Security Directory

B

bpostgroup

bpostgroup.com

66

bpostgroup is a leading Belgian postal and logistics operator with a strong presence in Europe, North America, and Asia. The company specializes in mail and parcel delivery as well as e-commerce logistics, serving consumers, businesses, and government entities. Their website reflects a mature business with comprehensive investor relations, sustainability initiatives, and a broad portfolio of subsidiaries. Technically, the site is built on Drupal 10, uses modern web technologies, and is optimized for mobile and accessibility. Security posture is adequate with HTTPS and no visible vulnerabilities, but lacks explicit security policies and headers. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-maintained, supporting the company's market position as a major postal and logistics provider.

J

Jelgavas pils

jelgavaspils.lv

9

Jelgavas pils website serves as the official online presence for the Jelgava Palace, a cultural and historical landmark in Latvia. The site provides information about the palace's history, events, tours, and visitor services, targeting tourists and local visitors interested in heritage and culture. The website is built on Drupal 10, incorporating modern web technologies and basic mobile optimization. It integrates Google Analytics for visitor tracking but lacks explicit privacy and cookie policies, which impacts its privacy compliance. Security posture is moderate with HTTPS usage but missing advanced security headers and incident response information. Overall, the site is functional and professional but would benefit from enhanced privacy and security measures to improve trust and compliance.

L

Latvijas Biozinātņu un tehnoloģiju universitāte

llu.lv

61

Latvijas Biozinātņu un tehnoloģiju universitāte (LBTU) is a large, multi-disciplinary public university in Latvia offering higher education in biosciences, engineering, and social sciences. The institution is well-positioned in the Latvian education sector with international recognition, including inclusion in QS and THE university rankings. Their website provides comprehensive information about academic programs, research activities, and student services, targeting prospective and current students, researchers, and business partners. The university also operates several subsidiary domains for specialized services such as lifelong learning, student portals, and library services. Technically, the website is built on Drupal 10 CMS, leveraging modern web technologies including Google Tag Manager for analytics and FlexSlider for UI components. The site is mobile-optimized, accessible, and SEO-friendly with proper meta tags and structured navigation. Cookie consent and privacy policies are implemented in compliance with GDPR, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS with good SSL configuration and includes security headers such as Content-Security-Policy nonces. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not present, representing areas for improvement. Overall, the website demonstrates a strong security posture, good privacy compliance, and professional business credibility. The domain registration details align with the university's identity, supporting high legitimacy. Strategic recommendations include publishing detailed security policies, establishing incident response contacts, and adding vulnerability disclosure information to enhance trust and security transparency.

U

Unleashed Technologies

unleashed-technologies.com

67

Unleashed Technologies is a specialized web and software development company focusing on delivering personalized, data-driven web experiences including AI-powered solutions, custom CMS, and eCommerce platforms. Their market position is strengthened by a diverse client base in Life Sciences, Manufacturing, and Associations, supported by multiple industry awards and a culture of continuous learning and certification. Technically, the website is built on Drupal 10 with modern frameworks like Symfony and integrates various marketing and analytics tools, demonstrating a mature digital infrastructure. Security posture is solid with HTTPS and secure form practices, though improvements are needed in cookie consent and explicit security policies. Overall, the website reflects a professional and trustworthy business with room to enhance privacy compliance and security transparency.

N

NAFSA: Association of International Educators

nafsa.org

70

NAFSA: Association of International Educators is a large, well-established nonprofit organization dedicated to advancing international education and exchange. The website reflects a professional and comprehensive digital presence, offering membership services, events, advocacy, training, and resources targeted at international educators and students. The organization holds a strong market position as the largest nonprofit in its sector, with a clear focus on community building and policy influence. Technically, the site is built on Drupal 10 with modern integrations for analytics, marketing, and consent management, demonstrating digital maturity and compliance with privacy regulations. Security posture is solid with HTTPS enforcement and privacy consent mechanisms, though explicit security headers could be verified and enhanced. Overall, the site is trustworthy, well-branded, and user-friendly, supporting the organization's mission effectively.

C

Care Quality Commission

cqc.org.uk

62

The Care Quality Commission (CQC) is the independent regulator of health and social care in England, providing inspection reports, ratings, and guidance to ensure quality and safety in care services. The website serves both the general public and service providers with comprehensive information and tools for feedback, registration, and compliance. Technically, the site is built on Drupal 10, employs modern web technologies including Font Awesome and Google Tag Manager, and demonstrates good performance and accessibility. Security measures such as HTTPS, Content Security Policy with nonce, and cookie consent mechanisms are in place, reflecting a strong security posture. Overall, the site is professional, trustworthy, and compliant with GDPR and other privacy regulations, supporting its role as a government regulator.

AFRY is a well-established European leader in engineering, design, and advisory services with a strong emphasis on sustainability and energy transition. The website reflects a mature enterprise with comprehensive service offerings across multiple sectors including energy, transport, manufacturing, and technology. The digital infrastructure is built on Drupal 10, leveraging modern web technologies and tracking tools such as Google Tag Manager. The site demonstrates good privacy compliance with clear policies and cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in security headers and incident response transparency. Overall, AFRY presents a professional and trustworthy online presence aligned with its business stature.

