Security Directory

K

Kammer für Arbeiter und Angestellte für Wien

akwien.at

40

The website akwien.at represents the Kammer für Arbeiter und Angestellte für Wien, a government-related non-profit organization advocating for workers' rights and social services in Vienna, Austria. The site offers comprehensive information and services including legal advice, consumer protection, educational resources, and digitalization funding. It targets employees and workers in Vienna, providing a rich content experience with clear navigation and strong branding. Technically, the site is built on a Gentics Portal CMS with a modern tech stack including jQuery, Bootstrap, Matomo Analytics, and Usercentrics for consent management. Hosting is provided by Anexia. While the site is mobile optimized and accessible, performance metrics indicate slow loading, and the SSL/TLS configuration is currently invalid, which is a critical security concern. Security posture is moderate with several security headers implemented, but the lack of a valid SSL certificate and disabled TLS protocols significantly reduce the security score. Privacy compliance is good, with a clear privacy policy and cookie consent mechanism in place. Business credibility is high due to consistent branding, official contact information, and alignment with WHOIS data. Overall, the site is a professional and trustworthy resource for workers in Vienna but requires urgent improvements in SSL/TLS configuration and performance optimization to enhance security and user experience.

N

N-SIDE

n-side.com

38

N-SIDE is a specialized deeptech company focusing on providing optimization and analytics solutions for the life sciences and energy sectors. Their offerings include software and professional services aimed at improving pharmaceutical manufacturing efficiency, clinical trial management, and energy forecasting and power matching for market participants. The website reflects a professional digital presence built on HubSpot CMS, leveraging modern web technologies and marketing tools such as Google Tag Manager. However, the security posture is weak due to the absence of a valid SSL certificate and proper HTTPS configuration, which poses a significant risk to user trust and data security. Privacy compliance is minimal, with no visible privacy or cookie policies, and no explicit contact information is provided on the homepage. Overall, the site demonstrates moderate business credibility and technical maturity but requires urgent improvements in security and privacy compliance to meet industry standards.

K

Katun Corporation

katun.com

37

Katun Corporation is a well-established global provider of OEM-compatible imaging supplies, photoreceptors, and parts for copiers, printers, and multifunction printers (MFPs). With over 45 years in the industry, Katun serves a broad B2B audience including distributors and businesses worldwide. The company emphasizes quality, cost savings, and service levels, supported by a professional and content-rich website that highlights its global reach and product offerings. Technically, the website is built on WordPress with modern SEO and marketing tools such as Yoast SEO and Visual Website Optimizer, and supports multiple languages via WPML. However, the site suffers from a critical security deficiency: the absence of a valid SSL/TLS certificate and HTTPS support, which severely impacts its security posture and trustworthiness. Additionally, no cookie consent mechanism is present despite the use of tracking scripts, indicating partial privacy compliance. Overall, the business credibility and content quality are strong, but the security shortcomings require urgent remediation.

F

First Advisory

first.li

40

First Advisory is a well-established financial advisory and wealth management firm with over 70 years of private ownership and a strong presence in Liechtenstein and international financial centers. The company offers a broad range of services including asset structuring, legal and tax consulting, investment advisory, and family office services, targeting private and corporate clients seeking comprehensive financial solutions. The website reflects a mature digital presence built on Concrete CMS, with modern web technologies and a focus on user experience and multilingual support. Security posture is solid with appropriate HTTP security headers and cookie consent mechanisms, though DNSSEC and CAA records are absent and could be improved. Contact information is clearly provided with GDPR-compliant forms and multiple international office contacts. Overall, the site demonstrates high professionalism and trustworthiness, aligning well with the company's long-standing market position.

R

Redline Enterprise GmbH

redlineenterprise.com

40

Redline Enterprise GmbH is a leading Austrian full-service provider specializing in event technology, offering comprehensive solutions including lighting, sound, video, LED technology, live streaming, and stage and rigging construction. The company serves a diverse clientele including international brands, renowned events, and top musical acts, positioning itself as a trusted partner in the media and event production industry. Their website is professionally designed, content-rich, and targets event organizers, corporate clients, and production companies. Technically, the site runs on TYPO3 CMS with modern PHP and uses common web technologies such as jQuery and Bootstrap. However, the absence of a valid SSL certificate and proper HTTPS configuration significantly impacts their security posture. While security headers are partially implemented, critical improvements are needed to secure user data and communications. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website reflects a medium-sized enterprise with a solid market position but requires urgent security enhancements to align with best practices.

Pension Gatterhof is a small hospitality business located in Riezlern, Kleinwalsertal, Austria, offering holiday apartments and rooms with breakfast and hotel services. The website is built on TYPO3 CMS with a modern responsive design and includes online booking capabilities and social media integration. However, the site lacks a valid SSL certificate, exposing visitors to security risks and reducing trust. Privacy and cookie policies are present but basic, and no explicit security or incident response policies are found. The domain registration is consistent with the business claims and shows a stable history since 2008. Overall, the website provides a good user experience but requires significant security improvements to protect users and enhance credibility.

Xylem Inc. is a leading enterprise specializing in innovative water solutions and water technology, serving diverse sectors including energy, municipal water, healthcare, and manufacturing. The company offers a broad portfolio of products and services such as water and wastewater treatment systems, pumps, digital water solutions, and parts and supplies. Their market position is strong with a global footprint and multiple subsidiary brands. The website reflects a professional and comprehensive digital presence with excellent content quality and consistent branding. Technically, the site uses modern JavaScript frameworks, Google Tag Manager for analytics, and is hosted behind Cloudflare, but lacks a valid SSL certificate, which significantly impacts its security posture. Security headers are present but the absence of HTTPS and related SSL/TLS features lowers the overall security score. Privacy policies and terms of service are well documented, though no explicit cookie consent mechanism was detected. Contact information is primarily via contact forms with no direct emails or phone numbers found. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS implementation to enhance security and user trust.

