Security Directory

H

HOLZWURM Werkzeuge

holzwurm-werkzeuge.de

40

HOLZWURM Werkzeuge is a small Austrian e-commerce business specializing in selling creative tools for hobbyists and crafters, primarily via online marketplaces such as Amazon and Etsy, as well as their own WooCommerce-based shop. Founded in 2017, the company emphasizes quality and customer satisfaction, targeting a broad audience of creative individuals. The website is built on WordPress with WooCommerce and uses modern web technologies and marketing tools including Cookiebot for consent management and Facebook Pixel for tracking. However, the site lacks a valid SSL certificate, exposing visitors to security risks and undermining trust. Privacy policies and terms of service are present and GDPR compliance is partially addressed through cookie consent mechanisms. Contact information is complete and transparent, supporting business credibility.

C

CATRO Personalberatung und Media GmbH

catro.com

22

CATRO Personalberatung und Media GmbH is an Austrian company specializing in personnel consulting and media services, offering a range of services including personnel search, applicant management, suitability diagnostics, and online learning platforms. The company targets businesses seeking professional support in human resources and media-related services. The website is built on WordPress with a modern tech stack including Apache server, LiteSpeed cache, and various JavaScript libraries. While the site is well-designed, mobile-optimized, and SEO-friendly, it lacks a valid SSL certificate, which is a critical security vulnerability. The company demonstrates good privacy compliance with a comprehensive privacy policy and cookie consent mechanism. However, there is no explicit security policy or incident response information available on the site. Overall, the website is professional and trustworthy but requires urgent improvements in its security posture to protect user data and enhance trust.

Stellantis NV operates a comprehensive global website representing one of the world's largest automotive groups with a portfolio of 14 iconic brands and mobility services. The site targets industry stakeholders, investors, customers, and the general public, providing rich content including press releases, investor relations, sustainability initiatives, and innovation highlights. The technical infrastructure leverages Adobe Experience Manager CMS, modern JavaScript libraries like jQuery, and performance monitoring tools such as Boomerang, hosted on Microsoft Azure with Akamai CDN integration. While the website demonstrates excellent design quality, mobile optimization, and SEO practices, it critically lacks a valid SSL certificate and HTTPS support, severely impacting its security posture. Security headers are partially implemented but insufficient without TLS encryption. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is strong with consistent branding and comprehensive content. Overall, the site scores moderately due to the critical absence of HTTPS, which should be prioritized to protect user data and maintain trust.

F

Fenster. Türen. KATZBECK.

katzbeck.at

35

KATZBECK FensterGmbH Austria is a well-established manufacturer specializing in high-quality, custom windows and doors produced exclusively in Austria since 1950. The company emphasizes sustainability, regional production, and premium craftsmanship, targeting both end consumers and professional partners within Austria. Their website reflects a mature digital presence built on WordPress with the Divi theme, incorporating modern web technologies and user-friendly design. However, a critical security gap exists due to the absence of an SSL/TLS certificate, exposing users to potential risks. The site implements GDPR-compliant privacy and cookie policies, with clear contact channels and a professional content structure. To enhance trust and security, immediate implementation of HTTPS and additional security headers is recommended.

V

Virtual Identity AG

virtual-identity.com

35

Virtual Identity AG is a well-established digital agency founded in 1999, specializing in AI integration, UX design, software engineering, and digital marketing services. The company targets businesses aiming for digital transformation and human-centered business growth. Their market position is strong, supported by a reputable client portfolio and consistent branding. Technically, the website is built on WordPress, hosted on AWS CloudFront, and uses modern JavaScript libraries and SEO tools, though performance is moderate. Security posture is currently weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which poses risks to data confidentiality and user trust. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional and trustworthy but requires urgent security improvements to meet modern standards.

R

rmDATA GmbH

rmdatagroup.com

27

rmDATA GmbH is a well-established technology company specializing in intelligent software and customized services for geomatics, surveying, information systems, data management, and reality capturing. With a history spanning over 40 years, rmDATA serves clients primarily in Austria, Germany, and Switzerland, offering comprehensive solutions for infrastructure and land management. The company operates a professional website powered by TYPO3 CMS, featuring rich content, clear navigation, and strong branding consistency. Their digital presence includes active social media channels and detailed business information, supporting a medium-sized enterprise profile. Technically, the website employs modern web technologies such as jQuery, Slick Carousel, and FontAwesome, integrated with marketing and analytics tools including Microsoft Dynamics 365 and Google Analytics Tag Manager. Despite these strengths, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts its security posture. Security headers are well configured, but the absence of encryption and TLS protocols is a critical vulnerability. From a security and compliance perspective, rmDATA demonstrates good privacy practices with comprehensive privacy and cookie policies, including a consent mechanism aligned with GDPR requirements. However, there is no visible security policy, incident response information, or vulnerability disclosure page. The WHOIS data confirms domain legitimacy and consistency with the company's business claims, enhancing trustworthiness. Overall, rmDATA's website is professional and content-rich but requires urgent security improvements, particularly implementing HTTPS to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, and enhancing security transparency to align with best practices and regulatory expectations.