R

RSM Sverige AB

rsm.se

58

RSM Sverige AB is a prominent member of the global RSM network, specializing in audit, tax, and consulting services tailored for middle-market businesses. The company emphasizes personal relationships and offers a broad portfolio of financial services to support business growth and sound economic decision-making. Their market position is strong, supported by a global footprint and a large workforce. Technically, the website is built on Drupal 10, leveraging modern analytics and consent management tools, ensuring good performance, mobile optimization, and accessibility. Security posture is robust with HTTPS enforcement and comprehensive cookie consent mechanisms, though explicit security headers could be verified further. Overall, the site reflects a professional, trustworthy, and compliant organization with transparent business practices.

Fortra, LLC operates the website teamquest.com, focusing on IT operations management solutions under the Vityl product line. The company provides enterprise-grade software and services that enable organizations to monitor IT infrastructure, optimize capacity, and ensure service availability. Their offerings include performance optimization software and IT service monitoring with business insights, targeting IT and business leaders in medium to large enterprises. The website reflects a mature enterprise with consistent branding and a professional digital presence. Technically, the site is built on Drupal 10 with modern web technologies including jQuery, Bootstrap, and integrates advanced tools like Google Tag Manager and TrustArc for privacy compliance. The site is mobile optimized, accessible, and SEO friendly, though performance is moderate. Security practices include HTTPS enforcement and cookie consent management, but could be improved with additional security headers and public vulnerability disclosure. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Contact information is readily available, enhancing trust and business credibility. No WAF or blocking mechanisms were detected, allowing full content access and analysis. Overall, the website demonstrates a strong enterprise presence with good technical and security maturity. Strategic improvements could focus on enhancing security headers, publishing incident response contacts, and adding a vulnerability disclosure policy to further strengthen trust and compliance.

Vetoquinol is a well-established, independent family-owned company specializing in veterinary pharmaceuticals and animal health products. The company has a strong global footprint with subsidiaries and distributors in numerous countries, reflecting a mature and expansive business model. Their website provides comprehensive investor relations, career opportunities, and corporate responsibility information, targeting veterinary professionals, investors, and potential employees. Technically, the site is built on Drupal 10, uses modern analytics tools including privacy-focused Matomo Cloud, and implements cookie consent mechanisms compliant with GDPR. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response contacts are not publicly available. Overall, the website demonstrates high professionalism, good technical implementation, and strong business credibility, making it a trustworthy digital presence for the company.

M

Mäklarsamfundet

maklarsamfundet.se

47

Mäklarsamfundet is a well-established Swedish real estate industry and membership organization serving real estate agents and consumers. The website provides comprehensive services including legal advice, education, industry news, and consumer guidance. It maintains a strong market position as a key industry association in Sweden. Technically, the site is built on Drupal 10 with modern tracking and consent management tools, ensuring GDPR compliance and user privacy. Security posture is robust with HTTPS and cookie consent mechanisms, though some security headers could be explicitly enhanced. Overall, the website is professional, trustworthy, and user-friendly, supporting its business objectives effectively.

A

AREAL

topkapi-scada.com

47

AREAL is a French software publisher specializing in industrial supervision and automation solutions, notably through its Topkapi software platform. The company serves a diverse range of sectors including energy, transport, environment, industry, and smart cities. With over 30 years of experience and certifications such as ISO/IEC 27001:2022 and Qualiopi, AREAL positions itself as a trusted partner for operational efficiency. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to enterprise clients. Technically, the site is built on Drupal 10 with modern libraries and frameworks, incorporating strong privacy and security measures such as cookie consent management and reCAPTCHA protection on forms. Security posture is robust, supported by certifications and best practices, though some security headers could be enhanced. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements.

S

Salico AB

salico.se

49

Salico AB is a medium-sized Swedish company specializing in the supply of pre-cut salads, fruits, vegetables, and ready meal solutions primarily targeting the Scandinavian market. The company positions itself as one of the largest suppliers in this niche and operates as part of the Greenfood Group, enhancing its market credibility. The website content is professionally presented in Swedish with an English alternative, reflecting a clear business focus and customer orientation. The business model is B2B, serving customers seeking convenient, healthy food options. The website provides clear contact information including phone and physical address, supporting customer engagement.

P

Perrigo Company plc

perrigo.com

62

Perrigo Company plc is a well-established enterprise in the healthcare sector, specializing in manufacturing and distributing trusted consumer self-care products globally. With a history dating back to 1887, Perrigo has positioned itself as a leader in affordable and high-quality self-care solutions, serving markets primarily in North America and Europe. The website reflects a mature business with comprehensive corporate responsibility initiatives and a strong investor relations presence. Technically, the website is built on Drupal 10, leveraging modern JavaScript libraries such as Slick Carousel and Google Tag Manager for analytics and user experience enhancements. The site is hosted on Amazon S3 for assets, ensuring reliable content delivery. Mobile optimization and accessibility are well addressed, contributing to a positive user experience. From a security perspective, the site enforces HTTPS, uses Content Security Policy nonces, and integrates OneTrust for cookie consent management, demonstrating good privacy compliance and security hygiene. However, the absence of a dedicated security policy, incident response information, and vulnerability disclosure mechanisms indicates areas for improvement. Overall, Perrigo's website is professional, trustworthy, and compliant with privacy regulations, supporting its business credibility. Strategic enhancements in security transparency and incident response readiness would further strengthen its security posture and stakeholder trust.

