accessible, with good SEO practices and structured data enhancing search visibility. However, the technical infrastructure shows weaknesses in security, notably the absence of a valid SSL certificate and lack of TLS protocol support, which critically undermines secure communications. Security posture is currently basic, with several HTTP security headers implemented but critical SSL/TLS deficiencies present. Privacy compliance is strong, with clear GDPR-aligned privacy and cookie policies and consent mechanisms in place. Contact information is transparent and comprehensive, including phone, email, physical address, and contact forms. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility. Strategically, the company should prioritize obtaining and maintaining a valid SSL certificate and enabling modern TLS protocols to secure all communications. Enhancing security best practices will improve trust and compliance, supporting their strong market position and client relationships.

H

Hartlauer Handelsgesellschaft m.b.H.

hartlauer.at

40

Hartlauer Handelsgesellschaft m.b.H. operates a large retail and e-commerce platform focused on optics, photography, mobile phones, and hearing aids in Austria. With over 160 physical stores and a comprehensive online shop, it serves a broad consumer base with premium products and services including free eye tests and hearing aid trials. The website is professionally designed with excellent content quality and user experience, supported by a modern technology stack primarily based on Salesforce Commerce Cloud and integrated marketing and analytics tools. However, a critical security issue is present due to the lack of a valid SSL certificate and absence of HTTPS, severely impacting the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, and the company demonstrates strong business credibility with clear contact information and trust seals. Strategic security improvements are urgently needed to protect user data and maintain trust.

F

F/LIST

f-list.at

38

F/LIST is a well-established Austrian family business specializing in luxury interior outfitting for business jets, private jets, and high-end living spaces such as hotels. The company emphasizes craftsmanship, innovation, and premium materials, positioning itself as a global leader in the luxury interiors market. The website reflects a professional and consistent brand image with multilingual support and rich content tailored to its affluent target audience. Technically, the site is built on WordPress with modern plugins and libraries, hosted on Hostinger with LiteSpeed server technology. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which critically impacts secure communications. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a clear privacy policy. Contact information is transparent and includes multiple channels, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

NCM - net communication management GmbH is a specialized digital marketing agency based in Salzburg, Austria, focusing on the tourism and hospitality sector. The company offers a comprehensive suite of services including SEO, SEA, social media marketing, web design, and proprietary tourism tools to enhance online presence and lead generation for hotels. The website is professionally designed, content-rich, and well-structured, targeting German-speaking tourism businesses. Technically, the site uses modern frameworks and CMS (Contao) but critically lacks a valid SSL/TLS certificate, exposing it to security risks and undermining user trust. Security headers are properly configured, but the absence of HTTPS significantly lowers the security posture. Privacy compliance is strong with clear GDPR-aligned policies and cookie consent mechanisms. Contact information is transparent and accessible, supporting business credibility. Overall, the site demonstrates strong business maturity and digital presence but requires urgent security improvements to protect users and maintain trust.

T

Tait Communications

taitradio.com

40

Tait Communications is a mature and established enterprise specializing in critical communication solutions for public safety, transportation, and utility sectors. With over 50 years of experience and a global presence headquartered in New Zealand, the company offers a comprehensive portfolio of products including broadband radios, P25 and DMR radios, network management software, and professional services such as implementation and training. The website reflects a professional and consistent brand image with rich content tailored to mission-critical communication users. Technically, the website is built on the HubSpot CMS platform, leveraging modern JavaScript libraries such as Splide.js and Swiper.js for interactive elements, and integrates Google Analytics 4 and Google Tag Manager for analytics and marketing. Hosting and CDN services are provided by Cloudflare, enhancing availability and security. However, the site currently lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Security posture is weakened by the absence of valid TLS protocols and session resumption features, although some security headers like HSTS and Content Security Policy are present. Privacy compliance is supported by a comprehensive privacy policy and terms of service, but the lack of a cookie consent mechanism is a gap given the use of tracking technologies. Contact information is clearly provided with physical addresses and phone numbers, and social media presence is active on major platforms. Overall, while the business and content quality are excellent, the security deficiencies notably the missing SSL certificate, reduce the trustworthiness and security score. Strategic remediation of SSL and HTTPS issues, along with enhanced privacy controls, will significantly improve the website's security and compliance posture.

L

lemonconsulting

lemonconsulting.es

25

Lemon Consulting is a Spanish strategic consulting company specializing in credit insurance, health insurance, and business innovation consulting. The company targets businesses seeking to improve their overall results and risk management. The website presents a professional and consistent brand image with clear service offerings and contact information. Technically, the site is built on WordPress with Elementor and uses modern web technologies and plugins for SEO, accessibility, and GDPR compliance. However, the absence of a valid SSL certificate and HTTPS significantly impacts the security posture. The site employs Google Analytics and cookie consent mechanisms aligned with GDPR. Security policies and incident response information are not publicly available, which could be improved to enhance trust. Overall, Lemon Consulting appears to be a legitimate small business with a moderate digital maturity level but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

W

Wittur Group

wittur.com

40

Wittur Group operates as a leading global supplier of elevator components, offering a broad portfolio including doors, cars, drives, safety devices, and modernization solutions. The company targets elevator manufacturers, suppliers, and service providers, positioning itself as a trusted B2B partner in the transportation sector. Their website reflects a mature digital presence with comprehensive product information, customer service tools, and compliance documentation. Technically, the site uses a modern tech stack including jQuery, Bootstrap, and analytics platforms like Google Analytics and Matomo. However, the absence of a valid SSL certificate and lack of security headers represent significant security weaknesses that could impact user trust and data protection. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the website is professional and content-rich but requires urgent security improvements to meet industry best practices.

