Security Directory

L

LMS Partners Limited

lmspartners.co.im

48

LMS Partners Limited is a small financial advisory firm based in the Isle of Man, specializing in investment advice and retirement planning. The company emphasizes transparency, dependability, and personalized financial services tailored to individual client needs. The website reflects a professional and consistent brand image, targeting individuals seeking financial planning and investment services. The firm is licensed by the Isle of Man Financial Services Authority, which adds to its credibility and trustworthiness. Technically, the website employs common web technologies such as jQuery, Google Analytics, Google Tag Manager, and Osano for cookie consent management. The site is mobile-optimized with a moderate performance profile and good SEO practices. However, there is room for improvement in accessibility and the implementation of security headers. The website uses HTTPS but lacks explicit security policies and incident response information. From a security perspective, the site shows a basic but adequate posture with HTTPS enabled and cookie consent mechanisms in place. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of security headers and published security policies suggests opportunities to strengthen the security framework. Privacy compliance is basic, with a privacy policy and cookie policy present but limited GDPR-specific disclosures. Overall, LMS Partners presents a trustworthy and professional online presence with a solid business foundation. Strategic improvements in security practices, privacy compliance, and accessibility would enhance the site's resilience and user trust. The domain registration details align well with the business claims, supporting legitimacy and reducing risk.

C

CCMed Ltd

aspharma.co.uk

47

CCMed Ltd is a UK-based medical device distributor specializing in ENT and dental healthcare products, serving the NHS, private hospitals, MoD, and home care markets. The company holds exclusive distribution rights for several specialized brands such as Marpac and Kurz Med GmbH, positioning itself as a trusted supplier with over 50 years of experience. The website reflects this business focus with clear product categorization, detailed descriptions, and accessible contact information. Technically, the site is built on WordPress with WooCommerce for e-commerce functionality, leveraging modern web technologies and SEO best practices. While the site is mobile-optimized and performs moderately well, there is room for improvement in accessibility and security headers. Security posture is adequate with HTTPS enforced, but lacks comprehensive security headers and visible incident response policies. Privacy compliance is partially met with privacy and cookie policies present, though lacking a cookie consent mechanism. Overall, the site is professional and trustworthy but could enhance security and compliance transparency.

Evolved Software Studios Ltd is a UK-based software development company specializing in software design, automation, apps, integration, and reporting solutions. Founded in 2003, the company serves a diverse clientele including private and public sector organizations, with a strong focus on tax return filing software such as Gateway Solver. Their market position is that of a trusted niche provider with mission-critical system experience, evidenced by projects for government and healthcare sectors. Technically, the website is built on WordPress using the Avada theme, incorporating modern web technologies such as jQuery, LayerSlider, and Google Fonts. The site demonstrates good mobile optimization and SEO practices, with moderate performance. Analytics and marketing tools include Google Analytics, Facebook Pixel, StatCounter, and Trustpilot integration, supporting moderate user tracking with privacy compliance. Security posture is solid with HTTPS enforced and a Comodo SSL certificate in use. However, the site lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and GDPR compliant, with a clear consent mechanism. Overall, the website is professional, trustworthy, and well-maintained, with minor areas for security enhancement. The domain registration details align well with the business claims, supporting legitimacy and credibility.

M

Mann Made Group

mannmadegroup.com

37

Mann Made Group is a well-established independent trust and corporate service provider headquartered in the Isle of Man, with multiple international offices including Cyprus, London, and Ireland. The company offers a comprehensive suite of services including corporate structuring, trust and foundation management, family office creation, tax advisory, and fund administration. Positioned as one of the largest privately owned providers in its sector within the Isle of Man, Mann Made Group targets private clients, international corporations, and professional advisors, emphasizing client confidentiality and regulatory compliance. Technically, the website is built on a modern WordPress platform utilizing popular plugins such as Yoast SEO, MonsterInsights for analytics, KingComposer for page building, and Google Maps Easy for location display. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Security-wise, the site enforces HTTPS, employs cookie consent mechanisms, and avoids exposing sensitive data, although it lacks some advanced security headers and explicit security policies. Overall, the security posture is solid with no visible vulnerabilities or blocking mechanisms. The domain registration details align well with the business claims, supporting legitimacy. Privacy compliance is well addressed with clear privacy and cookie policies. The website presents a professional and trustworthy image suitable for its financial services audience. Strategic recommendations include enhancing security headers, publishing an incident response or security policy page, and improving accessibility features to further strengthen compliance and user experience.

N

Netcetera Ltd

netcetera.co.uk

54

Netcetera Ltd is a well-established UK-based web hosting and datacentre service provider founded in 1996, serving customers in over 75 countries. Their offerings include domain registration, email hosting, cloud servers, website building tools, and security services. The company positions itself as a reliable and customer-focused hosting partner with a strong reputation in the European market. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Google Tag Manager, delivering a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements in security headers and incident response disclosures are recommended. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the website demonstrates good professionalism, trustworthiness, and business credibility.

