Security Directory

G

Garbergs

garbergs.se

44

Garbergs is an established independent full-service creative agency based in Sweden, founded in 1987. The company specializes in long-term creativity rooted in clear strategic thinking, offering services such as branding, marketing campaigns, and concept development. Their market position is strong within the Swedish creative industry, supported by a professional and content-rich website that highlights their projects and news. Technically, the website is built on WordPress with modern JavaScript frameworks like Vue.js and uses Yoast SEO for optimization. The site is mobile-optimized and performs moderately well, hosted likely by OhMyHosting. Security-wise, the site uses HTTPS and Google Analytics with IP anonymization but lacks visible security headers and formal privacy or cookie policies, which are areas for improvement. Overall, the website demonstrates a high level of professionalism and trustworthiness but could enhance privacy compliance and security posture.

K

Knowit AB

cybercom.com

63

Knowit AB is a large, established IT consulting company based in Sweden, specializing in digital transformation and delivering a broad range of IT services including management consulting, cloud, cybersecurity, AI, and sustainability services. The company has a strong market position in the Nordic region and serves diverse sectors such as energy, manufacturing, retail, media, telecommunications, and the public sector. Their website reflects a mature digital presence with modern technologies like Next.js and Chakra UI, ensuring excellent performance and user experience. Security posture is strong with HTTPS enforced and a comprehensive cookie consent mechanism, although explicit security policy pages and incident response contacts are not found. Overall, Knowit demonstrates high business credibility and compliance with privacy regulations, supported by detailed cookie and privacy policies and clear contact information.

P

Pedab

pedab.se

41

Pedab AB is a technology-focused IT distributor operating primarily in Sweden and the Nordic-Baltic region, providing IT solutions and services including software, infrastructure, financing, and retail point-of-sale products. The company positions itself as a partner helping organizations stay ahead in a rapidly changing digital landscape through its ecosystem of partners and customers. The website is professionally designed, multilingual, and provides comprehensive business and contact information, reflecting a mature digital presence. Technically, the site is built on WordPress with modern analytics and marketing integrations, including Google Analytics, HubSpot, and CookieYes for GDPR compliance. Security posture is solid with HTTPS enforced and bot management via Cloudflare, although explicit security headers and policies could be improved. Privacy compliance is well addressed with clear cookie consent mechanisms and privacy policies. Overall, the site demonstrates good business credibility and technical maturity with room for enhanced security transparency and accessibility improvements.

M

Milk Branding Professionals

milk.com.gr

46

Milk Branding Professionals is a well-established branding agency based in Greece with over 20 years of experience. The company specializes in brand development, strategy, and creative projects, serving a diverse clientele including major international and local brands. Their website reflects a professional and consistent brand image, targeting businesses seeking comprehensive branding solutions. The technical infrastructure leverages modern web technologies such as Webflow CMS, Jetboost, and Google Analytics, hosted on Webflow's platform, providing a responsive and visually appealing user experience. However, some technical improvements could enhance performance and security. Security posture is moderate; while the site uses cookie consent mechanisms and disables right-click on images, it lacks important security headers and has Google Analytics configured without IP anonymization, which may affect GDPR compliance. No explicit security or incident response policies are published, and no terms of service page is found. Overall, the website is trustworthy and professional but could benefit from enhanced security and privacy practices to align with best standards.

A

Attendo AB

attendo.se

40

Attendo AB is a well-established Swedish healthcare company specializing in elderly care services including home care, special housing, and household services. The website reflects a mature and professional digital presence with comprehensive content targeting elderly individuals, their relatives, and healthcare professionals. The company positions itself as a leading Nordic care provider with a strong brand and consistent messaging. Technically, the site employs modern technologies such as Cookiebot for consent management, Google Tag Manager, Microsoft Application Insights for telemetry, and jQuery for interactivity. The site is mobile optimized, accessible, and SEO friendly. Security posture is good with HTTPS enforced and consent mechanisms in place, though some security headers are not explicitly detected. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with clear cookie policies and GDPR adherence. Overall, the site demonstrates a high level of professionalism and trustworthiness.

