Security Directory

N

Novotech

novotech-cro.com

40

Novotech is a globally recognized full-service clinical research organization (CRO) specializing in supporting biotech and small to mid-sized pharmaceutical companies with clinical trial services and scientific advisory. The company has a strong market position in the Asia-Pacific region and globally, supported by multiple industry awards and a comprehensive portfolio of services including medical consulting, patient recruitment, clinical operations, biometrics, virtual trials, and laboratory services. The website reflects a mature digital presence with multilingual support, professional design, and clear navigation tailored to its target audience of biopharmaceutical sponsors. Technically, the website is built on Drupal 10 and hosted on Pantheon, utilizing modern web technologies and third-party integrations such as OneTrust for cookie consent and Google Tag Manager for analytics. The site is mobile-optimized and accessible, with good SEO practices and structured data for enhanced search visibility. From a security perspective, while the site implements several important HTTP security headers and content security policies, it critically lacks a valid SSL certificate and does not support any TLS protocols, severely impacting the security posture and user trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Business credibility is high, supported by consistent branding, professional content, and trust indicators. Overall, the site presents a professional and trustworthy front for Novotech but urgently requires remediation of its SSL/TLS configuration to ensure secure communications and compliance with modern security standards.

T

TTTech Auto

tttech-auto.com

40

TTTech Auto is a leading Austrian technology company specializing in system solutions and network hardware for software-defined vehicles, focusing on safety-critical automotive applications. The company holds a strong market position as a platform product and service provider with a comprehensive portfolio including software products, hardware products, and consulting services. Their target audience primarily includes automotive manufacturers and developers seeking advanced safety and security solutions for next-generation vehicles. Technically, the website is built on Drupal 10 and protected by Sucuri Cloudproxy, with modern web design and good SEO and accessibility features. However, the absence of a valid SSL certificate and lack of HTTPS significantly weaken the security posture, exposing the site to risks and reducing trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility is high, supported by consistent branding, structured data, and transparent contact information.

A

Ashoka

ashoka.org

40

Ashoka is a globally recognized non-profit organization dedicated to supporting social entrepreneurs and changemakers. The website reflects a mature digital presence with comprehensive content, clear calls to action, and a strong community focus. The technical infrastructure leverages Drupal 10 CMS and Cloudflare for hosting and delivery, ensuring good performance and accessibility. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the site demonstrates high professionalism and business credibility but requires urgent security improvements to meet modern standards.

M

Muséum national d'Histoire naturelle

mnhn.fr

40

The Muséum national d'Histoire naturelle is a prominent French national institution dedicated to natural history research, education, and public exhibitions. It operates multiple sites across Paris and regions, serving a broad audience including families, scientists, educators, and professionals. The website reflects a well-structured, content-rich platform with excellent design and navigation, supporting its mission to disseminate knowledge and engage the public. Technically, the site is built on Drupal 10 with modern web technologies and uses caching and analytics tools such as Varnish, Matomo, and ContentSquare. Mobile optimization and SEO are well addressed, though performance is moderate. However, the critical security weakness is the absence of a valid SSL certificate and disabled TLS protocols, severely impacting secure communications and user trust. Security headers and policies are implemented, but the lack of HTTPS and modern TLS support is a major vulnerability. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact and legal information. Social media presence is official and consistent, enhancing credibility. Overall, the site is professionally managed with strong business credibility but requires urgent remediation of SSL/TLS issues to improve security posture and user trust. Strategic recommendations include installing valid certificates, enabling modern TLS, and enhancing security policies.

K

Kontron AG

escat.at

37

ESCAT, now part of Kontron AG, provides advanced document management, digitalization, and managed print services primarily targeting Austrian businesses. The website presents a professional and well-structured digital presence built on Drupal 10, with clear navigation and relevant content tailored to its B2B audience. However, the absence of a valid SSL/TLS certificate critically undermines the security posture, exposing users to risks associated with unencrypted communications. While cookie consent and privacy policies are implemented, the site lacks explicit security and incident response disclosures. The technical infrastructure is modern but requires urgent security upgrades to meet industry standards.