P

ProFM Group Limited

churchillsecurity.co.uk

51

ProFM Group Limited is a leading UK-based facilities management company specializing in integrated security, cleaning, and surveillance solutions. The company holds a strong market position as the UK's official #1 security provider for multiple years, supported by extensive certifications including SIA ACS, SafeContractor, and ISO standards. Their service offerings cover a broad spectrum from manned security to medical-grade cleaning, targeting both public and private sectors across the UK. The website reflects a mature digital presence with professional design, comprehensive content, and clear navigation, optimized for mobile and accessibility standards. Technically, the site is built on WordPress with modern libraries such as jQuery, Bootstrap, and Slick Slider, incorporating Google Tag Manager and OneTrust for analytics and privacy compliance. Security measures include HTTPS enforcement and reCAPTCHA v3 on forms, though some HTTP security headers could be enhanced. No WAF or blocking mechanisms were detected, allowing full content access. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. Contact information is clearly presented with multiple channels including phone, email, and contact forms. The WHOIS data confirms the legitimacy and consistency of the business registration with the website claims. Overall, ProFM Group's website demonstrates a high level of professionalism, security awareness, and compliance, making it a trustworthy platform for prospective clients and partners.

B

Bizvu Limited

bizvu.co.uk

51

Bizvu Limited is a UK-based technology company specializing in customer journey orchestration and automation solutions. Their product suite includes platforms for secure email triage, sentiment analysis, workflow design, and messaging, targeting contact centers and businesses aiming to enhance customer experience and operational efficiency. The company positions itself as a niche provider with a focus on personalized and automated customer interactions. Technically, the website leverages modern frameworks such as Blazor Server and MudBlazor UI components, combined with Bootstrap and FontAwesome for styling and icons. Analytics are implemented via Google Tag Manager and LinkedIn Insight tags, indicating a moderate level of digital maturity. The site is mobile optimized and presents a professional design with clear navigation. From a security perspective, the site enforces HTTPS and uses anti-forgery tokens in forms, but lacks visible security headers and a cookie consent mechanism, which are important for GDPR compliance and security hardening. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data aligns well with the website claims, supporting legitimacy. Overall, Bizvu's website demonstrates a solid business and technical foundation with room for improvement in privacy compliance and security best practices. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

A

Automattic

crowdsignal.net

70

Crowdsignal is a well-established SaaS platform specializing in surveys, polls, quizzes, and ratings, operated by Automattic, the parent company behind WordPress.com. The website demonstrates a strong market position with integration into the WordPress ecosystem and a clear focus on providing flexible, user-friendly data collection tools for businesses and individuals. The business model is subscription-based with freemium options, targeting a broad audience needing survey and polling solutions. The site content is professionally crafted, with excellent design and user experience, reflecting a mature digital presence.

605 Sports is a regional sports media website primarily serving the South Dakota area, focusing on amateur and local sports such as baseball, softball, track, and rodeo. The site offers news articles, video content, photo galleries, live ticket sales, and an online store, positioning itself as a community-centric sports information hub. The business model relies on advertising partnerships, ticket sales, and merchandise. Technically, the website uses modern frontend technologies including Bootstrap, jQuery, FontAwesome, Google Analytics, and Facebook SDK, delivering a responsive and content-rich user experience. However, the CMS or backend platform is not explicitly identified, suggesting a custom or less common solution. Security-wise, the site uses HTTPS but lacks advanced security headers and does not provide privacy or cookie policies, which are compliance gaps. No contact or incident response emails are published, limiting transparency. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security hardening.

P

Parexel Academy

parexel-academy.com

61

Parexel Academy is a specialized education and training provider focused on the biopharmaceutical and clinical research industry. It serves both individuals seeking to enter or advance their careers and organizations aiming to enhance their workforce capabilities. The academy offers a diverse range of courses, certification programs, and custom learning solutions, positioning itself as a trusted partner in clinical research education. The website reflects a professional and consistent brand image aligned with its parent company, Parexel International Corporation. Technically, the site is built on WordPress with Elementor and Astra theme, employing modern web technologies and SEO best practices. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though there is room for improvement in publishing dedicated security policies and incident response information. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility.

S

Sabiedrības integrācijas fonds

vietagimenei.lv

53

The website vietagimenei. lv serves as an official informational portal for the Latvian government-backed project promoting family-friendly environments in municipalities and workplaces.

H

Hugo.lv

hugo.lv

65

Hugo. lv is a Latvian government-supported language technology platform providing a suite of multilingual tools including text translation, speech synthesis, speech recognition, and language simplification.

V

Valsts kanceleja

trauksmescelejs.lv

67

Trauksmescelejs. lv is an official Latvian government-supported platform focused on whistleblowing, providing citizens with information, guidelines, and mechanisms to report misconduct in public and private sectors.

E

EDB

biganimal.com

40

EDB operates a mature and professional website offering the EDB Postgres AI Cloud Service, a high-availability, Oracle-compatible Postgres database platform targeting enterprise customers. The company is well-established with a 23-year domain age and strong domain protection, reflecting a stable market presence. The website is built on a modern Drupal 10 CMS, hosted on Amazon AWS infrastructure with CloudFront CDN, and integrates advanced technologies such as Kubernetes for hybrid cloud management. Security posture is strong with HTTPS enforced, HSTS enabled, and multiple security headers implemented, though some improvements like enabling OCSP stapling and tightening CSP enforcement are recommended. Privacy and compliance are well addressed with clear privacy and cookie policies, GDPR compliance indicators, and consent mechanisms. The site provides comprehensive business information, contact channels, and trust signals including customer success stories and a dedicated Trust Center. Overall, the website demonstrates high professionalism, technical maturity, and business credibility.

