Security Directory

D

Die Wiener Volkshochschulen GmbH

vhs.at

40

Die Wiener Volkshochschulen GmbH operates the largest adult education platform in Vienna, offering a wide range of courses including languages, health, arts, and professional development. The website is well-designed, content-rich, and targets adult learners, families, and seniors in Vienna. It maintains a strong market position as a non-profit educational institution with official certifications and a comprehensive course catalog. Technically, the site uses Apache server technology, JavaScript modules, and integrates Cookiebot for consent management and Matomo for analytics. Accessibility and SEO are well addressed, with responsive design and clear navigation. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which is a critical issue for user trust and data protection. Privacy compliance is strong with GDPR-aligned policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS security to enhance protection and user confidence.

A

ADRESYS Adaptive Regelsysteme Gesellschaft m.b.H.

adresys.com

24

ADRESYS Adaptive Regelsysteme Gesellschaft m.b.H. is a small Austrian company specializing in innovative safety solutions for lone workers, including emergency call systems and smart textile technologies. Operating as a subsidiary of OMICRON electronics GmbH, a global leader in energy technology testing, ADRESYS leverages advanced technology to enhance workplace safety. The website is professionally designed, multilingual, and provides comprehensive information about products and services, targeting industrial safety managers and workers. Technically, the site runs on WordPress with modern plugins for multilingual support, cookie consent, and analytics. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with detailed policies and consent mechanisms. Overall, the business presents a credible and professional digital presence but must urgently address its SSL/TLS configuration to improve security posture.

M

Moalach

moalach.at

25

Moalach is a small consultancy firm specializing in online marketing and data protection services tailored for the tourism sector in Austria, particularly the Tirol region. Founded in 2016 by Dominik Neuner, the company leverages deep industry experience and academic involvement to provide practical and strategic digital marketing solutions to small and medium-sized tourism businesses. The website presents a professional image with clear service offerings and client references, targeting tourism operators and destinations seeking digital transformation and compliance support. Technically, the website employs standard web technologies including Matomo analytics for user tracking, but lacks modern security implementations such as HTTPS and security headers. The site suffers from slow load times and does not implement cookie consent mechanisms, which may impact user trust and regulatory compliance. Hosting is provided by kasserver.com, and the domain registration aligns well with the business profile. From a security perspective, the absence of a valid SSL certificate and HTTPS support is a critical vulnerability, exposing users to potential data interception. The lack of security headers and session management features further weakens the site's security posture. Privacy compliance is partially addressed with a privacy policy present, but cookie consent and detailed data retention disclosures are missing. Overall, while the business model and content quality are solid and relevant to its niche, the technical and security shortcomings present risks that should be addressed promptly to enhance trust, compliance, and user experience.

Axians ICT Austria GmbH is a medium-sized ICT company based in Austria, operating under the VINCI Energies group. The company offers a broad portfolio of IT infrastructure, cloud solutions, data analytics, security, and collaboration services. The website reflects a professional and well-structured digital presence with comprehensive content and strong branding consistency. Technically, the site is built on WordPress with modern libraries and SEO tools, but suffers from critical security issues due to the lack of a valid SSL certificate and HTTPS support. Privacy compliance is well addressed with clear cookie and privacy policies and user consent mechanisms. Overall, the company demonstrates a strong market position in the Austrian ICT sector but should urgently address its security posture to protect user data and maintain trust.

A

Austrian Power Grid

apg.at

40

Austrian Power Grid (APG) operates the national electricity transmission grid in Austria, ensuring secure and reliable power supply across the country. The company is positioned as a key infrastructure provider in the energy sector, focusing on grid operation, expansion, and innovation to support Austria's energy transition. The website reflects a mature digital presence with comprehensive content, clear navigation, and multilingual support, targeting market participants, stakeholders, and the general public. Technically, the site is built on TYPO3 CMS with Vue.js components and integrates Matomo for analytics, indicating a modern and privacy-conscious technology stack. However, the SSL/TLS configuration is critically deficient, with no valid certificate and no modern TLS protocols enabled, which severely impacts security posture and user trust. Security headers are well implemented, including CSP, HSTS (though limited), and X-Frame-Options, demonstrating awareness of web security best practices. Privacy compliance is strong, with clear cookie consent mechanisms and a comprehensive privacy policy aligned with GDPR requirements. Business credibility is supported by consistent branding, social media presence, and detailed organizational information. Overall, while the business and content aspects are robust and professional, the lack of proper SSL/TLS implementation is a critical vulnerability that must be addressed urgently to protect users and maintain trust.

W

Wiener Arbeitnehmer*innen Förderungsfonds

waff.at

26

The Wiener Arbeitnehmer*innen Förderungsfonds (waff) is a government-affiliated organization dedicated to supporting the workforce in Vienna through information, consultation, and financial assistance for professional development and training. The website serves as a comprehensive portal offering access to job and course searches, funding programs, and online applications, targeting both individuals and companies in Vienna. The organization holds a significant regional position as a key instrument in active labor market policies and adult education. Technically, the site is built on WordPress with Elementor, uses Matomo for analytics, and Borlabs Cookie for privacy management, reflecting a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professionally designed, content-rich, and trustworthy but requires urgent security improvements to protect user data and enhance trust.