A

Achtzehn Grad GmbH

digitalwerk.agency

40

Achtzehn Grad GmbH is a full-service creative agency based in Vienna, Austria, specializing in branding, digital marketing, and communication services. The company positions itself as a premium agency focused on uncovering hidden potential in brands and delivering innovative marketing solutions. Their target audience includes businesses in German-speaking countries seeking comprehensive marketing and creative services. The website reflects a high level of professionalism with excellent design, clear navigation, and rich content, including case studies and a blog. Technically, the site leverages modern JavaScript libraries such as GSAP and Swiper, is hosted on Webflow with Cloudflare CDN, and integrates bot protection on forms. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support and no modern TLS protocols, which significantly impacts the security posture. Privacy compliance is good with a comprehensive privacy policy and terms of service, but no explicit cookie consent mechanism was detected. Overall, the site is trustworthy and professionally managed but requires urgent SSL/TLS remediation to ensure secure user interactions.

F

FLOTAINMENT

flotainment.com

37

FLOTAINMENT is a medium-sized Austrian media company established in 1998, specializing in audio production, PR management, design, studio services, and label operations. The company targets clients in the creative and entertainment sectors, offering a diversified portfolio through multiple subdomains representing its key services. The website is built on WordPress with Elementor and integrates Jetpack for analytics and security features. However, the site lacks HTTPS, which is a critical security shortfall. While cookie consent and privacy policies are well implemented and GDPR compliant, the absence of SSL/TLS encryption exposes visitors to potential risks. Contact information is clearly provided, enhancing business credibility. Overall, the digital infrastructure is functional but requires urgent security upgrades to meet modern standards.

R

ReinZeit Handels GmbH

reinzeit.com

40

ReinZeit Handels GmbH is an Austrian retail company specializing in eco-friendly cleaning and wellness products, including microfiber cloths, cleaners, laundry detergents, and wellness aroma products. The company emphasizes social responsibility, environmental protection, and Austrian quality standards, targeting consumers interested in sustainable and socially responsible products. Their business model includes direct sales through consultants and an online shop, supported by active social media channels and marketing efforts. Technically, the website is built on WordPress with WooCommerce, using popular plugins such as Yoast SEO and Borlabs Cookie for SEO and privacy compliance. The site is hosted on an Austrian IP and uses Apache server technology. However, performance metrics are not available, and the site is moderately optimized for mobile devices. From a security perspective, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical vulnerability. Although some security headers like HSTS and X-Frame-Options are present, the absence of TLS protocols and strong cipher suites significantly weakens the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professionally designed and trustworthy from a business perspective but requires urgent improvements in SSL/TLS security to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, and enhancing security best practices.

E

eRecruiter GmbH

erecruiter.net

24

eRecruiter GmbH is an established Austrian technology company specializing in recruiting software solutions. With over 20 years of experience and a client base of more than 350 companies, eRecruiter offers a comprehensive suite of services including applicant tracking, talent sourcing, AI-assisted recruiting, and detailed reporting. The company positions itself as a user-friendly, efficient, and GDPR-compliant solution provider targeting SMEs and enterprise clients. Technically, the website is built on WordPress using modern frameworks and libraries, with integrations for Google Analytics and Tag Manager for marketing and analytics purposes. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and comprehensive privacy policies. Overall, the business demonstrates strong credibility and professionalism but must urgently address its SSL/TLS configuration to improve security and trust.

I

Invenium Data Insights GmbH

invenium.io

26

Invenium Data Insights GmbH is a specialized data analytics company based in Austria focusing on anonymized mobile phone signaling data to provide insights into human mobility patterns. Their services support city planners, transportation authorities, tourism, retail, and event organizers by leveraging AI and big data technologies to optimize mobility and infrastructure planning. The website is professionally designed, content-rich, and GDPR compliant, targeting public and private sector clients who require data-driven decision-making tools. Technically, the site runs on WordPress with modern JavaScript libraries and is hosted on Hetzner servers. However, the lack of a valid SSL certificate and HTTPS significantly weakens the security posture. Privacy compliance is strong with cookie consent mechanisms and a comprehensive privacy policy. Business credibility is supported by testimonials and partner logos. Overall, the site is functional and trustworthy but requires urgent security improvements.