G

GeoVille Information Systems and Data Processing GmbH

geoville.com

26

GeoVille Information Systems and Data Processing GmbH is a medium-sized Austrian technology company specializing in satellite-based Earth Observation services. With over 25 years of experience and a global footprint spanning 140 countries and 510 implementations, GeoVille offers a range of services including satellite imagery, data access, land monitoring analytics, platform interfaces, and advisory capacity building. Their target audience includes government agencies, environmental organizations, and sectors such as energy, security, and urban planning. The website is built on TYPO3 CMS with modern frontend technologies and demonstrates good design and navigation, though performance data is limited. From a technical perspective, the website uses Apache server technology and integrates libraries such as Bootstrap, jQuery, FontAwesome, and Google Tag Manager. However, the site lacks HTTPS encryption, which is a critical security deficiency. Security headers are minimal, and no advanced security mechanisms like HSTS or OCSP stapling are enabled. Privacy compliance is basic, with a privacy policy page present but no cookie consent mechanism detected. Contact information is limited to a contact form, with no direct emails or phone numbers published. The security posture is weak due to the absence of SSL/TLS, exposing users to potential interception risks. No incident response or vulnerability disclosure policies are published, which could impact trust. The domain registration data is consistent with the company's claims, showing a long-established presence since 1998. Social media presence is strong, supporting business credibility. Overall, the website is professionally designed and content-rich but requires urgent security improvements, especially enabling HTTPS and enhancing privacy compliance. Strategic recommendations include installing a valid SSL certificate, implementing cookie consent mechanisms, publishing security policies, and improving contact transparency to enhance trust and compliance.

Schachermayer GmbH is a well-established Austrian wholesale company specializing in technical products and design solutions, serving primarily B2B customers in trade, industry, and commerce. With a history dating back to 1838, the company offers a broad product range exceeding 100,000 items, supported by professional consulting and logistics services. Their digital presence includes a comprehensive web catalog and partner portal, facilitating efficient ordering and customer engagement. Technically, the website is built on TYPO3 CMS, employs Matomo for analytics, and integrates a cookie consent mechanism via Klaro, reflecting a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent management. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent security improvements to safeguard data and user trust.

QCM Holding is a Swiss-based aviation competence center specializing in regulatory and Part-147 training, design approvals, aircraft technical management, and consulting services. With over 25 years of industry presence and recent ownership transition, QCM maintains a strong market position serving aviation professionals and organizations. The website reflects a professional and comprehensive service offering with clear navigation and relevant content. Technically, the site is built on WordPress with WooCommerce and uses modern plugins and analytics tools, but lacks a valid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the business demonstrates credibility and trustworthiness, though the security weaknesses present a risk that should be addressed promptly.

P

Party and Be Married

partyandbemarried.com

37

Party and Be Married is a small, specialized event planning and coordination company focused on weddings, lifestyle, and business events primarily serving California and beyond. The company emphasizes a personalized, artistic approach to creating unique client experiences. The website is hosted on Squarespace and uses standard web technologies including JavaScript, FontAwesome, and Google Fonts. While the site design is professional and content is relevant, the technical infrastructure shows weaknesses such as lack of a valid SSL certificate and disabled HTTPS, which severely impacts security posture. No privacy or cookie policies are present, indicating poor privacy compliance. Contact information is limited to an email and contact form, with no phone or physical address listed. Social media presence is active, supporting marketing efforts. Overall, the website is functional but requires significant improvements in security and compliance to meet modern standards.

École polytechnique is a prestigious French engineering school offering a wide range of educational programs including Bachelor, Master, Doctorate, and Executive Education. It is a founding member of the Institut polytechnique de Paris and focuses on research, innovation, and entrepreneurship. The website targets students, researchers, entrepreneurs, alumni, and corporate partners, providing comprehensive information about academic programs, research labs, innovation centers, and community engagement. Technically, the site is built on Drupal CMS with modern frontend technologies but suffers from slow performance and lacks a valid SSL certificate, which is a critical security concern. Privacy and cookie policies are well implemented with GDPR compliance and consent mechanisms. Social media presence is strong with official accounts on Facebook, YouTube, LinkedIn, and Instagram. Overall, the site is professional and trustworthy but requires urgent security improvements to enable HTTPS and modern TLS protocols.

S

Storyclash GmbH

storyclash.com

40

Storyclash GmbH operates a sophisticated AI-powered influencer marketing platform targeting marketers, brands, and agencies. The platform offers comprehensive services including influencer discovery, market insights, campaign management, and performance tracking across major social media platforms like Instagram, TikTok, and YouTube. The company is positioned as a leading solution in the influencer marketing space with strong brand partnerships and positive customer testimonials. Technically, the website employs modern frameworks such as Bootstrap and integrates multiple analytics and marketing tools including Amplitude, Google Tag Manager, HubSpot, and Intercom, reflecting a mature digital infrastructure. However, the absence of a valid SSL certificate and lack of essential security headers represent significant security vulnerabilities that could impact user trust and data protection. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism and business credibility but requires urgent security improvements to enhance its security posture and user trust.