I

Infotiv

infotiv.se

44

Infotiv is a well-established Swedish technology consultancy firm with over 25 years of experience, specializing in technical information, system architecture, software development, data-driven solutions, testing, mechanics, and project management. The company targets businesses seeking expert technical consultancy and prides itself on delivering smart, secure, and competitive solutions. Their market position is strong, supported by a consistent brand presence and a comprehensive service portfolio. Technically, the website is built on Drupal 10, leveraging modern tools such as Cookiebot for consent management, Matomo and Hotjar for analytics, and Weglot for multilingual support. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and integrates a robust cookie consent mechanism, ensuring GDPR compliance. However, explicit security headers and incident response policies are absent, representing areas for improvement. No vulnerabilities or suspicious activities were detected in the content or scripts. Overall, Infotiv's website reflects a professional and trustworthy business with a solid technical foundation and good privacy practices. Strategic enhancements in security policy transparency and incident response readiness would further strengthen their security posture and user trust.

Ocorian is a globally recognized provider specializing in fund administration, compliance, corporate, capital markets, and private client services. With over 8,000 clients worldwide and a presence in more than 20 countries, the company offers tailored, tech-enabled solutions to asset managers, financial institutions, corporates, and high net-worth individuals. Their market position is strong, supported by decades of experience and a comprehensive service portfolio. Technically, the website is built on Drupal 10 and integrates advanced marketing and analytics tools such as HubSpot, Google Analytics, Hotjar, and Cookiebot, reflecting a mature digital infrastructure. Security posture is robust with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response details are not publicly available. Overall, the website demonstrates high professionalism, excellent content quality, and good privacy compliance, making it a trustworthy platform for its target audience.

Ocorian is a globally recognized leader in fund administration, compliance, corporate, and fiduciary services, serving over 8,000 clients worldwide with a workforce exceeding 1,800 employees across more than 20 countries. The company offers a broad range of specialized services including fund administration, capital markets support, corporate services, and regulatory compliance solutions, targeting asset managers, financial institutions, corporates, high net-worth individuals, and family offices. Their business model emphasizes trusted partnerships, global scale with local expertise, and technology-enabled service delivery. Technically, the website is built on Drupal 10 and integrates advanced marketing and analytics tools such as HubSpot, Google Analytics, Hotjar, and LinkedIn Insight Tag. The site demonstrates good performance, excellent mobile optimization, and strong SEO and accessibility features. Security-wise, the site enforces HTTPS, employs cookie consent mechanisms compliant with GDPR, and uses reputable third-party services, although explicit security headers could be further verified. The security posture is robust with no visible vulnerabilities or exposed sensitive data. The company maintains compliance with privacy regulations, evidenced by comprehensive privacy and cookie policies and active consent management. Overall, the website reflects a mature, professional, and trustworthy digital presence aligned with the company's market position. Strategically, Ocorian should continue to enhance security header implementations, publish explicit security and incident response policies, and maintain vigilance over third-party integrations to sustain its strong security and compliance posture.

T

The London Clinic

thelondonclinic.co.uk

56

The London Clinic is a well-established, large private healthcare provider based in the UK, offering a comprehensive range of specialist medical services including diagnostics, treatments, and private GP access. The website reflects a mature digital presence with a professional design, clear navigation, and extensive content tailored to private patients and international clients. The technical infrastructure is modern, leveraging Drupal 10 CMS, integrated analytics, and consent management tools to ensure compliance and user experience. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security headers could be verified for completeness. The business demonstrates legitimacy through consistent WHOIS data, charity registration, and accreditation by the Care Quality Commission (CQC). Overall, the website is trustworthy, user-friendly, and compliant with privacy regulations.

E

EDB

biganimal.com

40

EDB operates a mature and professional website offering the EDB Postgres AI Cloud Service, a high-availability, Oracle-compatible Postgres database platform targeting enterprise customers. The company is well-established with a 23-year domain age and strong domain protection, reflecting a stable market presence. The website is built on a modern Drupal 10 CMS, hosted on Amazon AWS infrastructure with CloudFront CDN, and integrates advanced technologies such as Kubernetes for hybrid cloud management. Security posture is strong with HTTPS enforced, HSTS enabled, and multiple security headers implemented, though some improvements like enabling OCSP stapling and tightening CSP enforcement are recommended. Privacy and compliance are well addressed with clear privacy and cookie policies, GDPR compliance indicators, and consent mechanisms. The site provides comprehensive business information, contact channels, and trust signals including customer success stories and a dedicated Trust Center. Overall, the website demonstrates high professionalism, technical maturity, and business credibility.