A

Avconjet

avconjet.at

40

Avconjet is a prominent European private jet management and charter company operating a fleet of over 100 aircraft worldwide. The company offers comprehensive services including jet management, business jet charter, aircraft sales and acquisition, aviation consulting, and asset management. Their market position is strong with an international presence and recognized certifications such as IS-BAO Stage 2 and WYVERN verification. Technically, the website is built on WordPress with Elementor and optimized using WP Rocket, providing a good user experience and SEO optimization. However, the security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which poses a significant risk. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent improvements in SSL and security configurations.

J

Jarltech Europe GmbH

jarltech.com

40

Jarltech Europe GmbH is a well-established specialist distributor in the technology sector, focusing on point-of-sale and automatic identification equipment across Europe. With a mature domain and a broad manufacturer partnership network, it serves a large customer base with premium distribution services. The website is professionally designed, content-rich, and provides comprehensive legal and privacy information, reflecting a strong commitment to GDPR compliance and user privacy. Technically, the site uses Drupal 10 with modern web technologies and integrates reputable analytics and marketing tools, although performance is moderate. Security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which is a critical risk that should be addressed promptly. Overall, the business demonstrates high credibility and transparency, but the security configuration requires urgent improvement to protect user data and maintain trust.

M

Munich Business School

munich-business-school.de

25

Munich Business School is a well-established private higher education institution in Germany specializing in international business education. It offers a range of degree programs including Bachelor, Master, MBA, and DBA with a strong emphasis on practical experience, small class sizes, and societal impact. The school holds multiple prestigious accreditations such as AACSB and FIBAA, positioning it as a leading private business school in Germany. Technically, the website is built on TYPO3 CMS and integrates modern marketing and analytics tools like Google Tag Manager and Matomo, along with a consent management platform for GDPR compliance. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS availability, which significantly impacts the site's security posture. Privacy policies and cookie consent mechanisms are well implemented, reflecting good compliance practices. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

G

Gesundheit Österreich GmbH

goeg.at

39

Gesundheit Österreich GmbH (GÖG) is a national Austrian government-owned research and planning institute specializing in healthcare and health promotion. The website serves as an authoritative platform providing health data, policy advice, publications, and event information targeted at healthcare professionals, policymakers, and the public. The organization holds a strong market position as a key player in Austria's healthcare sector. Technically, the website is built on Drupal 10 with modern frontend technologies and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the website suffers from a critical security issue: the SSL certificate is invalid or missing, resulting in no proper HTTPS support, which significantly impacts the security posture. Other security headers are partially implemented, but improvements are needed to meet best practices. Privacy compliance is good with a comprehensive privacy policy, though no cookie consent mechanism is present despite analytics usage. Overall, the website is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

S

seele

seele.com

26

Seele is a globally recognized technology leader specializing in façade construction and building envelopes, serving architects, developers, and construction companies with innovative glass façade solutions. The company operates with over 1,000 employees worldwide and maintains a strong market position in the manufacturing and real estate sectors. The website reflects a professional and consistent brand image with comprehensive business information and a clear focus on façade technologies and projects. Technically, the site is built on TYPO3 CMS and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the absence of HTTPS and modern security protocols represents a significant security risk. Privacy compliance is partially met with a comprehensive privacy policy but lacks cookie consent mechanisms. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

S

Siblik Elektrik GmbH & Co. KG

siblik.com

39

Siblik Elektrik GmbH & Co. KG is a medium-sized Austrian company specializing in electrical and building technology solutions, including smart home products and professional training. The company maintains a professional and content-rich website powered by TYPO3 CMS, targeting electrical contractors and end customers in Austria. Their market position is supported by multiple physical locations and a consistent brand presence. Technically, the website uses modern web technologies and integrates analytics and marketing tools, but lacks HTTPS security, which is a critical vulnerability. The security posture is weak due to the absence of SSL/TLS and related security headers, exposing users to potential risks. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

H

Handelskammer Schweiz-Österreich-Liechtenstein

hk-schweiz.at

37

The Handelskammer Schweiz-Österreich-Liechtenstein operates as a well-established chamber of commerce serving companies and economic actors in Switzerland, Austria, Liechtenstein, and the CEE region. Founded in 1921, it provides networking opportunities, market support services, economic data, and events to its members, positioning itself as a key business hub in the region. The website reflects a professional and consistent brand with clear business information and relevant content for its target audience. Technically, the site is built on Drupal 7 with jQuery and uses Matomo for analytics, but it suffers from slow performance and lacks modern security features. Critically, the absence of HTTPS and modern TLS protocols exposes the site to significant security risks. Security headers are partially implemented, but no incident response or security policies are published. Privacy compliance is basic, with no cookie consent mechanism detected despite GDPR applicability. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and maintain trust.