DIMA Software Technology Center GmbH is a medium-sized Austrian IT company specializing in full-stack software development, consulting, quality assurance, and support services for international markets. Established in 2012, the company employs over 50 professionals at its Raaba (Graz) location. Their business model focuses on delivering tailored IT solutions and collaborating closely with clients to achieve business goals. The website reflects a professional and consistent brand image targeting international business partners seeking reliable IT services. Technically, the website is built on WordPress using the Avada theme and several plugins such as Slider Revolution and BambooHR for job listings. Despite a rich content structure and good mobile optimization, the site suffers from slow performance due to a large page size and many resources. Accessibility and SEO optimizations are basic but functional. From a security perspective, the website has critical shortcomings. It lacks a valid SSL certificate and does not support HTTPS, exposing visitors to potential risks. No security headers or advanced configurations like HSTS or OCSP stapling are implemented. Privacy compliance is weak, with no privacy policy or terms of service found, though a cookie consent banner is present. Contact information is clearly provided, enhancing business credibility. Overall, the site presents a moderate risk profile due to missing HTTPS and compliance gaps. Strategic improvements in security and privacy policies are essential to enhance trust and protect users. Performance optimization and SEO enhancements would also benefit the user experience and visibility.

S

Sun Chemical

sunchemical.com

40

Sun Chemical is a globally recognized enterprise manufacturing inks, pigments, and advanced materials serving diverse industrial sectors including packaging, graphics, automotive, electronics, and healthcare. As a member of the DIC Group with over 22,000 employees and a legacy spanning over 200 years, the company holds a strong market position supported by extensive patents and sustainability initiatives. The website reflects a mature digital presence with comprehensive content, professional design, and good SEO practices. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the security posture, exposing users to risks and reducing trust. Security headers are partially implemented but insufficient without proper TLS. Privacy and cookie policies are present and indicate GDPR compliance, though no explicit security or incident response policies are found. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect data and user trust.

G

Greater Europe Mission

gemission.org

40

Greater Europe Mission is a well-established Christian missions non-profit organization focused on disciple-making and evangelism throughout Europe. The organization has a mature online presence with a professionally designed WordPress website that clearly communicates its mission, values, and ministry areas. The website targets Christian communities, churches, missionaries, and donors interested in European missions. It offers resources, contact options, and donation capabilities to support its mission. Technically, the site uses modern web technologies including WordPress, Beaver Builder, and integrates Google Analytics and Tag Manager for tracking. However, the site lacks a valid SSL certificate and HTTPS support, which is a significant security concern. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Overall, the site is credible and trustworthy but requires urgent security improvements to protect user data and enhance trust.

H

HEROLD Business Data GmbH

ichbinderherold.at

35

HEROLD Business Data GmbH operates a professional career portal focused on online media and marketing services for Austrian businesses. The company is well positioned as a leading website producer and Google Premium Partner with a strong employer brand. The website content is rich, professionally designed, and targets job seekers and SMEs in Austria. Technically, the site uses Mono CMS and integrates modern tracking and consent management tools but lacks HTTPS, which is a critical security gap. The security posture is weak due to the absence of SSL/TLS encryption and missing security headers. Privacy compliance is good with a clear privacy policy and cookie consent mechanism. Overall, the site is trustworthy but requires urgent security improvements to protect user data and enhance trust.

S

Statistik Austria

statistik.at

40

Statistik Austria is the official national statistical agency of Austria, providing independent and comprehensive statistical data to support fact-based decision making. The organization serves a broad audience including government entities, researchers, businesses, and the general public. Their services include data provision, publications, surveys, and various analytical tools. The website is professionally designed, content-rich, and well-structured, reflecting a mature digital presence. Technically, the site is built on TYPO3 CMS with privacy-conscious analytics via Matomo, and includes modern web technologies such as FontAwesome and jQuery. However, a critical security weakness is the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which severely impacts the site's security posture. Despite this, the site implements multiple security headers and cookie consent mechanisms, demonstrating good privacy compliance. Overall, the site is trustworthy and authoritative but urgently requires SSL implementation to protect user data and communications.

E

EPSIMEC GmbH & Co KG

epsimec.com

28

EPSIMEC GmbH & Co KG is a small Austrian digital agency specializing in social media marketing, newsletter marketing, content management, and web development services. Established in 2012, the company has a mature online presence with a professional website built on WordPress, leveraging modern plugins such as Yoast SEO and WP Rocket for optimization. The website presents a consistent brand image, clear contact information, and client references, positioning EPSIMEC as a credible service provider in the technology sector. Technically, the site uses PHP 8.0.3 on an Apache server hosted by Host Europe, but lacks HTTPS support, which is a significant security concern. The cookie consent mechanism is well implemented, indicating good privacy compliance. However, the absence of SSL/TLS encryption and security headers lowers the overall security posture. No explicit security policies or incident response contacts are published, and no vulnerability disclosure or security.txt files are found. Overall, EPSIMEC demonstrates a solid business and technical foundation but should prioritize securing its website with HTTPS and enhancing security best practices to improve trust and compliance.

D

decide Clinical Software GmbH

decide-clinical.com

26

decide Clinical Software GmbH operates the GlucoTab platform, a specialized clinical decision support system designed to assist healthcare professionals in managing diabetes patients in hospital settings. The company holds important certifications such as ISO 13485 and MDR Class IIa, underscoring its commitment to quality and regulatory compliance. Their product integrates evidence-based insulin dosing algorithms and workflow digitalization, targeting hospitals and clinical staff. The website is professionally designed, multilingual, and content-rich, reflecting a mature digital presence. However, the lack of a valid SSL certificate and HTTPS support significantly undermines the security posture, especially critical in healthcare. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Contact information and trust indicators are clearly presented, enhancing business credibility.

