Security Directory

I

IC Group A/S

icgroup.net

39

IC Group A/S is a retail company specializing in fashion brands such as Tiger of Sweden and By Malene Birger. The company was publicly traded until 2019 when it was fully acquired by Friheden Invest A/S and subsequently delisted. The website serves primarily as a repository for historical financial statements, corporate responsibility reports, and data ethics documentation. The target audience includes investors, stakeholders, and customers interested in the company's brands and corporate governance. Technically, the website is built using the One.com Web Editor CMS and hosted on One.com infrastructure, with Apache and Varnish servers. However, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a significant security concern. No privacy or cookie policies are present, indicating potential compliance gaps with GDPR and other privacy regulations. Contact information is clearly provided, including emails, phone numbers, and physical addresses for IC Group and its brands. Overall, the website is functional but requires urgent security and privacy improvements to meet modern standards.

Newlogic Pte Ltd is a Singapore-headquartered software consultancy firm with a strong regional presence across Southeast Asia. The company specializes in delivering innovative software solutions in areas such as digital identity and biometrics, data collection and analytics, cash transfer and payment systems, and ERP implementation. Their client base includes leading companies, organizations, and governments, positioning them as a key player in the regional technology consultancy market. The website reflects a professional and consistent brand image with clear descriptions of services and leadership team details. Technically, the website employs a modern tech stack including Bootstrap 4.3.1, jQuery, Popper.js, and Google Fonts, hosted behind Cloudflare. However, performance metrics are lacking, and the site suffers from the absence of a valid SSL certificate, which critically impacts security and user trust. The site is mobile-optimized with good navigation and SEO practices but lacks accessibility features and cookie consent mechanisms. From a security perspective, the site has several HTTP security headers configured, but the lack of HTTPS and TLS support is a major vulnerability. No incident response or security policies are published, and no vulnerability disclosure or data protection officer information is available. The presence of social media links and contact information supports business credibility, but the security posture requires urgent improvement. Overall, the website is functional and professional but has critical security shortcomings that reduce its trustworthiness and compliance. Strategic improvements in SSL deployment, privacy compliance, and security policy transparency are recommended to enhance the company's digital maturity and risk posture.

N

N-SIDE

n-side.com

38

N-SIDE is a specialized deeptech company focusing on providing optimization and analytics solutions for the life sciences and energy sectors. Their offerings include software and professional services aimed at improving pharmaceutical manufacturing efficiency, clinical trial management, and energy forecasting and power matching for market participants. The website reflects a professional digital presence built on HubSpot CMS, leveraging modern web technologies and marketing tools such as Google Tag Manager. However, the security posture is weak due to the absence of a valid SSL certificate and proper HTTPS configuration, which poses a significant risk to user trust and data security. Privacy compliance is minimal, with no visible privacy or cookie policies, and no explicit contact information is provided on the homepage. Overall, the site demonstrates moderate business credibility and technical maturity but requires urgent improvements in security and privacy compliance to meet industry standards.

Folyo GmbH operates a specialized out-of-home advertising platform focused on measurable vehicle advertising using premium electric and hybrid vehicles. Their business model emphasizes performance-driven campaigns with pay-per-impression pricing, targeting brands, agencies, and professional drivers primarily in Austria. The website presents a professional and consistent brand image with clear service offerings including vehicle branding, in-car digital screens, and creative add-ons such as product sampling and urban gamification. Technically, the site is built on Bitrix CMS and served via LiteSpeed, incorporating common web technologies like jQuery and Google Fonts. However, the absence of a valid SSL certificate and lack of HTTPS significantly undermine the security posture. Security headers are minimal, and no advanced security or incident response policies are publicly disclosed. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Vienna Capital Partners (VCP) is an established independent corporate finance advisory firm operating primarily in Central, Eastern, and Southeastern Europe with offices in Vienna and Warsaw. The company specializes in mergers and acquisitions, strategic advisory, capital advisory, and related financial services targeting large and mid-sized corporations, private equity funds, entrepreneurs, and family offices. Their market position is strong within their niche, supported by a professional website showcasing detailed transaction references and senior professionals. Technically, the website is built on WordPress with common plugins and frameworks but suffers from an invalid SSL certificate, which undermines its security posture. The site is mobile optimized and provides clear contact information but lacks advanced security headers and explicit security or incident response policies. Overall, the business credibility is good, but security improvements are necessary to enhance trust and compliance.

P

Pittel+Brausewetter Holding GmbH

pittel.at

40

Pittel+Brausewetter Holding GmbH is a well-established Austrian family-owned construction company with over 150 years of experience. They specialize in a broad range of construction services including road, civil, industrial, structural, bridge, and sports facility construction. The company maintains a strong market position with multiple reference projects and a consistent brand presence. Technically, the website is built on WordPress using common plugins and themes, with moderate performance and good mobile optimization. However, a critical security weakness is the lack of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Contact information and social media presence are clearly provided, enhancing business credibility.