H

HAUSER GmbH

hauser.com

28

HAUSER GmbH is a well-established European provider specializing in refrigeration furniture and cooling technology, serving international clients primarily in the food retail and industrial sectors. The company offers comprehensive solutions including innovative, energy-efficient cooling systems, project management, and lifecycle services. With approximately 75 years of experience, HAUSER holds a strong market position as a trusted B2B Komplettanbieter in Austria and Europe. The website is professionally designed, content-rich, and targets business customers seeking high-quality refrigeration solutions. Technically, the website is built on Drupal 10 and employs modern web technologies including Matomo for analytics and TRUENDO for privacy management. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a significant security and trust concern. Performance data is missing, and DNS records are incomplete, suggesting possible use of CDN or proxy services. The site is mobile-optimized and accessible with good SEO practices. From a security perspective, while several security headers are implemented, the absence of HTTPS and TLS protocols severely undermines the security posture. No explicit security policies or incident response contacts are provided, and no vulnerability disclosure mechanisms are found. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, HAUSER GmbH presents a credible and professional business online presence but must urgently address SSL/TLS implementation to improve security and trust. Strategic recommendations include securing the website with valid certificates, enabling modern TLS protocols, and enhancing security transparency to align with best practices and regulatory requirements.

C

CeMM Research Center for Molecular Medicine of the Austrian Academy of Sciences

cemm.at

26

CeMM is a reputable interdisciplinary research center affiliated with the Austrian Academy of Sciences, focusing on molecular medicine and biomedical research. The website reflects a strong academic and scientific orientation, targeting researchers, students, and collaborators. The technical infrastructure is based on TYPO3 CMS with Apache hosting, and includes privacy-conscious analytics via Matomo. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. The site is well designed, mobile optimized, and rich in content, but security improvements are urgently needed to align with best practices and compliance requirements.

Bilfinger SE is an established international industrial services provider specializing in maintenance, expansion, and operation of industrial plants primarily in the energy, chemicals, pharma, and oil & gas sectors. The company operates across Europe, North America, and the Middle East, offering a comprehensive service portfolio including consulting, engineering, manufacturing, assembly, maintenance, and digital applications. The website reflects a mature digital presence built on TYPO3 CMS with a professional design and multilingual support targeting industrial clients globally. Technically, the site uses Apache and PHP 7.4 with various JavaScript libraries and integrates Matomo for analytics and Consentmanager.net for cookie consent management. Security posture is moderate; while security headers and a content security policy are present, the SSL/TLS configuration is currently invalid or missing, which is a critical issue. No WAF or blocking mechanisms are detected, and the site is fully accessible. The domain registration data is consistent with the business claims, showing a long-established domain without privacy protection, supporting legitimacy. Overall, the site is professional and trustworthy but requires urgent SSL/TLS remediation to improve security and user trust.

B

bfi Steiermark

bfi-stmk.at

40

bfi Steiermark is a large, well-established adult education institution based in Austria, offering a wide range of courses, seminars, and certifications across multiple professional fields. The website targets adult learners and professionals in the Steiermark region, providing a comprehensive educational service portfolio. Technically, the site is built on the Contao CMS platform and uses common web technologies such as jQuery and Less CSS. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security vulnerability. Security headers are implemented, but the absence of HTTPS severely impacts the overall security posture. The site includes GDPR-compliant privacy and cookie policies with a consent mechanism, and it maintains active social media channels for engagement. Overall, while the business and content quality are good, the technical and security shortcomings require urgent attention to protect user data and improve trust.

G

Getzner Textil AG

getzner.at

40

Getzner Textil AG is a well-established Austrian textile manufacturer with a history dating back to 1818. The company specializes in high-quality fashion fabrics, corporate fashion textiles, personal protective equipment, sports equipment textiles, and industrial textiles, emphasizing innovation and sustainability. Their market position is strong within Europe, serving a diverse clientele including fashion designers, garment makers, and industrial users. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional design. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and Matomo Analytics, hosted behind Fastly CDN and Varnish cache. However, a critical security gap exists as the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which severely impacts security posture. Privacy and cookie policies are well implemented with consent mechanisms, and the company maintains active social media channels. Overall, the domain registration and DNS data align with the company's claims, indicating legitimacy and trustworthiness.

T

TeDaLoS GmbH

tedalos.net

40

TeDaLoS GmbH is a small Austrian technology company specializing in cloud-based smart inventory monitoring solutions leveraging IoT devices. Their SaaS platform targets end users, technical wholesalers, and sensor manufacturers, providing real-time stock and consumption data to optimize supply chain and warehouse management. The website is professionally designed, content-rich, and consistent with the company's business focus. Technically, the site runs on WordPress with modern plugins for SEO, spam protection, and cookie consent, but lacks a valid SSL certificate and HTTPS support, which significantly impacts security posture. Privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. Overall, the business appears legitimate and trustworthy, but the lack of HTTPS is a critical security gap that should be addressed promptly.