G

Gasteiner

infinitymusictour.at

40

The Infinity Music Tour website is a well-structured promotional platform for Gasteiner's music events and product marketing in Austria. It targets music fans and consumers with event information, artist showcases, and an engaging contest offering tickets and prizes. The site leverages modern technologies including Drupal 10 CMS, PHP 8.3, and integrates multimedia content such as Spotify playlists and Lottie animations to enhance user experience. The technical infrastructure is robust, hosted on a reputable provider with secure HTTPS and appropriate security headers, although improvements like HSTS and OCSP stapling could enhance security further. Privacy compliance is strong with clear cookie and privacy policies aligned with GDPR requirements. However, the site lacks explicit terms of service, security policies, and incident response contacts, which are recommended for comprehensive compliance and trust. Overall, the website presents a professional and trustworthy digital presence with moderate risk and room for security and compliance enhancements.

I

ITRS Group

itrsgroup.com

40

ITRS Group is a leading provider of AI-powered real-time monitoring and observability solutions tailored for demanding and regulated industries such as finance and investment banking. The company is recognized as a visionary in the digital experience monitoring space, serving top-tier investment banks and thousands of customers worldwide. Their platform focuses on preventing system outages, enhancing performance, and enabling continuous innovation through intelligent observability and digital experience monitoring. Technically, the website is built on Drupal 10 and leverages a modern technology stack including Google Tag Manager, Zendesk, Uptrends, and Cloudflare, hosted on AWS infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance metrics indicate moderate speed. Security headers are well implemented, but the SSL configuration is currently invalid, lacking proper TLS protocol support and OCSP stapling, which poses a significant security risk. From a security perspective, while the site employs several best practices such as Content Security Policy and X-Frame-Options, the absence of a valid SSL certificate and disabled TLS protocols significantly reduce the security posture. No critical vulnerabilities like exposed credentials or malware were detected, but improvements in SSL configuration and session management are recommended. Overall, the website presents a professional and trustworthy image with comprehensive privacy and cookie policies, clear contact information, and strong business credibility. The domain registration details align with the company's UK-based operations, supporting its legitimacy. Strategic recommendations include immediate SSL renewal and configuration, enhanced security monitoring, and continued compliance with privacy regulations.

T

The AES Corporation

lightingsimplified.com

40

Miami Valley Lighting, a division of The AES Corporation, specializes in providing comprehensive outdoor lighting solutions including street lighting, parking lot and security lighting, decorative lighting, and customized solutions primarily serving West Central Ohio. The company positions itself as a regional leader with a focus on safety, security, energy savings, and responsive maintenance services. The website is built on Drupal 10 with modern front-end technologies and integrates multiple analytics and marketing tools, indicating a mature digital infrastructure. However, the absence of a valid SSL certificate and disabled TLS protocols represent significant security vulnerabilities that undermine user trust and data protection. Privacy and cookie policies are present but basic, and no explicit security or incident response policies are published. Overall, the website demonstrates good content quality and business credibility but requires urgent security improvements to meet modern standards.

A

AES Hawai‘i

aes-hawaii.com

65

AES Hawai‘i is a regional branch of the global AES Corporation, focused on accelerating the transition to renewable and clean energy solutions in Hawai‘i. The company operates multiple renewable energy projects and emphasizes sustainability, community partnerships, and innovation. The website is professionally designed using Drupal 10 and modern web technologies, providing a rich user experience with clear navigation and mobile optimization. Security posture is solid with HTTPS, security headers, and a content security policy, though improvements such as enabling full HSTS and OCSP stapling are recommended. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Overall, the site reflects a mature digital presence aligned with the company's business goals and market position.

T

The AES Corporation

aes-vietnam.com

71

AES Vietnam operates as a regional branch of The AES Corporation, a global energy company focused on delivering sustainable and clean energy solutions. The website reflects a mature digital presence with comprehensive content in Vietnamese, targeting energy sector stakeholders and community partners. The company emphasizes sustainability, innovation, and community development as core pillars of its business model. Technically, the site is built on Drupal 10 with modern frontend technologies and integrates multiple analytics and marketing tools, indicating a high level of digital maturity. Security posture is solid with HTTPS and multiple security headers, though TLS protocols are not enabled, which is a notable gap. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration details align well with the corporate identity, supporting legitimacy. Overall, the site presents a professional, trustworthy, and well-maintained digital asset for AES Vietnam.

T

The AES Corporation

aespuertorico.com

69

AES Puerto Rico operates as a regional subsidiary of The AES Corporation, focusing on accelerating the future of energy through sustainable and smart energy solutions. The website demonstrates a strong market position in the energy sector with a clear emphasis on clean energy, community partnerships, and innovation. The company targets energy consumers, businesses, and community stakeholders in Puerto Rico and related AES markets. Technically, the site is built on Drupal 10 with modern frontend technologies and integrates multiple analytics and marketing tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, comprehensive security headers, and no detected vulnerabilities, although some improvements in SSL configuration and security policy transparency are recommended. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with the business's global and local energy initiatives.