ChargePoint, Inc. operates the be.ENERGISED platform, a modular SaaS solution designed to support businesses in building and expanding electric vehicle (EV) charging services. The website targets enterprises, fleet operators, partners, and EV drivers primarily in Germany and Europe, offering comprehensive services including charge point operation, software integration, billing, roaming, and white-label solutions. The company holds a strong market position with significant penetration among Fortune 50 companies and a large active charging network. Technically, the site is built on Drupal 10 and hosted on Pantheon, with integrations such as Google Tag Manager and Google Maps API enhancing functionality. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, despite the presence of some security headers and GDPR-compliant privacy and cookie policies. Overall, the site demonstrates high content quality and business credibility but requires urgent improvements in security infrastructure to protect user data and maintain trust.

x-tention is a medium-sized Austrian IT company specializing in comprehensive IT solutions for the healthcare and social sectors. Founded in 2001 and part of the xt Unternehmensgruppe, it offers consulting, software development, data science, managed services, and cybersecurity. The company targets healthcare providers and social organizations, emphasizing innovative and secure digital health solutions. The website is professionally designed, content-rich, and well-structured, supporting multiple languages and providing clear contact and support channels. Technically, the site uses Drupal 10 and modern web technologies, but suffers from critical security issues due to the absence of a valid SSL certificate and HTTPS support, severely impacting its security posture. Privacy compliance is strong with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the business credibility is high, but urgent improvements in SSL/TLS implementation are needed to secure user data and trust.

D

dwarfs and Giants eG

dwarfsandgiants.org

40

dwarfs and Giants eG is a small Austrian cooperative consultancy specializing in organizational development and new work methodologies. Their website, built on Drupal 10, offers comprehensive content including workshops, client stories, and toolboxes aimed at helping organizations improve work culture and self-organization. The site is well-designed, mobile-optimized, and provides clear navigation and professional content. However, the technical infrastructure lacks a valid SSL certificate and does not support modern TLS protocols, significantly weakening the security posture. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. Overall, the business presents itself as credible and trustworthy, but the lack of HTTPS is a critical security gap that must be addressed.

BOA Technology is a mature and established company specializing in innovative fit system solutions for performance and sports industries. Their website presents a professional image with comprehensive product information, brand partnerships, and customer support resources. The company targets consumers and businesses in sectors such as cycling, workwear, and outdoor activities, positioning itself as a leader in fit system technology. Technically, the website is built on Drupal 10 and leverages modern web technologies and Cloudflare for hosting and security. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the site's security posture. While privacy and cookie policies are well implemented, the lack of explicit security policies and incident response information indicates room for improvement in transparency and compliance. Overall, the site is professional and trustworthy but requires urgent security enhancements to protect user data and improve trust.

S

Suntory Global Spirits

beamsuntory.com

40

Suntory Global Spirits is a leading global manufacturer and marketer of premium spirits, including whiskey, tequila, vodka, and gin. The company emphasizes quality craftsmanship, sustainability, and cultural heritage, targeting a global audience of premium spirit consumers and industry professionals. The website is professionally designed, content-rich, and consistent with the brand's market position and values. Technically, the site uses Drupal 10 CMS with modern JavaScript libraries and Google Tag Manager for analytics and marketing. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy and cookie policies are comprehensive and GDPR compliant, supporting good privacy compliance. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect user data and maintain trust.

Mindbreeze GmbH is a medium-sized technology company specializing in AI-based enterprise search and knowledge management solutions. Their flagship product, Mindbreeze InSpire, empowers organizations to transform data into actionable insights for critical business decisions. The company is recognized as a leader in the IDC MarketScape and serves a global clientele including major enterprises such as Lufthansa and Daimler AG. The website is professionally designed, mobile-optimized, and rich in relevant content targeting enterprise customers seeking AI-driven knowledge management solutions. Technically, the site runs on Drupal 10 with a modern tech stack but lacks a valid SSL certificate, which critically impacts its security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with clear consent mechanisms and business email validation on forms. Social media presence is strong across major platforms. Overall, the domain registration and website content are consistent and trustworthy, though the absence of HTTPS is a significant security concern.

P

Phoron Group GmbH

phoron.com

27

Phoron Group GmbH is an established international SAP consulting firm founded in 2004, specializing in SAP Cloud ERP, technology consulting, and sustainability solutions. The company targets medium and large enterprises, offering a comprehensive portfolio of SAP-related services. The website is professionally designed, content-rich, and consistent with the company's business model and market positioning. Technically, the site runs on Drupal 10 with Apache server and integrates Google Tag Manager and Sendinblue for marketing and analytics. However, a critical security weakness is the lack of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Business credibility is supported by trust indicators such as certifications and social media presence, though direct contact emails and phone numbers are not publicly visible. Overall, the site demonstrates strong business and content quality but requires urgent security improvements.