Flughafen Wien AG operates Vienna International Airport, providing a wide range of passenger services including flight information, parking, lounges, VIP services, and retail. The website targets passengers, business partners, and visitors, positioning itself as a leading airport in Austria with comprehensive service offerings. The digital infrastructure uses modern frameworks like Bootstrap and integrates privacy-conscious analytics via Matomo. However, the absence of a valid SSL certificate and HTTPS significantly undermines the security posture. Security headers are partially implemented, but critical improvements are needed to secure user data and communications. The domain is mature and legitimately registered, consistent with the airport's long-standing presence. Overall, the website is professional and content-rich but requires urgent security enhancements.

C

Coop Himmelb(l)au

coop-himmelblau.at

26

Coop Himmelb(l)au is a globally recognized architecture firm headquartered in Vienna, Austria, with additional offices in Tirana and Dubai. The firm specializes in innovative architectural design and urban planning, serving a diverse international clientele. Their portfolio includes a wide range of projects such as cultural institutions, residential buildings, office complexes, and mixed-use developments, highlighting their expertise and market presence in the real estate and architectural sectors. The website reflects a professional and comprehensive presentation of their work, targeting clients and stakeholders interested in cutting-edge architectural solutions. Technically, the website is built on a modern stack including Apache server, JavaScript frameworks, and analytics tools like Google Analytics and Matomo. It uses Kirby CMS inferred from URL patterns and asset paths, and is hosted on weber.cloud. The site is well-optimized for mobile devices and accessibility, with good SEO practices and clear navigation. However, performance metrics are moderate, indicating room for improvement in loading speed. From a security perspective, the site lacks HTTPS, which is a critical vulnerability. While some security headers are present, the absence of SSL/TLS encryption severely impacts the overall security posture. No incident response or security policy documents are found, and no vulnerability disclosure or security.txt files are present. Privacy compliance is good, with a comprehensive privacy policy and cookie consent mechanisms in place, including GDPR compliance indicators. Overall, the website is professionally designed and content-rich, supporting the firm's strong market position. However, the lack of HTTPS is a major security risk that must be addressed immediately to protect user data and maintain trust. Strategic recommendations include implementing SSL/TLS, enhancing security headers, and publishing security and incident response policies to improve the security maturity and compliance posture.

The website represents the Landeskrankenhaus Feldkirch, a leading healthcare institution in Vorarlberg, Austria, serving as a regional specialty hospital and academic teaching hospital. It provides comprehensive medical services, education, research, and social care, targeting patients, visitors, and healthcare professionals. The organization is well-established with a history dating back to 1972 and operates under the Vorarlberger Krankenhaus-Betriebsgesellschaft.m.b.H. umbrella. Technically, the website uses a modern stack including nginx, Google Analytics, Matomo, and CookieHub for privacy compliance. The site is well-structured, mobile-optimized, and accessible, with good SEO practices. However, performance is slow, and no CMS or advanced frameworks were detected. Security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, exposing users to risks. While some security headers like HSTS are present, critical improvements are needed to secure communications and protect user data. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security enhancements to protect visitors and maintain compliance. Strategic recommendations include implementing HTTPS, enhancing security headers, and continuous security audits.

M

Mayer & Co Beschläge GmbH

maco.at

35

Mayer & Co Beschläge GmbH operates the website maco.at, presenting itself as a leading manufacturer of window, door, and sliding door hardware, including intelligent sensor solutions for smart homes. The company targets B2B customers such as manufacturers and distributors, offering a comprehensive portfolio of products and digital services including partner portals and technical support. The website is professionally designed, multilingual, and rich in content, reflecting a mature digital presence. Technically, the site uses Kentico CMS, jQuery, and integrates Matomo analytics with a consent-based tracking approach, demonstrating a commitment to privacy compliance. However, a critical security gap exists as the maco.at domain lacks a valid SSL certificate and HTTPS support, exposing users to potential risks. The site includes comprehensive privacy and cookie policies, terms of service, and clear contact information, enhancing business credibility. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain compliance.

B

Bohmann Druck und Verlag GmbH

bohmann.at

21

Bohmann Druck und Verlag GmbH is a well-established Austrian media company with an 80-year history, specializing in official and municipal publications such as the Amtsblatt der Stadt Wien and the Österreichische Gemeinde Zeitung. The company targets municipal decision makers and businesses, positioning itself as one of Austria's largest private communication firms. Their business model centers on publishing and communication services with a medium-sized operational scale. Technically, the website is built on an Apache server, likely using TYPO3 CMS with Bootstrap and jQuery for frontend components. Hosting is provided by A1 Telekom Austria. The site includes Google Fonts and uses Matomo and Google Analytics for visitor tracking, with a cookie consent mechanism in place. However, performance metrics are unavailable, and mobile optimization is basic. From a security perspective, the website lacks HTTPS, which is a critical vulnerability. No SSL certificate is installed, and no modern security headers are present. While no known SSL vulnerabilities or exposed sensitive data were detected, the absence of HTTPS severely impacts the security posture. Privacy and cookie policies exist and appear GDPR compliant, but no incident response or security policies are publicly disclosed. Overall, the website is functional with good content relevance and moderate trustworthiness but requires urgent security improvements, especially the implementation of HTTPS and enhanced security headers, to protect user data and improve compliance.