C

CREATE

create.at

25

CREATE is a medium-sized Austrian eLearning company specializing in interactive and immersive digital learning solutions for businesses, academies, and trainers. The company offers a comprehensive range of services including consulting, content creation, learning management systems, and XR learning experiences. Positioned as a multiple award-winning full-service eLearning agency, CREATE targets organizations seeking innovative and tailored digital education solutions. The website reflects a professional and consistent brand image with excellent content quality and user experience.

M

Mondial GmbH & Co. KG

mondial-congress.com

37

Mondial GmbH & Co. KG is a medium-sized Austrian company specializing in congress and event management services, including green meetings, virtual events, and travel management. The company holds several industry certifications and maintains a multilingual, content-rich website targeting organizations seeking professional event solutions. Technically, the website is built on WordPress with modern libraries but lacks a valid SSL certificate, resulting in a critical security gap. The absence of HTTPS and security headers exposes users to risks and reduces trust. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to meet modern standards.

A

Austria Institut für Europa- und Sicherheitspolitik (AIES)

aies.at

26

The Austria Institut für Europa- und Sicherheitspolitik (AIES) is a well-established independent research institute based in Vienna, Austria, focused on European integration, security, defense, and foreign policy. Founded in 1996, it serves public stakeholders by providing expert analysis, organizing events, and publishing research. The website reflects a professional and content-rich platform targeting policymakers, academics, and the public interested in European and security policy. Technically, the site uses modern frontend technologies such as jQuery, Swiper.js, and Usercentrics for consent management, but suffers from a critical lack of valid SSL/TLS configuration, impacting its security posture. The site is mobile-optimized, accessible, and SEO-friendly, with strong social media integration and clear contact information. Security-wise, the absence of HTTPS and security headers is a significant vulnerability, though no active WAF or blocking mechanisms are detected. WHOIS data confirms domain legitimacy and consistency with the organization's profile. Strategic improvements in SSL deployment and security headers are recommended to enhance trust and compliance.

T

Teradata

teradata.com

40

Teradata is a leading enterprise technology company specializing in cloud-based data analytics and Trusted AI platforms. Their offerings focus on enabling organizations to unify data, activate analytics, and accelerate business value through AI and cloud-native technologies. The website targets a broad audience including business leaders, data professionals, and developers, emphasizing innovation and cost efficiency. Technically, the site uses modern web technologies, integrates with major cloud providers, and employs advanced analytics and marketing tools, reflecting a mature digital infrastructure. Security posture shows good header implementation but is weakened by an invalid SSL certificate and lack of advanced TLS protocols. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-branded, though improvements in SSL management and direct contact information would enhance credibility and security.

Schullin Wien is a well-established luxury jewelry and watch retailer based in Vienna, Austria, with a rich family tradition dating back to 1802 and formal business founding in 1974. The company specializes in fine jewelry design and manufacturing, luxury watch sales including Rolex, and certified pre-owned Rolex watches. Their market position is strong within the luxury retail sector, targeting affluent customers seeking unique and high-quality pieces. The website reflects a mature digital presence with multilingual support, rich content, and integration of modern web technologies such as WordPress, WooCommerce, Alpine.js, and Swiper.js. Marketing and analytics tools like Google Analytics, Facebook Pixel, and Adobe Analytics are actively used with GDPR-compliant cookie consent mechanisms in place. However, the security posture is significantly weakened by the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical vulnerability that undermines user trust and data protection. The site employs standard security headers but lacks advanced protections such as HSTS and OCSP stapling. Overall, the business credibility and content quality are high, but urgent remediation of SSL/TLS issues is necessary to ensure secure user interactions and compliance with best practices.

H

HAKOM Time Series GmbH

hakom.at

26

HAKOM Time Series GmbH is a medium-sized Austrian company specializing in time series management software and cloud services for the energy sector. The company positions itself as a technology leader with over 30 years of experience, offering both on-premises and cloud-based solutions under the PowerTSM® brand. Their website reflects a professional and comprehensive digital presence, targeting energy industry professionals and IT developers with detailed product information, news, webinars, and customer success stories. The company maintains active engagement through social media and newsletter subscriptions. Technically, the website is built on TYPO3 CMS and uses modern web technologies including jQuery and Swiper.js for interactive content. The hosting provider is identified as Web-Crossing. While the site is mobile-optimized and SEO-friendly with proper metadata and structured data, performance metrics are not explicitly available. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy in German. From a security perspective, the site lacks a valid SSL/TLS certificate and does not support modern TLS protocols, which is a critical vulnerability impacting user trust and data security. Security headers such as HSTS and CSP are present but cannot compensate for the missing HTTPS encryption. No explicit security policy or incident response information is found, which could be improved to enhance transparency and trust. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to meet modern security standards and protect user data effectively. Strategic recommendations include obtaining a valid SSL certificate, enabling TLS 1.2/1.3, and enhancing security policies and incident response disclosures.

V

Virtual Identity AG

virtual-identity.com

35

Virtual Identity AG is a well-established digital agency founded in 1999, specializing in AI integration, UX design, software engineering, and digital marketing services. The company targets businesses aiming for digital transformation and human-centered business growth. Their market position is strong, supported by a reputable client portfolio and consistent branding. Technically, the website is built on WordPress, hosted on AWS CloudFront, and uses modern JavaScript libraries and SEO tools, though performance is moderate. Security posture is currently weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which poses risks to data confidentiality and user trust. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional and trustworthy but requires urgent security improvements to meet modern standards.