The website picard.se is currently inaccessible due to a DNS resolution error as indicated by the Cloudflare error page. This prevents access to any meaningful business content, contact information, or compliance documentation. The site appears to be protected or proxied by Cloudflare, but the DNS misconfiguration or propagation delay is blocking access. Without access to the actual website content, it is impossible to assess the company's business model, market position, or services. The technical infrastructure relies on Cloudflare, but the current DNS failure severely impacts availability and trust. From a security perspective, the site lacks visible security headers, privacy policies, or incident response information. The DNS failure itself is a critical availability issue that must be resolved immediately. No contact or compliance information is present, indicating poor transparency and compliance posture. Overall, the site scores very low on content quality, security, and business credibility due to the blocked state. Strategically, the company should prioritize resolving DNS issues to restore website availability, implement standard security headers and HTTPS enforcement, and publish privacy and cookie policies to meet compliance requirements. Establishing clear contact and incident response channels will improve trust and security culture. Until these issues are addressed, the website remains inaccessible and untrustworthy.

S

Salto Systems, S.L.

saltosystems.com

61

Salto Systems, S.L. is a leading provider of smart access and identity management solutions, specializing in replacing traditional mechanical keys with advanced digital and electronic locking technologies. The company offers a comprehensive ecosystem of products including smart locks, face recognition access, door intercoms, and cloud-based access control platforms. Their market position is strong, supported by a professional and content-rich website targeting businesses and organizations seeking modern security solutions. Technically, the website is built on modern frameworks such as React and Gatsby, with integrations for analytics, marketing, and privacy compliance tools like OneTrust and Pardot. The security posture is robust, featuring HTTPS, security headers, and no visible vulnerabilities, although incident response contact details and vulnerability disclosure policies are not explicitly provided. Overall, the website demonstrates a mature digital presence with good privacy compliance and a high level of professionalism.

I

itm8

addpro.se

65

itm8 is a large Swedish IT service provider specializing in comprehensive IT solutions including cloud infrastructure, cybersecurity, development, and consulting services. The company positions itself as a collaborative IT partner for small and medium-sized enterprises, leveraging a large team of over 1,700 specialists. The website is built on HubSpot CMS, featuring modern technologies and good mobile optimization. Security posture is strong with HTTPS, security headers, and GDPR-compliant cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The company maintains a professional online presence with clear contact information and social media links, though lacks a dedicated security policy or incident response page. Overall, itm8 demonstrates a mature digital presence with good compliance and security practices, suitable for its market segment.

R

Riksrevisionen

riksrevisionen.se

47

Riksrevisionen is the Swedish National Audit Office responsible for independently auditing and reviewing the use and reporting of state funds to ensure effective government operations. The website serves as an official government portal providing information about ongoing audits, reports, and the agency's mission. It targets government officials, policymakers, media, and the public interested in government accountability. The business model is that of a government agency providing oversight and audit services. Technically, the website is built on the SiteVision CMS platform, utilizing modern JavaScript frameworks such as React (versions 17 and 18) and jQuery. It integrates Piwik PRO for analytics and Rek.ai for enhanced search functionality. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. From a security perspective, the site enforces HTTPS, uses nonce attributes for scripts, and implements a GDPR-compliant cookie consent mechanism. However, explicit security headers are not detected, and there is no visible security policy or incident response information. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the website is trustworthy, professional, and compliant with privacy regulations, reflecting the legitimacy of a government entity. Strategic recommendations include enhancing security headers, publishing a security policy, and providing vulnerability disclosure information to further strengthen security posture and transparency.

A

Axfast AB

axfast.se

39

Axfast AB is a Swedish real estate company operating primarily in Stockholm, focusing on commercial property ownership, management, and development. As part of the Axel Johnson Gruppen, it holds a strong market position with a clear emphasis on sustainability, evidenced by BREEAM Excellent certifications. The website provides comprehensive news updates and corporate information targeting investors, tenants, and business partners. Technically, the site uses modern web technologies including Google Analytics, Google Tag Manager, and Turbolinks, with a likely Ruby on Rails backend. The site is well-structured, mobile-optimized, and SEO-friendly, though some accessibility features could be improved. Security posture is moderate with CSRF protections and HTTPS implied, but lacks explicit security headers and published security policies. Privacy compliance is basic with a privacy policy and cookie consent banner present, but no terms of service or incident response details. Overall, the site is professional and trustworthy with room for security and compliance enhancements.

G

Gycom - En partner för din elkonstruktion

gycom.com

34

Gycom is a Swedish-based small business specializing in automation and electrical construction services, targeting industrial and manufacturing sectors. Their key offerings include elkonstruktion, PLC programming, commissioning, and project work, supported by technical partnerships with Eaton Electric AB and ABB. The website presents a professional image with good content quality and clear navigation, serving as a credible digital presence for their niche market. Technically, the site is built on WordPress with Elementor, employing modern libraries and scripts, and is mobile optimized with moderate performance. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though the absence of security headers and formal security policies suggests room for improvement. Privacy compliance is weak due to missing privacy and cookie policies and lack of consent mechanisms. Overall, the site scores well on business credibility and technical implementation but should enhance privacy and security practices to reduce risk and improve compliance.