K

Keller Limited

keller-uk.com

40

Keller Limited is a leading UK-based geotechnical specialist contractor providing expert services in piling, ground improvement, grouting, earth retention, and monitoring. The company holds a strong market position as a leader in the construction and infrastructure sectors, supported by multiple industry certifications and a clear parent company relationship with Keller Group. The website is professionally designed using Drupal 10, with good SEO, accessibility, and mobile optimization. However, the absence of an SSL certificate and HTTPS significantly impacts the security posture, exposing the site to potential risks. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy and cookie policies. Contact information is clearly presented, including phone numbers and physical addresses, alongside active social media channels.

Bio-Techne is a global enterprise specializing in the development, manufacturing, and supply of high-quality scientific reagents, analytical instruments, and precision diagnostics. The company serves researchers, scientists, and clinicians worldwide through a portfolio of well-known brands including R&D Systems, Novus Biologicals, and ProteinSimple. The website reflects a mature B2B business model with comprehensive product offerings and strong market positioning in the healthcare sector. Digital maturity is evidenced by the use of Drupal 10 CMS, multiple marketing and analytics tools, and a well-structured, content-rich website. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate, which undermines user trust and data security. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the website is professional and trustworthy but requires urgent security improvements to protect visitors and maintain credibility.

B

Blühendes Österreich – BILLA gemeinnützige Privatstiftung

bluehendesoesterreich.at

40

Blühendes Österreich is a well-established non-profit foundation founded in 2015 by BILLA AG and BirdLife Österreich, dedicated to promoting biodiversity and protecting endangered habitats in Austria. The website serves as a comprehensive platform for nature experiences, educational content, and community engagement, targeting Austrian municipalities, nature enthusiasts, and farmers. Technically, the site is built on Drupal 10, uses modern analytics and messaging tools, and is protected by Sucuri Cloudproxy WAF. However, a critical security gap exists due to the absence of a valid SSL certificate, exposing users to insecure connections. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. Business credibility is high, supported by strong partnerships and trust indicators. Strategic improvements in SSL deployment and security hardening are recommended to enhance user trust and security posture.

DiaSorin S.p.A. operates a comprehensive corporate website focused on molecular diagnostics, immunodiagnostics, and licensed technology platforms. The company positions itself as a global leader in laboratory diagnostics, targeting healthcare providers, laboratories, and scientific communities. The website provides extensive product information, corporate governance details, investor relations, and career opportunities, reflecting a mature and professional business presence. Technically, the site is built on Drupal 10 with modern front-end technologies and integrates marketing and analytics tools such as Google Tag Manager and Cookiebot for privacy compliance. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and HTTPS support, exposing users to potential risks. Security headers are partially implemented, but the lack of HTTPS significantly lowers the security posture. Privacy policies and cookie consent mechanisms are well implemented, indicating good compliance with GDPR. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

J

Jarltech Europe GmbH

jarltech.com

40

Jarltech Europe GmbH is a well-established specialist distributor in the technology sector, focusing on point-of-sale and automatic identification equipment across Europe. With a mature domain and a broad manufacturer partnership network, it serves a large customer base with premium distribution services. The website is professionally designed, content-rich, and provides comprehensive legal and privacy information, reflecting a strong commitment to GDPR compliance and user privacy. Technically, the site uses Drupal 10 with modern web technologies and integrates reputable analytics and marketing tools, although performance is moderate. Security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which is a critical risk that should be addressed promptly. Overall, the business demonstrates high credibility and transparency, but the security configuration requires urgent improvement to protect user data and maintain trust.

G

Gesundheit Österreich GmbH

goeg.at

39

Gesundheit Österreich GmbH (GÖG) is a national Austrian government-owned research and planning institute specializing in healthcare and health promotion. The website serves as an authoritative platform providing health data, policy advice, publications, and event information targeted at healthcare professionals, policymakers, and the public. The organization holds a strong market position as a key player in Austria's healthcare sector. Technically, the website is built on Drupal 10 with modern frontend technologies and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the website suffers from a critical security issue: the SSL certificate is invalid or missing, resulting in no proper HTTPS support, which significantly impacts the security posture. Other security headers are partially implemented, but improvements are needed to meet best practices. Privacy compliance is good with a comprehensive privacy policy, though no cookie consent mechanism is present despite analytics usage. Overall, the website is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

W

WOLFGANG DENZEL AUTO AG

denzel.at

39

Wolfgang Denzel Auto AG operates a comprehensive automotive retail website offering new and used vehicles, financing, insurance, and service packages primarily targeting car buyers in Austria. The company maintains a strong market position with multiple automotive brands and electric mobility solutions. Technically, the website is built on Drupal 10, leveraging modern web technologies and third-party marketing and analytics tools, but lacks a valid SSL certificate, which significantly impacts security posture. Security headers are well configured, but the absence of HTTPS and modern TLS protocols is a critical vulnerability. Privacy and cookie policies are present and GDPR compliant, enhancing user trust. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and maintain credibility.