U

USU GmbH

usu.de

40

USU GmbH is a well-established enterprise technology company headquartered in Germany, specializing in IT service management, software asset management, knowledge management, cloud management, and digital consulting solutions. The company targets large enterprises and organizations seeking to optimize their IT landscapes and customer service experiences through AI-powered tools and services. USU maintains a strong market position supported by a comprehensive product portfolio, global customer base, and industry recognitions. Technically, the website is built on Drupal 10 with a modern tech stack including jQuery and various marketing and analytics integrations. The site is well-optimized for mobile and SEO, providing excellent user experience and navigation. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of TLS support, which significantly impacts the security posture. Privacy policies and cookie consent mechanisms are present and appear GDPR compliant, supporting the company's commitment to data protection. Overall, USU demonstrates high business credibility and professionalism but must urgently address its SSL/TLS configuration to ensure secure communications and maintain trust.

P

Pittel+Brausewetter Holding GmbH

pittel.at

40

Pittel+Brausewetter Holding GmbH is a well-established Austrian family-owned construction company with over 150 years of experience. They specialize in a broad range of construction services including road, civil, industrial, structural, bridge, and sports facility construction. The company maintains a strong market position with multiple reference projects and a consistent brand presence. Technically, the website is built on WordPress using common plugins and themes, with moderate performance and good mobile optimization. However, a critical security weakness is the lack of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Contact information and social media presence are clearly provided, enhancing business credibility.

T

Tenne Export-Import Handelsgesellschaft m.b.H.

tenne.at

40

Tenne Export-Import Handelsgesellschaft m.b.H. is a well-established Austrian retail company specializing in bathroom products and complete bathroom systems. With over 40 years of industry experience, the company operates multiple showrooms across Austria and offers an online shop, targeting both end consumers and business clients. Their product range includes bathroom furniture, fittings, tiles, showers, and accessories, supported by services such as online bathroom planning and mobile consultation. The company holds reputable certifications and awards, reinforcing its strong market position as a leading bathroom retailer in Austria. Technically, the website is built on WordPress with a variety of plugins including Yoast SEO, Borlabs Cookie for consent management, and Contact Form 7 for user interactions. The site uses Apache hosting likely provided by Telekom Austria. While the site is rich in content, well-structured, and optimized for SEO and mobile devices, it suffers from a critical security shortfall: the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Security-wise, the site lacks modern TLS protocols, HSTS headers, and email security measures such as DMARC and DNSSEC. However, it employs reCAPTCHA on forms and avoids known SSL vulnerabilities. Privacy compliance is strong with comprehensive policies and cookie consent mechanisms in place. Contact information is abundant and clearly presented, enhancing business credibility. Overall, the website is professional, content-rich, and trustworthy from a business perspective but requires urgent improvements in SSL/TLS configuration and security headers to protect user data and improve trustworthiness. Addressing these issues will elevate the site's security score and user confidence.

TIMETRON is a mature, family-owned investment company based in Vienna, Austria, with a diversified portfolio in consumer goods, medical devices, real estate, and e-commerce. The company has a strong market presence with 40 years of history and focuses on financing innovative brands and projects. The website reflects a professional business with good content quality and moderate branding consistency. Technically, the site uses a traditional Apache server with PHP and several JavaScript libraries but lacks modern security implementations such as HTTPS. The absence of a valid SSL certificate and security headers significantly impacts the security posture. Privacy compliance is basic, with a cookie consent banner but no dedicated privacy policy on the main domain. Overall, the site is functional but requires improvements in security and privacy to meet modern standards.

M

MUSO TNT

muso.com

40

MUSO TNT is a UK-based company specializing in data-driven content intelligence and content protection solutions for the media and entertainment industry. The company offers services including audience demand measurement, piracy intelligence, and automated protection for independent content creators. It holds a strong market position, trusted by major global media companies and industry associations. The website is professionally designed, content-rich, and targets enterprise clients and indie creators alike. Technically, the site is built on HubSpot CMS, uses Cloudflare for hosting and CDN, and integrates various marketing and analytics tools such as Google Analytics 4 and LinkedIn Insight Tag. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which poses risks to data confidentiality and user trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website demonstrates good business credibility and digital maturity but requires urgent improvements in SSL/TLS configuration to enhance security.

S

Smettly GmbH

bikecitizens.net

23

Bike Citizens, operated by Smettly GmbH, is a specialized company focused on enhancing the cycling experience through its app, smartphone mount product, and data services for urban mobility. The company targets cyclists, municipalities, and city planners, positioning itself as a niche leader in the transportation sector with a strong community and partnership approach. Technically, the website is built on the Odoo CMS platform with modern frontend assets and uses Google Tag Manager for analytics. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that significantly undermines user trust and data protection. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit security or incident response policies are found. Overall, the website is professional and content-rich but requires urgent security improvements to align with best practices and user expectations.

T

Transped Europe GmbH

transped.at

38

Transped Europe GmbH is a medium-sized Austrian transportation and logistics company specializing in European haulage and intermodal freight transportation since 1983. The company positions itself as a specialist in European road haulage, targeting logistics customers and transport partners across Europe. The website reflects a professional business with clear navigation and relevant content focused on their core services. Technically, the site uses a custom ASP.NET backend with common frontend libraries such as jQuery and Bootstrap, but lacks modern security implementations such as HTTPS and security headers, which significantly impacts its security posture. The absence of a valid SSL certificate and missing security headers expose the site to potential risks and reduce trustworthiness. Privacy compliance is basic, with a privacy policy and cookie consent mechanism present, but no explicit data protection officer or incident response information is found. Overall, the website is functional and informative but requires urgent security improvements to protect user data and enhance trust.