D

Ductus

dataductus.se

50

Ductus is a Sweden-based IT consulting and services company focused on enabling digital transformation for a sustainable world. The company offers a broad range of services including system development, infrastructure and security, AI and data analysis, governance and management, digital workplace solutions, network solutions, application operations, service desk, and network automation. Their market position is that of a solution-oriented partner with a strong emphasis on business growth, operational efficiency, and sustainability. The website is professionally designed, well-structured, and targets businesses seeking advanced IT consulting and digital transformation expertise. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO Premium, WP Rocket for performance optimization, and multilingual support via WPML. The site demonstrates excellent mobile optimization, SEO, and accessibility features. Performance is fast, and the site uses HTTPS with a good SSL configuration. Cookie consent mechanisms are implemented to comply with GDPR, and multiple analytics and tracking services are used with user consent. From a security perspective, the site enforces HTTPS and uses cookie consent to block analytics and advertisement scripts until consent is given. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not present. Security headers are not explicitly detected in the HTML content. No vulnerabilities or exposed sensitive data were found. The domain registration is consistent with the business claims, enhancing trustworthiness. Overall, Ductus presents a professional and trustworthy online presence with strong technical and privacy compliance. Strategic recommendations include adding explicit security policies, incident response information, and security headers to further enhance security posture and trust.

K

Karlstads universitet

kau.se

47

Karlstads universitet is a well-established Swedish university providing higher education, research, and collaboration services primarily in the education sector. The website targets students, staff, alumni, and the press, offering comprehensive information about programs, research, and university news. The institution maintains a strong market position as a regional university with a focus on quality education and societal collaboration. Technically, the website is built on Drupal CMS, uses Matomo for privacy-conscious analytics, and is well-optimized for mobile and accessibility. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response information are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

E

EagleBurgmann

eagleburgmann.com

65

EagleBurgmann is a globally recognized leader in industrial sealing technology, providing a wide range of products and services tailored to various industries such as energy, chemical, pharmaceutical, and water applications. The company operates under the Freudenberg Group umbrella and maintains a strong international presence with multiple country-specific domains and service centers. Their website reflects a mature digital infrastructure built on the Plone CMS, utilizing modern web technologies and offering a professional user experience with clear navigation and comprehensive content. From a technical perspective, the website employs a robust tech stack including jQuery, Bootstrap, and Owl Carousel, ensuring responsive design and moderate performance. Security measures are well implemented with HTTPS enforced and secure form handling, although some security headers like Content-Security-Policy could be improved. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. The security posture is solid with no critical vulnerabilities detected in the HTML content. The domain registration details align well with the business claims, reinforcing the legitimacy and trustworthiness of the site. Overall, EagleBurgmann's website demonstrates a high level of professionalism, security, and compliance suitable for its large enterprise status in the energy sector.

A

AAK

aak.com

41

AAK is a leading global company specializing in plant-based oils and fats, providing value-adding ingredients for various industries including food, personal care, candles, and animal nutrition. Their business model centers on co-development with customers to create innovative, sustainable, and tailor-made solutions. The website reflects a strong market position with a focus on sustainability and innovation, targeting businesses seeking high-quality plant-based ingredients. Technically, the website employs modern technologies such as Tailwind CSS, Microsoft Azure hosting, and advanced analytics tools including Google Analytics and Microsoft Application Insights. The site is well-optimized for mobile devices, has good accessibility features, and demonstrates solid SEO practices. The use of a comprehensive cookie consent mechanism indicates attention to privacy compliance. From a security perspective, the site enforces HTTPS, uses secure cookies, and integrates consent management, but lacks explicit security policy and incident response information. No vulnerabilities or exposed sensitive data were detected. The domain registration data is consistent with the company's claims, showing a long-established presence and legitimacy. Overall, the website presents a professional, trustworthy, and compliant digital presence with minor areas for improvement in explicit security disclosures and vulnerability handling.

N

NOTE AB

note.eu

57

NOTE AB is a leading contract manufacturer in Northern Europe specializing in electronics manufacturing services (EMS) including PCBA and box build. The company serves diverse sectors such as Medtech, Industrial, Communication, Greentech, and Security & Defence, offering end-to-end services from development to aftermarket support. Their market position is strong with multiple subsidiaries across Europe and Asia, supported by recognized ISO certifications. Technically, the website is built on WordPress with modern analytics and marketing tools integrated, including Google Analytics, Microsoft Clarity, and Leadfeeder. The site demonstrates good digital maturity with responsive design, SEO optimization, and accessibility features. Security posture is robust with HTTPS enforcement, cookie consent mechanisms, and no visible vulnerabilities, although explicit security policies and incident response contacts are absent. Overall, the website reflects a professional, trustworthy, and compliant business presence with strong privacy and cookie policies.