M

Mirantis

k0smotron.io

63

k0smotron.io is a professionally designed website representing an open source Kubernetes operator project focused on managing k0s control planes and clusters. The project is affiliated with Mirantis, a recognized company in the cloud native and Kubernetes ecosystem. The website provides comprehensive technical content, documentation links, and community resources targeting Kubernetes operators and enterprises managing multi-cluster environments. Technically, the site is hosted on GitHub Pages, uses modern web technologies including Bootstrap and FontAwesome, and integrates privacy-respecting analytics via Plausible. Security posture is adequate with HTTPS and OCSP stapling enabled, but lacks some best practices such as HSTS and explicit security policies. Privacy compliance is good with a comprehensive privacy policy linked from Mirantis, though no cookie consent mechanism is present. Overall, the site is trustworthy, professional, and well-aligned with its business purpose.

M

Mirantis

k0rdent.io

40

k0rdent.io is a professionally designed website representing an open-source Kubernetes-native distributed container management platform developed and originated by Mirantis. The platform targets platform engineering teams and enterprises managing multi-cloud, hybrid, and edge environments, focusing on modern workloads such as AI and ML. The website provides comprehensive content, including detailed descriptions, use cases, videos, and community engagement channels, reflecting a mature and well-positioned technology offering. Technically, the site is hosted on GitHub Pages, uses modern web technologies like Bootstrap and jQuery, and integrates Plausible Analytics for minimal user tracking. However, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security deficiency. Security headers are partially implemented, but the absence of HTTPS significantly lowers the security posture. Privacy compliance is basic, with a privacy policy linked but no cookie consent mechanism despite analytics usage. Business credibility is strong due to clear branding, parent company association, and open-source transparency. Overall, the site is trustworthy and professional but requires urgent security improvements.

Bharat Fritz Werner Ltd. (BFW) is a well-established Indian manufacturer specializing in Vertical Machining Centers (VMCs) and CNC machine tools, boasting over 60,000 global installations. The company targets industrial manufacturing sectors and offers an online platform for machine enquiries and purchases. The website reflects a professional and consistent brand presence with clear contact details and social media integration. Technically, the site uses a modern JavaScript and CSS stack including jQuery, Bootstrap, and FontAwesome, hosted on GoDaddy infrastructure. However, the absence of a valid SSL certificate and HTTPS significantly undermines the security posture. While forms implement CSRF tokens and OTP verification, the lack of HTTPS and security headers exposes users to risks. Privacy compliance is minimal, with no cookie consent mechanism despite cookie usage. Overall, the site is functional and business-focused but requires urgent security improvements to protect user data and enhance trust.

RCSRD d.o.o. is a Serbia-based technology company specializing in open-source software solutions, technical support, development, and education. Founded in 2007 through partnerships with industry leaders such as Red Hat and IBM, RCSRD serves a broad Southeast European market with enterprise-grade open-source products and services. The company maintains a medium-sized international team and subsidiaries in Vienna and Katowice, positioning itself as a regional leader in open-source innovation. Technically, the website is built on the Bitrix CMS platform, utilizing modern web technologies including jQuery, Bootstrap, and OwlCarousel. Google Tag Manager is employed for analytics and tracking. The site is mobile-optimized with good navigation and professional design, though accessibility and SEO optimizations are basic. Performance metrics are unavailable. From a security perspective, the website lacks HTTPS and SSL/TLS encryption, representing a critical vulnerability. While some security headers are present, the absence of encryption and modern TLS protocols significantly reduces the security posture. No privacy or cookie policies are found, indicating compliance gaps with GDPR and related regulations. Contact information is clearly provided, enhancing business credibility. Overall, the website demonstrates solid business credibility and content quality but suffers from critical security and privacy compliance issues. Strategic improvements in SSL implementation, privacy policy publication, and security best practices are recommended to enhance trust and protect user data.

SLOS is an enterprise software company specializing in open-source based software platforms designed for stability, security, and performance. Their product suite includes enterprise, virtualization, middleware, storage, cloud, application, container, and automation platforms targeting modern business needs. The company operates primarily from Serbia with subsidiaries in Vienna and Katowice. Technically, the website is built on Bitrix Site Manager CMS with common web technologies like jQuery and Bootstrap, but lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented but overall security posture is weak due to missing HTTPS and DNS security features. The website lacks privacy and cookie policies, impacting compliance and user trust. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security and compliance improvements.

B

Bad & Energie Service

badundenergieservice.at

40

Bad & Energie Service GmbH is a specialized service provider based in Austria, focusing on installation and maintenance services in the energy and bathroom furnishing sectors. The company operates primarily on behalf of installers, offering services such as the installation of bathroom furniture, shower partitions, and the commissioning and maintenance of heat pumps, air conditioning systems, and photovoltaic systems. Their market position is that of a niche service provider supporting handcraft businesses and installers, aiming to increase efficiency and capacity for their clients. The website reflects a professional business with clear service offerings and a partnership-oriented business model. Technically, the website is built on WordPress with a modern PHP backend and uses common web technologies including jQuery and FontAwesome. SEO is well implemented with Yoast SEO plugin and structured data. However, the site lacks a valid SSL certificate, which severely impacts security posture and user trust. The absence of HTTPS and security headers exposes the site to risks and reduces its security score. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy page, but no explicit security or incident response policies are found. Overall, the website is functional and professional but requires urgent improvements in security infrastructure to meet modern standards.