W

Wombats Hostels

wombats-hostels.com

21

Wombat's Hostels is a medium-sized hospitality business operating city hostels in multiple European cities including Vienna, London, Munich, Budapest, and Leipzig. The company targets travelers seeking affordable accommodation with social and event experiences. The website is built on TYPO3 CMS and hosted on Apache servers, with a modern but basic technical infrastructure. However, the absence of a valid SSL certificate and HTTPS support significantly weakens the security posture. The site includes privacy and cookie policies with a consent mechanism, but lacks explicit contact information and advanced security policies. Matomo analytics is used with cookie-less tracking, indicating some privacy awareness. Overall, the website is functional and professionally designed but requires urgent security improvements to protect user data and enhance trust.

S

SigmaNEST

sigmanest.com

40

SigmaNEST is a well-established software provider specializing in CAD/CAM nesting and manufacturing automation solutions. The company offers a comprehensive suite of products designed to optimize fabrication processes across various machine types including laser, plasma, punch, router, waterjet, tube, and pressbrake. With over 40,000 installations worldwide and a strong market presence, SigmaNEST targets fabricators and manufacturers seeking to improve efficiency, reduce costs, and automate workflows. The website reflects a professional and consistent brand image, supported by multilingual content and customer testimonials, reinforcing its credibility in the manufacturing software sector. Technically, the website employs modern web technologies such as jQuery, Bootstrap, and Google Tag Manager, ensuring a responsive and user-friendly experience. However, the absence of a valid SSL certificate and lack of TLS protocol support represent significant security shortcomings that undermine user trust and data protection. Despite strong content security policies and secure cookie settings, the lack of HTTPS is a critical vulnerability that must be addressed promptly. From a security perspective, the site demonstrates good use of security headers and GDPR-compliant privacy and cookie policies, including explicit consent mechanisms in its contact forms. No incident response or vulnerability disclosure information is present, which could be improved to enhance transparency and trust. The domain registration data aligns well with the website content and business claims, indicating legitimacy and consistency. Overall, while the business and content quality are excellent, the critical absence of HTTPS significantly lowers the security posture and overall AI score. Strategic improvements in SSL/TLS deployment and enhanced security practices are recommended to elevate the website's trustworthiness and compliance standing.

T

TicketLens GmbH

ulmon.com

37

TicketLens GmbH operates a travel-focused media and ticket comparison platform primarily targeting travelers seeking tickets, tours, and activities worldwide. The website provides travel app reviews and curated travel content to support its audience. The business model centers on affiliate marketing and price comparison, positioning TicketLens as a niche player in the travel media sector. Technically, the site is built on WordPress with common SEO and performance plugins, hosted on WP Engine, and uses privacy-conscious analytics via Plausible. However, the absence of a valid SSL certificate and HTTPS support represents a critical security gap, exposing users to potential risks. Privacy compliance is basic, with privacy and terms pages present but lacking explicit GDPR compliance indicators or cookie consent mechanisms. Contact information is limited to email and social media, with no phone or physical address provided. Overall, the website is functional and content-rich but requires urgent security improvements to protect user data and enhance trust.

A

Autohaus Birngruber

birngruber.at

38

Autohaus Birngruber is a medium-sized automotive dealership based in Austria, representing major brands such as Volkswagen, Audi, Seat, Skoda, and Cupra. The company offers new and used car sales, vehicle servicing, financing, and insurance services, targeting car buyers and service customers in the Austrian market. The website reflects a professional and consistent brand presence with good content quality and user experience. Technically, the site is built on the Plone CMS platform using Python and Zope, with Cloudflare as CDN and security proxy. However, the security posture is weak due to an invalid or missing SSL certificate and lack of enabled TLS protocols, which significantly impacts the overall security score. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. The business credibility is supported by extensive customer reviews and social media presence. Overall, the site is functional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

L

Laakirchen Papier AG

heinzelpaper.com

26

Heinzelpaper, operated by Laakirchen Papier AG, is a well-established paper manufacturing company with a history dating back to the late 19th century. As a subsidiary of the Heinzel Group, it focuses on sustainable paper production, renewable energy integration, and wood processing. The company targets business customers in the packaging and paper sectors, emphasizing sustainability and circular economy principles. The website reflects a professional business presence with clear navigation and relevant content, though it lacks advanced SEO and accessibility features. Technically, the website uses common web technologies such as nginx, jQuery, Bootstrap, and FontAwesome. However, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. The site lacks modern TLS protocols, HSTS, and other security headers, exposing it to potential risks. Performance is rated slow, and while mobile optimization is good, accessibility and SEO are basic. From a security perspective, the lack of HTTPS is a critical vulnerability that undermines user trust and data protection. No incident response or security policy information is provided, and no vulnerability disclosure or security.txt files are found. Cookie consent and privacy policies are implemented, indicating some compliance with GDPR requirements. Overall, the website presents a moderate risk profile due to its security deficiencies, despite good business credibility and content quality. Strategic improvements in SSL deployment, security headers, and incident response transparency are recommended to enhance trust and compliance.