W

WeRetail GmbH

weretail.com

24

WeRetail GmbH is a small German-based company specializing in integrated travel retail and cross-border e-commerce solutions targeting Chinese tourists and customers. Their services include enabling businesses to accept mobile payments via Alipay and WeChat Pay, providing POS solutions with table reservation and menu pre-ordering, and offering cross-border logistics and VAT refund services. The company leverages popular Chinese social media platforms such as WeChat and Xiaohongshu for marketing and customer engagement. Technically, the website is built on WordPress using the Enfold theme and Avia framework, hosted likely on AWS infrastructure. While the site is well-structured and content-rich, it suffers from a critical lack of HTTPS, which severely impacts its security posture. Cookie consent mechanisms are implemented, but Google Analytics is installed without active configuration. Contact information is clearly provided, enhancing business credibility.

biolution GmbH is a specialized scientific consulting and visualization company serving the life sciences sector with over 20 years of experience. Their services include scientific consulting, 3D visualizations, grant and funding support, project management, coaching, workshops, and media design. The company targets researchers and organizations in the life sciences domain, positioning itself as a niche expert with a professional online presence. Technically, the website is built on WordPress with modern plugins like Elementor and WooCommerce, hosted on a LiteSpeed server by mysecurecloudhost.com. While the site has good SEO and structured data, it lacks a valid SSL certificate, which is a critical security gap. Privacy compliance is well addressed with iubenda cookie and privacy policies, including consent mechanisms. Social media integration is strong, enhancing trust and engagement. Security posture is weak due to missing HTTPS and lack of advanced security headers, exposing the site to potential risks. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Softwerk AB is a medium-sized software development company based in Växjö, Sweden, founded in 2008. The company specializes in advanced software solutions including mobile app development, web development, system development, integration, AI & machine learning, and big data. Their market position is that of a regional technology provider with strong ties to academic research and commercial innovation. The website presents a professional image with clear service offerings and client references. Technically, the site uses PHP and nginx, with Google Fonts and Google Analytics integrated. However, the website lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security deficiency. Security headers are partially implemented but the absence of TLS protocols and OCSP stapling reduces the security posture. Privacy and cookie policies exist but are basic, with no explicit GDPR compliance statements or incident response policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

The marcusevans Group website presents a minimalistic and largely content-sparse front page with no visible business descriptions, contact information, or policy documents. The domain is mature and registered with a reputable registrar, indicating an established presence. Technically, the site uses modern web technologies such as Angular, Google Tag Manager, Microsoft Clarity, and HubSpot for marketing and analytics, but lacks performance data and visible content. Security posture is weak due to the absence of a valid SSL certificate, no HTTPS enforcement, and missing security headers, exposing the site to potential risks. Privacy compliance is poor with no privacy or cookie policies detected. Overall, the site appears to be a corporate or marketing shell with limited user-facing information and significant security and compliance gaps.

Pakistan Telecommunication Authority (PTA) is the official government regulatory body overseeing the telecommunication sector in Pakistan. The website serves as a comprehensive portal offering licensing information, consumer protection services, cyber security strategies, and digital inclusion initiatives. It targets telecom industry stakeholders, consumers, and government entities within Pakistan. The site is professionally designed with good content quality, clear navigation, and accessibility features, reflecting a mature digital presence for a government entity. Technically, the site uses modern front-end frameworks such as Bootstrap and Foundation, along with jQuery and Font Awesome, but suffers from poor SSL/TLS implementation with no valid certificate and no enabled TLS protocols, which significantly impacts security posture. Security headers are well configured, but lack of HTTPS and modern TLS protocols is a critical weakness. Privacy compliance is basic with a privacy policy and terms of use present but no cookie consent mechanism or GDPR compliance indicators. Contact information including phone and physical address is clearly provided, along with official social media links. Overall, the site is trustworthy and authoritative but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

V

VOID.PL

void.pl

25

VOID.PL is a mature and established IT services company founded in 2010, specializing in bespoke IT solutions including systems and network support, software development, and consultancy. The company emphasizes close collaboration with customers, transparency, and proactive support. It operates primarily in Poland with associated companies in the UK and Estonia, supporting products like Smart DNS Proxy. The website reflects a professional business with good content quality and consistent branding, targeting businesses seeking outsourced IT operations and agile support services. Technically, the website uses a standard Apache server on Ubuntu, with front-end technologies including Bootstrap, jQuery, and Google Analytics. However, the site lacks HTTPS, which is a critical security gap. Security posture is weak due to missing SSL/TLS and absence of security headers or policies. Privacy compliance is poor with no visible privacy or cookie policies. WHOIS data confirms domain legitimacy and consistency with business claims. Overall, the site is functional but requires urgent security improvements to protect user data and enhance trust.