H

HellermannTyton

hellermanntyton.at

40

HellermannTyton is a well-established manufacturer and provider of cable management and connectivity products, serving industrial sectors such as manufacturing, energy, and transportation. The website presents comprehensive product information, industry solutions, and sustainability initiatives, targeting professional and industrial customers primarily in Austria and surrounding regions. The company maintains a strong brand presence with consistent design and multiple social media channels. Technically, the website uses a modern tech stack including Apache, jQuery, Google Tag Manager, and Usercentrics for consent management, hosted behind Cloudflare DNS services. However, the SSL/TLS configuration is outdated, supporting only TLS 1.1 without TLS 1.2 or 1.3, which is a security concern. Security headers are well implemented, including a strict Content Security Policy and HSTS header, though HSTS is not fully enabled in SSL configuration. Privacy compliance is strong with clear privacy and cookie policies and active consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and compliant, but would benefit from modernizing its TLS support and enhancing SSL configurations.

H

Habich GmbH

habich.com

37

Habich GmbH is a well-established Austrian manufacturer specializing in inorganic specialty pigments for various industrial applications including coatings, construction chemicals, ceramics, printing inks, and plastics. The company has a long tradition dating back to 1846 and serves a global B2B market with a broad product portfolio including corrosion protection pigments, organic colorants, pigment preparations, and aqueous binder dispersions. Their website reflects a consistent and professional brand image with detailed product information and clear contact details. Technically, the site uses modern front-end libraries and the SilverStripe CMS, but lacks a valid SSL certificate, which is a critical security gap. The cookie consent mechanism is implemented and GDPR compliant, supporting privacy best practices. However, no explicit security policies or incident response information is provided. Overall, the website is functional and professional but requires urgent security improvements to enable HTTPS and enhance trust.

S

SCHMIDT Groupe

cuisines-schmidt.com

29

SCHMIDT Groupe operates a comprehensive and professionally designed website focused on custom interior design solutions including kitchens, furniture, and bathrooms. The company is a leading French manufacturer with a strong market position and a large-scale retail business model. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, extensive use of analytics and marketing tools, and a clear focus on user experience and mobile optimization. However, a critical security gap exists due to the absence of a valid SSL certificate and proper HTTPS configuration, which significantly impacts the security posture and trustworthiness of the site. Privacy and cookie policies are well implemented, indicating good compliance with GDPR requirements. Overall, the site is content-rich and trustworthy but requires urgent remediation of its SSL/TLS configuration to meet modern security standards.

W

Wilfried Heinzel AG

heinzelsales.com

29

Wilfried Heinzel AG operates the heinzelsales.com website as a global sales network specializing in pulp and paper products. The company is headquartered in Vienna, Austria, and is recognized as a leading trading house in the forest products industry. Their business model focuses on connecting suppliers and customers worldwide, supported by local representation in 28 countries and invoicing centers in major global cities. The website content reflects a professional and consistent brand image targeting industry stakeholders seeking sustainable pulp, paper, and packaging solutions. Technically, the website employs a traditional stack including nginx, jQuery, Bootstrap, and FontAwesome. However, it lacks HTTPS support, which is a critical security deficiency. The site shows basic mobile optimization and accessibility but suffers from slow performance and missing modern security configurations. No advanced CMS or analytics tools are detected, indicating a relatively simple technical infrastructure. From a security perspective, the absence of SSL/TLS encryption severely undermines user trust and data protection. While cookie consent and privacy policies are present and GDPR compliant, the lack of HTTPS and security headers exposes the site to risks. No incident response or vulnerability disclosure mechanisms are evident, limiting transparency and preparedness. The WHOIS data confirms domain legitimacy and consistency with the business identity. Overall, the website is functional and professionally presented but requires urgent security improvements, especially implementing HTTPS and enhancing server security headers. Strategic recommendations include upgrading SSL/TLS, enabling HSTS, and adopting security best practices to protect users and improve trustworthiness.

R

r4r - Jürgen Müller Management Partners

responsible4results.com

40

r4r - Jürgen Müller Management Partners is a small, established management consulting firm based in Austria, specializing in business transformation, strategy, M&A, processes, and systems. The company targets top management, growth companies, and innovative startups primarily in Central Europe. Their consulting approach emphasizes responsibility from idea to realization, supported by documented references and a partner network across Austria, Germany, Slovenia, and Croatia. The website content is professional, well-structured, and primarily in German, reflecting their regional focus. Technically, the website is built on WordPress hosted on WordPress.com infrastructure, utilizing common plugins such as Yoast SEO, WPBakery Page Builder, and Jetpack. While the site is mobile optimized and SEO friendly, performance data is lacking, and some technical aspects like SSL/TLS are critically deficient. The absence of a valid SSL certificate and modern TLS protocols significantly undermines the security posture. Tracking tools like Mouseflow and WordPress.com Stats are used, indicating moderate user tracking without clear privacy compliance mechanisms. Security-wise, the site lacks a valid SSL certificate, modern TLS support, and cookie consent mechanisms, which are critical for protecting user data and complying with GDPR. No explicit security or incident response policies are published, and no vulnerability disclosure or data protection officer information is available. These gaps present compliance and trust challenges that should be addressed promptly. Overall, the website presents a credible business with professional content and consistent branding but suffers from critical security and privacy shortcomings. Strategic improvements in SSL deployment, privacy compliance, and security transparency are recommended to enhance trust and regulatory adherence.