H

HAUSER GmbH

hauser.com

28

HAUSER GmbH is a well-established European provider specializing in refrigeration furniture and cooling technology, serving international clients primarily in the food retail and industrial sectors. The company offers comprehensive solutions including innovative, energy-efficient cooling systems, project management, and lifecycle services. With approximately 75 years of experience, HAUSER holds a strong market position as a trusted B2B Komplettanbieter in Austria and Europe. The website is professionally designed, content-rich, and targets business customers seeking high-quality refrigeration solutions. Technically, the website is built on Drupal 10 and employs modern web technologies including Matomo for analytics and TRUENDO for privacy management. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a significant security and trust concern. Performance data is missing, and DNS records are incomplete, suggesting possible use of CDN or proxy services. The site is mobile-optimized and accessible with good SEO practices. From a security perspective, while several security headers are implemented, the absence of HTTPS and TLS protocols severely undermines the security posture. No explicit security policies or incident response contacts are provided, and no vulnerability disclosure mechanisms are found. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, HAUSER GmbH presents a credible and professional business online presence but must urgently address SSL/TLS implementation to improve security and trust. Strategic recommendations include securing the website with valid certificates, enabling modern TLS protocols, and enhancing security transparency to align with best practices and regulatory requirements.

The Australian Government Department of Foreign Affairs and Trade (DFAT) operates as the primary government agency responsible for managing Australia's international relations, trade, and diplomatic efforts. The website serves as an authoritative source of information for Australian citizens, international partners, businesses, and travelers, providing comprehensive content on foreign affairs, trade agreements, development programs, consular services, and travel advice. The site is well-branded, professionally designed, and consistent with government standards, reflecting its enterprise-level stature within the government sector. Technically, the website is built on Drupal 10 and hosted on GovCMS, a platform tailored for Australian government entities. It integrates modern tools such as Google Tag Manager and ReadSpeaker for analytics and accessibility. The site demonstrates good mobile optimization, accessibility, and SEO practices. However, performance metrics are unavailable, and some technical debt is evident in the lack of a valid SSL certificate and disabled TLS protocols, which critically impact security posture. From a security perspective, the absence of a valid SSL certificate and TLS support is a significant vulnerability, exposing users to potential data interception and undermining trust. While security headers like X-Content-Type-Options and X-Frame-Options are correctly implemented, the lack of HTTPS and session security mechanisms lowers the overall security score. Privacy compliance is partial, with a comprehensive privacy policy present but no cookie consent mechanism despite the use of tracking scripts. Contact information is clearly provided, enhancing business credibility. Overall, the website is a high-quality government portal with excellent content and user experience but suffers from critical security shortcomings that must be addressed urgently to protect users and maintain trust. Strategic improvements in SSL/TLS deployment, privacy compliance, and security best practices are recommended to elevate the site's security posture and compliance standards.

M

Mersen

mersen.com

40

Mersen is a global industrial company specializing in electrical power and advanced materials, serving high-tech industries with customized solutions and key products. The company operates worldwide with over 50 industrial sites and 21 R&D centers across 33 countries, positioning itself as a leader in its sector. The website reflects a mature digital presence with comprehensive content, multi-language support, and active social media engagement. Technically, the site is built on Drupal 10 and leverages modern CDN and observability tools, but lacks a valid SSL certificate and modern TLS support, which is a critical security gap. Privacy and cookie policies are well implemented and GDPR compliant, but no explicit security policy or incident response information is provided. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS security to protect users and maintain credibility.

GE Vernova is a leading global energy technology company focused on accelerating the transition to reliable, affordable, and sustainable energy. The company offers a broad portfolio of energy generation and electrification technologies including gas, hydro, nuclear, steam power, wind power, and advanced electrification software and services. Their market position is strong, supported by a large global workforce and extensive technology base that contributes significantly to global electricity generation. The website reflects a professional and comprehensive digital presence with detailed business, investor, and sustainability information targeted at industry stakeholders, investors, partners, and potential employees. Technically, the site is built on Drupal 10, uses Cloudflare CDN, and integrates modern analytics and marketing tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS enforcement, which significantly impacts the security posture. Privacy and cookie policies are present and appear compliant with GDPR standards. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