B

biocrates life sciences ag

biocrates.com

40

biocrates life sciences ag is a well-established company specializing in quantitative metabolomics kits and services, serving a global scientific and research audience. Their offerings include metabolomics phenotyping, data analysis, pathway analysis, and multiomics data services, supported by a strong community and certified laboratories. The website is professionally designed with comprehensive content and clear navigation, targeting researchers and institutions in healthcare and biotechnology sectors. Technically, the site runs on WordPress with the Divi theme and integrates modern analytics and cookie consent tools, but lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly lowers the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility is high, supported by consistent WHOIS data and trust indicators such as testimonials and certifications. Strategic improvements in SSL deployment and security hardening are recommended to enhance trust and compliance.

S

Spanische Hofreitschule & Lipizzanergestüt Piber

srs.at

38

The website for Spanische Hofreitschule & Lipizzanergestüt Piber represents a well-established cultural institution in Austria focused on classical horse riding performances and heritage preservation. It offers rich content about its services, events, and visitor information, targeting tourists and cultural enthusiasts. The site uses modern CMS technology (Craft CMS) and integrates privacy-compliant analytics and cookie consent mechanisms. However, the lack of a valid SSL certificate and HTTPS severely impacts its security posture. While security headers are partially implemented, the absence of encryption exposes users to risks. The business information is clear and consistent with WHOIS data, supporting legitimacy. Overall, the site is professionally designed and user-friendly but requires urgent security improvements to protect visitors and enhance trust.

S

Schönherr Rechtsanwälte GmbH

schoenherr.eu

24

Schoenherr Attorneys at Law is a prominent full-service law firm operating primarily in Central and Eastern Europe, providing comprehensive legal advisory services to local and international companies. The firm positions itself as a leading legal advisor in the region, offering a wide range of services including publications, newsletters, and comparative legal guides. The website reflects a professional and consistent brand image, targeting corporate clients seeking expert legal counsel. Technically, the website is built on Microsoft IIS with ASP.NET and likely uses the Umbraco CMS, incorporating modern JavaScript libraries such as Slick Slider and Isotope for enhanced user experience. However, the site lacks HTTPS support, which is a critical security deficiency. The presence of cookie consent mechanisms and GDPR-compliant privacy policies indicates attention to privacy compliance, while analytics are conducted via Matomo with user consent. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

F

FWT Composites & Rolls GmbH

fwt.at

20

FWT Composites & Rolls GmbH is a medium-sized Austrian manufacturing company specializing in composite rollers, tubes, drive shafts, and related services primarily for industrial sectors such as paper, film, and non-woven industries. Founded in 1996, the company has established itself as a leading manufacturer with a strong focus on product quality, customer service, and technical expertise. Their website reflects a professional business presence with detailed product and service descriptions, multilingual support, and active social media engagement via Facebook. Technically, the website is built on WordPress with common plugins and includes structured data for SEO benefits. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a significant security concern. Privacy compliance is addressed through a cookie consent mechanism and a comprehensive privacy policy. Overall, the company demonstrates a solid market position but should urgently address its security posture to protect user data and improve trust.

S

Sprecher Automation GmbH

sprecher-automation.com

40

Sprecher Automation GmbH is a medium-sized Austrian company specializing in manufacturing and providing products and solutions for energy supply, industrial automation, and infrastructure technology. The company focuses on making critical infrastructures safer and optimizing complex energy and industrial processes. Their website reflects a professional and consistent brand presence with comprehensive content targeting energy, industry, infrastructure, and IT security sectors. The company maintains active communication channels including a customer portal, support, and career opportunities, indicating a mature business operation. Technically, the website is built on the TYPO3 CMS platform, utilizing modern frontend libraries such as Font Awesome and Swiper.js, and integrates analytics tools like Matomo and Google Analytics. The site is mobile-optimized with good navigation and SEO practices. However, performance metrics are unavailable, and accessibility is basic. From a security perspective, the website lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. Although several security headers and a content security policy are implemented, the absence of TLS protocols and session resumption mechanisms significantly weakens the security posture. Privacy and cookie policies are present and GDPR compliant, but incident response and vulnerability disclosure information are missing. Overall, the website presents a trustworthy and professional business front but requires urgent improvements in SSL/TLS implementation to secure user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, and publishing clear security and incident response policies.

Ö

Österreichische Agentur für Gesundheit und Ernährungssicherheit GmbH

ages.at

40

The website ages.at represents the Österreichische Agentur für Gesundheit und Ernährungssicherheit GmbH, a large Austrian government agency focused on protecting the health of humans, animals, plants, and the environment. It offers comprehensive services in food safety, public health, veterinary health, risk assessment, and research. The site is professionally designed with excellent content quality and clear navigation targeting public health professionals, researchers, and the general public in Austria. Technically, the site is built on TYPO3 CMS and uses Matomo for analytics, but suffers from slow load times and lacks a valid SSL certificate, resulting in no HTTPS support. This is a critical security weakness that undermines user trust and data protection. Privacy policies and cookie consent mechanisms are well implemented, reflecting good GDPR compliance. Security posture is weak due to missing HTTPS, lack of security headers, and no DMARC record for email protection. No explicit security or incident response policies are found. The domain registration data aligns well with the agency's identity, confirming legitimacy. Overall, the site is authoritative and trustworthy in content and business credibility but requires urgent improvements in security infrastructure to protect users and comply with modern web standards.