A

ABAX Informationstechnik GmbH

abax.at

27

ABAX Informationstechnik GmbH is a well-established Austrian IT service provider with over 25 years of experience, offering a broad portfolio of IT infrastructure, support, security, and data analytics services. The company is part of the Roxcel Group, enhancing its enterprise readiness and market credibility. The website is professionally designed, content-rich, and targets businesses of various sizes seeking comprehensive IT solutions. Technically, the site uses WordPress with Elementor and integrates modern marketing and consent tools, but suffers from a critical lack of valid SSL/TLS configuration, impacting security posture significantly. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business presents a trustworthy and professional image, though security improvements are urgently needed.

XIMES GmbH is a specialized consulting and software company focused on workforce management, including labor time models, shift planning, personnel demand calculation, and payroll solutions. The company targets businesses and social partners seeking practical and scientifically grounded solutions in these areas. Their website reflects a professional and consistent brand presence with detailed service offerings and clear contact information. Technically, the site is built on the Odoo CMS platform with modern web technologies but suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support. This significantly impacts the security posture and user trust. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the business appears legitimate and consistent with WHOIS data, but urgent improvements in SSL/TLS configuration are necessary to enhance security and trust.

Broadcom Inc. is a global leader in technology, specializing in semiconductor products, enterprise software, and security solutions. The website reflects a professional and consistent brand presence targeting enterprise customers and technology professionals. The technical infrastructure leverages modern web technologies such as React and Cloudflare CDN, with extensive use of third-party marketing and analytics tools to support business operations and user engagement. However, the website currently suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of TLS protocol support, which significantly impacts its security posture. While security headers are well configured, the lack of HTTPS undermines user trust and data protection. Privacy compliance is basic, with a cookie consent mechanism present but no visible privacy policy or terms of service. Overall, the site demonstrates good business credibility but requires urgent security improvements to align with best practices.

M

Munich Business School

munich-business-school.de

25

Munich Business School is a well-established private higher education institution in Germany specializing in international business education. It offers a range of degree programs including Bachelor, Master, MBA, and DBA with a strong emphasis on practical experience, small class sizes, and societal impact. The school holds multiple prestigious accreditations such as AACSB and FIBAA, positioning it as a leading private business school in Germany. Technically, the website is built on TYPO3 CMS and integrates modern marketing and analytics tools like Google Tag Manager and Matomo, along with a consent management platform for GDPR compliance. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS availability, which significantly impacts the site's security posture. Privacy policies and cookie consent mechanisms are well implemented, reflecting good compliance practices. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

B

Braintrust

braintrustlv.com

36

Braintrust is a minority-owned integrated marketing and creative agency with a 17-year track record, offering services including branding strategy, creative development, digital marketing, web development, social media, and public relations. The company targets businesses seeking comprehensive marketing solutions and operates offices in multiple US cities. The website reflects a professional and consistent brand image with rich multimedia content and clear navigation. Technically, the site is built on WordPress, hosted on WP Engine with Cloudflare CDN, and uses modern JavaScript libraries and SEO plugins. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user trust and data protection. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates good business credibility but requires urgent security improvements.

S

St. Gilgen International School

stgis.at

40

St. Gilgen International School is a private international educational institution located in Austria, offering the International Baccalaureate curriculum with a focus on personalized education and a nurturing environment. The school targets families seeking high-quality international education in a scenic Alpine setting. Technically, the website is built on WordPress with Elementor and various plugins, hosted on WP Engine and protected by Cloudflare. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap. Privacy and cookie policies are well implemented, and the site includes multiple contact methods and trust indicators such as accreditations and certifications. Overall, the website is professionally designed and content-rich but requires urgent security improvements to protect user data and enhance trust.

I

it-novum GmbH

it-novum.com

31

it-novum GmbH is a leading IT consulting and implementation company specializing in Business Open Source and digital transformation within the DACH region. As a subsidiary of Allgeier SE, it has nearly 20 years of experience serving medium-sized businesses, large enterprises, and the public sector. The company offers key services including Big Data Analytics & IoT, IT Service Management, and Enterprise Information Management. The website reflects a professional and consistent brand image with comprehensive content and clear navigation tailored to its target audience. Technically, the website is built on WordPress using Elementor and Astra theme, incorporating modern web technologies and plugins such as Borlabs Cookie for consent management and WP Rocket for performance optimization. While mobile optimization and SEO practices are good, the website currently suffers from an invalid SSL certificate and lacks support for modern TLS protocols, which is a critical security concern. Security posture is moderate with some security headers present and no known vulnerabilities detected, but the invalid SSL certificate significantly reduces trust and security scores. Privacy compliance is strong, with clear privacy and cookie policies and active consent mechanisms. Business credibility is high, supported by detailed contact information, social media presence, and structured data. Overall, the website is professional and trustworthy but requires urgent remediation of SSL issues to improve security and user trust. Strategic recommendations include fixing SSL, enhancing security headers, and maintaining up-to-date software to ensure robust protection and compliance.