S

Syensqo

cytec.com

40

Syensqo is a global science company focused on developing advanced, forward-looking solutions that enhance various sectors including energy, transportation, and manufacturing. The company positions itself as a market leader with a strong emphasis on innovation, sustainability, and investor transparency. Their website reflects a mature digital presence with comprehensive content targeting industrial clients, investors, and potential employees. Technically, the site is built on Drupal 10 with modern web technologies and integrates multiple analytics and marketing tools. However, the security posture is weakened by the absence of a valid SSL certificate and lack of HTTPS support, which is a critical issue for trust and data protection. Despite strong security headers and privacy policies, the missing SSL significantly impacts the overall security score. The domain registration details are consistent with the business claims, indicating legitimacy. Strategic recommendations include immediate SSL implementation and enhancement of security configurations to align with best practices.

C

Comprehensive Nuclear-Test-Ban Treaty Organization

ctbto.org

40

The Comprehensive Nuclear-Test-Ban Treaty Organization (CTBTO) operates as an international governmental entity dedicated to monitoring and enforcing the ban on nuclear tests globally. The organization provides key services including verification regimes, international monitoring systems, data analysis, and on-site inspections, targeting member states, researchers, civil society, and media. The website reflects a professional and authoritative presence consistent with its mission and audience. Technically, the site is built on Drupal 10 with modern frameworks and is hosted behind Cloudflare, leveraging Google Analytics and other monitoring tools. The site is mobile-optimized and well-structured, though performance metrics are unavailable. Security headers are implemented, but a critical issue is the absence of a valid SSL certificate and disabled TLS protocols, which significantly impacts the security posture. Security-wise, while the organization employs good header policies and content security policies, the lack of HTTPS and proper TLS support is a major vulnerability. No incident response or security policy pages were found, and cookie consent mechanisms are missing despite tracking usage. DNS records show malformed CAA entries and no DNSSEC, which could be improved. Overall, the site is trustworthy and professional but requires urgent remediation of SSL/TLS issues and enhancement of privacy compliance mechanisms to improve security and user trust.

G

GE Capital

gecapital.com

36

GE Capital operates as the financial services arm aligned with General Electric's industrial businesses, providing leasing, lending, retail credit, real estate financing, and mortgage services globally. The website reflects a professional and consistent brand presence with clear business descriptions and multiple regional contact points, targeting industrial customers seeking financial solutions. Technically, the site is built on Drupal 10 with Bootstrap and hosted behind Cloudflare, indicating a modern infrastructure. However, the absence of a valid SSL certificate and disabled TLS protocols represent significant security weaknesses that undermine secure communications. Privacy and cookie policies are well linked to official GE domains, showing good compliance posture, but no explicit security or incident response policies are found. Overall, the site is professional and credible but requires urgent security improvements to meet enterprise standards.

A

AVL List GmbH

avl.com

40

AVL List GmbH is a globally recognized leader in mobility technology, specializing in development, simulation, and testing solutions primarily for the automotive industry. The company offers a broad portfolio of engineering, simulation, and testing services, with a strong emphasis on sustainable and innovative mobility solutions such as hydrogen engines, hybrid powertrains, and fuel cells. Their market position is that of a mature, enterprise-level technology provider with a significant global presence and a history spanning over 28 years. Technically, the website is built on Drupal 10 with modern JavaScript libraries and includes Cookiebot for consent management. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Performance is also a concern, with a notably slow page load time and a large page size. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR compliance indicators. Business credibility is strong, supported by detailed corporate information, consistent branding, and multiple trust signals. Overall, while the business and content quality are excellent, the lack of HTTPS and slow performance are key vulnerabilities that should be addressed promptly.

G

Gewista

gewista.at

34

Gewista is a leading Austrian media company specializing in Out-of-Home advertising, operating under the majority ownership of global market leader JCDecaux. The company offers a broad portfolio of advertising media including traditional billboards, street furniture, and transport media, with a strong focus on digital innovation and public value initiatives. The website reflects a mature digital presence built on Drupal 10, leveraging modern JavaScript libraries and CDN hosting. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. Additionally, a subdomain takeover vulnerability was identified, posing a risk to brand reputation and security. Privacy and cookie policies are comprehensive and GDPR compliant, supporting good privacy practices. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to meet modern standards.

F

Frequentis

frequentis.com

40

Frequentis is a well-established company specializing in safety-critical communication and information solutions with over 75 years of market presence. The company serves key sectors including civil aviation, defence, public safety, maritime, and public transportation, positioning itself as a leader with a strong focus on innovation and user-centric design. The website reflects a mature digital presence with comprehensive content, professional design, and clear navigation tailored to government agencies and large organizations. Technically, the site is built on Drupal 10 with modern libraries and integrates multiple marketing and analytics tools. However, the absence of a valid SSL/TLS certificate and HTTPS support is a significant security gap, impacting the overall security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates high business credibility but requires urgent security improvements to align with best practices.