T

The AES Corporation

aespanama.com

40

AES Panama is a regional branch of The AES Corporation, a large multinational energy company focused on accelerating the future of energy through sustainable and innovative solutions. The website targets energy consumers, business clients, investors, and community partners primarily in Panama and other global markets. The company emphasizes community investment, sustainability, and advanced energy technologies. Technically, the website is built on Drupal 10 with modern frontend libraries and integrates multiple analytics and marketing tools. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS support despite security headers and policies being in place. Privacy and cookie policies are present and indicate some GDPR compliance, but no explicit incident response or security policy pages were found. The domain registration data is consistent and trustworthy, with no signs of suspicious activity. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

T

The AES Corporation

aes-ohio.com

40

AES Ohio operates as a regional energy utility under The AES Corporation, providing electricity services and customer support to residential and commercial customers in Ohio. The website offers comprehensive information on energy supply options, billing, outages, safety, and sustainability initiatives. It leverages modern web technologies including Drupal 10 CMS and integrates multiple third-party analytics and marketing tools to enhance user engagement and service delivery. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the site's security posture, exposing users to potential risks. Privacy and cookie policies are well-established, indicating a commitment to compliance and user data protection. Overall, the site presents a professional and content-rich experience but requires urgent security improvements to align with best practices.

T

The AES Corporation

aesindiana.com

40

AES Indiana is a large regional energy provider operating under The AES Corporation, focused on delivering electric utility services to residential and business customers in Indiana. The website offers comprehensive information on billing, outages, energy saving, and company initiatives, reflecting a mature business model with significant investments in infrastructure and digital transformation. Technically, the site is built on Drupal 10 with modern frontend libraries and integrates multiple analytics and marketing tools, indicating a high level of digital maturity. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to potential risks. While security headers and content security policies are implemented, critical gaps remain in SSL configuration and incident response transparency. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and enhance compliance.

A

AES El Salvador

aes-elsalvador.com

40

AES El Salvador operates as a major energy provider in El Salvador, offering electricity distribution, generation, and energy solutions. The website reflects a well-established corporate entity with a broad service portfolio and strong community engagement. The technical infrastructure is modern, leveraging Drupal 10 CMS and multiple JavaScript libraries for enhanced user experience and analytics. However, the absence of a valid SSL certificate is a critical security gap, undermining the site's HTTPS security and potentially affecting user trust. Privacy and cookie policies are comprehensive and GDPR compliant, supporting good privacy practices. Overall, the site is professional and content-rich but requires urgent security improvements to meet modern standards.

T

The AES Corporation

aesdominicana.com

40

AES Dominicana is a regional subsidiary of The AES Corporation, focused on accelerating the future of energy through sustainable and innovative solutions in the Dominican Republic. The website presents a professional corporate image with comprehensive content about their products, sustainability initiatives, community partnerships, and investor relations. Technically, the site is built on Drupal 10 with modern frontend libraries and integrates multiple analytics and marketing tools. However, a critical security issue is the absence of a valid SSL certificate and HTTPS, which severely impacts the security posture. The site implements strong security headers and content security policies but lacks advanced SSL/TLS configurations and DNS security features. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the site is credible and professionally maintained but requires urgent security improvements to protect user data and trust.

A

AES Chile

aeschile.com

40

AES Chile operates as a major energy company focused on accelerating the future of energy through sustainable and innovative solutions. The company emphasizes renewable energy, advanced energy networks, energy storage, and community partnerships. The website reflects a strong corporate presence with comprehensive content, clear navigation, and consistent branding. Technically, the site is built on Drupal 10 with modern frontend technologies and integrates multiple analytics and marketing tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts the security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the site presents a professional and trustworthy image but requires urgent security improvements to protect users and data.

T

The AES Corporation

aesbulgaria.com

40

AES Bulgaria operates as a regional branch of The AES Corporation, a global energy company focused on accelerating the future of energy through sustainable and innovative solutions. The website presents a professional corporate image emphasizing clean energy, sustainability, community partnerships, and employee engagement. The technical infrastructure is based on Drupal 10 CMS with modern frontend libraries and integrations with multiple analytics and marketing tools, indicating a mature digital presence. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. The site implements strong security headers and content security policies but lacks visible incident response or vulnerability disclosure information. Overall, the domain registration data aligns well with the corporate identity, supporting legitimacy. Strategic improvements in SSL deployment and security practices are recommended to enhance trust and compliance.

Ö

Österreichische Computer Gesellschaft (OCG)

ocg.at

53

The Österreichische Computer Gesellschaft (OCG) is a well-established Austrian non-profit organization focused on promoting IT competencies and certifications. With a history dating back to 1975, the OCG serves as a bridge between science, industry, and the workforce by offering interdisciplinary forums, networking opportunities, and high-quality IT education and certification services. The website reflects a professional and comprehensive digital presence, targeting IT professionals, educators, and industry stakeholders within Austria. The organization maintains a strong market position as a trusted IT society with recognized certifications such as ISO/IEC 27001. Technically, the website is built on Drupal 10, leveraging modern frameworks like Bootstrap and privacy-focused tools such as Cookiebot for consent management and Plausible Analytics for minimal user tracking. The site is mobile-optimized, accessible, and SEO-friendly, providing a smooth user experience. Security practices include HTTPS enforcement and cookie consent, though additional security headers and a formal security policy could enhance the posture further. Overall, the security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, with clear privacy and cookie policies and GDPR adherence. Contact information is transparent, and social media channels are actively linked, enhancing trustworthiness. The domain WHOIS data aligns with the organization's claims, reinforcing legitimacy. Strategic recommendations include implementing additional security headers, publishing a security policy, and adding a security.txt file to support vulnerability disclosure.