M

Mailinblack

mailinblack.com

67

Mailinblack is a mature French cybersecurity company founded in 2003, specializing in user-centered cybersecurity solutions for enterprises, healthcare establishments, and public administrations. Their flagship platform, U-Cyber 360°, integrates multiple services including email protection, password management, phishing simulation, and e-learning cybersecurity training. With over 22,000 clients and a strong market presence, Mailinblack positions itself as an innovative and accessible provider in the cybersecurity industry. Technically, the website is built on WordPress with modern technologies such as Apache server, jQuery, and performance optimizations via WP Rocket. The site is well-optimized for SEO, mobile responsiveness, and accessibility, featuring comprehensive metadata, structured data, and multi-language support. Hosting appears to be on Microsoft Azure, ensuring reliable infrastructure. From a security perspective, the site employs HTTPS with a valid wildcard SSL certificate, includes important security headers like X-Frame-Options, X-XSS-Protection, and Content-Type-Options, and has properly configured DNS records including SPF and DMARC for email security. However, improvements such as enabling HSTS fully, implementing DNSSEC, and enabling OCSP stapling could enhance security further. No critical vulnerabilities or WAF blocking were detected. Overall, the website demonstrates a strong security posture, professional business credibility, and good privacy compliance with clear policies and consent mechanisms. The risk level is low, with recommendations focusing on enhancing security headers and DNS security to maintain trust and compliance.

S

Safetec Protecto GmbH

safetec.at

38

Safetec Protecto GmbH is a specialized engineering and consulting firm based in Austria, founded in 2001. The company focuses on safety, environmental protection, and technical inspection services, offering a broad range of solutions including technical testing of machinery, occupational safety, fire and explosion protection, event safety, and expert witness services. Their market position is that of a reliable and competent partner with over 20 years of experience, targeting industrial clients and organizations requiring compliance and safety consulting. Technically, the website is built on a modern WordPress platform using popular plugins such as LayerSlider, Revolution Slider, Elementor, and Contact Form 7. The site is hosted by basic4web.com and demonstrates good mobile optimization and SEO practices. The presence of GDPR-compliant cookie consent mechanisms and privacy policies indicates a mature digital compliance posture. From a security perspective, the site uses HTTPS and employs GDPR cookie consent tools, but explicit security headers are not clearly visible in the provided data. No critical vulnerabilities or exposed sensitive data were detected. The domain registration data aligns well with the business claims, supporting the legitimacy of the company. Overall, Safetec Protecto GmbH presents a professional and trustworthy online presence with strong compliance and security awareness. Strategic recommendations include enhancing explicit security headers, maintaining up-to-date software, and adding incident response contact details to further strengthen security posture.

Ö

Österreichische Computer Gesellschaft (OCG)

ocg.at

53

The Österreichische Computer Gesellschaft (OCG) is a well-established Austrian non-profit organization focused on promoting IT competencies and certifications. With a history dating back to 1975, the OCG serves as a bridge between science, industry, and the workforce by offering interdisciplinary forums, networking opportunities, and high-quality IT education and certification services. The website reflects a professional and comprehensive digital presence, targeting IT professionals, educators, and industry stakeholders within Austria. The organization maintains a strong market position as a trusted IT society with recognized certifications such as ISO/IEC 27001. Technically, the website is built on Drupal 10, leveraging modern frameworks like Bootstrap and privacy-focused tools such as Cookiebot for consent management and Plausible Analytics for minimal user tracking. The site is mobile-optimized, accessible, and SEO-friendly, providing a smooth user experience. Security practices include HTTPS enforcement and cookie consent, though additional security headers and a formal security policy could enhance the posture further. Overall, the security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, with clear privacy and cookie policies and GDPR adherence. Contact information is transparent, and social media channels are actively linked, enhancing trustworthiness. The domain WHOIS data aligns with the organization's claims, reinforcing legitimacy. Strategic recommendations include implementing additional security headers, publishing a security policy, and adding a security.txt file to support vulnerability disclosure.

H

HEIDI Chocolat SA

heidi-chocolate.com

37

HEIDI Chocolat SA is a premium chocolate manufacturer and retailer based in Romania, established in 2002. The company offers a wide range of chocolate products including pralines, tablets, personalized chocolates, and seasonal items, targeting chocolate consumers worldwide. The website reflects a medium-sized retail business with a focus on craftsmanship, natural ingredients, and positive brand messaging. Technically, the website uses a modern JavaScript stack with libraries such as jQuery, Owl Carousel, and integrates marketing and analytics tools like Facebook Pixel, Google Analytics, and Klaviyo. The site is mobile-optimized and provides a good user experience with clear navigation and product presentation. Security-wise, the site uses HTTPS and implements cookie consent mechanisms compliant with GDPR, but lacks explicit security policies or incident response contacts. Overall, the domain registration and business information are consistent and legitimate, supporting a trustworthy online presence.

S

St Vincent’s Institute of Medical Research

svi.edu.au

54

St Vincent’s Institute of Medical Research (SVI) is a well-established Australian non-profit medical research institute with over 60 years of history. The organization focuses on pioneering research in critical health areas such as cancer, diabetes, heart disease, and infectious diseases. The website reflects a strong commitment to scientific discovery and community engagement, targeting researchers, students, donors, and healthcare professionals. The institute operates with a medium-sized team and emphasizes collaboration and innovation in medical science. Technically, the website is built on a modern WordPress platform using Bootstrap for responsive design, with integration of popular libraries such as jQuery and FontAwesome. It employs Google Analytics for user tracking and Vimeo for video content. The site is well-optimized for SEO and accessibility, with structured data enhancing search engine understanding. Performance is moderate, with good mobile optimization and clear navigation. From a security perspective, the site enforces HTTPS and includes standard security headers, demonstrating good baseline security practices. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a visible cookie consent mechanism and explicit security or incident response policies indicates areas for compliance and transparency improvement. Overall, SVI’s website presents a professional and trustworthy digital presence aligned with its mission. Strategic recommendations include implementing a cookie consent banner, publishing terms of service and security policies, and enhancing privacy compliance to further strengthen user trust and regulatory adherence.