A

AVL Cultural Foundation GmbH

avlcf.com

33

AVL Cultural Foundation GmbH is a small, Austria-based cultural foundation dedicated to fostering the intersection of art and science through innovative projects, artistic installations, and interdisciplinary discussions. The organization targets artists, scientists, and cultural enthusiasts, positioning itself as a niche player in the cultural foundation sector. The website is built on Drupal 10 and hosted likely on AWS infrastructure, demonstrating a moderate level of digital maturity with good mobile optimization and accessibility. However, the absence of HTTPS/SSL is a critical security flaw that severely impacts the site's security posture. Privacy and cookie policies are well implemented with a consent mechanism via Cookiebot, reflecting good privacy compliance. Contact information and social media presence are clearly provided, enhancing business credibility. Overall, the site is professional but requires urgent security improvements.

T

TransPerfect

transperfect.com

40

TransPerfect is a leading global provider of translation and localization services, serving a wide range of industries including technology, healthcare, finance, retail, and media. The company operates an enterprise-grade website built on Drupal 10, featuring extensive content, client case studies, and multiple subsidiary domains. The technical infrastructure includes modern web technologies and CDN services, ensuring good performance and mobile optimization. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses a critical risk to secure communications. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website reflects a mature, professional enterprise with strong business credibility but requires urgent remediation of SSL/TLS issues to improve security and trust.

N

NOVOMATIC AG

novomatic.com

40

NOVOMATIC AG is a leading global gaming technology company headquartered in Austria, founded in 1980. It operates as a full-service provider in the gaming industry, offering a broad portfolio including gaming cabinets, games, platforms, and additional products. The company has a strong market position as one of the largest gaming technology corporations worldwide and the clear market leader in Europe. The website reflects a professional corporate presence targeting industry partners, casino operators, and job seekers, with comprehensive contact information and multilingual support. Technically, the website is built on Drupal 10 CMS and leverages modern JavaScript libraries and analytics tools such as Matomo. It is hosted behind Sucuri Cloudproxy WAF, ensuring some level of protection. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that significantly lowers the security posture. The site implements security headers and content security policies but must urgently address SSL/TLS configuration to protect user data and maintain trust. Privacy compliance is well addressed with GDPR-compliant privacy and cookie policies, including a consent mechanism. The company demonstrates business credibility through detailed contact information, licensing by the UK Gambling Commission, and consistent WHOIS data. Overall, the site is content-rich, professionally designed, and trustworthy but requires immediate security improvements regarding SSL/TLS. Strategic recommendations include obtaining and properly configuring SSL certificates, enabling modern TLS protocols, enhancing OCSP stapling and session resumption, and maintaining strong security header policies. These steps will improve security, user trust, and compliance with industry standards.

R

Renesas Electronics Corporation

dialog-semiconductor.com

40

Renesas Electronics Corporation is a global leader in microcontrollers, analog, power, and SoC products, delivering embedded design innovation for a wide range of industries. The company targets embedded systems developers and technology companies with a comprehensive portfolio of semiconductor products and design resources. The website reflects a mature, enterprise-level business with a strong market position and extensive product offerings. Technically, the website is built on Drupal 10, hosted behind Cloudflare, and utilizes modern web technologies including Google Tag Manager and New Relic for monitoring. The site is well-structured, mobile-optimized, and SEO-friendly, providing a professional user experience. However, the absence of a valid SSL certificate and incomplete security configurations represent significant security concerns. From a security perspective, while several security headers are implemented, the lack of HTTPS and TLS support critically undermines the site's security posture. No explicit incident response or security policy pages were found, and cookie consent mechanisms are absent despite GDPR compliance indications. The domain is mature and registered with a reputable registrar, consistent with the company's profile. Overall, the site is professionally maintained with strong business credibility but requires urgent improvements in SSL/TLS deployment and privacy compliance mechanisms to enhance security and user trust.

N

NBS Rekrutēšanas un atlases centrs

klustikaravirs.lv

40

The website klustikaravirs.lv serves as the official recruitment platform for the Latvian National Armed Forces, providing comprehensive information and application options for various military service types including professional service, national defense service, and specialized military education. The site targets Latvian citizens aged 18 to 60 interested in serving their country, positioning itself as a trusted government resource with strong public confidence. Technically, the site is built on Drupal 10, employs Matomo for privacy-conscious analytics, and offers a responsive, accessible user experience. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall that undermines user trust and data protection. Additionally, DNS and email security configurations could be enhanced with DNSSEC and DMARC records. Privacy and cookie policies are present with consent mechanisms, but no terms of service or security policies are published. Overall, the site is functional and professional but requires urgent security improvements to align with best practices.