H

HAUSER GmbH

hauser.com

28

HAUSER GmbH is a well-established European provider specializing in refrigeration furniture and cooling technology, serving international clients primarily in the food retail and industrial sectors. The company offers comprehensive solutions including innovative, energy-efficient cooling systems, project management, and lifecycle services. With approximately 75 years of experience, HAUSER holds a strong market position as a trusted B2B Komplettanbieter in Austria and Europe. The website is professionally designed, content-rich, and targets business customers seeking high-quality refrigeration solutions. Technically, the website is built on Drupal 10 and employs modern web technologies including Matomo for analytics and TRUENDO for privacy management. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a significant security and trust concern. Performance data is missing, and DNS records are incomplete, suggesting possible use of CDN or proxy services. The site is mobile-optimized and accessible with good SEO practices. From a security perspective, while several security headers are implemented, the absence of HTTPS and TLS protocols severely undermines the security posture. No explicit security policies or incident response contacts are provided, and no vulnerability disclosure mechanisms are found. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, HAUSER GmbH presents a credible and professional business online presence but must urgently address SSL/TLS implementation to improve security and trust. Strategic recommendations include securing the website with valid certificates, enabling modern TLS protocols, and enhancing security transparency to align with best practices and regulatory requirements.

B

BETTERHOMES AG

betterhomes-international.com

38

BETTERHOMES AG operates as an international technology-driven real estate franchise company, pioneering a hybrid brokerage model that combines proprietary software with local market expertise. Founded in 2005 in Zurich, it holds a strong market position as the largest independent real estate broker in Switzerland and has expanded across the DACH region with plans for further international growth. The company offers franchise opportunities supported by advanced technology and a strong partner development culture. Technically, the website is built on modern frameworks including PHP 8.2, Flow Framework, and Neos CMS, with integrations of Bootstrap, FontAwesome, and various JavaScript libraries. However, the website suffers from a critical security deficiency due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the site presents professional content and strong business credibility but requires urgent security improvements to protect user data and maintain trust.

M

Montanuniversität Leoben

mu-leoben.at

33

Montanuniversität Leoben is a well-established technical university in Austria specializing in sustainable technologies and circular engineering. The website reflects a strong academic and research focus with comprehensive educational offerings and active international partnerships. Technically, the site uses TYPO3 CMS with modern frontend libraries but lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS and incomplete security headers, though privacy compliance is well addressed with cookie consent and GDPR-aligned policies. Overall, the site is professional and trustworthy but requires urgent improvements in security infrastructure to protect user data and enhance trust.

Komatsu Forest is a mature and established manufacturer specializing in forestry machinery and related services, operating primarily out of Sweden. The company offers a broad range of forest machines including harvesters, forwarders, harvester heads, and forestry excavators, complemented by digital solutions such as Smart Forestry and a comprehensive spare parts and training service portfolio. Their market position is strong as a leading global player in forestry equipment, supported by a consistent brand presence and clear communication channels. Technically, the website is built on a Sitecore CMS platform with a technology stack including jQuery, Bootstrap, and Google Fonts. While the site is well-structured, mobile-optimized, and SEO-friendly, it lacks a valid SSL certificate, which significantly impacts its security posture. Performance metrics are incomplete, but the site shows good design and user experience qualities. From a security perspective, the absence of HTTPS and related security headers is a critical vulnerability that exposes users to risks such as data interception. The site does implement privacy and cookie policies with consent mechanisms, indicating awareness of GDPR compliance. However, there is no visible incident response or vulnerability disclosure policy, and no security certifications are presented. Overall, the website is professional and credible but requires urgent security improvements, particularly the implementation of a valid SSL certificate and enhanced security headers, to protect users and improve trustworthiness.

W

WiLLTRON Technologies GmbH

willtron.at

36

WiLLTRON Technologies GmbH is a specialized Austrian company founded in 2005, focusing on testing, measuring, monitoring, and analyzing wired and wireless IP networks and communication systems. Their offerings include a range of hardware and software solutions, seminars, and webinars targeting network professionals and communication system installers. The company maintains strategic partnerships with international manufacturers, positioning itself as a niche provider in the telecommunications technology sector. The website reflects a professional and consistent brand image with clear contact information and service descriptions. Technically, the site is built on TYPO3 CMS with common frontend frameworks and libraries, but lacks a valid SSL certificate, which is a significant security concern. The absence of HTTPS exposes users to potential data interception risks and reduces trustworthiness. Privacy and cookie policies are present with consent mechanisms, but no terms of service or explicit security policies are found. Social media presence is moderate, including Facebook, LinkedIn, and Google Plus (deprecated). Overall, the website is functional and informative but requires urgent security improvements to meet modern standards.

Lenze is a large manufacturing and technology company specializing in automation solutions for industrial machinery and systems. Their website targets industrial manufacturers and automation professionals, offering a broad portfolio of products, software, and services including training and aftersales support. The company maintains a strong global presence with localized content for Austria and other regions. Technically, the website is built on TYPO3 CMS with modern frontend technologies and good SEO and accessibility practices. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS support despite HSTS headers being present. Security headers and content security policies are well implemented, but the lack of SSL significantly reduces the security posture. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. Contact information is primarily via contact forms and social media channels, with no explicit emails or phone numbers visible. Overall, the website is professional and trustworthy but requires urgent SSL implementation to improve security and user trust.