Electro Terminal GmbH & Co KG is a medium-sized Austrian manufacturer specializing in connection technology for lighting, household appliances, and electrical installations. With over 60 years of experience and recognized innovation awards, the company serves OEMs and manufacturers with development, manufacturing, and distribution of connectors and related components. The website is built on TYPO3 CMS with modern frontend libraries and includes clear business and contact information, social media presence, and compliance-related pages such as privacy and cookie policies. However, the absence of HTTPS/SSL is a critical security vulnerability that significantly impacts the site's security posture. While cookie consent mechanisms and privacy policies are in place, no explicit security policy or incident response information is found. The WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the website demonstrates good content quality and business credibility but requires urgent security improvements.

S

SLB

slb.com

40

SLB is a global energy technology company focused on driving innovation for a balanced planet. Their website showcases a comprehensive portfolio of solutions spanning decarbonization, digital transformation, and traditional oil and gas services. The company targets energy industry professionals, investors, partners, and job seekers, positioning itself as a market leader with extensive service offerings and a strong sustainability commitment. Technically, the website employs modern technologies such as jQuery, Brightcove video, Coveo search, and integrates multiple analytics and marketing tools. The site is well-designed, mobile-optimized, and offers rich content with clear navigation. However, the security posture is weakened by an invalid or missing SSL certificate and lack of HTTPS support, which is a critical issue. Privacy compliance is strong with clear policies and cookie consent mechanisms. Overall, the site reflects a mature enterprise with good business credibility but requires urgent security improvements to protect user data and maintain trust.

W

Worksoft Inc.

worksoft.com

35

Worksoft Inc. is a global technology company specializing in codeless test automation software designed to help enterprises accelerate business process testing and digital transformation. The company positions itself as a trusted partner for large organizations, offering a suite of products that enable business and IT teams to automate complex workflows without coding expertise. The website reflects a professional and consistent brand image with detailed product information and client endorsements, targeting enterprise customers in the technology sector. Technically, the site is built on WordPress and hosted on WP Engine with Cloudflare CDN, leveraging modern JavaScript libraries and integrations such as HubSpot for marketing and Wistia for video content. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly undermines the site's security posture. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but lacks cookie consent mechanisms and explicit GDPR compliance indicators. Overall, the website demonstrates good business credibility and content quality but requires urgent security improvements to protect user data and maintain trust.

ArcelorMittal Construction is a large, established manufacturing company specializing in steel-based building solutions for architectural projects, with a strong presence in Austria and multiple European markets. The website reflects a professional and comprehensive business offering, targeting construction professionals and project developers with a broad portfolio of products and services emphasizing sustainability and innovation. Technically, the website uses modern JavaScript libraries and analytics tools, hosted behind Cloudflare, but suffers from a critical lack of valid SSL/TLS configuration, exposing users to security risks. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. The security posture is weak due to missing HTTPS, but other security headers and practices are present. Overall, the website is trustworthy and professional but requires urgent security improvements to protect users and maintain credibility.

W

Weitzer Parkett Vertriebs GmbH

weitzer-parkett.com

40

Weitzer Parkett Vertriebs GmbH is a well-established Austrian family-owned manufacturer and distributor of parquet flooring and wooden stairs, with a history dating back to 1831. The company holds a leading market position in Austria and is recognized as one of the top parquet manufacturers in Europe. Their product portfolio includes innovative parquet solutions such as Pflegefrei-Parkett, Gesund-Parkett, and Flüster-Parkett, emphasizing sustainability and ecological responsibility. The website reflects a mature digital presence with comprehensive product information, multi-language support, and strong branding consistency. Technically, the website is built on WordPress with WooCommerce, utilizing modern libraries and plugins such as jQuery, Slick Slider, and Borlabs Cookie for cookie management. It is hosted behind Cloudflare, providing CDN and security services. However, the absence of a valid SSL certificate and HTTPS support is a significant security shortfall, impacting user trust and data protection. The site implements GDPR-compliant privacy and cookie policies with explicit consent mechanisms. From a security perspective, while the site benefits from Cloudflare's protection and uses reCAPTCHA on forms, the lack of HTTPS and modern TLS protocols, as well as missing security headers like HSTS, reduce its security posture. No explicit security policy or incident response information is found, which could be improved to enhance transparency and readiness. Overall, the website is professional, content-rich, and business-credible but requires urgent security improvements to protect user data and maintain trust. Strategic recommendations include implementing a valid SSL certificate, enabling HTTPS, and enhancing security headers and protocols.

N

NOA

noa-vu.nl

35

NOA is a Dutch company specializing in scientifically validated online assessments and psychological tests, primarily serving educational institutions, HR professionals, and reintegration sectors. With over 25 years of experience and origins linked to the Vrije Universiteit, NOA holds a strong market position supported by ISO 9001 and ISO 27001 certifications. The website reflects a professional and consistent brand with comprehensive content and clear navigation, targeting Dutch-speaking audiences. Technically, the site uses Microsoft IIS with ASP.NET and Umbraco CMS, integrating modern tools like Google Tag Manager and Elmah.io for error logging. However, the absence of HTTPS is a critical security gap, exposing users to potential risks. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Contact information is complete and accessible, enhancing business credibility.

S&P Global is a leading enterprise in the financial data and analytics sector, providing essential intelligence through a combination of data, connected technologies, and expert insights. The website reflects a mature, well-structured digital presence with comprehensive content targeting financial professionals and enterprises. Technically, the site leverages Adobe Experience Manager CMS, integrates modern analytics and error tracking tools, and maintains good SEO and accessibility standards. However, a critical security gap exists due to the absence of a valid SSL certificate, which significantly impacts the security posture and overall trustworthiness. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. The domain registration aligns with the company's long-standing history and public presence, reinforcing legitimacy. Strategic improvements in SSL configuration and enhanced security practices are recommended to elevate the site's security and trust levels.