E

efficy

efficy.com

68

efficy is a leading European CRM software provider offering modular, GDPR-compliant solutions tailored to businesses of all sizes. The company emphasizes flexible, scalable platforms that centralize customer data, automate sales, and enhance customer engagement. With a strong market presence and over 13,500 customers, efficy positions itself as a trusted partner in the CRM and marketing automation space. The website reflects a mature digital infrastructure with advanced analytics and A/B testing capabilities, although performance optimization is needed due to slow load times. Security posture is currently weak due to an invalid SSL certificate and lack of modern TLS protocols, which poses a critical risk. Privacy compliance is well addressed with comprehensive cookie and privacy policies, including a consent mechanism. Overall, the site demonstrates professionalism and trustworthiness but requires urgent security improvements.

A

APSIS

apsis.no

59

APSIS operates a modern marketing platform, Apsis One, focused on AI-driven email marketing and automation to help businesses grow through personalized customer experiences. The platform integrates multiple marketing tools including email, SMS, surveys, and event management, targeting marketers and enterprises seeking an all-in-one solution. The website is professionally designed using Drupal 10 and integrates popular marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag, demonstrating a mature digital marketing infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing the site to potential risks and undermining user trust. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security policy or incident response information is provided. Overall, the site is content-rich and credible but requires urgent security improvements to protect user data and maintain trust.

A

APSIS

apsis.dk

40

APSIS is a Denmark-based technology company specializing in AI-driven email marketing and marketing automation solutions through its flagship platform, Apsis One. The platform offers a comprehensive suite of marketing tools including email marketing, AI assistant, SMS marketing, CRM, and integrations designed to empower marketers to create personalized and data-driven customer experiences. The company operates under the parent company Efficy and serves a medium-sized market segment with a strong focus on seamless user experience and advanced marketing capabilities. Technically, the website is built on Drupal 10 and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, the website currently suffers from a critical security issue due to an invalid or missing SSL certificate and lack of modern TLS protocol support, which significantly impacts its security posture. Despite this, the site maintains good privacy and cookie policies with consent mechanisms, and no exposed sensitive data was detected. Overall, APSIS presents a professional and trustworthy marketing technology provider with room for improvement in its security infrastructure.

A

APSIS

apsis.se

40

APSIS is a Swedish technology company specializing in marketing technology solutions, offering a comprehensive SaaS platform called Apsis One that integrates AI-driven email marketing, marketing automation, SMS marketing, event management, and CRM integrations. The company targets modern marketers and businesses seeking to optimize their digital marketing efforts with data-driven tools. The website is professionally designed, content-rich, and well-structured, providing clear navigation and multiple calls to action such as free trials and demos. Technically, the site uses Drupal 10 CMS and integrates popular marketing and tracking technologies including Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. Security headers are present but the absence of TLS protocols and valid certificates significantly lowers the security posture. Privacy and cookie policies are present and appear GDPR compliant, with consent mechanisms implemented. Contact information is primarily via contact forms; no explicit emails or phone numbers were found. WHOIS data is consistent with the business claims, showing no suspicious registration patterns. Overall, the site demonstrates good business credibility and privacy compliance but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

A

APSIS

apsis.com

53

Apsis is a Swedish-based technology company providing a comprehensive AI-driven marketing platform called Apsis One. The platform offers tools for email marketing, marketing automation, SMS, surveys, forms, event management, and CRM integrations, targeting marketers and businesses seeking to optimize customer engagement and campaign effectiveness. The website is professionally designed with excellent content quality and clear navigation, supporting a strong market position in the marketing technology sector. Technically, the site uses Drupal 10 CMS and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts the security posture. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security policies or incident response information is found. Overall, the domain registration data aligns well with the website's claims, supporting legitimacy and trustworthiness.

P

Pantheon Systems, Inc.

pantheon.io

56

Pantheon Systems, Inc. operates Pantheon.io, a leading WebOps platform designed for building, hosting, and managing high-impact websites primarily using WordPress, Drupal, and Next.js. The company positions itself as a comprehensive solution provider integrating operations, workflows, and governance to enable agile teams and fast digital launches. Their market position is strong, supported by recognized industry badges and a broad partner ecosystem including Google Cloud. Technically, the website is built on Drupal 10 and leverages modern marketing and analytics tools such as Marketo, Segment, and VWO, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with comprehensive policies and consent mechanisms via OneTrust. Overall, Pantheon.io demonstrates a professional, enterprise-grade web presence with excellent content and user experience but requires urgent improvements in SSL configuration to enhance security and trust.