R

RP Global

rp-global.com

40

RP Global is a well-established large-scale developer, operator, and investor in the renewable energy sector with over 40 years of experience. The company focuses on solar PV, wind, hydro, hydrogen, and energy storage projects primarily in Europe and Latin America, with a significant project pipeline exceeding 14 GW(p). Their business model centers on project development, investment, and strategic partnerships, positioning them as a key player in the renewable energy market. Technically, the website is built on ASP.NET and hosted on Microsoft IIS with Umbraco CMS, incorporating modern web technologies such as Google Tag Manager and Google Fonts. However, performance is slow and accessibility is basic. Security posture is weak due to the absence of a valid SSL certificate, lack of HTTPS, missing security headers, and no incident response or security policy disclosures. Privacy compliance is minimal with policies present but no consent mechanisms. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

P

Poesis Consulting GmbH

poesis.at

40

Poesis Consulting GmbH is a small, dynamic consulting firm specializing in strategy, project management, process management, and training services. The company targets businesses requiring tailored consulting solutions, particularly in complex projects where internal resources or expertise are limited. Their market position is regional with offices in Vorarlberg and Liechtenstein, emphasizing a personalized and deep consulting approach. The website reflects a professional and consistent brand image with clear service offerings and client testimonials, supporting their credibility. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Fonts, Google Tag Manager, and Cookiebot for consent management. Hosting is via Cloudflare CDN with DNS managed by United Hoster. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a significant technical and security deficiency. Performance is rated slow due to missing optimization metrics, but mobile responsiveness and SEO basics are adequately addressed. From a security perspective, the absence of HTTPS and TLS protocols severely undermines the site's security posture. While some security headers and best practices like HttpOnly cookies and reCAPTCHA are implemented, critical vulnerabilities exist including no DNSSEC, no certificate transparency compliance, and no session resumption. Privacy compliance is reasonably addressed with a privacy policy, cookie consent, and GDPR indicators, but no explicit security or incident response policies are published. Overall, the website presents a moderate risk profile primarily due to missing HTTPS and related security controls. Strategic recommendations include immediate SSL/TLS deployment, enhancement of DNS security, and publication of security policies. These improvements will bolster trust, compliance, and protect both the business and its clients from potential threats.

OTP Bank is a leading Hungarian financial institution with a strong regional presence in Central and Eastern Europe. Founded in 1949, it offers a comprehensive range of banking services including retail and corporate banking, loans, savings, insurance, and digital banking solutions. The website reflects a mature and professional digital presence with excellent content quality, clear navigation, and strong branding consistency. The bank leverages modern web technologies such as Vue.js and integrates multiple analytics and marketing tools to enhance user experience and business intelligence. From a technical perspective, the website employs robust security headers and content security policies, but suffers from critical SSL/TLS configuration issues including an invalid SSL certificate and lack of modern TLS protocol support. These issues significantly impact the security posture score and should be addressed promptly to ensure secure communications and user trust. Privacy compliance is well handled with clear GDPR-aligned privacy and cookie policies, supported by a consent mechanism. Overall, OTP Bank's website demonstrates high business credibility and professionalism, with comprehensive contact information and trust indicators such as awards and certifications. The domain registration data aligns well with the business history and legitimacy. Strategic improvements in SSL/TLS configuration and ongoing security audits are recommended to enhance the security posture and maintain customer confidence.

A

Amway Global

amwayglobal.com

40

AmwayGlobal.com serves as the official digital presence of Amway Corporation, a globally recognized leader in direct selling and wellness products. The website effectively communicates the company's extensive product portfolio, business opportunities, and corporate social responsibility initiatives, targeting health-conscious consumers and entrepreneurs worldwide. The site demonstrates a mature digital infrastructure leveraging WordPress CMS, modern JavaScript libraries, and performance optimization tools, ensuring a good user experience across devices. However, the absence of a valid SSL certificate and disabled TLS protocols represent significant security gaps that undermine the site's secure communication capabilities. While security headers and privacy policies are well implemented, the lack of HTTPS is a critical issue that should be addressed promptly. Overall, the website reflects a reputable enterprise with strong branding and compliance posture but requires urgent improvements in its SSL/TLS configuration to enhance trust and security.

S

Stratodesk Corp.

stratodesk.com

40

Stratodesk Corp. is a mature technology company founded in 2010, specializing in secure, managed endpoint operating systems designed for virtual desktop infrastructure (VDI), Desktop-as-a-Service (DaaS), SaaS, secure browsing, and industrial IoT applications. The company has established a strong market position as a leading innovator with multiple industry awards and partnerships with major technology vendors such as Microsoft, Citrix, and VMware. Recently, Stratodesk became part of IGEL, further strengthening its market presence. The website reflects a professional and comprehensive digital presence, targeting enterprise customers seeking secure and manageable endpoint solutions. Technically, the site is built on WordPress with modern plugins and integrations, but suffers from a critical security shortfall due to the absence of a valid SSL/TLS certificate and HTTPS support, which significantly impacts its security posture. Privacy policies and terms of service are well documented, and contact information is clearly provided, supporting good privacy compliance and business credibility. Overall, Stratodesk demonstrates a solid business and digital maturity but should urgently address its SSL/TLS configuration to improve security and trust.