Sakhalin Energy operates as a major energy company focused on oil and gas production projects in Russia, notably the Sakhalin-2 project. The website serves as an informational portal presenting company details, safety and environmental policies, social programs, media releases, tenders, and career opportunities. The business model centers on resource development under a production sharing agreement, targeting industry stakeholders, contractors, and the public. Technically, the website is built on the Bitrix CMS platform and employs legacy technologies such as jQuery 1.8.2, along with modern tools like Google reCAPTCHA and FontAwesome. The site shows moderate performance and basic mobile optimization but lacks advanced accessibility and SEO features. The content is currently limited due to the site being under reconstruction. From a security perspective, the site uses HTTPS and includes reCAPTCHA for form protection but lacks visible security headers and uses outdated JavaScript libraries, which may expose it to vulnerabilities. Privacy compliance is minimal, with a basic privacy policy present but no cookie consent mechanism or GDPR indicators. Contact information and security policies are not clearly provided. Overall, the website presents a moderate risk profile with room for improvement in security practices, privacy compliance, and technical modernization. Strategic enhancements in these areas would strengthen trust and operational resilience.

W

Wise Wolves Group Limited

wise-wolves.com

52

Wise Wolves Group Limited is a Cyprus-based financial services group offering a range of services including investment brokerage, payment institution services, corporate services, and trustee company functions. The group is regulated by CySEC and the Central Bank of Cyprus, holding multiple licenses and memberships that establish its credibility in the financial sector. Their website presents a professional image with clear navigation and detailed descriptions of their subsidiaries and services, targeting investors and businesses seeking financial and corporate solutions. Technically, the website employs a modern technology stack including jQuery, MDBootstrap, and various analytics and tracking tools such as Google Analytics, Facebook Pixel, and Yandex Metrika. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. No CMS is detected, indicating a custom or static site architecture. Performance is moderate with room for improvement in security headers and cookie consent mechanisms. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, it lacks explicit security headers and does not publicly disclose incident response or security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent banner or GDPR compliance indicators. Contact information is clearly provided, enhancing business credibility. Overall, the website scores well in business credibility and content quality but could improve in privacy compliance and security best practices. There are no critical security issues or blocking mechanisms detected, making it a trustworthy platform for its intended audience.

J

Jank Weiler Operenyi Rechtsanwälte (JWO) | Deloitte Legal Österreich

jankweiler.at

48

Jank Weiler Operenyi Rechtsanwälte (JWO) | Deloitte Legal Österreich is a medium-sized, entrepreneurially minded law firm based in Austria, specializing in a broad range of economic and corporate law services. The firm benefits from its integration into the global Deloitte network, offering clients a one-stop-shop for legal and related advisory services. Their market position is strong, supported by multiple industry awards and testimonials from reputable legal ranking organizations. The website reflects a high level of professionalism, with comprehensive content and clear navigation tailored to business clients and private clients alike. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforcement, consent management, and anti-spam measures, though some security headers could be improved. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site and business demonstrate high credibility and trustworthiness.

R

Rechtsanwalt MMag. Florian Horn

fhorn.at

47

Rechtsanwalt MMag. Florian Horn is a Vienna-based legal professional specializing in complex civil litigation, corporate law, constitutional law, contract drafting, mediation, and economic legal cases. The website reflects a small but specialized legal practice with strong academic and civil society engagement, targeting individuals and businesses in Austria. The digital infrastructure is built on WordPress with a modern theme and plugins, providing a good user experience and mobile optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and cookie consent mechanisms are absent, indicating room for improvement in compliance and security best practices. Overall, the website is professional and trustworthy, with clear contact information and social media presence supporting business credibility.

C

Consys.it Srl

consys.it

52

Consys.it Srl is an Italian cybersecurity company specializing in managed security services, compliance solutions, and advanced cybersecurity technologies. The company positions itself as a trusted partner for businesses seeking to protect their digital assets and comply with stringent regulatory requirements. Their website presents a professional and consistent brand image, targeting B2B clients with a comprehensive portfolio of cybersecurity services including Security Operation Center, Security Automation, and Compliance Guard solutions. The technical infrastructure is based on WordPress CMS with modern plugins and integrations such as WPBakery Page Builder, Contact Form 7, Google Tag Manager, and Google reCAPTCHA, indicating a mature digital presence. The site is mobile optimized and includes privacy compliance mechanisms via Iubenda, reflecting attention to GDPR requirements. Security posture is strong with HTTPS enforced, use of reCAPTCHA on forms, and cookie consent management. However, explicit security headers and incident response contact details are not evident, suggesting areas for improvement. The WHOIS data aligns well with the website's business claims, supporting legitimacy and trustworthiness. Overall, Consys.it demonstrates a solid cybersecurity business presence with good technical and privacy compliance, though enhancements in security transparency and incident response communication would strengthen their posture further.