C

Chemgineering Holding AG

chemgineering.com

25

Chemgineering Holding AG is a well-established consulting and engineering firm specializing in the life sciences sector, particularly in GxP-regulated environments such as pharmaceuticals, biotechnology, fine chemicals, medical technology, cosmetics, diagnostics, and food industries. With over 300 employees and a mature domain age of 27 years, the company positions itself as a preferred partner for multinational and local companies across Europe. Their service offerings include project management, construction management, commissioning, process planning, qualification and validation, and GMP compliance consulting, among others. The website reflects a professional and consistent brand image with detailed project case studies and a clear focus on their target industries.

ste.p ZT-GmbH is a well-established Austrian civil engineering firm specializing in a broad range of construction and engineering services including Tief- und Hochbau, Tunnelbau, Verkehrswegebau, Verkehrstechnik, Spezialtiefbau, and Geotechnik. With over 60 years of experience, the company holds a strong market position as one of Austria's largest and most reputable engineering consultancies. The website reflects a professional business with clear service offerings and certifications such as ISO 9001, targeting clients in the transportation and construction sectors. Technically, the site is built on TYPO3 CMS with common web technologies like jQuery and Bootstrap, and uses Matomo for analytics. However, the site lacks HTTPS, which is a critical security shortfall. Security headers are minimal, and no advanced security policies or incident response information are published. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

H

Hochschule Neubrandenburg

hs-nb.de

39

Hochschule Neubrandenburg is a German public university of applied sciences offering a range of academic programs, research initiatives, and continuing education services primarily focused on agriculture, health, social work, and landscape sciences. The website serves students, prospective students, researchers, and regional partners with comprehensive information and resources. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and includes privacy-conscious analytics via Matomo. However, the absence of HTTPS/SSL is a critical security gap that undermines user trust and data protection. Security headers are well configured but cannot compensate for the lack of encryption. The site lacks cookie consent mechanisms and explicit security or incident response policies. Overall, the website is professional and content-rich but requires urgent security improvements to meet modern standards.

C

Cumulo IT Solutions GmbH

cumulo.at

31

Cumulo IT Solutions GmbH is a specialized IT consulting firm based in Linz, Austria, founded in 2011. The company focuses on network infrastructure, identity and access management, WLAN solutions, and managed IT services targeting businesses, universities, and other institutions. Their market position is that of a trusted expert provider with a strong emphasis on quality and customer satisfaction, supported by certifications and client testimonials. Technically, the website is built on a modern WordPress platform with WooCommerce and Divi theme, integrating analytics and GDPR compliance tools. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security weakness that undermines the overall security posture. Privacy policies and cookie consent mechanisms are well implemented, reflecting good compliance with GDPR. Overall, the business demonstrates strong credibility and professionalism but must urgently address its SSL/TLS security to improve trust and security.

A

AOP Orphan Pharmaceuticals GmbH

aoporphan.com

34

AOP Orphan Pharmaceuticals GmbH operates as a European pioneer in integrated therapies for rare diseases and critical care, serving patients, healthcare professionals, and partners. The company is positioned as a medium-sized entity within the healthcare sector, with a strong focus on niche markets and sole supplier status for key therapeutic agents. Their website reflects a professional and consistent brand image, with comprehensive content and clear navigation tailored to their target audience. Technically, the site is built on TYPO3 CMS with Vue.js components and employs Matomo and LinkedIn for analytics and marketing. However, the absence of a valid SSL certificate significantly undermines the security posture, exposing the site to risks and reducing trust. Privacy compliance is well addressed with detailed policies and consent mechanisms. Overall, the business demonstrates credibility and transparency, but must urgently address its SSL/TLS configuration to enhance security and user trust.

SONNENTOR Kräuterhandels GMBH operates a professional e-commerce and retail platform specializing in organic teas and spices with a strong commitment to sustainability, direct trade, and eco-friendly packaging. The company has a well-established market presence since 1988, targeting consumers interested in organic and sustainable products. The website is well-designed, mobile-optimized, and provides comprehensive content and navigation. Technically, the site uses modern technologies including Pimcore CMS, Bootstrap framework, and integrates multiple marketing and analytics tools such as Google Tag Manager, Matomo, Emarsys, and Kameleoon. However, the security posture is weakened by the absence of a valid SSL certificate and lack of HTTPS support, which is a critical issue that must be addressed promptly to protect user data and maintain trust. Privacy compliance is strong with clear cookie consent mechanisms and GDPR-aligned privacy policies. Overall, the business credibility is high, supported by clear contact information, certifications, and consistent WHOIS data.