M

MERKUR trgovina d.o.o.

merkur.si

24

Merkur.si is a large Slovenian retail company specializing in home improvement, construction, gardening, personal care, and energy solutions. The company operates both physical stores and an extensive e-commerce platform, offering a wide range of products and services including financing options and expert consultations. The website is well-designed, user-friendly, and rich in content, targeting Slovenian consumers and businesses. Technically, the site is built on Magento with modern JavaScript frameworks and integrates multiple third-party marketing and analytics tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. The site implements several security headers and privacy policies with consent mechanisms, indicating good privacy compliance. Overall, the business is legitimate and well-established, but urgent improvements in SSL/TLS implementation are recommended to enhance security and trust.

C

CrateDB

crate.io

40

CrateDB operates as a technology company specializing in a real-time unified data layer that supports analytics, search, and AI workloads. Their platform enables rapid ad-hoc querying, hybrid search capabilities, and seamless AI model integration, targeting developers and enterprises requiring scalable, high-performance data solutions. The website demonstrates a strong market position with customer testimonials, industry use cases, and active engagement through webinars and events. Technically, the site is built on HubSpot CMS with integrations for analytics and marketing tools, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the business credibility is high, supported by consistent branding and trust signals.

W

WELLCON

wellcon.at

22

Wellcon is an established Austrian company specializing in occupational health, safety, and workplace wellness services. With 25 years of experience and multiple locations, it serves companies seeking comprehensive occupational medicine, psychology, and safety technology solutions. The website is professionally designed using WordPress and Elementor, featuring good content quality and SEO optimization. However, the technical infrastructure lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism despite the use of Matomo analytics. Contact information is not explicitly provided on the homepage or footer, limiting direct communication channels. Overall, the business credibility is strong, but the security posture requires urgent improvement to protect user data and enhance trust.

R

realme

realme.com

39

realme is a large technology company focused on the European market, offering smartphones, IoT devices, and accessories through a direct-to-consumer e-commerce model. The website is professionally designed with consistent branding and supports multiple regional versions and languages. The technical infrastructure leverages modern JavaScript frameworks such as Vue.js, and integrates payment solutions from Adyen and PayPal, indicating a mature digital presence. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, which is a critical issue for user trust and data protection. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Contact information is primarily via email, with no phone numbers or physical addresses found on the site.

E

ETC

etc.at

40

ETC is a well-established Austrian IT training and certification provider with a strong market position since 1999. The company offers a wide range of IT courses, certifications, and talent acquisition services across multiple locations including Vienna, Graz, and Attnang-Puchheim, as well as online. Their offerings cover major IT domains such as Microsoft, Cisco, Red Hat, VMware, and more, targeting IT professionals and enterprises seeking digital skill enhancement. Technically, the website is built on a modern WordPress platform with WooCommerce integration, leveraging popular libraries like jQuery, Algolia, and Swiper.js for enhanced user experience. However, the security posture is currently weak due to the absence of a valid SSL certificate and lack of TLS support, which is a critical risk for user data protection and trust. Privacy and cookie policies are present and supported by a consent management platform, indicating good compliance with GDPR. Overall, the site is professional and content-rich but requires urgent security improvements to ensure safe user interactions and maintain trust.

POLYTEC Holding AG is a well-established Austrian manufacturing company specializing in the development and production of high-quality plastic solutions, primarily serving the automotive and non-automotive sectors. Founded in 1986, the company has grown to a large enterprise with approximately 3,900 employees worldwide. Their business model focuses on providing comprehensive plastic solutions from conception to logistics, leveraging strong technological and material expertise. The website reflects a professional and consistent brand image with clear navigation and rich content, targeting industrial clients and partners. Technically, the site is built on TYPO3 CMS with modern frameworks like Bootstrap and includes advanced UI components such as sliders and accordions. However, the absence of HTTPS and modern SSL/TLS configurations represents a significant security risk. The company maintains a moderate level of privacy compliance with a clear privacy and cookie policy, and uses analytics and marketing tools responsibly. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

HEWI Heinrich Wilke GmbH is a well-established German manufacturer specializing in sanitary and hardware solutions with a strong emphasis on universal design and accessibility. The company offers a wide range of products and services targeting professional care, public, hotel, education, and home sectors. Their website reflects a mature digital presence with comprehensive content, multi-language support, and integration of modern web technologies such as Pimcore CMS and Google Tag Manager. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. While privacy policies and consent mechanisms are implemented, the lack of advanced security configurations like DMARC, DNSSEC, and CAA records suggests room for improvement in domain and email security. Overall, the business demonstrates high credibility and professionalism, but urgent remediation of SSL and TLS issues is recommended to protect user data and enhance trust.