S

SCHMIDT Groupe

cuisines-schmidt.com

29

SCHMIDT Groupe operates a comprehensive and professionally designed website focused on custom interior design solutions including kitchens, furniture, and bathrooms. The company is a leading French manufacturer with a strong market position and a large-scale retail business model. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, extensive use of analytics and marketing tools, and a clear focus on user experience and mobile optimization. However, a critical security gap exists due to the absence of a valid SSL certificate and proper HTTPS configuration, which significantly impacts the security posture and trustworthiness of the site. Privacy and cookie policies are well implemented, indicating good compliance with GDPR requirements. Overall, the site is content-rich and trustworthy but requires urgent remediation of its SSL/TLS configuration to meet modern security standards.

A

AGFA HealthCare

agfahealthcare.com

40

AGFA HealthCare is a prominent enterprise in the healthcare sector specializing in secure and sustainable imaging data management solutions. The company holds a strong market position, evidenced by multiple KLAS awards and a comprehensive portfolio of services including Enterprise Imaging Platform, Augmented Intelligence, and Cloud solutions. Their target audience includes healthcare professionals, IT professionals, and government healthcare entities. Technically, the website is built on WordPress with a modern tech stack including popular plugins and frameworks, delivering a good user experience with mobile optimization and accessibility. However, the security posture is currently weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which is a critical issue that needs immediate remediation. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is professional and trustworthy but requires urgent security improvements to enhance its risk profile.

P

Panduit

panduit.com

36

Panduit is a well-established enterprise specializing in network infrastructure and industrial electrical wiring solutions, serving a broad range of industries with a focus on scalable and smarter infrastructure. The company has a strong market position supported by decades of experience and a comprehensive product portfolio. Technically, the website leverages modern technologies including Adobe Experience Manager, AngularJS, and integrates multiple marketing and analytics tools, indicating a mature digital presence. However, the security posture is weak due to the absence of HTTPS and SSL/TLS configuration, exposing the site to potential risks. Privacy compliance is also lacking, with no visible privacy or cookie policies. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

MS Design GmbH is a medium-sized manufacturing company based in Tirol, Austria, specializing as a system supplier to the automotive industry. Founded in 1983, the company offers comprehensive services from design and prototyping to production start, emphasizing quality, innovation, and customer satisfaction. Their market position is supported by multiple certifications including IATF 16949 and ISO standards, reflecting a strong commitment to quality and environmental management. Technically, the website is built on TYPO3 CMS with a modern but basic technology stack including jQuery and various UI libraries. While the site is well-structured, mobile-optimized, and SEO-friendly, it lacks HTTPS support and a valid SSL certificate, which is a critical security gap. The hosting environment appears to be a Plesk-managed Apache server without advanced security configurations such as HSTS or DNSSEC. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the site's security posture. Although some security headers are present and email obfuscation is implemented, the lack of encryption exposes users to risks. Privacy compliance is addressed with visible privacy and cookie policies and consent mechanisms, but incident response and vulnerability disclosure information are missing. Overall, the website demonstrates good business credibility and content quality but suffers from critical security shortcomings. Strategic improvements in SSL implementation and enhanced security headers are recommended to elevate trust and compliance.

A

Adria Film

adriafilm.com

26

Adria Film is a small media company based in Austria specializing in film production, distribution, and festival organization. The website serves as a platform to promote their films, provide news updates, and facilitate ticket sales. The company targets European cinema audiences and diaspora communities with a focus on regional film culture. Technically, the website is built on WordPress using a professional theme and several popular plugins, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate is a critical security weakness, exposing users to potential risks. The presence of tracking pixels from Facebook and TikTok suggests moderate user tracking, balanced by a visible cookie consent mechanism. Overall, the site is functional and professional but requires urgent security improvements and enhanced privacy compliance to reduce risk and build trust.

W

Worksoft Inc.

worksoft.com

35

Worksoft Inc. is a global technology company specializing in codeless test automation software designed to help enterprises accelerate business process testing and digital transformation. The company positions itself as a trusted partner for large organizations, offering a suite of products that enable business and IT teams to automate complex workflows without coding expertise. The website reflects a professional and consistent brand image with detailed product information and client endorsements, targeting enterprise customers in the technology sector. Technically, the site is built on WordPress and hosted on WP Engine with Cloudflare CDN, leveraging modern JavaScript libraries and integrations such as HubSpot for marketing and Wistia for video content. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly undermines the site's security posture. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but lacks cookie consent mechanisms and explicit GDPR compliance indicators. Overall, the website demonstrates good business credibility and content quality but requires urgent security improvements to protect user data and maintain trust.

I

IMPROCESS GmbH

improcess.at

24

IMPROCESS GmbH is a small Austrian biotech consulting engineering firm specializing in process improvement, energy efficiency, and environmental performance for manufacturing operations. Their website presents a professional image with clear business focus and partner affiliations. The technical infrastructure is based on WordPress with common web technologies but lacks HTTPS, which is a critical security gap. The site uses Google Analytics for user tracking but does not provide privacy or cookie policies, indicating poor privacy compliance. Security posture is weak due to missing SSL, lack of security headers, and exposed PHP version. Overall, the website is functional and informative but requires significant improvements in security and privacy to meet modern standards.