NCM - net communication management GmbH is a specialized digital marketing agency based in Salzburg, Austria, focusing on the tourism and hospitality sector. The company offers a comprehensive suite of services including SEO, SEA, social media marketing, web design, and proprietary tourism tools to enhance online presence and lead generation for hotels. The website is professionally designed, content-rich, and well-structured, targeting German-speaking tourism businesses. Technically, the site uses modern frameworks and CMS (Contao) but critically lacks a valid SSL/TLS certificate, exposing it to security risks and undermining user trust. Security headers are properly configured, but the absence of HTTPS significantly lowers the security posture. Privacy compliance is strong with clear GDPR-aligned policies and cookie consent mechanisms. Contact information is transparent and accessible, supporting business credibility. Overall, the site demonstrates strong business maturity and digital presence but requires urgent security improvements to protect users and maintain trust.

C

CCL Industries

cclind.com

39

CCL Industries is a global leader in specialty packaging and the largest label company worldwide, with headquarters in Canada and the USA. The company operates across multiple sectors including home & personal care, premium food & beverage, healthcare, automotive, and security, supported by subsidiaries such as Avery, Checkpoint, Innovia, CCL Design, and CCL Secure. Their website reflects a mature enterprise with comprehensive investor relations, sustainability initiatives, and corporate governance information. Technically, the site is built on WordPress with common plugins and libraries, hosted behind Cloudflare, but suffers from a lack of a valid SSL certificate, impacting security posture. The absence of HTTPS and security headers, along with no visible cookie consent mechanism, represents significant security and privacy compliance gaps. Overall, the site is professional and content-rich but requires urgent improvements in security configuration and privacy compliance to align with best practices.

S

Semantic Web Company

semantic-web.com

39

Semantic Web Company is a technology provider specializing in semantic AI solutions, including text mining, recommender systems, and data fabric platforms. Headquartered in Austria with subsidiaries in the US and UK, the company offers the PoolParty Semantic Suite as its flagship product. The website is professionally designed using WordPress with modern plugins and SEO optimizations, targeting businesses seeking advanced AI-driven knowledge management solutions. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Security headers are partially implemented, but TLS protocols are not enabled, exposing the site to potential risks. Privacy and cookie policies are present and GDPR compliant, with a functional consent mechanism. Contact is primarily via a web form, with no direct emails or phone numbers publicly listed. The domain registration data aligns well with the business claims, indicating legitimacy. Overall, the site demonstrates good business credibility and technical maturity but requires urgent security improvements.

H

Herz Jesu Krankenhaus GmbH

kh-herzjesu.at

36

Herz Jesu Krankenhaus GmbH is a medium-sized, non-profit orthopaedic specialist hospital located in Vienna, Austria, operating under the parent company Vinzenz Kliniken Wien. The hospital offers specialized healthcare services in orthopaedics, rheumatology, osteology, remobilisation, and operates the largest pulmonological sleep laboratory in Vienna. The website targets patients, visitors, medical professionals, and job seekers, providing comprehensive information about services, events, and career opportunities. The hospital emphasizes professional, personal, and compassionate care with external quality certifications such as the 'Audit Beruf und Familie'. Technically, the website is built on TYPO3 CMS with Bootstrap and jQuery frameworks, delivering a responsive and well-structured user experience. However, the site suffers from slow loading times and lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security deficiency. The cookie consent mechanism and privacy policy are well implemented, reflecting good privacy compliance. Social media integration and external partnerships are clearly presented, enhancing the hospital's digital presence. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the security posture, exposing users to potential risks. No advanced security headers or incident response information are found, indicating room for improvement in security maturity. The WHOIS data confirms the domain's legitimacy and consistency with the hospital's business claims. Overall, the website is professional and content-rich but requires urgent security enhancements, particularly SSL/TLS implementation, to protect user data and improve trust. Performance optimization and additional security best practices are recommended to elevate the site's technical and security standards.

E

EUCUSA Consulting GmbH

eucusa.com

22

EUCUSA Consulting GmbH is a specialized provider of strategic feedback systems and consulting services focused on enhancing employee engagement, customer satisfaction, and leadership development. The company operates primarily in Austria and offers a suite of products including employee surveys, customer surveys, 360° feedback, and tools like the Future Readiness Check® and Trust Check. Their business model integrates consulting expertise with proprietary software solutions to deliver tailored feedback and actionable insights for organizations. Technically, the website is built on WordPress 6.8.1 with a modern tech stack including jQuery, FontAwesome, and GDPR compliance plugins. The site is mobile-optimized and SEO-friendly, with structured data enhancing search visibility. Hosting is managed via Cloudpit DNS services. However, the website lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. From a security perspective, while the site uses GDPR cookie consent mechanisms and has no known vulnerabilities in libraries, the absence of HTTPS and modern TLS protocols severely undermines its security posture. No explicit security policies or incident response contacts are provided, and no vulnerability disclosure or security.txt files are found. This gap poses risks to user data confidentiality and trust. Overall, the website presents a professional and credible business front with good content quality and privacy compliance. The critical recommendation is to urgently implement a valid SSL certificate and enable HTTPS to protect user data and improve trustworthiness. Additional security enhancements and transparency around security policies would further strengthen the company's risk management and compliance stance.