S

Smartly.io Solutions Oy

smartly.io

39

Smartly.io Solutions Oy operates a mature, enterprise-grade AI advertising platform focused on creative, media, and intelligence suites to optimize cross-channel advertising performance. The company is well-positioned in the technology sector with a strong market presence, supported by industry certifications and a comprehensive digital marketing infrastructure. The website is professionally designed, content-rich, and targets advertising professionals and teams seeking AI-powered campaign automation and insights. Technically, the site leverages modern web technologies including Webflow CMS, Marketo forms, and multiple analytics and tracking tools, hosted via Cloudflare CDN. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, significantly impacting the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the business credibility is high, but urgent remediation of SSL/TLS issues is recommended to ensure secure user interactions and trust.

B

Barmherzige Brüder Wien

bbwien.at

38

Barmherzige Brüder Wien operates as a large, well-established non-profit hospital in Austria, providing a broad range of medical services and patient care. The website reflects a mature digital presence with comprehensive content, clear navigation, and active social media engagement. Technically, the site uses a modern CMS (siteswift) and popular JavaScript libraries to enhance user experience. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in all traffic being served over HTTP, which exposes users to potential interception risks. The site implements GDPR-compliant privacy and cookie consent mechanisms, indicating awareness of privacy regulations. WHOIS data confirms domain legitimacy and consistency with the hospital's identity. Overall, the site is professional and trustworthy but urgently requires HTTPS implementation to secure user data and improve security posture.

W

WestLicht

westlicht.com

40

WestLicht is a well-established cultural venue in Vienna specializing in photography exhibitions, a camera museum, and related services such as a bookshop and café. The website targets photography enthusiasts and cultural visitors, offering detailed information about exhibitions, events, memberships, and retail options. The domain age of 24 years and consistent WHOIS data support the legitimacy and maturity of the business. Technically, the site uses a modern JavaScript stack with jQuery, Swiper.js, and Google services integrated, managed via the siteswift CMS and hosted by Hetzner Online GmbH. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. The site implements a cookie consent mechanism compliant with GDPR, but lacks explicit security policies or incident response information. Overall, the website is professionally designed with good content quality and user experience but requires urgent security improvements to protect visitors and enhance trust.

B

Business Upper Austria - OÖ Wirtschaftsagentur GmbH

biz-up.at

37

Business Upper Austria - OÖ Wirtschaftsagentur GmbH is a government agency serving as the location and investment promotion agency for the state of Upper Austria. The organization provides tailored solutions for companies' investment and innovation projects, supporting national and international businesses with services such as investor services, human capital management, innovation promotion, cooperation facilitation, and industrial transformation. The website reflects a professional and comprehensive digital presence with clear navigation and relevant content targeted at businesses and investors interested in the region. Technically, the website is built on the TYPO3 CMS platform, utilizing modern frontend libraries such as Swiper.js and Font Awesome 6 Pro. The site includes a cookie consent mechanism compliant with GDPR and uses Matomo analytics for user tracking with explicit consent. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS support, which severely impacts the security posture and user trust. Security-wise, while SPF and DMARC records are properly configured to protect email integrity, the lack of TLS encryption and modern security headers exposes the site to risks. No incident response or security policy information is publicly available, which could be a concern for security-conscious visitors. The WHOIS data confirms the domain's legitimacy and consistency with the business claims, reinforcing trust in the entity behind the website. Overall, the site is content-rich and professionally presented but requires urgent security improvements to enable HTTPS and modern TLS protocols to protect user data and enhance trust. Strategic recommendations include obtaining and maintaining a valid SSL certificate, enabling HSTS, and improving security headers. These steps will significantly improve the security posture and compliance standing of the website.

Deloitte Digital is a leading digital creative and marketing consultancy operating primarily in the Nordics region, backed by the global Deloitte network. The company offers a broad range of services including customer strategy, advertising, marketing, digital commerce, sales, service, and digital product design. Their market position is strong, evidenced by recognition as a leader in the 2024 Gartner Magic Quadrant for Digital Experience Services. The website reflects a mature, enterprise-level organization with a consistent brand and professional content targeting businesses seeking digital transformation and marketing consultancy. Technically, the site leverages Adobe Experience Manager, Akamai CDN, and modern JavaScript libraries, providing a good user experience with mobile optimization and accessibility features. However, the absence of a valid SSL/TLS certificate and lack of HTTPS enforcement significantly weaken the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and social media presence. Overall, Deloitte Digital demonstrates a high level of business credibility and digital maturity but must address critical security gaps to ensure trust and compliance.

L

Light for the world INTERNATIONAL

light-for-the-world.org

27

Light for the World International is a well-established non-profit organization founded in 2004, focused on disability rights and eye health globally. The organization operates multiple country-specific websites, indicating a broad international presence and a strong commitment to inclusive education, economic empowerment, and humanitarian action. Their website content is rich, professionally designed, and regularly updated, targeting individuals and organizations interested in disability inclusion and health advocacy. Technically, the website is built on WordPress with modern SEO plugins and accessibility features, providing a good user experience and mobile optimization. However, the hosting environment lacks a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Other security headers and best practices are partially implemented but require improvement. The security posture is currently weak due to missing HTTPS and related configurations, posing risks to user data confidentiality and trust. Privacy compliance is well addressed with GDPR-compliant cookie consent mechanisms and a comprehensive privacy policy. Business credibility is high, supported by transparent WHOIS data, trust seals, and clear contact information. Overall, the website is functional and trustworthy from a business and content perspective but requires urgent security enhancements to protect users and improve trustworthiness. Strategic recommendations include immediate SSL certificate installation, enabling HTTPS, and strengthening security headers and protocols.