Software Competence Center Hagenberg (SCCH) is a medium-sized research and development center based in Austria, specializing in software competence and computational intelligence for industrial applications. The organization maintains a strong market position with national and international partnerships, offering services in data science, software science, project collaboration, consulting, and training. The website content is professionally presented in German, targeting industry professionals, researchers, partners, and potential employees. The business model focuses on research and innovation in technology for industry advancement. Technically, the website is built on the Contao Open Source CMS platform, utilizing Apache server technology and modern JavaScript libraries such as jQuery and Slick Carousel. Hosting is managed via Azure DNS services. While the website demonstrates good mobile optimization and basic SEO practices, performance metrics indicate slow loading times. Accessibility features are basic but present. From a security perspective, the site implements several important HTTP security headers including Content Security Policy, X-Frame-Options, and X-XSS-Protection. However, a critical weakness is the invalid SSL certificate and lack of proper HTTPS support, which significantly undermines the security posture. No advanced incident response or security policy documentation is found on the site. Privacy compliance is strong, with a comprehensive privacy policy, cookie consent mechanism, and GDPR adherence. Overall, the website is trustworthy and professionally maintained but requires urgent remediation of SSL/TLS issues to ensure secure communications and improve the security score. Strategic recommendations include fixing the SSL certificate, enabling modern TLS protocols, and enhancing performance and accessibility to strengthen the digital presence and security posture.

W

WAFF

waff.com

40

WAFF is a well-established local media company serving Huntsville, Alabama, providing comprehensive news, weather, and sports coverage. The website demonstrates a strong digital presence with rich content, video integration, and community engagement features. The technical infrastructure leverages modern web technologies and Arc Publishing CMS, ensuring good performance and mobile optimization. However, the absence of a valid SSL certificate and HTTPS support significantly impacts the security posture, exposing users to potential risks. Privacy policies and terms of service are well documented, indicating compliance awareness, though cookie consent mechanisms are lacking. Overall, WAFF presents a professional and trustworthy media outlet with room for security enhancements.

T

The United Nations in Vienna

unvienna.org

36

The United Nations in Vienna website serves as the official digital presence of the UN's Vienna-based offices and agencies. It provides comprehensive information about the UN family in Vienna, their initiatives, sustainable development goals, and visitor information. The site targets a broad audience including diplomats, researchers, media, and the general public interested in UN activities. The business model is informational and public service-oriented, reflecting the UN's governmental and non-profit nature. The website is well-branded, consistent, and authoritative in its domain space. Technically, the site uses a combination of AngularJS and React frameworks, served via Apache, with integration of Google Tag Manager for analytics. The site is mobile optimized and has good navigation and content quality. However, performance metrics are unavailable, and accessibility is basic. SEO is moderately implemented with proper meta tags and Open Graph data. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. While some security headers are present, the absence of TLS protocols, cipher suites, DMARC, DNSSEC, and CAA records indicates a weak security posture. No incident response or vulnerability disclosure information is publicly available. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism despite tracking scripts. Overall, the website is trustworthy and credible given its UN affiliation and mature domain. However, the lack of HTTPS and modern security practices significantly lowers its security score and poses risks to users. Strategic improvements in SSL deployment, email security, and privacy compliance are recommended to enhance trust and security.

Digital Realty Trust operates a global platform of data centers and colocation services under the PlatformDIGITAL® brand, serving a broad range of enterprise, cloud, and network customers. The company is a market leader with a large global footprint, extensive certifications, and a strong partner ecosystem including AWS, Google Cloud, IBM, Oracle, NVIDIA, HPE, and Microsoft Azure. The website content is rich, professionally designed, and well-structured, targeting enterprises needing secure, scalable, and interconnected IT infrastructure. Technically, the site uses modern frameworks like Next.js and React, with integrations for marketing and analytics tools such as Marketo and VWO. However, the security posture is weakened by the absence of a valid SSL certificate and lack of HTTPS, which is a critical issue that impacts trust and security. Privacy and cookie policies are present with consent mechanisms, indicating good privacy compliance. Overall, the site demonstrates high business credibility but requires urgent improvements in SSL/TLS configuration to enhance security.

D

DaoPay GmbH

daopay.com

40

DaoPay GmbH is a licensed Austrian payment service provider offering a broad range of secure and simple payment solutions for online merchants globally. The company supports over 80 payment methods including major credit cards, PayPal, SEPA, and direct carrier billing, positioning itself as a comprehensive payment gateway and merchant account provider. Their target audience includes online businesses seeking to expand payment options and increase customer convenience. The website is professionally designed with clear navigation and relevant content, supporting a medium-sized enterprise profile in the finance and technology sectors. Technically, the website is built on WordPress with modern plugins and frameworks such as Bootstrap and Visual Composer, indicating a mature digital infrastructure. However, performance is slow and accessibility is basic. The site is mobile optimized and SEO is well implemented. Security posture is weak due to the absence of a valid SSL certificate and outdated TLS protocols, which poses significant risks for a payment service provider. Privacy and cookie policies are comprehensive and GDPR compliant, with explicit consent mechanisms in place. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Social media presence and contact information are comprehensive, enhancing business credibility. Strategic recommendations include immediate remediation of SSL/TLS issues, enabling modern security protocols, and enhancing DNS security configurations to improve trust and compliance.