T

Trendwerk

trendwerk.at

6

Trendwerk is a well-established Austrian non-profit organization specializing in social-economic enterprises that activate potentials for job seekers and companies. Their services include a job portal, qualification courses, and personnel placement, targeting both individuals seeking employment and businesses facing staffing challenges. The organization maintains a consistent brand presence and partners with multiple social enterprises and official employment agencies, reinforcing its market position in Austria. Technically, the website is built on TYPO3 CMS with modern frontend technologies such as Bootstrap and FontAwesome, and includes accessibility features. However, the site lacks HTTPS in the provided HTML content, which is a significant security concern. SEO and mobile optimization are good, but the absence of security headers and incident response information indicates room for improvement in security maturity. The security posture is moderate to low due to missing HTTPS and security headers, though no critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is adequate with a privacy policy and cookie banner present, but no explicit consent mechanism is implemented. Business credibility is strong with clear contact information, certifications, and trust indicators. Overall, Trendwerk's website is professional and functional but requires urgent security enhancements to protect user data and improve trust. Strategic improvements in HTTPS deployment, security headers, and incident response readiness are recommended to elevate the security posture and compliance.

Piatnik is a well-established Austrian/German board game and playing card publisher with a strong market presence in the retail sector. The company offers a broad portfolio including board games, card games, puzzles, and personalized products through its online shop. Their website reflects a mature digital presence with clear navigation, brand consistency, and community engagement features such as a club and game tester programs. Technically, the site uses modern web technologies and provides a responsive experience, though some security headers and explicit policies could be improved. The security posture is moderate with HTTPS usage and cookie consent implemented, but lacks visible advanced security policies or incident response contacts. Overall, the domain registration and website content align well, indicating a legitimate and trustworthy business.

S

STAMAG Stadlauer Malzfabrik GesmbH

stamag.at

7

STAMAG Stadlauer Malzfabrik GesmbH is a well-established Austrian company specializing in the production and supply of high-quality malt and baking ingredients, with a tradition spanning over 140 years. The company serves primarily B2B customers in the baking and brewing industries, offering a broad portfolio including base and specialty malts, baking ingredients for bread, fine bakery, and sweets, as well as sourdoughs. STAMAG is part of the IREKS Group, enhancing its market position and operational capabilities. The website reflects a professional and consistent brand image, targeting German-speaking markets with comprehensive product and company information. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies such as jQuery and Slick Slider for interactive elements. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Security-wise, the site enforces HTTPS, employs cookie consent mechanisms compliant with GDPR, and uses Matomo analytics for privacy-respecting visitor tracking. However, explicit security headers could be more visible or documented, and no dedicated security or incident response policies are published. Overall, the website and business demonstrate a mature digital presence with strong compliance and trust indicators. There are no signs of blocking or WAF interference, and the domain registration details align well with the company's identity and history, supporting legitimacy. The company maintains active social media channels and provides clear contact information, enhancing user trust and engagement.

P

Provation

provationmedical.com

52

Provation is a well-established healthcare technology company specializing in clinical documentation and information management solutions. Their product suite includes cloud-based and on-premise software tailored for hospitals, ambulatory surgery centers, anesthesia providers, and care teams. The company emphasizes reducing clinician burden and improving patient care through intelligent, integrated workflows. Technically, the website is built on WordPress with modern plugins and frameworks, demonstrating good digital maturity and mobile optimization. Security posture is strong, supported by recognized certifications such as SOC 2, ISO 27001, and HIPAA compliance, although some security headers could be enhanced. Overall, the site reflects a professional, trustworthy business with a clear focus on healthcare providers. Strategic recommendations include enhancing security headers, adding explicit incident response contacts, and implementing a vulnerability disclosure policy to further strengthen trust and compliance.

D

Diakon

diakon.org

35

Diakon is a well-established non-profit organization founded in 1868, providing a broad range of social services including adoption, foster care, behavioral health, affordable housing, and senior services. The organization targets children, youth, families, and older adults, serving nearly 70,000 individuals annually. Their market position is strong within the non-profit social services sector, supported by a consistent brand presence and multiple service offerings. Technically, the website employs a modern tech stack including jQuery, Bootstrap, and Google Tag Manager, indicating moderate digital maturity. The site is mobile-optimized with good navigation and content relevance. Security posture is adequate with HTTPS usage and CSRF protections, but lacks explicit security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and trustworthy, with room for improvement in security and privacy transparency.

Y

YUMMY Publishing GmbH

yummy.digital

35

YUMMY Publishing GmbH operates the digital publishing platform Yumpu.com, providing tools for converting documents into online magazines with a global user base. The company targets publishers and businesses seeking innovative digital publishing solutions, leveraging cloud hosting and advanced rendering technologies. The website presents a professional brand image with notable client logos and a clear business focus on digital content publishing. Technically, the site uses SilverStripe CMS and common frontend libraries but lacks HTTPS, which is a critical security gap. The absence of SSL/TLS and security headers exposes the site to risks and undermines user trust. Privacy compliance is minimal, with no cookie consent mechanism detected and only a basic privacy policy available. Overall, the site is functional and informative but requires urgent security improvements to meet modern standards.