A

Ascent

parkside-interactive.com

30

Ascent is a UK-based design-led technology company specializing in data, AI, software, and cloud solutions. With a large team of over 530 professionals, they serve a broad client base across multiple industries including insurance, healthcare, retail, and technology. Their service offerings include data strategy, software engineering, cloud migration, and AI-driven innovation. The website reflects a mature and professional digital presence with comprehensive content, client case studies, and certifications, positioning Ascent as a credible player in the technology consulting market. Technically, the website uses modern frameworks such as Vue.js and Bootstrap and is hosted on Microsoft Azure, but suffers from a critical lack of HTTPS and valid SSL certificates, which significantly impacts security posture. Security headers are partially implemented, but the absence of TLS protocols and SSL undermines trust and user safety. Privacy compliance is moderate with a privacy policy present but no cookie consent mechanism detected. Overall, the site is content-rich and professionally designed but requires urgent security improvements to meet modern standards.

J

JAWA Management Software GmbH

jawa.at

23

JAWA Management Software GmbH is an established Austrian technology company specializing in customized software solutions for process optimization and information management. Their flagship product, the inforum management platform, supports supplier management, quality control, production planning, and AI-enhanced business solutions. With over 25 years of market presence and a medium-sized operation, JAWA serves a broad international clientele with a focus on efficiency and productivity improvements. Technically, the website is built on a modern WordPress CMS infrastructure using popular plugins and frameworks such as WPBakery, WPML, and Woodmart theme. The site is well-structured, mobile-optimized, and SEO-friendly, demonstrating a mature digital presence. However, the hosting environment lacks a valid SSL certificate and proper TLS configuration, which significantly undermines the security posture. Security-wise, the absence of HTTPS and modern TLS protocols is a critical vulnerability, exposing users to potential data interception and trust issues. While no active vulnerabilities or malware are detected, the site misses essential security headers and DNS security configurations. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Overall, the website presents a professional and credible business front but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include immediate SSL deployment, enabling modern security protocols, and implementing advanced security headers and DNS protections.

A

Amaris Consulting

amaris.com

25

Amaris Consulting is a well-established global technology consulting firm founded in 2007, operating across multiple sectors including technology, healthcare, finance, transportation, and energy. With a workforce of approximately 7,600 employees spread over 60 countries, it serves over 1,000 clients worldwide. The company is part of the Mantu group, which is confirmed by website footer references and structured data. The website presents a professional and consistent brand image, with comprehensive content describing its services, centers of excellence, and industry focus. Technically, the site is built on WordPress using Elementor and optimized with WP Rocket, but suffers from a critical security issue due to the lack of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is partially addressed with a clear privacy policy and GDPR-compliant contact form, but lacks a cookie consent mechanism. Overall, the site demonstrates good business credibility and user experience but requires urgent security improvements.

H

HiPP

hipp.de

40

HiPP is a well-established German brand specializing in organic baby food and related care products. Their website serves as both an informational resource and an e-commerce platform, targeting parents and families with young children. The site is rich in content, well-structured, and offers multiple engagement channels including a BabyClub and social media presence. Technically, the site is built on TYPO3 CMS and uses modern web technologies and consent management tools, but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business appears credible and trustworthy, but the security weaknesses pose a risk to user trust and data protection.

I

ivii GmbH

ivii.eu

40

ivii GmbH is a small Austrian technology company specializing in AI-powered visual intelligence systems designed to optimize quality assurance and logistics processes in industrial manufacturing environments. Their flagship product, ivii iriis, combines artificial intelligence, machine learning, and camera technology to enable error-free production and logistics workflows. The company positions itself as an innovative provider with a strong focus on practical, plug-and-play solutions that empower employees and improve operational efficiency. The website content is professionally crafted, targeting industrial and logistics sectors, and supported by customer testimonials and ISO 27001 certification, enhancing trust and credibility. Technically, the website is built on WordPress with modern SEO and performance plugins such as Yoast SEO Premium and WP Rocket. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Performance is also suboptimal with a high page load time. Privacy compliance is well addressed with comprehensive GDPR-compliant privacy and cookie policies, including a consent mechanism. The company maintains active social media profiles and provides clear contact information. Security-wise, the lack of HTTPS and modern TLS protocols, absence of security headers, and missing DNSSEC and CAA records expose the site to potential risks. While no active vulnerabilities or WAF blocks are detected, these gaps should be addressed promptly to protect user data and maintain trust. Overall, ivii GmbH demonstrates a strong business and content presence but must urgently improve its security infrastructure to align with best practices and industry standards. Strategic recommendations include implementing SSL/TLS, enabling security headers, and optimizing performance to enhance user experience and trust.