L

Legrand

legrand.com

40

Legrand is a global specialist in electrical and digital building infrastructures, offering a wide range of products and solutions tailored for various countries and global markets. The company positions itself as a leader in its industry, targeting both B2B and B2C customers seeking advanced electrical infrastructure solutions. The website reflects a professional and consistent brand image with good content quality and clear navigation, although some key contact information is not directly visible on the landing page. Technically, the website is built on Drupal 10 and leverages modern technologies such as Google Tag Manager and tarteaucitron.js for cookie consent management, hosted via Amazon CloudFront CDN. While the site shows basic mobile optimization and accessibility features, performance data is unavailable. SEO optimization is basic but present through meta tags and Open Graph data. From a security perspective, the site implements several important HTTP security headers and a content security policy. However, the lack of a valid SSL certificate and absence of TLS protocols severely undermine the security posture, exposing users to risks and reducing trust. No vulnerabilities like Heartbleed or POODLE were detected, but the SSL misconfiguration is a critical issue. Overall, the website demonstrates moderate digital maturity and business credibility but requires urgent remediation of SSL issues to improve security and user trust. Privacy compliance is good with clear cookie consent mechanisms and GDPR-aligned policies. Strategic improvements in security infrastructure and enhanced contact transparency would strengthen the company's online presence and risk posture.

W

WunderLand Group

wunderlandgroup.com

37

WunderLand Group is a mature, medium-sized staffing solutions firm specializing in digital, creative, and marketing workforce services. The company offers a broad range of expertise including UX design, content editing, front-end development, and project management. Their market position is supported by strong client and consultant testimonials and industry awards such as the Best of Staffing®. Technically, the website is built on WordPress with Elementor and uses a variety of modern JavaScript libraries and marketing tools, hosted on WP Engine with Cloudflare CDN. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to risks and undermining trust. Privacy compliance is partially addressed with a cookie consent mechanism, but GDPR compliance is not clearly demonstrated. Overall, the business credibility is solid, but the security weaknesses require urgent remediation.

The Cheeky Crow Massage Co. operates an e-commerce storefront focused on massage-related services or products, hosted on the Big Cartel platform. The website is currently in maintenance mode, providing minimal content and no direct contact or policy information. Technically, the site uses Cloudflare for CDN and security headers are present; however, the lack of a valid SSL certificate means HTTPS is not properly enabled, severely impacting security and trust. Privacy and cookie policies are absent, and no contact details are provided, limiting user trust and compliance. Overall, the site is a small business with basic digital presence but requires significant improvements in security and compliance to meet modern standards.

A

Algonquin Orthodontics

algonquinorthodontics.com

36

Algonquin Orthodontics is a specialized orthodontic practice located in Lake in the Hills, Illinois, led by Dr. Amer Shammaa. The practice offers a range of orthodontic services including metal braces, clear braces, and Invisalign® clear aligners, targeting patients of all ages in the local McHenry County area. The website presents a professional and user-friendly interface with clear navigation and relevant content aimed at educating and attracting patients. Technically, the site is built on a Symfony PHP framework hosted on AWS infrastructure, utilizing modern web fonts and iconography, and integrates Google Tag Manager for analytics. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. Security headers are minimal, and privacy compliance is poor due to the absence of privacy and cookie policies. The WHOIS data aligns with the business claims, indicating a legitimate small healthcare business. Overall, while the business and content quality are good, the security posture and privacy compliance require urgent improvements to enhance trust and protect user data.

N

NOA

noa-vu.nl

35

NOA is a Dutch company specializing in scientifically validated online assessments and psychological tests, primarily serving educational institutions, HR professionals, and reintegration sectors. With over 25 years of experience and origins linked to the Vrije Universiteit, NOA holds a strong market position supported by ISO 9001 and ISO 27001 certifications. The website reflects a professional and consistent brand with comprehensive content and clear navigation, targeting Dutch-speaking audiences. Technically, the site uses Microsoft IIS with ASP.NET and Umbraco CMS, integrating modern tools like Google Tag Manager and Elmah.io for error logging. However, the absence of HTTPS is a critical security gap, exposing users to potential risks. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Contact information is complete and accessible, enhancing business credibility.

Tarian Group, LLC is a large US-based security services provider specializing in guarding services, integrated security technology, risk advisory, and preparedness training. The company targets critical infrastructure, government, healthcare, commercial, and residential sectors, positioning itself as North America’s fastest growing security provider with a client-centric and innovative approach. The website is built on WordPress with the Divi theme and several plugins, showing a modern but somewhat basic technical infrastructure. However, the absence of HTTPS and SSL certificates is a significant security shortfall. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and multiple licensed office locations. The security posture is weak due to lack of HTTPS and missing security headers, but no active vulnerabilities were detected. Overall, the site is professional and trustworthy but requires urgent security improvements.

