Security Directory

F

Frank Europe GmbH

frankeurope.com

53

The website's overall security posture presents significant concerns, particularly regarding foundational protections and regulatory compliance. Critical issues such as the lack of HTTPS encryption severely expose user data to interception and compromise trust. GDPR compliance is markedly deficient, posing legal and reputational risks due to missing cookie policies, consent mechanisms, and inadequate privacy documentation. The absence of a formal information security framework and incident response plans under NIS2 regulations further escalates operational and compliance vulnerabilities. While network security and email security scores are relatively strong, the missing security headers and weak configurations increase susceptibility to web-based attacks. DNS health is adequate but could be improved by enabling DNSSEC and configuring CAA records. Immediate remediation is essential to protect sensitive data, maintain customer confidence, and avoid regulatory penalties. Addressing these gaps will also enhance the company’s resilience against cyber threats and align security practices with industry standards.

E

Encore®

psav.com

42

The website's overall security posture is critically weak, with numerous high and critical severity issues identified, particularly in encryption, security headers, and regulatory compliance. The absence of HTTPS encryption represents a fundamental risk, exposing all data exchanges to interception and undermining trust. Key security headers are missing, increasing vulnerability to attacks such as clickjacking, content injection, and cross-site scripting. Compliance with GDPR and NIS2 regulations is severely lacking, with missing cookie policies, consent mechanisms, and security governance documentation, exposing the business to potential legal and financial penalties. While network security and DNS health show relatively better scores, critical gaps remain, especially in email security protocols. Immediate remediation is essential to protect customer data, maintain regulatory compliance, and preserve brand reputation. Without urgent action, the business faces increased risks of data breaches, regulatory fines, and loss of customer trust.

B

BondTM

bondtm.com

46

The website bondtm.com currently exhibits a critically weak security posture, primarily due to the complete lack of HTTPS encryption and missing essential security headers, exposing it to data interception, clickjacking, and other web-based attacks. Additionally, significant compliance gaps with GDPR and NIS2 regulations pose substantial legal and operational risks to the business. Immediate action is required to secure the site, protect user data, and align with regulatory requirements.

I

IM2S

im2s.mc

64

The website https://im2s.mc currently exhibits a weak security posture with multiple high-severity issues primarily related to missing security headers, GDPR compliance gaps, and inadequate NIS2-aligned security governance. Although SSL/TLS and email security are relatively strong, the absence of critical policies and exposure of high-risk services significantly elevate business risks, including potential data breaches and regulatory penalties.

G

GROUP Andbank

andbank.com

45

The website's overall security posture is currently poor, with critical vulnerabilities that pose significant risks to both the business and its users. The absence of HTTPS encryption is a severe issue, exposing data in transit to interception and undermining compliance with GDPR and NIS2 regulations. Key security headers are either missing or weakly configured, increasing susceptibility to common web attacks such as clickjacking and content injection. Privacy compliance is lacking, with no privacy or cookie policies and no consent mechanisms, risking regulatory penalties and reputational damage. Additionally, the organization lacks foundational security governance, including incident response, security policies, and vulnerability disclosure procedures, which impairs its ability to manage and respond to threats effectively. Email security is moderately strong but could be improved with stricter DMARC enforcement and reporting. DNS security measures like DNSSEC are not enabled, reducing protection against DNS spoofing. Network security itself is well managed, indicating some internal controls are in place. Immediate remediation is critical to prevent data breaches, regulatory fines, and erosion of customer trust.

L

Lee & Associates

lee-associates.com

64

The website https://lee-associates.com exhibits significant security and compliance gaps, particularly in web security headers, GDPR compliance, and organizational security policies, resulting in an overall unknown risk score. While email security and SSL/TLS configurations are relatively strong, the presence of high-risk exposed services and lack of incident response and security governance expose the business to potential data breaches and regulatory penalties.

K

KORT Payments

kortpayments.com

63

Kortpayments.com exhibits significant security weaknesses, particularly in web security headers, GDPR compliance, and information security governance, exposing the business to legal risks and potential cyber threats. While network and email security are strong, critical gaps in SSL/TLS configuration and incident response capabilities increase vulnerability and may damage customer trust and regulatory standing.

D

DealerClub

dealerclub.com

75

Dealerclub.com demonstrates a generally strong network and email security posture but faces significant compliance and governance risks, particularly regarding GDPR and NIS2 regulations. The absence of critical policies, weak SSL configurations, and missing incident response mechanisms expose the business to regulatory penalties and potential security incidents. Immediate action is needed to address these high-impact vulnerabilities to safeguard customer data and maintain regulatory compliance.

K

KORT Payments

payfirma.com

63

Payfirma.com exhibits significant security weaknesses primarily in web security headers, regulatory compliance (GDPR), and organizational information security practices (NIS2). While network security and email security are strong, critical gaps such as missing key HTTP security headers, lack of cookie consent, and absence of incident response policies expose the business to data breaches, compliance penalties, and reputational damage.

The website https://codeinwp.com currently exhibits significant security deficiencies, particularly in areas of web security headers, GDPR compliance, and organizational security policies, resulting in a high-risk profile despite no critical technical vulnerabilities found. While network infrastructure and email security are relatively strong, the absence of fundamental security controls and compliance measures exposes the business to data breaches, regulatory penalties, and reputational damage.

E

Exclusive Networks

exclusive-networks.com

64

The website exclusive-networks.com exhibits significant security weaknesses, particularly in web security headers, GDPR compliance, and NIS2 regulatory adherence, which collectively expose it to data breaches, regulatory penalties, and reputational damage. While network security and email security show strengths, critical SSL/TLS and privacy policy gaps present immediate risks that must be addressed to safeguard business operations and customer trust.

Kartra.com's overall security posture reveals significant gaps in foundational security controls, compliance adherence, and incident preparedness, despite having strong email and network security. The presence of multiple high-severity issues, particularly around missing security headers, GDPR non-compliance, and the absence of key security policies, exposes the business to regulatory, reputational, and operational risks.