E

Extreme Networks

enterasys.com

39

Extreme Networks is a leading enterprise technology company specializing in AI-powered cloud networking solutions that simplify and secure IT infrastructure. The company holds a strong market position as a Gartner Magic Quadrant Leader for wired and wireless LAN infrastructure. Their key services include the Extreme Platform ONE™, network fabric, cloud-based network management, and comprehensive security solutions. The website demonstrates a high level of digital maturity with modern technologies, responsive design, and rich content tailored for enterprise IT professionals and partners. However, the security posture is weakened by the absence of a valid SSL certificate and lack of HTTPS, which is a critical issue that must be addressed to ensure secure communications and trust. Privacy compliance is well managed with comprehensive policies and consent mechanisms in place. Overall, the website is professional, trustworthy, and well-structured but requires immediate improvements in SSL/TLS configuration to enhance security.

G

Greiner Bio-One International GmbH

gbo.com

40

Greiner Bio-One International GmbH is a large, globally active company specializing in biotechnology, medical devices, in vitro diagnostics, and research products. The company operates with a strong customer focus and maintains a diversified portfolio with production sites in multiple countries. Their website reflects a mature digital presence with comprehensive product information, news, and resources targeted at healthcare and research professionals. Technically, the site is built on TYPO3 CMS and hosted behind Cloudflare, but suffers from critical security shortcomings including the absence of a valid SSL certificate and disabled TLS protocols, which significantly impact its security posture. Privacy and legal compliance are well addressed with clear policies and consent mechanisms. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

E

EVOLUXER

evoluxer.com

17

EVOLUXER is a Spanish consultancy company specializing in the comprehensive management of international tenders. The company targets businesses and public/private entities seeking to expand their international presence and develop new projects globally. Their services include advisory, administrative, and financial management throughout the project lifecycle, with experience working alongside major multilateral organizations such as EuropaAid, the World Bank, and the Inter-American Development Bank. The website reflects a professional and consistent brand image with clear contact information and relevant business content. Technically, the site is built on WordPress using Elementor and related plugins, but suffers from slow load times and lacks modern security configurations such as HTTPS and security headers. The absence of a valid SSL certificate and security policies represents a significant security risk. Privacy compliance is basic, with privacy and cookie policies present but lacking consent mechanisms. Overall, the website demonstrates moderate business credibility but requires urgent improvements in security and technical performance to enhance trust and user experience.

T

TableConnect GmbH

tableconnect.net

22

TableConnect GmbH is a technology company specializing in the design and manufacture of large-scale interactive touch products such as Multi Touch Tables, Digital Blackboards, and Touchscreen Modules. Their products target enterprises, retail, hospitality, and media sectors, serving notable clients including Fortune 500 companies. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. However, the lack of HTTPS and modern security headers represents a critical security gap. Privacy policies and terms are present, but cookie consent mechanisms are missing. Overall, the company demonstrates a credible market position with strong branding and client trust signals.

A

Autohaus Birngruber

birngruber.at

38

Autohaus Birngruber is a medium-sized automotive dealership based in Austria, representing major brands such as Volkswagen, Audi, Seat, Skoda, and Cupra. The company offers new and used car sales, vehicle servicing, financing, and insurance services, targeting car buyers and service customers in the Austrian market. The website reflects a professional and consistent brand presence with good content quality and user experience. Technically, the site is built on the Plone CMS platform using Python and Zope, with Cloudflare as CDN and security proxy. However, the security posture is weak due to an invalid or missing SSL certificate and lack of enabled TLS protocols, which significantly impacts the overall security score. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. The business credibility is supported by extensive customer reviews and social media presence. Overall, the site is functional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

A

ABAX Informationstechnik GmbH

abax.at

27

ABAX Informationstechnik GmbH is a well-established Austrian IT service provider with over 25 years of experience, offering a broad portfolio of IT infrastructure, support, security, and data analytics services. The company is part of the Roxcel Group, enhancing its enterprise readiness and market credibility. The website is professionally designed, content-rich, and targets businesses of various sizes seeking comprehensive IT solutions. Technically, the site uses WordPress with Elementor and integrates modern marketing and consent tools, but suffers from a critical lack of valid SSL/TLS configuration, impacting security posture significantly. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business presents a trustworthy and professional image, though security improvements are urgently needed.

J

JATO Dynamics

jato.com

40

JATO Dynamics is a well-established global leader in automotive market research and business intelligence, providing comprehensive data and analytics solutions to the automotive industry. Their offerings include vehicle specifications, market analysis, integrated API solutions, and bespoke consultancy services. The website is professionally designed, content-rich, and targets automotive OEMs, retailers, leasing companies, and professional financial services. Technically, the site is built on HubSpot CMS with modern marketing and analytics tools, but suffers from poor SSL/TLS configuration, which is a critical security concern. Security headers are present but cannot compensate for the lack of a valid SSL certificate and TLS support. Privacy and cookie policies are comprehensive and GDPR compliant, though no explicit security or incident response policies are found. Overall, the website is trustworthy and credible but requires urgent remediation of its SSL and TLS security posture to protect users and maintain trust.