U

United Nations Commission On International Trade Law

uncitral.org

50

The United Nations Commission On International Trade Law (UNCITRAL) operates as a key intergovernmental organization under the United Nations, focused on developing and harmonizing international trade law frameworks. The website serves as an authoritative resource for legal texts, working documents, technical assistance, and research related to international trade law, targeting governments, legal professionals, and trade stakeholders globally. The organization is well-established with a mature domain and consistent branding aligned with UN standards. Technically, the website is built on Drupal 7 with common web technologies such as jQuery and Bootstrap. While the site demonstrates good content quality, navigation, and mobile optimization, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS enforcement, which severely impacts its security posture. Performance metrics are unavailable, but the technical stack suggests potential modernization needs. Security-wise, the site implements some security headers but fails to provide a valid SSL/TLS configuration, exposing users to risks and undermining trust. Privacy compliance is minimal, with no visible cookie consent mechanisms and only a basic privacy policy linked externally. Contact information is not explicitly provided on the homepage, limiting direct communication channels. Overall, the site is credible and authoritative but requires urgent security improvements to protect users and maintain trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, enhancing privacy and cookie consent mechanisms, and modernizing the technical infrastructure to improve performance and security.

P

PennWhite

pennwhite.co.uk

38

PennWhite is a mature, medium-sized global manufacturer specializing in foam control agents and chemical solutions, operating as a subsidiary of Manali Petrochemicals Limited. The company serves a broad industrial audience with over 35 years of experience and a presence in 40+ countries. The website is a modern Angular-based single-page application hosted on AWS infrastructure, demonstrating a good level of digital maturity with responsive design and professional branding. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy compliance is basic, with no cookie consent mechanism or explicit GDPR adherence visible. The company shows trustworthiness through certifications and corporate affiliations but should urgently address security shortcomings to improve its posture and compliance.

S

Semantic Web Company

semantic-web.com

39

Semantic Web Company is a technology provider specializing in semantic AI solutions, including text mining, recommender systems, and data fabric platforms. Headquartered in Austria with subsidiaries in the US and UK, the company offers the PoolParty Semantic Suite as its flagship product. The website is professionally designed using WordPress with modern plugins and SEO optimizations, targeting businesses seeking advanced AI-driven knowledge management solutions. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Security headers are partially implemented, but TLS protocols are not enabled, exposing the site to potential risks. Privacy and cookie policies are present and GDPR compliant, with a functional consent mechanism. Contact is primarily via a web form, with no direct emails or phone numbers publicly listed. The domain registration data aligns well with the business claims, indicating legitimacy. Overall, the site demonstrates good business credibility and technical maturity but requires urgent security improvements.

I

International Society of Automation

isa.org

40

The International Society of Automation (ISA) is a well-established non-profit professional association focused on industrial automation. It serves a global audience of engineers, technicians, and management professionals by providing standards, certifications, training, and events. The organization holds a strong market position as a trusted source for automation standards and technical resources. The website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. Technically, the site uses Microsoft IIS with ASP.NET MVC and Kentico CMS, integrating modern JavaScript libraries and Google Tag Manager for analytics. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which are critical for secure communications. Privacy policies and terms of service are well documented, though cookie consent mechanisms appear lacking. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

B

Bloomerang

initlive.com

63

Bloomerang operates as a leading provider of cloud-based donor management and fundraising software tailored for nonprofit organizations. The company offers a comprehensive suite of tools including donor CRM, fundraising, and volunteer management solutions, positioning itself as a trusted partner to over 26,000 nonprofits. Their market presence is reinforced by multiple industry awards and strong customer testimonials, reflecting a mature and well-established business model focused on SaaS delivery. Technically, the website is built on WordPress and leverages a modern technology stack including Yoast SEO, Google Tag Manager, and various marketing and analytics integrations such as Marketo and Microsoft Clarity. Hosting is provided via WP Engine with Cloudflare CDN, ensuring good infrastructure support. The site demonstrates excellent design quality, mobile optimization, and SEO practices, contributing to a positive user experience and strong digital maturity. From a security perspective, the site currently lacks a valid SSL certificate and does not support modern TLS protocols, which significantly undermines its security posture. While some security headers are present, critical improvements are needed to secure data transmission and protect user privacy. Privacy and cookie policies are comprehensive and GDPR compliant, indicating attention to regulatory requirements. Contact information is clearly provided, enhancing business credibility. Overall, Bloomerang's website reflects a professional and trustworthy nonprofit software provider with strong business credibility and digital presence. However, the absence of HTTPS and modern encryption protocols presents a critical security risk that should be addressed promptly to protect users and maintain trust.

The website maks.at is a small, personal graphic design business site documenting the history and rebranding of the entity now known as apparat.wien. It targets clients and interested parties in the graphic design and branding space, primarily in Austria. The site content is well-structured with a timeline format, providing a narrative of the business evolution from 1988 to 2020. Technically, the site uses Apache hosting with Google Analytics and Google Fonts integration but lacks modern CMS or frameworks. Performance data is unavailable, and mobile optimization is basic. Security posture is weak due to the absence of a valid SSL certificate and HTTPS support, exposing the site to risks and reducing trust. Privacy compliance is poor, with no visible privacy or cookie policies. Business credibility is moderate but limited by lack of contact information and trust signals. Overall, the site is functional but requires significant improvements in security and privacy to meet modern standards.