CARE Österreich is a well-established non-profit organization focused on humanitarian aid and sustainable development in over 100 countries. The website reflects a professional and content-rich platform targeting donors, partners, and beneficiaries. The technical infrastructure is based on WordPress hosted on WP Engine, utilizing modern plugins and tracking tools with GDPR-compliant cookie consent. However, the absence of a valid SSL/TLS certificate is a critical security flaw that exposes users to risks and undermines trust. While privacy policies and contact information are comprehensive and transparent, the lack of incident response and security policy pages indicates room for improvement in security governance. Overall, the site demonstrates strong business credibility and user experience but requires urgent security enhancements.

T

Treibacher Industrie AG

treibacher.com

26

Treibacher Industrie AG is a well-established Austrian company specializing in chemical and metallurgical precursors with a global market presence and over 125 years of experience. The website reflects a professional and comprehensive digital presence with detailed product portfolios, sustainability focus, and clear contact information. Technically, the site is built on WordPress with modern plugins for SEO, caching, and cookie management, but critically lacks HTTPS, exposing visitors to security risks. Privacy compliance is well addressed with cookie consent and a detailed privacy policy. The absence of explicit security policies and incident response information suggests room for improvement in security governance. Overall, the site is trustworthy and business credible but requires urgent security enhancements.

S

Samsung SDI Battery Systems GmbH

samsungsdibs.at

25

Samsung SDI Battery Systems GmbH is a medium-sized company specializing in the development, testing, and industrialization of advanced lithium-ion battery systems for electric and hybrid vehicles. Located in Kalsdorf near Graz, Austria, the company is part of the Samsung SDI family and holds multiple ISO certifications demonstrating a strong commitment to quality, environmental management, information security, and cybersecurity. The website presents a professional and content-rich digital presence targeting automotive OEMs and stakeholders in the e-mobility sector. Technically, the site is built on WordPress with Elementor and uses Matomo for analytics, but lacks HTTPS, which is a critical security shortfall. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the company shows a strong market position in energy and transportation sectors with a focus on sustainability and innovation.

A

Alicona Imaging GmbH

alicona.com

33

Alicona Imaging GmbH operates as a global provider of optical 3D metrology and surface roughness measurement solutions, specializing in non-contact measurement technologies based on Focus-Variation. The company targets manufacturing sectors such as automotive, aerospace, medical technology, and precision manufacturing, offering devices and automation solutions to enhance quality assurance and production measurement. The website reflects a mature digital presence with professional design, comprehensive content, and active engagement through blogs and events. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. The technical infrastructure leverages modern frameworks and CMS platforms, but performance issues such as slow load times need addressing. Privacy compliance is well managed with cookie consent mechanisms and clear privacy policies. Overall, Alicona demonstrates strong business credibility but must urgently improve its security posture to align with best practices and regulatory requirements.

objectflor Art und Design Belags GmbH is a medium-sized German company specializing in high-quality, innovative, and elastic flooring solutions, primarily vinyl and rubber floors. As a subsidiary of James Halstead plc, it serves 16 countries in Central Europe and holds a leading market position in the flooring industry. The company offers a broad product portfolio, including design floors, technical vinyl, and rubber flooring, complemented by services such as design studios, training seminars, and a partner network. The website is professionally designed, content-rich, and targets both B2B and B2C customers seeking sustainable and functional flooring solutions. Technically, the site runs on TYPO3 CMS with integrations for consent management and analytics, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and modern TLS protocols. This significantly impacts the security posture and overall trustworthiness of the site. Privacy compliance is well addressed with GDPR-consistent policies and consent mechanisms. Business credibility is strong, supported by certifications and transparent contact options. Strategic improvements in SSL deployment and security headers are essential to enhance user trust and protect data integrity.

A

Axians ICT Austria GmbH

axians.at

40

Axians ICT Austria GmbH is a well-established IT service provider in Austria, offering a broad range of IT solutions including cloud services, cyber security, enterprise networks, and SAP consulting. The company targets business customers across various industries and emphasizes a human-centric approach to technology. Technically, the website is built on WordPress with modern libraries and integrates analytics and marketing tools such as Matomo and HubSpot. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate and lack of HTTPS support, which significantly impacts its security posture. Privacy compliance is strong, with comprehensive policies and consent mechanisms in place. Overall, the website is professional and trustworthy but requires urgent improvements in its SSL/TLS configuration to enhance security and user trust.

G

GrECo

greco.services

40

GrECo is a well-established insurance and risk management specialist with a strong presence in Central and Eastern Europe, operating since 1925. The company offers a broad range of services including risk consulting, cyber insurance, health and benefits, and international insurance programs. The website reflects a mature digital presence with professional design, multilingual support, and structured data for SEO. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate and lack of HTTPS support, which undermines user trust and data security. Privacy policies are present and GDPR compliant, but cookie consent mechanisms are minimal. Overall, the site is content-rich and credible but requires urgent security improvements to align with best practices.