D

DBConcepts

dbconcepts.at

29

DBConcepts GmbH is a well-established Austrian IT company specializing in database technologies such as Oracle, PostgreSQL, and MSSQL, offering managed services, middleware infrastructure, and custom software development. The company positions itself as a trusted partner with over 25 years of experience and recognized certifications, including Oracle Specialized Partner status. Their website reflects a professional and comprehensive digital presence targeting businesses requiring high-availability database solutions and IT asset management. Technically, the site is built on WordPress with modern plugins and SEO tools, providing good user experience and mobile optimization. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the business credibility and content quality are high, but urgent improvements in security infrastructure are recommended.

J

Jabil Inc.

jabil.com

40

Jabil Inc. is a global leader in manufacturing solutions, providing comprehensive engineering, manufacturing, and supply chain services to top brands across multiple industries including automotive, healthcare, energy, and technology. The company operates a vast network of over 100 sites worldwide, combining global reach with local expertise to deliver scalable and customized solutions. Their business model focuses on B2B partnerships with original equipment manufacturers and product companies, emphasizing sustainability and community impact. Technically, the website employs a modern tech stack including Google Tag Manager, Vidyard, Lottie animations, and marketing automation tools like Pardot. The site is hosted on Amazon CloudFront CDN and uses Magnolia CMS. The website design is professional, mobile-optimized, and SEO-friendly, with good accessibility features. However, performance metrics are unavailable. From a security perspective, the site implements several security headers and a comprehensive Content Security Policy. Despite this, the SSL certificate is invalid or missing, and no modern TLS protocols are enabled, representing critical vulnerabilities. No incident response or security policy pages were found, indicating potential gaps in security transparency. Overall, the website is content-rich and professionally maintained but requires urgent remediation of SSL and TLS configurations to ensure secure communications and maintain trust. Privacy compliance is well addressed with clear policies and consent mechanisms. The domain registration details align with the business claims, supporting legitimacy.

T

TIGER Coatings GmbH & Co. KG

tiger-coatings.com

24

TIGER Coatings GmbH & Co. KG is a well-established Austrian manufacturer specializing in powder coatings and digital printing solutions for surface finishing. The company operates globally with affiliate offices and offers a broad range of products and digital tools, including a webshop and surface configuration tools. The website is professionally designed, content-rich, and targets industrial and manufacturing clients seeking high-quality coating solutions. Technically, the site is built on TYPO3 CMS with modern frontend technologies and uses Amazon CloudFront for content delivery. However, the absence of a valid SSL/TLS certificate is a critical security gap, exposing users to insecure connections. Privacy compliance is strong, with clear policies and consent mechanisms in place. Contact information and social media presence further enhance business credibility. Overall, the site demonstrates a mature digital presence but requires urgent security improvements to protect user data and trust.

V

Venionaire DealMatrix

dealmatrix.com

40

DealMatrix is a specialized platform focused on facilitating startup valuations and connecting startups with investors through a fact-based approach and advanced matching technology. The platform offers multiple valuation methods and deal monitoring services, targeting startups and investors primarily in the finance and technology sectors. The website is built on WordPress with Elementor and integrates privacy compliance tools such as Borlabs Cookie. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, which undermines user trust and data security. The domain is mature and registered since 2011, consistent with the business's claimed history. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Social media presence and testimonials add to the platform's credibility.

L

Langmatz GmbH

langmatz.de

24

Langmatz GmbH is a medium-sized German company specializing in the development and manufacturing of infrastructure products for telecommunications, energy, and transportation sectors. Their product portfolio includes cable ducts, network distributors, outdoor enclosures, and related infrastructure components. The company positions itself as a leading European provider with a strong focus on quality and customer-centric solutions. Technically, the website is built on the Pimcore CMS platform, uses modern JavaScript libraries such as Swiper.js, and integrates Google reCAPTCHA for form security. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture of the site. Privacy and terms of service policies are present and comprehensive, supporting GDPR compliance. Contact information is clearly provided, including emails, phone numbers, and physical address, alongside active social media channels. Overall, while the business and content quality are excellent, the lack of proper SSL/TLS configuration is a critical security gap that needs immediate remediation.

C

Cyberhouse GmbH

cyberhouse.at

38

Cyberhouse GmbH is a well-established digital agency based in Austria, specializing in web design, development, consulting, and SEO services primarily using TYPO3 and Storyblok CMS platforms. The company holds reputable certifications such as TYPO3 Gold Member and is a certified Storyblok partner, positioning itself strongly in the regional technology market. Their business model focuses on delivering full-service digital experiences to businesses seeking professional online presence solutions. Technically, the website employs modern JavaScript modules, lazy loading, and integrates bot protection for forms, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. The site includes standard privacy and terms of service pages, but lacks a cookie consent mechanism. Overall, the website is professionally designed with clear navigation and strong branding, but requires urgent security improvements to protect user data and enhance trust.