L

List SpA

list-group.com

40

List SpA is a medium-sized Italian company specializing in advanced software solutions for banking and finance, including trading, compliance, risk management, and treasury management. As part of the ION Group, it holds a strong market position with a professional digital presence targeting financial institutions and trading venues. The website is well-structured, content-rich, and optimized for SEO and mobile devices, reflecting a mature digital infrastructure based on WordPress and Elementor. However, a critical security gap exists due to the absence of a valid SSL certificate, exposing users to potential risks and undermining trust. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the company demonstrates strong business credibility but must urgently address its SSL/TLS configuration to improve security posture and user trust.

S

SimTech GmbH

simtechnology.com

31

SimTech GmbH is a specialized software company providing advanced simulation technology primarily for energy and chemical engineering sectors. With over 30 years of experience, the company offers simulation software (IPSEpro), model libraries, consulting, and training services targeted at plant manufacturers, consultants, and R&D organizations. The website reflects a professional and consistent brand with clear business information and reputable client references. Technically, the site is built on Joomla CMS with modern frameworks but lacks HTTPS, which is a critical security gap. Security headers are present but insufficient without SSL/TLS. Privacy compliance is good with a clear privacy policy, though no cookie consent mechanism is implemented. Overall, the site is content-rich and trustworthy but requires urgent security improvements to protect user data and enhance trust.

M

Mayway

mayway.at

34

Mayway.at is currently a placeholder website indicating an upcoming launch, featuring a simple landing page with a newsletter subscription form. The business behind the site is not explicitly described, and no detailed company information or contact details are provided. The site targets general internet users interested in updates about the launch. Technically, the site uses basic web technologies including Google Fonts and FontAwesome, hosted on World4You servers, but lacks modern CMS or frameworks. Performance is slow with a large page size and long load times. Security posture is weak due to absence of HTTPS, no security headers, and no advanced protections. Privacy compliance is minimal with no policies or cookie consent mechanisms. Overall, the site is low trust and low maturity, suitable only as a temporary placeholder.

P

promitto organisationsberatung gmbh

promitto.at

26

promitto organisationsberatung gmbh is a small Austrian consulting firm specializing in organizational development, leadership coaching, and change management. Their website presents a professional image with clear descriptions of their services, targeting organizations and leadership teams seeking vitality and transformation support. The technical infrastructure is based on WordPress with common plugins like Yoast SEO and Contact Form 7, but lacks a valid SSL certificate, which is a significant security concern. The site includes GDPR-compliant privacy and cookie policies with consent mechanisms, but no terms of service or explicit security policies are found. Contact information is clearly provided, including email, phone, and physical address, enhancing business credibility. Overall, the website is functional and informative but requires urgent security improvements to protect user data and improve trust.

P

planetsoftware

cad.at

28

planetsoftware is a well-established Austrian company specializing in 3D CAD software solutions, primarily focusing on SOLIDWORKS and 3DEXPERIENCE platforms. As a partner of the Bechtle Group, they provide comprehensive product lifecycle management software and services including design, data management, simulation, and manufacturing solutions. Their website reflects a mature digital presence with detailed product offerings, customer references, and educational resources targeting industrial and technical sectors. Technically, the site is built on WordPress with modern plugins and tools, but lacks a valid SSL certificate, which is a significant security concern. Privacy compliance is well addressed with cookie consent mechanisms and GDPR-aligned policies. Overall, the business demonstrates strong market positioning and professional online representation but must urgently address its lack of HTTPS to improve security posture and trust.

H

HKR Architects

hkrarchitects.com

37

HKR Architects is an established international architecture and urban design firm founded in 1992, with offices in London, Dublin, Dubai, and Abu Dhabi. The company offers a range of architectural services including masterplanning and modular design, targeting clients seeking professional architectural solutions globally. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its target audience. Technically, the site is built on the Squarespace platform, leveraging modern web fonts and Google Tag Manager for analytics, but lacks performance metrics for a full assessment. Security posture is weak due to the absence of a valid SSL certificate and disabled HTTPS, exposing users to potential risks. Privacy compliance is basic with a cookie banner and privacy policy present, but GDPR compliance is not clearly demonstrated. Overall, the site is credible and professional but requires urgent security improvements to protect visitors and enhance trust.

E

EC2U

ec2u.eu

40

EC2U is a European educational alliance focused on collaboration among city universities, providing joint academic programs, mobility opportunities, and research initiatives. The website targets students, staff, researchers, and citizens, offering multilingual content and resources. Technically, the site is built on WordPress with a modern tech stack including jQuery and various plugins, hosted via Gandi. While the site has good design, accessibility, and SEO practices, it critically lacks a valid SSL certificate, exposing users to security risks. Security headers are present but their effectiveness is diminished without HTTPS. Privacy and cookie policies are implemented with consent mechanisms, supporting GDPR compliance. Overall, the domain registration is consistent and trustworthy, with active social media presence enhancing credibility.