W

Wittur Group

wittur.com

40

Wittur Group operates as a leading global supplier of elevator components, offering a broad portfolio including doors, cars, drives, safety devices, and modernization solutions. The company targets elevator manufacturers, suppliers, and service providers, positioning itself as a trusted B2B partner in the transportation sector. Their website reflects a mature digital presence with comprehensive product information, customer service tools, and compliance documentation. Technically, the site uses a modern tech stack including jQuery, Bootstrap, and analytics platforms like Google Analytics and Matomo. However, the absence of a valid SSL certificate and lack of security headers represent significant security weaknesses that could impact user trust and data protection. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the website is professional and content-rich but requires urgent security improvements to meet industry best practices.

A

abss interactive GmbH

abss.at

40

abss interactive GmbH is a well-established Austrian digital agency specializing in custom web development, digital transformation consulting, and tailored software solutions. With nearly 25 years of experience, the company serves a diverse client base ranging from small businesses to large international corporations. Their key services include digitalization, website and e-commerce development, search portals, custom tools, and consulting expertise, with a strong emphasis on accessibility and blockchain technology integration. Technically, the website employs a modern technology stack including Apache server, jQuery, Bootstrap grid, and various JavaScript libraries for enhanced user experience. However, the hosting environment lacks a valid SSL/TLS certificate and does not support modern TLS protocols, which is a significant security concern. The site is mobile-optimized and demonstrates good SEO and accessibility practices, but performance metrics are unavailable. From a security perspective, while several security headers are implemented, the absence of HTTPS and proper SSL configuration severely undermines the site's security posture. No incident response or vulnerability disclosure policies are evident. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Business credibility is strong, supported by certifications, client references, and transparent contact information. Overall, the site is professionally designed and content-rich, but critical security improvements are necessary to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, implementing cookie consent, and establishing formal security policies.

P

Porsche Inter Auto

porschewiennord.at

38

Porsche Inter Auto is a prominent automotive dealership network in Austria, representing multiple Volkswagen Group brands including VW, Audi, Porsche, ŠKODA, SEAT, and CUPRA. The company offers a comprehensive range of services including new and used car sales, vehicle servicing, financing, and accessories. Their market position is strong within the Austrian automotive retail sector, supported by a large network of dealer locations and a high volume of customer reviews indicating strong customer satisfaction. Technically, the website is built on the Plone CMS platform using Python and Zope, with Cloudflare providing hosting and CDN services. The site integrates modern web technologies such as Google Tag Manager, OneTrust for cookie consent, Leaflet and Google Maps for location services, and Swiper for interactive content. The site is well-structured, mobile-optimized, and includes rich content and structured data for SEO. From a security perspective, the site currently lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. Other security headers like HSTS are missing, and no advanced SSL/TLS features are enabled. However, the site does implement some security headers such as X-Frame-Options and uses Cloudflare for some level of protection. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professionally designed and content-rich but requires urgent security improvements to enable HTTPS and strengthen SSL/TLS configurations. Addressing these issues will significantly enhance user trust and compliance with modern security standards.

W

WestRock

westrock.com

39

WestRock is a global leader in sustainable packaging manufacturing, operating across multiple countries with extensive packaging converting operations and paper mills. The company targets businesses requiring innovative and sustainable packaging solutions across diverse markets such as beverage, healthcare, foodservice, and retail. Their business model focuses on manufacturing and supplying a broad range of packaging products and services, supported by a strong digital presence and comprehensive content. Technically, the website leverages modern web technologies including Sitecore CMS, Coveo search, and Brightcove video players, indicating a mature digital infrastructure. However, the absence of a valid SSL/TLS certificate and HTTPS severely undermines the security posture, exposing users to risks and reducing trust. Privacy policies and cookie consent mechanisms are well implemented, reflecting good compliance practices. Overall, the site is professionally designed with clear navigation and strong branding, but critical security improvements are necessary to protect user data and enhance trust.

I

Invenium Data Insights GmbH

invenium.io

26

Invenium Data Insights GmbH is a specialized data analytics company based in Austria focusing on anonymized mobile phone signaling data to provide insights into human mobility patterns. Their services support city planners, transportation authorities, tourism, retail, and event organizers by leveraging AI and big data technologies to optimize mobility and infrastructure planning. The website is professionally designed, content-rich, and GDPR compliant, targeting public and private sector clients who require data-driven decision-making tools. Technically, the site runs on WordPress with modern JavaScript libraries and is hosted on Hetzner servers. However, the lack of a valid SSL certificate and HTTPS significantly weakens the security posture. Privacy compliance is strong with cookie consent mechanisms and a comprehensive privacy policy. Business credibility is supported by testimonials and partner logos. Overall, the site is functional and trustworthy but requires urgent security improvements.

C

CPB SOFTWARE AG

cpb-software.com

40

CPB SOFTWARE AG is a well-established full-service IT provider specializing in comprehensive software solutions and IT services, primarily targeting banking, finance, education, government, and industrial sectors. With over 25 years of experience and a customer base exceeding 550 active clients across Austria, Germany, and other countries, CPB positions itself as a trusted partner for digital transformation, core banking, compliance, and cloud services. The website reflects a mature business with clear market positioning and a broad portfolio of products and services. Technically, the site is built on WordPress with modern plugins and tools, though performance is moderate and SSL configuration is currently inadequate, posing security risks. Security headers are present but the lack of a valid SSL certificate and HTTPS enforcement significantly lowers the security posture. Privacy compliance is mostly addressed with a comprehensive privacy policy, but cookie consent mechanisms are missing. Overall, CPB demonstrates strong business credibility and professional online presence but should urgently address SSL and security improvements to enhance trust and compliance.