V

Vandemoortele

vandemoortele.com

60

Vandemoortele is a well-established Belgian family-owned manufacturer specializing in bakery and plant-based food products, with a history dating back to 1899. The company positions itself as a leader in quality food production with a strong commitment to sustainability, innovation, and customer partnership. Their website reflects a mature digital presence with multilingual support and comprehensive product and corporate information. Technically, the site is built on Drupal 10, integrates modern marketing and analytics tools such as HubSpot and Google Tag Manager, and employs a robust cookie consent mechanism via OneTrust. Security posture is strong with HTTPS enforced and content security policies in place, although explicit security policies and incident response details are not publicly disclosed. Overall, Vandemoortele demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations, making it a credible and reliable business entity online.

The AES Corporation is a global energy company focused on delivering clean, renewable, and innovative energy solutions worldwide. The company positions itself as a Fortune 500 leader with a strong commitment to sustainability, serving diverse audiences including businesses, investors, and career seekers. Their business model emphasizes greener capacity, smart grids, carbon-free electricity, and digital solutions, supported by a broad network of regional subsidiaries. Technically, the website is built on Drupal 10 with modern frontend technologies and demonstrates good mobile optimization and accessibility. However, critical security issues exist, notably the absence of a valid SSL certificate and disabled TLS protocols, which severely impact the security posture. Privacy and cookie policies are present with consent mechanisms, and the site employs extensive analytics and marketing tools. Overall, the website is professional and content-rich but requires urgent security improvements to align with best practices.

Veolia Australia and New Zealand operates as a leading provider of sustainable environmental solutions focusing on water, energy, and waste management. The company leverages global expertise and innovative technologies to support ecological transformation and sustainability goals for businesses and communities in the region. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding consistent with a large enterprise. Technically, the site is built on Drupal 10 and uses modern web technologies and Cloudflare CDN for delivery. However, the absence of a valid SSL certificate and lack of modern TLS protocols significantly weaken the security posture. Privacy compliance is well addressed with accessible privacy and cookie policies and consent mechanisms. Contact is primarily facilitated through webforms and social media channels, with no explicit company emails or phone numbers publicly listed. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the site is professional and content-rich but requires urgent security improvements to meet best practices.

KAICIID is an intergovernmental organization dedicated to promoting intercultural and interreligious dialogue to foster peace globally. The website reflects a mature organization with a clear mission, targeting religious leaders, educators, and policymakers. It offers capacity building, dialogue platforms, and regional initiatives. Technically, the site is built on Drupal 10 with modern frontend libraries and hosted on Pantheon, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly reduces the security posture. Privacy compliance is basic, with no cookie consent mechanisms despite tracking scripts. Contact information and social media presence are well established, supporting business credibility. Overall, the site is professional and content-rich but requires urgent security improvements.

C

Calderys

calderys.com

40

Calderys is a globally recognized enterprise specializing in refractory products and thermal protection solutions for industries operating under high temperature conditions, primarily serving the energy and manufacturing sectors. The company offers a comprehensive range of products and services including steel casting enhancement, metallurgical fluxes, and refractory services, supported by a broad international network of offices and experts. The website reflects a mature business with a strong market position and a recent strategic alliance with HarbisonWalker International, enhancing its footprint in the refractory industry. Technically, the website is built on Drupal 10 and incorporates modern front-end libraries and tools such as Google Tag Manager and Slick Carousel. While the site is mobile-optimized and SEO-friendly with good content quality and navigation, performance metrics indicate slow loading times. Accessibility is basic but present. The hosting is provided by Vox Teneo Web Engine. From a security perspective, the site lacks a valid SSL certificate and does not support any TLS protocols, which is a critical vulnerability exposing users to risks and undermining trust. Although some security headers like Content Security Policy and X-Frame-Options are implemented, the absence of HTTPS and HSTS significantly lowers the security posture. Privacy compliance is well addressed with GDPR-compliant cookie consent mechanisms and clear privacy policies. Business credibility is high with detailed contact information, social media presence, and consistent branding. Overall, the website is professionally designed and content-rich but suffers from critical security shortcomings that must be addressed urgently to protect user data and maintain trust. Strategic recommendations include immediate SSL/TLS deployment, enabling modern security protocols, and enhancing security headers and incident response capabilities.