L

LKB

lkb.eu

23

LKB is a small healthcare-focused company based in Austria, specializing in the supply and distribution of life science and routine medical diagnostics products. The company holds ISO 9001 certification and emphasizes customer and technical support, targeting laboratories and medical diagnostics professionals. The website presents a professional design with clear navigation and relevant content, supporting the company's market position as a trusted supplier in the region. Technically, the website uses modern frontend technologies such as Bootstrap 5 and jQuery, hosted on SuperHosting.bg, but lacks HTTPS support and advanced security configurations, which significantly impacts its security posture. The absence of SSL/TLS encryption and security headers exposes the site to risks and undermines user trust. Privacy compliance is minimal, with a privacy policy present but no cookie policy or consent mechanisms. Contact information is comprehensive and clearly displayed, enhancing business credibility. Overall, while the business and website demonstrate professionalism and market relevance, critical security improvements are necessary to protect users and data.

T

Teradata

teradata.com

40

Teradata is a leading enterprise technology company specializing in cloud-based data analytics and Trusted AI platforms. Their offerings focus on enabling organizations to unify data, activate analytics, and accelerate business value through AI and cloud-native technologies. The website targets a broad audience including business leaders, data professionals, and developers, emphasizing innovation and cost efficiency. Technically, the site uses modern web technologies, integrates with major cloud providers, and employs advanced analytics and marketing tools, reflecting a mature digital infrastructure. Security posture shows good header implementation but is weakened by an invalid SSL certificate and lack of advanced TLS protocols. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-branded, though improvements in SSL management and direct contact information would enhance credibility and security.

Wolford operates an international e-commerce retail website specializing in fashion products, targeting multiple countries with localized language versions. The site is built on Salesforce Commerce Cloud (Demandware) and uses modern web technologies including Google Fonts, Google reCAPTCHA, and Usercentrics for cookie consent management. Cloudflare is used as a hosting and CDN provider. However, the website lacks a valid SSL/TLS certificate, resulting in no proper HTTPS support, which is a critical security concern. The site implements some security headers but misses important configurations such as HSTS and OCSP stapling. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Contact information and security policies are not found in the analyzed content, reducing transparency and trust. Overall, the website demonstrates a basic level of technical and business maturity but requires significant improvements in security and privacy compliance to meet modern standards.

A

Amadeus International School Vienna

amadeus-vienna.com

28

Amadeus International School Vienna is a well-established private international school offering IB education and boarding services with a unique integrated Music and Arts Academy. The school targets international students and families seeking high-quality education in Vienna. The website is professionally designed with rich content and multimedia, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and frameworks, but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are implemented with consent mechanisms, supporting GDPR compliance. Contact information is clearly presented, enhancing business credibility. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

H

HOLZWURM Werkzeuge

holzwurm-werkzeuge.de

40

HOLZWURM Werkzeuge is a small Austrian e-commerce business specializing in selling creative tools for hobbyists and crafters, primarily via online marketplaces such as Amazon and Etsy, as well as their own WooCommerce-based shop. Founded in 2017, the company emphasizes quality and customer satisfaction, targeting a broad audience of creative individuals. The website is built on WordPress with WooCommerce and uses modern web technologies and marketing tools including Cookiebot for consent management and Facebook Pixel for tracking. However, the site lacks a valid SSL certificate, exposing visitors to security risks and undermining trust. Privacy policies and terms of service are present and GDPR compliance is partially addressed through cookie consent mechanisms. Contact information is complete and transparent, supporting business credibility.

N

NCR Corporation

ncr.com

40

The website for ncr.com serves as a landing page announcing the corporate split of NCR Corporation into two distinct entities: NCR Voyix and NCR Atleos. NCR Voyix focuses on providing digital commerce solutions to retailers and restaurants globally, while NCR Atleos specializes in expanding financial access through self-service channels and ATM network services. The site targets business clients in retail, restaurant, and financial sectors, positioning itself as a leading enterprise in technology-driven commerce and financial services. Technically, the site is built using Webflow CMS, hosted behind Cloudflare, and employs jQuery and Google Fonts. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Security headers are present but insufficient without proper SSL/TLS configuration. No privacy, cookie, or terms of service policies are found, and no contact information or forms are provided, limiting user engagement and compliance transparency. Overall, the site demonstrates good design and branding consistency but requires significant improvements in security and privacy compliance to meet enterprise standards.

Merit Group Limited is a UK-based B2B data and intelligence company specializing in technology-driven data capture and analysis to provide high-quality business and political intelligence. The company operates through subsidiaries including Dods Group Limited and Merit Data & Technology Limited, serving clients primarily in the UK and Europe. The website presents a professional image with clear business descriptions and subsidiary links, targeting business clients seeking data intelligence solutions. Technically, the site is built on WordPress, hosted on WP Engine with Cloudflare CDN, and uses common plugins and libraries such as jQuery and Genesis Blocks. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security deficiency. Privacy and cookie policies exist but lack advanced consent mechanisms, and no incident response or security policies are published. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.