J

Jugend am Werk Steiermark GmbH

jaw.or.at

40

Jugend am Werk Steiermark GmbH is a leading non-profit organization in Austria's Steiermark region, providing a broad range of social services including support for people with disabilities, youth, families, and adults with mental health challenges. Their offerings encompass housing, employment, education, and community integration, positioning them as a key social service provider with a strong regional presence and multiple certifications and awards that underscore their credibility and commitment to quality. The website is built on TYPO3 CMS, hosted on a provider associated with the domain's DNS records, and employs modern web technologies such as Swiper.js and Matomo analytics. While the site is rich in content, well-structured, and accessible, it suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which significantly impacts the security posture score. Privacy and cookie policies are comprehensive and GDPR compliant, with a clear consent mechanism in place. Contact information is prominently displayed and verified, enhancing business credibility. Overall, the site demonstrates strong business and content quality but requires urgent security improvements to protect user data and maintain trust.

A

AT&S Austria Technologie & Systemtechnik AG

ats.net

33

AT&S Austria Technologie & Systemtechnik AG is a globally recognized leader in high-end printed circuit boards and IC substrates, serving key industries such as aerospace, automotive, communication, and medical technology. The company demonstrates a strong market position with a comprehensive digital presence, including investor relations, career opportunities, and sustainability initiatives. Technically, the website is built on WordPress with modern tools and plugins, offering good SEO and accessibility, though performance is moderate. Security posture is weakened by the absence of a valid SSL/TLS certificate and disabled TLS protocols, which poses significant risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business is credible and trustworthy, but urgent improvements in SSL/TLS configuration are recommended to enhance security and user trust.

I

IL – Ingenieurbüro Laabmayr & Partner ZT GesmbH.

laabmayr.at

23

Ingenieurbüro Laabmayr & Partner ZT GesmbH. is a specialized engineering consultancy based in Salzburg, Austria, with a focus on tunnel construction and civil engineering projects. Founded in 1975, the company has established a solid reputation for reliable and punctual project delivery, serving both alpine and urban tunnel projects internationally. Their key services include tunnel construction, comprehensive project services under 'Tunnel Plus', engineering construction, and rock/ground construction. The website reflects a professional business presence with clear service offerings and contact information.

M

MED-EL Medical Electronics

medel.com

40

MED-EL Medical Electronics is a mature and globally recognized healthcare company specializing in hearing implants and solutions. Their website provides comprehensive information about cochlear implants, middle ear implants, bone conduction systems, and related accessories, targeting individuals with hearing loss and healthcare professionals. The company maintains a strong market position as a leading hearing implant provider with a large operational scale and a well-established brand since 1996. The website content is professionally curated, with clear navigation and multilingual support, reflecting a high level of digital maturity.

G

Getzner Werkstoffe GmbH

getzner.com

27

Getzner Werkstoffe GmbH is a well-established company specializing in vibration isolation solutions for the railway, construction, and industrial sectors. With over 50 years of expertise, the company manufactures innovative polyurethane elastomers and elastic modules that reduce noise and vibrations, enhancing product longevity and application suitability. The website reflects a strong market position with comprehensive product and service information targeting construction professionals, urban developers, and industrial clients. Technically, the website employs modern tools such as Google Tag Manager and Matomo Analytics, indicating a mature digital infrastructure. However, the absence of a valid SSL/TLS certificate and minimal security headers represent significant security vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Security posture is currently weak due to lack of HTTPS and related best practices, exposing users to potential risks. WHOIS data confirms the domain's legitimacy and long-term registration, supporting business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect users and enhance trust.

S

Schrack Seconet AG

schrack-seconet.com

32

Schrack Seconet AG is a well-established international high-tech company based in Austria, specializing in fire protection, healthcare communication systems, and security solutions. The company has a strong market position supported by decades of experience and a broad portfolio of products and services including fire alarm systems, healthcare communication, and lifecycle support. Their website reflects a professional and consistent brand image targeting authorities, specialists, and healthcare providers. Technically, the website is built on TYPO3 CMS, uses Apache server, and integrates modern analytics and cookie consent tools. However, the site suffers from a critical security weakness due to the absence of a valid SSL certificate and disabled TLS protocols, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is content-rich, user-friendly, and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

N

Newrest

newrest.eu

38

Newrest is a global leader in multi-sector catering and out-of-home food service solutions, operating in 53 countries with a workforce exceeding 60,000 employees. The company offers a broad range of services including inflight catering, rail catering, remote site management, concessions, and retail services, targeting corporate clients in transportation, energy, and retail sectors. The website is professionally designed, multilingual, and provides comprehensive business and CSR information, reflecting a mature global enterprise. Technically, the site is built on WordPress with modern plugins for SEO, multilingual support, and privacy compliance, but suffers from a critical lack of HTTPS and valid SSL certificates, severely impacting security posture. Privacy compliance is well addressed with clear policies and a consent manager. The security headers are partially implemented, but the absence of TLS protocols and HSTS reduces the site's security effectiveness. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain business credibility.