J

John Cabot University

johncabot.edu

40

John Cabot University is an established American liberal arts university located in Rome, Italy, offering undergraduate and graduate degree programs along with study abroad opportunities. The website effectively targets prospective students, alumni, and academic professionals with comprehensive academic information, events, and community engagement content. The university maintains a consistent brand presence and trust indicators such as accreditation and testimonials. Technically, the site is built on ASP.NET with modern front-end libraries like jQuery and Bootstrap, hosted behind Cloudflare, and uses OmniUpdate CMS. However, performance metrics are missing, and the site lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. The site integrates marketing and analytics tools such as Google Analytics and HubSpot forms, indicating a mature digital marketing approach. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

S&P Global Commodity Insights is a leading enterprise providing comprehensive commodity market data, price assessments, and analytics, leveraging over a century of expertise. The website is professionally designed, highly relevant to its target audience of energy and commodity market professionals, and employs modern technologies including Adobe Experience Manager and various JavaScript libraries. However, a critical security issue is present due to an invalid or missing SSL certificate, which significantly impacts the site's security posture. Despite this, the site maintains strong privacy compliance with clear policies and consent mechanisms. The domain registration data aligns well with the business identity, reinforcing legitimacy. Strategic recommendations include immediate remediation of SSL issues, enhancement of security policies, and implementation of incident response and vulnerability disclosure frameworks.

F

FLUSSBAU iC GesmbH

flussbau-ic.at

25

FLUSSBAU iC GesmbH is a specialized consulting company operating internationally with a focus on water and river engineering, including flood protection, hazard zone planning, and water infrastructure construction. The company offers comprehensive services from planning to execution and engages in research and development to maintain innovation. The website reflects a professional and consistent brand presence targeting professionals and organizations in the water engineering and environmental sectors. Technically, the website is built on TYPO3 CMS with common web technologies like jQuery and Bootstrap, providing a good user experience and mobile optimization. However, the absence of HTTPS is a critical security flaw that severely impacts the site's security posture. The site implements a cookie consent mechanism and provides clear contact information, but lacks advanced security headers and domain security features such as DNSSEC and CAA records. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in security and compliance are recommended to enhance trust and protect user data.

E

ELEA iC projektiranje in svetovanje d.o.o.

elea.si

26

ELEA iC projektiranje in svetovanje d.o.o. is a well-established Slovenian engineering and architectural consulting firm with over 30 years of experience. The company offers a broad range of services including structural engineering, geotechnics, architecture, low construction, geology, hydrogeology, and project management. It is part of the iC Group, a larger interdisciplinary consulting group based in Vienna, which enhances its market reach and expertise. The website is professionally designed, content-rich, and targets clients in the construction, infrastructure, and real estate sectors primarily in Slovenia. The firm emphasizes sustainability and advanced technologies such as BIM in its operations.

I

ITH icoserve technology for healthcare GmbH

ith-icoserve.com

40

ITH icoserve technology for healthcare GmbH is a medium-sized company operating in the healthcare technology sector, specializing in innovative software solutions for medical data management and healthcare networking. As a subsidiary of Siemens Healthineers, it holds a strong market position as a leading software provider in Health IT. The website is professionally designed with good content quality and clear navigation, targeting healthcare providers and IT professionals. Technically, the site is built on TYPO3 CMS with modern frontend libraries, but lacks a valid SSL certificate, which is a critical security shortfall. Security headers are properly configured, but the absence of HTTPS significantly reduces the security posture. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism via Cookiebot. Contact information is clearly presented, enhancing business credibility. Overall, the site is trustworthy but requires urgent security improvements.

S

STAPPERT

stappert.biz

18

STAPPERT is a leading European stockholder and supplier of stainless steel long products and fittings, targeting industrial and business customers. The company emphasizes a comprehensive product range, quality, and customer-oriented service. The website is built on WordPress with professional SEO and multilingual support, indicating a mature digital presence. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to potential risks. Cookie consent is managed via a third-party tool, and contact forms are protected with reCAPTCHA, showing some privacy awareness. Overall, the site is functional and professional but requires urgent security improvements to protect data and build trust.

D

daten-strom.Medical-IT-Services GmbH

datenstrom.net

19

daten-strom.Medical-IT-Services GmbH is a specialized small business focused on providing secure digital transformation services in the healthcare sector, including IT security, telematics, and data protection for medical and care facilities in Germany and Austria. Their website presents a professional image with comprehensive content targeting healthcare providers such as doctors, therapists, and care institutions. Technically, the site is built on the Contao CMS platform using common web technologies like jQuery and Revolution Slider, with good mobile optimization and user experience. However, the absence of HTTPS and valid SSL certificates represents a critical security vulnerability, exposing users to potential data interception risks. The website includes privacy and cookie policies with consent mechanisms, reflecting GDPR compliance efforts, but lacks explicit terms of service and security policy documentation. DNS records for the domain are missing, raising concerns about domain configuration and legitimacy. Overall, while the business content and presentation are solid, significant improvements in security infrastructure are urgently needed to protect sensitive healthcare data and enhance trust.

The website finanzamt-geilenkirchen.de serves as the official online presence of the Finanzamt Geilenkirchen, a regional tax office under the Oberfinanzdirektion Nordrhein-Westfalen in Germany. It provides comprehensive tax-related information, contact details, online services such as appointment booking and electronic tax declaration (ELSTER), and current news updates. The site targets residents and businesses in the Nordrhein-Westfalen region, offering clear navigation and well-structured content tailored to public service needs. Technically, the website is built on the Drupal CMS platform, utilizing modern web technologies including Apache server, Matomo analytics for user tracking, and a robust Content Security Policy. The site demonstrates good mobile optimization and accessibility features, ensuring usability across devices and for users with disabilities. However, the SSL/TLS configuration is critically flawed, with no valid certificate and no TLS protocols enabled, which undermines secure HTTPS access. From a security perspective, the site implements several best practices such as strict security headers (X-Frame-Options, X-Content-Type-Options, CSP), HSTS with preload directive, and referrer policies. Despite these, the lack of a valid SSL certificate and HTTPS support is a major vulnerability that must be addressed urgently to protect user data and maintain trust. Overall, the website is professional, trustworthy, and compliant with GDPR, featuring clear privacy and cookie policies with consent mechanisms. The business credibility is high given its government affiliation, but the security posture is currently weak due to SSL issues. Strategic recommendations include immediate remediation of SSL/TLS configuration, enhancement of session security features, and continuous monitoring of security compliance.