S

SAVR

savr.com

59

SAVR is a Swedish investment platform focused on providing low-cost access to stocks, funds, and ETFs. It positions itself as a user-friendly and cost-effective alternative in the Swedish financial market, targeting investors who value low fees and data-driven insights. The platform offers a mobile app available on both iOS and Android, enhancing accessibility and user engagement. Technically, the website is built using modern frameworks like Framer, integrates with Google Tag Manager and Cookie Information SDK, and leverages Cloudflare for hosting and security. The site demonstrates good performance, mobile optimization, and accessibility. Security-wise, SAVR enforces HTTPS, employs detailed cookie consent mechanisms, and uses reputable third-party services for analytics and marketing. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site reflects a mature digital presence with strong privacy and compliance practices, though explicit security policy and vulnerability disclosure pages are absent. The domain registration details align well with the business claims, supporting legitimacy.

I

it-e.se

it-e.se

36

The website it-e.se presents a minimalistic terminal-style interface with very limited content. There is no visible business description, contact information, or policies related to privacy, cookies, or terms of service. The site uses Angular 10 framework and Font Awesome icons but lacks modern security and compliance features. The absence of HTTPS and security headers indicates a weak security posture. Overall, the site appears to be a placeholder or a minimal informational page rather than a fully developed business website.

C

CAD-Resurs AB

cad-resurs.se

42

CAD-Resurs AB is a specialized Swedish company providing expert electronics CAD design services, including PCB layout and training courses. Established in 1990, the company operates from offices in Linköping and Borås, targeting businesses that require additional or outsourced electronics CAD resources. Their service offering includes support for multiple CAD tools and assistance with PCB manufacturing and assembly. The website reflects a mature business with a clear market niche and a professional online presence. Technically, the website uses a custom CMS with Bootstrap 4, jQuery, and Font Awesome, delivering a responsive and well-structured user experience. The site includes a cookie consent mechanism aligned with GDPR requirements but lacks a dedicated privacy policy page. No advanced analytics or advertising scripts were detected, indicating minimal user tracking. From a security perspective, the site lacks visible security headers and incident response information, which lowers its security posture score. The SSL/TLS status is not confirmed but HTTPS is implied. The absence of a vulnerability disclosure or security.txt file suggests room for improvement in transparency and security readiness. Overall, CAD-Resurs presents a trustworthy and credible business with a good-quality website. Strategic improvements in security headers, privacy documentation, and incident response disclosures would enhance their security and compliance standing, further strengthening trust with clients and partners.

The website saabcars.com currently presents an empty and minimal HTML page with no visible content, metadata, or business information. There is no indication of the company's services, market position, or target audience. The lack of any structured data, contact details, or branding elements suggests the site is either under development or abandoned. Technically, the site does not utilize any modern web technologies or frameworks and lacks basic SEO and accessibility features. Security posture is minimal with no HTTPS enforcement or security headers detected, exposing the site to potential risks. Overall, the site offers no meaningful business or security information, resulting in a very low trust and credibility level.

V

Volvo Group

volvoit.com

59

Volvo Group is a leading global enterprise specializing in commercial transport and infrastructure solutions, including trucks, buses, construction equipment, and marine and industrial engines. With a workforce of nearly 102,000 employees and operations in almost 180 markets, Volvo Group maintains a strong market position supported by a diverse portfolio of 14 brands and comprehensive financing and service solutions. The website reflects a mature and professional corporate presence, targeting investors, suppliers, job seekers, and customers worldwide. Technically, the website leverages Adobe Experience Manager as its CMS, integrates advanced media delivery via Scene7, and employs modern analytics and consent management tools such as Adobe Analytics and OneTrust. The site demonstrates excellent performance, mobile optimization, and accessibility, with a well-structured navigation system and rich multimedia content. From a security perspective, the site enforces HTTPS, employs standard security headers, and integrates cookie consent mechanisms compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. Overall, the website presents a trustworthy and professional digital footprint consistent with Volvo Group's corporate stature. Strategic recommendations include enhancing transparency around security policies and incident response, and publishing a vulnerability disclosure policy to further strengthen trust and compliance.