Kathrein USA operates as a technology company specializing in broadcast, cellular, and IoT antennas, providing connectivity solutions primarily targeting businesses in telecommunications and related sectors. The website presents itself as a medium for sharing industry-related content and company information but lacks comprehensive contact and compliance documentation. Technically, the site is built on WordPress with common web technologies such as jQuery and Bootstrap, hosted behind Cloudflare. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture and user trust. Security headers are partially implemented, but critical modern TLS protocols and encryption are missing. Privacy compliance is minimal, with no visible privacy or cookie policies, and no GDPR indicators. The site uses Clicky Analytics for user tracking without clear privacy disclosures. Overall, the website demonstrates moderate business credibility but requires significant improvements in security and privacy to meet industry standards.

F

FTC Capital

ftc.at

22

FTC Capital is an Austrian asset management company targeting both retail and institutional investors. The website provides segmented information for private clients and qualified institutional investors, reflecting a clear business focus on investment services within Austria. The digital infrastructure is based on WordPress with multilingual support and GDPR cookie compliance mechanisms, indicating a moderate level of digital maturity. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which significantly undermines user trust and data security. Performance is suboptimal with slow load times, and contact information is not readily available, limiting direct communication channels. Overall, while the business positioning and content quality are good, the technical and security posture require urgent improvements to meet modern standards and regulatory compliance.

RHI Magnesita is a global leader in the refractory industry, providing high-grade refractory products, systems, and services primarily for steel, cement, glass, and non-ferrous metals industries. The company emphasizes sustainability and innovation, targeting industrial clients worldwide. The website reflects a mature digital presence with comprehensive content, structured data, and multi-language support. Technically, the site is built on WordPress with modern plugins and libraries, but suffers from critical security shortcomings due to an invalid SSL certificate and lack of HTTPS enforcement. Security headers are present but insufficient without proper TLS. Privacy compliance is well addressed with Cookiebot consent management and a detailed privacy policy. Overall, the site is professional and trustworthy but requires urgent SSL remediation to improve security posture and user trust.

Y

yandree GmbH

yandree.com

36

yandree GmbH is a small Austrian IT services company specializing in IT documentation and data migration with over 20 years of experience. The company serves clients primarily in the energy, insurance, hosting, and IT sectors worldwide. Their website is built on Joomla CMS with a modern UI framework and includes comprehensive business and legal information. However, the site lacks HTTPS encryption, which is a critical security shortfall. Cookie consent mechanisms are implemented with a privacy-first approach, denying analytics and advertising cookies by default. The company demonstrates moderate digital maturity but should prioritize securing their website with SSL/TLS and enhancing security policies. Overall, yandree GmbH presents a professional and trustworthy business presence with room for technical and security improvements.

A

at-visions GmbH

at-visions.com

35

at-visions GmbH is a medium-sized Austrian company specializing in hospitality technology solutions including mobile apps, hotel TV, professional WIFI, and digital signage. The company targets hotels and hospitality businesses, offering integrated guest experience platforms and IT consulting services. Their website demonstrates a strong market position with numerous reputable hotel clients and technology partners. Technically, the website is built on WordPress with modern frameworks and includes accessibility and SEO optimizations. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent critical security weaknesses. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the business appears credible and professional, but urgent improvements in security infrastructure are recommended.

O

Ojo de Pez

ojodepez.com.py

22

Ojo de Pez is a Paraguayan advertising agency specializing in creative, digital, and media services, with a 20-year history in the industry. The company targets businesses seeking to strengthen their brand identity and communication strategies. The website reflects a professional and consistent brand image with good content quality and user experience. However, the technical infrastructure shows significant gaps, notably the absence of HTTPS and a valid SSL certificate, which critically undermines security and user trust. The site uses common marketing and analytics tools such as Google Analytics, Facebook Pixel, and LinkedIn Insight Tag, but lacks visible cookie consent mechanisms and privacy policies, raising compliance concerns. Overall, the business appears legitimate and established, but the digital security posture requires urgent improvement.

D

DuPont

dupont.com

40

DuPont is a globally recognized enterprise specializing in manufacturing essential innovations across multiple sectors including automotive, electronics, healthcare, and water management. The company leverages science and innovation to deliver products such as protective equipment, clean water solutions, and advanced materials. The website reflects a professional and consistent brand presence targeting industrial and commercial clients. Technically, the site is built on Adobe Experience Manager with modern JavaScript libraries and integrates analytics and marketing tools such as Adobe Launch and Pingdom. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Privacy and cookie policies are well implemented, indicating good compliance with GDPR and related regulations. Overall, the site demonstrates strong business credibility but requires urgent security improvements.

S

Sanitär-Heinze GmbH & Co. KG

sanitaer-heinze.com

29

Sanitär-Heinze GmbH & Co. KG operates as a specialized wholesale and service provider in the sanitary, heating, ventilation, and renewable energy sectors primarily serving professional customers in Germany. The company offers a broad portfolio including bathroom products, heating systems, ventilation solutions, and 3D bathroom planning services. Their market position is that of an established regional player with a consistent brand presence and multiple product lines. Technically, the website is built on the Pimcore CMS platform, leveraging modern JavaScript libraries and Google analytics tools, with a professional design and good navigation. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that significantly impacts the security posture. Cookie consent is implemented properly, and privacy policies are comprehensive and GDPR compliant. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.