K

Kulturformat

kulturformat.at

39

Kulturformat is a medium-sized Austrian media company specializing in cultural advertising formats such as City Lights, Telelights, and various poster and column advertising solutions. The website is built on Drupal 10 and hosted via Amazon CloudFront CDN, indicating a modern infrastructure. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. Privacy and cookie policies are well implemented and GDPR compliant, reflecting good privacy awareness. The site offers clear navigation and professional design, targeting businesses and organizations interested in cultural advertising in Austria. Social media presence is limited to LinkedIn, and contact is primarily through web forms. Overall, the site is functional and professional but requires urgent security improvements.

New City Press Bookstore, operated under Focolare Media, is an online platform specializing in academic and spiritual books aimed at promoting unity and spirituality. The website offers a range of products including books, magazines, podcasts, and other resources, targeting readers interested in Christian living and spirituality. The business model is primarily e-commerce with additional subscription and donation services, positioning itself as a niche media and publishing entity within the non-profit sector. Technically, the website is built on Drupal 10 and hosted on Pantheon, leveraging modern web technologies and caching mechanisms. While the site demonstrates good mobile optimization, accessibility, and SEO practices, its performance is currently slow, and it lacks a valid SSL certificate, which critically impacts security and user trust. From a security perspective, the site has implemented some security headers but fails to provide HTTPS, lacks modern TLS protocols, and does not have a cookie consent mechanism despite using tracking tools like Google Tag Manager. These gaps expose the site to potential risks and reduce its compliance with privacy regulations such as GDPR. Overall, the website is functional and professionally presented but requires urgent improvements in SSL/TLS configuration and privacy compliance to enhance security posture and user trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, implementing cookie consent, and enhancing security headers and incident response capabilities.

M

MEGA International

mega.com

40

MEGA International is an established enterprise SaaS solutions provider specializing in enterprise architecture, business process management, governance, risk and compliance, and data governance. The company holds a strong market position as a leader in enterprise architecture tools, recognized by Gartner for 16 consecutive years. Their HOPEX platform offers collaborative, AI-driven capabilities to accelerate digital transformation for large enterprises. Technically, the website is built on Drupal 10 with modern front-end frameworks and integrates multiple marketing and analytics tools. However, a critical security gap exists due to the absence of a valid SSL certificate, undermining HTTPS security. While security headers are well configured, the lack of TLS support poses a significant risk. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website demonstrates high professionalism and business credibility but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

U

USU GmbH

usu.de

40

USU GmbH is a well-established enterprise technology company headquartered in Germany, specializing in IT service management, software asset management, knowledge management, cloud management, and digital consulting solutions. The company targets large enterprises and organizations seeking to optimize their IT landscapes and customer service experiences through AI-powered tools and services. USU maintains a strong market position supported by a comprehensive product portfolio, global customer base, and industry recognitions. Technically, the website is built on Drupal 10 with a modern tech stack including jQuery and various marketing and analytics integrations. The site is well-optimized for mobile and SEO, providing excellent user experience and navigation. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of TLS support, which significantly impacts the security posture. Privacy policies and cookie consent mechanisms are present and appear GDPR compliant, supporting the company's commitment to data protection. Overall, USU demonstrates high business credibility and professionalism but must urgently address its SSL/TLS configuration to ensure secure communications and maintain trust.

S

Sport England

sportengland.org

37

Sport England is a UK government-related non-profit organization dedicated to promoting sport and physical activity across England. The website serves as a comprehensive resource hub offering funding opportunities, research data, guidance, and campaigns to support various stakeholders including volunteers, grassroots organizers, schools, and national governing bodies. The organization is primarily funded by the National Lottery, which is prominently acknowledged on the site. The website is professionally designed with clear navigation and strong branding consistency, targeting a broad audience involved in sport and physical activity.

K

KaVo Dental

kavo.com

40

KaVo Dental is a well-established manufacturer of dental devices and instruments with over 110 years of history, serving dentists and dental technicians worldwide. The company offers a broad portfolio including treatment units, handpieces, and laboratory equipment, positioning itself as a pioneer and innovator in the dental healthcare sector. The website reflects a professional and comprehensive digital presence with multiple language support and rich content tailored to dental professionals. Technically, the site is built on Drupal 10 with modern web technologies, providing good user experience and SEO optimization. However, the security posture is weakened by the absence of a valid SSL certificate and proper HTTPS configuration, which is a critical issue that must be addressed to protect user data and maintain trust. Privacy and cookie policies are present and appear compliant with GDPR standards. Overall, the site demonstrates strong business credibility and professionalism but requires urgent security improvements.