C

CREATE

create.at

25

CREATE is a medium-sized Austrian eLearning company specializing in interactive and immersive digital learning solutions for businesses, academies, and trainers. The company offers a comprehensive range of services including consulting, content creation, learning management systems, and XR learning experiences. Positioned as a multiple award-winning full-service eLearning agency, CREATE targets organizations seeking innovative and tailored digital education solutions. The website reflects a professional and consistent brand image with excellent content quality and user experience.

M

Mayway

mayway.at

34

Mayway.at is currently a placeholder website indicating an upcoming launch, featuring a simple landing page with a newsletter subscription form. The business behind the site is not explicitly described, and no detailed company information or contact details are provided. The site targets general internet users interested in updates about the launch. Technically, the site uses basic web technologies including Google Fonts and FontAwesome, hosted on World4You servers, but lacks modern CMS or frameworks. Performance is slow with a large page size and long load times. Security posture is weak due to absence of HTTPS, no security headers, and no advanced protections. Privacy compliance is minimal with no policies or cookie consent mechanisms. Overall, the site is low trust and low maturity, suitable only as a temporary placeholder.

R

retailsolutions AG

retailsolutions.ch

27

retailsolutions AG is a leading SAP Retail consulting firm in Europe, specializing in digital transformation, forecasting, omnichannel customer centricity, and analytics solutions. With over 350 employees and multiple international offices, the company supports retail clients worldwide in implementing SAP projects with a focus on sustainable and future-proof IT solutions. The website reflects a professional and content-rich digital presence, leveraging TYPO3 CMS and modern web technologies to deliver a good user experience and clear navigation. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS support, which severely impacts the security posture and user trust. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the business credibility and content quality are high, but urgent improvements in security infrastructure are necessary to protect users and enhance trust.

M

Mondial GmbH & Co. KG

mondial-congress.com

37

Mondial GmbH & Co. KG is a medium-sized Austrian company specializing in congress and event management services, including green meetings, virtual events, and travel management. The company holds several industry certifications and maintains a multilingual, content-rich website targeting organizations seeking professional event solutions. Technically, the website is built on WordPress with modern libraries but lacks a valid SSL certificate, resulting in a critical security gap. The absence of HTTPS and security headers exposes users to risks and reduces trust. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to meet modern standards.

Sensus, a brand under Xylem Inc., specializes in smart solutions for water, energy, and communication infrastructure, targeting utilities and municipalities. The website presents a mature, well-branded digital presence with comprehensive product and service information, supporting a B2B business model focused on smart utility networks and managed services. Technically, the site uses modern web technologies including EPiServer CMS and Cloudflare for hosting, but suffers from critical SSL/TLS misconfigurations, lacking a valid HTTPS certificate which severely impacts security posture. Security headers are well implemented, but the absence of HTTPS and modern TLS protocols is a major vulnerability. Privacy compliance is partially met with a clear privacy policy and terms of service, but no cookie consent mechanism is observed despite cookie usage. Overall, the site is professional and trustworthy from a business perspective but requires urgent security improvements to protect user data and maintain trust.

W

Winterhalter Gastronom GmbH

winterhalter.biz

40

Winterhalter Gastronom GmbH is a well-established family-owned company specializing in professional warewashing technology, including commercial dishwashers, water treatment, chemicals, and accessories tailored for the hospitality industry. With a 75-year history, the company holds a strong market position as a quality and reliability leader serving diverse sectors such as restaurants, hotels, mass catering, and retail. The website is professionally designed, content-rich, and targets a global audience with multiple language versions and regional adaptations. Technically, the site is built on TYPO3 CMS and hosted behind Cloudflare, leveraging modern web technologies and cookie consent management via Usercentrics. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility and digital maturity are strong, but urgent remediation of SSL/TLS issues is recommended to enhance security and trust.

N

Ninefeb

ninefeb.com

37

Ninefeb is a European service provider specializing in technical documentation, eLearning, consulting, and personnel services. The company operates primarily in Austria with a subsidiary in the UK, targeting businesses requiring comprehensive technical communication support. The website presents a professional image with clear service offerings and client testimonials, positioning Ninefeb as a trusted partner in its niche. Technically, the site is built on WordPress using the Avada theme and Yoast SEO plugin, indicating a modern CMS approach but lacks HTTPS support, which is a significant security concern. The absence of a valid SSL certificate exposes users to potential data interception risks and undermines trust. Privacy compliance is well addressed with a clear cookie consent mechanism and a comprehensive privacy policy. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

J

Job-TransFair gemeinnützige GmbH

jobtransfair.at

27

Job-TransFair gemeinnützige GmbH is a Vienna-based non-profit organization dedicated to supporting disadvantaged individuals in the labor market by facilitating permanent employment opportunities. The organization collaborates with a large network of partner companies and receives financial support from the AMS Wien and the City of Vienna. Their website provides comprehensive information about their services, success stories, and job offers, targeting both job seekers and employers. The content is well-structured, professionally presented, and primarily in German. Technically, the site is built on the Contao CMS platform with modern frontend technologies like Bootstrap and jQuery, but suffers from a critical lack of HTTPS support due to an invalid or missing SSL certificate, which significantly impacts its security posture. Privacy compliance is strong, with Cookiebot implemented for consent management and clear privacy and cookie policies. The site also integrates Google Tag Manager for analytics and marketing purposes. Overall, the business is credible and transparent, with clear contact information and trust indicators such as certifications and partnerships.

S

SCIA

scia.net

40

SCIA is a well-established company specializing in structural engineering software solutions, holding a leading market position in Europe. The company offers a range of products including SCIA Engineer and BIM solutions, supported by local expert teams and a comprehensive webshop. The website reflects a mature digital presence with professional design, clear navigation, and rich content targeting structural engineers and construction professionals. Technically, the site uses Drupal 9 CMS, Bootstrap framework, and is hosted behind Cloudflare, leveraging modern marketing and analytics tools such as Google Tag Manager and Marketo. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. Privacy compliance is partially met with a clear privacy policy but lacks a cookie consent mechanism despite active tracking. Business credibility is strong with visible certifications, testimonials, and clear contact information. Overall, SCIA demonstrates a solid business and technical foundation but must urgently address security and privacy shortcomings to enhance trust and compliance.