M

MenWith

menwith.co

43

MenWith is a media and social media content production company specializing in crafting impactful social media campaigns backed by over a decade of experience and a community exceeding 11 million followers. Their market position is strong within the social media and influencer marketing space, targeting premium brands seeking viral content and cultural credibility. The website is built on WordPress with Elementor, leveraging modern web technologies and analytics tools such as Matomo and Google Tag Manager. Security posture is good with HTTPS and no exposed sensitive data, but lacks explicit security policies and headers. Privacy compliance is weak due to absence of privacy and cookie policies. Contact is provided via a multi-step form without direct emails or phone numbers. Overall, the site is professional and trustworthy but could improve transparency and privacy compliance.

A

Athene Group

athene-group.se

53

Athene Group is a Nordic finance service provider specializing in accounting, payroll, HR, tax, and economic advisory services. The company positions itself as a leading partner offering digital solutions combined with personalized customer experiences, targeting businesses primarily in Sweden and Norway. Their website reflects a professional and modern digital presence built on HubSpot CMS, integrating marketing and analytics tools such as Google Tag Manager and Hotjar to optimize user engagement and data-driven decision-making. Security-wise, the site enforces HTTPS, implements cookie consent mechanisms, and follows GDPR compliance, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the website demonstrates a mature digital infrastructure with good content quality and trust indicators, including customer testimonials and industry certifications.

Apollo Tyres Ltd. operates a corporate website showcasing its two key tyre brands, Apollo Tyres and Vredestein, targeting a global automotive audience. The company emphasizes its legacy, product range, and premium positioning, particularly for Vredestein. The website is built on Adobe Experience Manager and integrates modern analytics and marketing tools such as Google Tag Manager and OneTrust for cookie consent, reflecting a mature digital infrastructure. Security posture is strong with HTTPS and Content-Security-Policy headers, though explicit security and privacy policy pages are not found in the provided content. Overall, the site presents a professional and trustworthy corporate image with good user experience and compliance mechanisms.

DynaMate AB is a Swedish industrial services company specializing in automation, production optimization, and machine service. The company targets Swedish industrial clients seeking to improve operational efficiency, productivity, and profitability. Their business model focuses on providing tailored B2B services including system automation, production and maintenance solutions, and machine servicing. The company holds a strong market position supported by recognized growth certifications and multiple office locations. Technically, the website is built on WordPress with a modern tech stack including jQuery, Yoast SEO, Google Tag Manager, and various analytics and marketing tools. The site demonstrates good SEO practices, mobile optimization, and a professional design. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR. However, it lacks explicit security headers and a public incident response or vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business identity, enhancing trustworthiness. Overall, the website presents a professional and trustworthy digital presence with good compliance and security posture. Strategic improvements in security headers, incident response transparency, and accessibility could further strengthen the site’s security and user experience.

Levler SPQR AB operates a Swedish online investment platform focused on democratizing access to funds and stock trading with low fees and user-friendly digital services. The company recently absorbed Fundler's private customer base, expanding its offerings to over 2000 discounted funds and commission-free stock trading until 2025. The platform targets both novice and experienced retail investors in Sweden, emphasizing simplicity and affordability. Technically, the website is built on a modern React and Next.js stack, with good SEO, accessibility, and mobile optimization. Security is robust with HTTPS, BankID authentication, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site presents a professional, trustworthy, and compliant digital presence suitable for its financial services market.

The website kavli.dk currently serves only the default nginx welcome page, indicating that the web server is installed and operational but no actual business content or services are deployed. There is no evidence of company branding, contact information, or legal policies, which suggests the site is either under construction or abandoned. The technical infrastructure is minimal, relying on nginx as the web server with no detected CMS, frameworks, or additional technologies. Security posture cannot be fully assessed due to lack of HTTPS and security headers information, but the absence of any security policies or contact points for incident response indicates a low maturity level. Overall, the site presents a high risk for visitors due to lack of trust signals and compliance documentation.

D

Di Luca & Di Luca

diluca.se

39

Di Luca & Di Luca is a Swedish family-owned business specializing in Mediterranean and Italian food products, with a strong market presence through brands like Zeta. The company targets Swedish consumers and foodservice providers interested in authentic Mediterranean cuisine. Their website reflects a medium-sized enterprise with consistent branding and a clear business model focused on product distribution, brand management, and culinary education. Technically, the site is built on WordPress with modern SEO and analytics tools, offering a good user experience and mobile optimization. Security posture is adequate with HTTPS and error monitoring via Sentry, but lacks some advanced security headers and public security policies. Privacy compliance is supported by a cookie policy and consent mechanism, though a dedicated privacy policy page is not explicitly found. Overall, the website is professional and trustworthy, with room for security and compliance enhancements.