L

Legrand

legrand.com

40

Legrand is a global specialist in electrical and digital building infrastructures, offering a wide range of products and solutions tailored for various countries and global markets. The company positions itself as a leader in its industry, targeting both B2B and B2C customers seeking advanced electrical infrastructure solutions. The website reflects a professional and consistent brand image with good content quality and clear navigation, although some key contact information is not directly visible on the landing page. Technically, the website is built on Drupal 10 and leverages modern technologies such as Google Tag Manager and tarteaucitron.js for cookie consent management, hosted via Amazon CloudFront CDN. While the site shows basic mobile optimization and accessibility features, performance data is unavailable. SEO optimization is basic but present through meta tags and Open Graph data. From a security perspective, the site implements several important HTTP security headers and a content security policy. However, the lack of a valid SSL certificate and absence of TLS protocols severely undermine the security posture, exposing users to risks and reducing trust. No vulnerabilities like Heartbleed or POODLE were detected, but the SSL misconfiguration is a critical issue. Overall, the website demonstrates moderate digital maturity and business credibility but requires urgent remediation of SSL issues to improve security and user trust. Privacy compliance is good with clear cookie consent mechanisms and GDPR-aligned policies. Strategic improvements in security infrastructure and enhanced contact transparency would strengthen the company's online presence and risk posture.

F

Flowserve Corporation

flowserve.com

40

Flowserve Corporation is a global enterprise specializing in manufacturing and servicing industrial flow control products such as pumps, valves, seals, and actuators. The company serves critical industries including energy, chemicals, water management, and oil & gas, positioning itself as a market leader with a comprehensive product portfolio and strong brand presence. The website reflects a mature digital infrastructure built on Drupal 10, with modern front-end technologies and multi-language support, indicating a high level of digital maturity and user experience focus. Security posture is mixed; while security headers and policies are well implemented, the SSL certificate is invalid or missing, and no modern TLS protocols are enabled, which poses a significant risk to secure communications. Privacy compliance is strong with clear policies and consent mechanisms in place. Overall, the website is professional, content-rich, and trustworthy but requires urgent remediation of SSL/TLS issues to improve security and user trust.

G

GS1 Austria

gs1.at

40

GS1 Austria is a well-established non-profit organization serving as the official barcode and GTIN issuing authority in Austria. It provides a comprehensive suite of GS1 standards and services to businesses across multiple sectors including retail, manufacturing, transportation, and government. The website reflects a mature digital presence with excellent content quality, clear navigation, and strong branding supported by major corporate clients. Technically, the site is built on Drupal 10 with modern JavaScript libraries and integrates Google analytics and marketing tools, but suffers from a critical lack of HTTPS support due to an invalid or missing SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Contact information is primarily via contact forms, with no direct emails or phone numbers publicly listed. Overall, the site is professional and trustworthy but urgently needs to address its SSL/TLS configuration to improve security and user trust.

D

DORDA Rechtsanwälte GmbH

dbj.at

40

DORDA Rechtsanwälte GmbH is a leading Austrian law firm specializing in business and economic law, offering a broad range of legal services including transactions, restructurings, and digital transformation advisory. The website reflects a professional and comprehensive digital presence with excellent content quality and user experience, targeting business clients nationally and internationally. Technically, the site is built on Drupal 10 with modern features such as video backgrounds and Matomo analytics, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, the absence of HTTPS and security headers significantly lowers the security posture. Overall, the domain registration data aligns well with the business identity, supporting legitimacy and trustworthiness.

I

Innconcepts IT GmbH

innconcepts.at

40

Innconcepts IT GmbH is a specialized Oracle Partner providing innovative hospitality software solutions tailored for hotels, gastronomy, and wellness sectors. Their offerings include cloud-based hotel and restaurant management software, wellness and leisure software, and comprehensive hospitality IT services. The company positions itself as a customer-centric and authentic partner, emphasizing personalized service and modern technology adoption. The website reflects a professional and consistent brand image with excellent content quality and clear messaging targeting hospitality industry professionals. Technically, the website is built on Drupal 10 CMS, hosted on Apache servers with modern JavaScript libraries such as Alpine.js and AOS for animations. It employs Google Tag Manager and Google Analytics for tracking and marketing purposes, alongside a compliant cookie consent mechanism. Performance is fast, mobile optimization is excellent, and SEO practices are good. Security headers are present, and the SSL certificate is valid, although HSTS is not enabled, which is a recommended improvement. From a security perspective, the site demonstrates good baseline security practices with no detected vulnerabilities or exposed sensitive data. However, the absence of a dedicated security policy or incident response contact and lack of security.txt file indicates room for maturity improvement. Privacy compliance is well addressed with cookie consent and a privacy policy, but terms of service and data protection officer contact details are missing. Overall, the website and business present a trustworthy and professional front with moderate to high security posture and good privacy compliance. Strategic recommendations include enabling HSTS, publishing a security policy and vulnerability disclosure mechanism, and enhancing transparency around incident response to further strengthen trust and security culture.

K

Kontron Technologies GmbH

secureguard.eu

23

Kontron Technologies GmbH is a medium-sized Austrian technology company specializing in Industrial IoT, digitalization, and smart energy solutions. With over 20 years of experience, they provide tailored software development, workforce management, and expert services to optimize business processes. The website is professionally designed, content-rich, and targets B2B clients seeking innovative technology solutions. Technically, the site runs on Drupal 10 with Apache but lacks a valid SSL certificate, exposing it to security risks. Cookie consent and privacy policies are well implemented, ensuring GDPR compliance. However, the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Overall, the domain registration data aligns well with the business claims, indicating legitimacy. Strategic improvements in SSL deployment and security headers are recommended to enhance trust and protect user data.