P

Patheon pharma services - Global CDMO

patheon.com

39

Patheon pharma services, a brand under Thermo Fisher Scientific, operates as a global contract development and manufacturing organization (CDMO) serving the pharmaceutical, biotech, and life sciences industries. The website presents a comprehensive portfolio of services including small and large molecule development, advanced therapies, clinical trial services, and commercial manufacturing. Positioned as a trusted partner with a global footprint, Patheon emphasizes integrated solutions and innovative drug development approaches to accelerate treatments to market. The business model focuses on end-to-end drug development and manufacturing partnerships, targeting pharmaceutical and biotech companies worldwide. The domain is mature and strongly protected, reflecting a stable and legitimate enterprise presence. Technically, the website is built on Adobe Experience Manager (AEM) and leverages modern JavaScript libraries such as jQuery, FontAwesome, and Slick Carousel, alongside marketing and analytics tools like Adobe Target and Genesys Messenger. Hosting and content delivery are managed via Akamai CDN, ensuring global reach and performance. The site is mobile optimized with good SEO practices and structured data for enhanced search visibility. However, performance metrics are not explicitly available. From a security perspective, the site lacks a valid SSL/TLS certificate and does not serve content over HTTPS, which is a critical vulnerability impacting user trust and data security. While some security headers are present, the misconfiguration of HSTS and absence of modern TLS protocols and cipher suites significantly weaken the security posture. Privacy compliance is well addressed through comprehensive privacy and cookie policies linked to the parent company’s domain, with GDPR compliance implied. Contact information is primarily via web forms, with no direct emails or phone numbers prominently displayed. Overall, the website demonstrates strong business credibility and professional digital presence but requires urgent remediation of its SSL/TLS and HTTPS implementation to meet modern security standards and protect user data. Strategic improvements in security configuration and explicit contact channels would enhance trust and compliance.

H

H.B. Fuller

hbfuller.com

40

H.B. Fuller is a well-established global manufacturer specializing in adhesives, sealants, and specialty chemical products with a 130-year history. The company serves diverse industrial sectors including electronics, medical, transportation, packaging, and construction. Their business model focuses on B2B manufacturing with strong technical support and sustainability initiatives. The website reflects a mature digital presence with comprehensive content, multi-language support, and clear navigation tailored to industrial customers and partners. Technically, the website leverages modern frameworks such as Bootstrap 5 and integrates advanced search capabilities via Coveo. It uses Cloudflare for hosting and CDN services, and employs multiple analytics and tracking tools including Google Analytics, Microsoft Clarity, Hotjar, and Application Insights. The site is mobile-optimized and SEO-friendly, though performance metrics were not available. From a security perspective, the site implements a robust Content Security Policy and uses multiple security headers. However, a critical weakness is the absence of a valid SSL certificate and lack of TLS protocol support, which severely impacts the security posture and user trust. Privacy compliance is strong, with comprehensive policies and consent management via Iubenda. Contact information and social media presence further enhance business credibility. Overall, the site is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure communications and improve its security score. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, and implementing HSTS and OCSP stapling to enhance security and user confidence.

D

dmcgroup

dmcgroup.eu

24

dmcgroup is a design and digital agency specializing in strategic consulting, branding, UX/UI design, and web and software development. Positioned as a top-ten brand agency in Austria with notable industry rankings, it serves a diverse clientele including national and international companies. The website reflects a professional and consistent brand image with comprehensive service offerings and strong trust indicators such as reputable client logos and industry recognition. Technically, the site is built on WordPress with modern frontend libraries and caching mechanisms, but lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented, and privacy policies are present and GDPR compliant, though cookie consent mechanisms are not evident. Overall, the security posture is basic and requires urgent improvements to protect user data and enhance trust. The website is accessible and well-structured, with good mobile optimization and SEO practices, but performance metrics are missing and inferred to be slow. Strategic recommendations include immediate SSL deployment, enabling modern TLS protocols, enhancing security headers, and implementing cookie consent mechanisms to improve compliance and user trust.

A

A&N GesbR

shelfie.at

40

The website shelfie.at is currently a coming soon placeholder page for the company A&N GesbR, represented by Philipp Asanger and Manuel Nobis, located in Linz, Austria. The site provides minimal business information, primarily a logo and contact address, with no detailed description of services or products. The business appears to be small and in early stages of web presence development. Technically, the site is built on WordPress using the SeedProd coming soon plugin, with Tailwind CSS and FontAwesome for styling, and jQuery for scripting. It is hosted behind Cloudflare with valid SSL, but the SSL certificate dates appear inconsistent, possibly due to data error. The site performance is slow with a high load time, and lacks modern security headers and HSTS enforcement. Mobile optimization and accessibility are basic. From a security perspective, HTTPS is enabled with a valid certificate, but no additional security headers or policies are implemented. There are no forms or data collection points, reducing attack surface but also limiting user engagement. No privacy, cookie, or terms of service policies are present, indicating low privacy compliance. DNSSEC and CAA are not enabled, and no vulnerability disclosure or incident response information is provided. Overall, the site is low risk but also low maturity in security and privacy posture. Strategic recommendations include implementing security headers and HSTS, adding privacy and cookie policies to comply with GDPR, improving site performance, and expanding business content to enhance credibility and user trust.