C

CASO Document Management

scanpointusa.com

24

CASO Document Management is a medium-sized technology company specializing in document scanning, content management software, workflow automation, and related hardware solutions. Their website showcases a comprehensive portfolio of services and products aimed at helping businesses transition to paperless workflows and improve operational efficiency. The company holds a SOC 2 Type II certification, reinforcing their commitment to security and trust. Technically, the website is built on WordPress with the Divi theme and integrates various modern web technologies including Gravity Forms and Google Analytics. However, a critical security gap is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the website is professional, content-rich, and trustworthy but requires urgent attention to its SSL/TLS configuration to ensure secure communications and maintain user trust.

SEQIS GmbH is a specialized IT service provider based in Austria, focusing on software testing, IT analysis, and project management. The company offers a broad range of services including remote testing, DevOps, training, and quality assurance, targeting businesses seeking to improve their software quality and IT project outcomes. The website is professionally designed, content-rich, and well-structured, primarily in German, with clear navigation and active social media engagement. Technically, the website runs on a PHP 8.2.28 backend with nginx and uses the Contao CMS along with Bootstrap and jQuery for frontend functionality. Despite a modern tech stack, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. Performance data is missing, but the site appears mobile-optimized and SEO-friendly. Security posture is weak due to the absence of HTTPS, no DNSSEC, and no CAA records, although several security headers are present. Privacy compliance is good with a comprehensive privacy policy and cookie consent via Cookiebot. Contact information is clearly provided, enhancing business credibility. WHOIS data confirms domain legitimacy and consistency with the business location. Overall, the site is functional and professional but requires urgent security improvements, especially SSL/TLS implementation, to enhance trust and protect user data.

The Stadtgemeinde Mödling website serves as the official digital portal for the city of Mödling, Austria, providing residents and visitors with comprehensive municipal information, news, events, and public services. The site targets local citizens and stakeholders, offering easy access to administrative contacts, service forms, and cultural activities. The business model is that of a government entity focused on transparency and community engagement. Technically, the website employs a custom RIS CMS platform with common web technologies such as jQuery, Bootstrap, and FontAwesome, and integrates Matomo for analytics. However, the absence of HTTPS is a critical security flaw that undermines user trust and data protection. Security headers are partially implemented, but the lack of SSL/TLS and modern protocols significantly lowers the security posture. Privacy compliance is moderate, with a clear privacy policy but no cookie consent mechanism. Overall, the site is professional and trustworthy but requires urgent security upgrades.

E

EFM Versicherungsmakler AG

efm.at

24

EFM Versicherungsmakler AG is a leading insurance brokerage firm in Austria, serving both private and commercial clients with a wide range of insurance products and services. The company positions itself as the number one insurance broker in Austria with over 75 locations and more than 120,000 customers. Their business model focuses on independent insurance comparison and personalized local broker services. The website is built on TYPO3 CMS with Bootstrap and jQuery, featuring a professional design and good navigation, targeting German-speaking Austrian customers. However, the technical infrastructure shows weaknesses, notably the lack of a valid SSL certificate and the use of an outdated PHP version, which pose significant security risks. Cookie consent and privacy policies are implemented, reflecting GDPR compliance efforts. The site integrates Google Analytics and Facebook Pixel for analytics and marketing purposes, with moderate user tracking.

H

Hotel Das Innsbruck GmbH & CO. KG

hotelinnsbruck.com

38

Hotel Das Innsbruck GmbH & CO. KG operates a 4-star hotel located in the historic center of Innsbruck, Austria. The business offers a range of hospitality services including accommodation, wellness and spa facilities, conference and seminar hosting, and dining options. The website is professionally designed with excellent content quality and clear navigation, targeting tourists and business travelers seeking premium lodging and event services in Innsbruck. The company has a strong market position supported by recognized certifications such as the TripAdvisor Certificate of Excellence and Gault Millau recommendations. Technically, the website uses a modern CMS (Condeon) and popular JavaScript libraries, but suffers from slow performance and lacks HTTPS, which is a critical security gap. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy policy. Business credibility is high with transparent contact information and structured data markup.

K

KAUFMANN S.A

kaufmann.cl

36

Kaufmann S.A is a leading automotive company in Chile specializing in the sale and servicing of automobiles, commercial vehicles, and related products. The website reflects a comprehensive digital presence with extensive content covering various vehicle categories, after-sales services, and customer support. The company maintains a strong market position with a wide network of branches across Chile and partnerships with recognized brands and service providers. Technically, the site is built on the Liferay CMS platform, utilizing modern web technologies such as React and jQuery, but suffers from a critical lack of HTTPS support due to an invalid or missing SSL certificate, which significantly impacts its security posture. Security headers are present but insufficient without proper SSL/TLS implementation. Privacy compliance is moderate with a clear privacy policy but no visible cookie consent mechanism. Overall, the site offers good user experience and content quality but requires urgent security improvements to protect user data and enhance trust.