N

Norges geologiske undersøkelse (NGU)

ngu.no

61

Norges geologiske undersøkelse (NGU) is a Norwegian government agency specializing in geological surveying and dissemination of geological knowledge. The website serves as a portal for geologic maps, scientific publications, and news relevant to geology in Norway, targeting researchers, government bodies, and the public. The organization holds a strong national position as the authoritative source for geological data and services. Technically, the website is built on Drupal 10 with Matomo analytics integration, demonstrating a modern but self-hosted infrastructure. However, the site suffers from slow load times and lacks a valid SSL certificate, which critically impacts its security posture. While privacy and cookie policies are present, there is no explicit cookie consent mechanism, and no visible terms of service or security policies are published. Contact information is comprehensive and clearly presented, enhancing business credibility. Overall, the site is professional and trustworthy but requires urgent improvements in security and performance to meet modern standards.

S

Svalbard Integrated Arctic Earth Observing System

sios-svalbard.org

53

SIOS (Svalbard Integrated Arctic Earth Observing System) is an established international research infrastructure focused on long-term Earth system science measurements in the Svalbard region. The organization operates a mature website providing access to data portals, research infrastructure information, and community resources targeting scientists and researchers in Arctic studies. The website is built on Drupal 10 with modern frontend libraries, offering a good user experience and clear navigation. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to potential risks. Privacy and cookie policies are present and GDPR compliant, reflecting attention to regulatory requirements. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect users and data.

I

IQ Solutions, Inc.

iqsolutions.com

38

IQ Solutions, Inc. is a well-established company founded in 1993, specializing in data-driven solutions to improve quality of life through communications, education, digital technology, and research. The company primarily serves government and healthcare sectors, with a strong market position supported by numerous awards and a large client base. Their website reflects a professional and consistent brand image with comprehensive content targeting public health and social issues. Technically, the site is built on Drupal 10 and integrates modern marketing and analytics tools, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Privacy compliance is basic, with no cookie consent mechanism detected despite the use of tracking scripts. Overall, the business credibility is high, supported by consistent WHOIS data and clear contact information. Strategic improvements in security and privacy compliance are recommended to enhance trust and protect users.

A

Abt Global

abtassociates.com

40

Abt Global is a well-established international consulting and social impact organization with over 60 years of history and a large workforce. The company focuses on leveraging data, innovation, and expertise across multiple sectors including health, environment, governance, and economic growth to improve lives worldwide. Their business model centers on providing consulting, technical assistance, and digital solutions to governments, organizations, and communities. The website reflects a professional and comprehensive digital presence with strong branding and relevant content targeting global development stakeholders. Technically, the website is built on Drupal 10 and uses modern JavaScript libraries and marketing/analytics tools such as Google Tag Manager, Google Analytics, LinkedIn Insight Tag, and HubSpot. However, the site suffers from slow load times and lacks a valid SSL certificate, resulting in no HTTPS support. Mobile optimization and SEO are good, but accessibility is basic. The hosting appears to be via Fastly CDN. From a security perspective, the absence of a valid SSL certificate and HTTPS is a critical vulnerability, severely impacting the security posture. No security headers or advanced TLS configurations are present, and no incident response or security policies are published. Cookie consent mechanisms are implemented, indicating GDPR awareness, but no terms of service or vulnerability disclosure pages are found. Overall, the security maturity is low and requires urgent improvements. The overall risk assessment highlights the critical need for SSL/TLS implementation to protect user data and improve trust. Strategic recommendations include securing the site with HTTPS, enabling security headers, optimizing performance, and publishing clear security and incident response policies. The business credibility and content quality are strong, but technical and security shortcomings reduce the overall trust score.

E

EU Business Hub

eubusinesshub.eu

44

The EU Business Hub website serves as an EU-funded platform supporting European companies in the green, digital, and healthcare sectors to access the markets of Japan and the Republic of Korea. It offers business missions, coaching, networking, and logistical support to facilitate market entry and partnerships. The site is built on Drupal 10 and uses modern web technologies including Matomo for analytics. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with clear cookie policies and consent mechanisms. The business model is credible and well-aligned with EU initiatives, but contact information is limited to web forms without direct emails or phone numbers.

E

Eurochambres, BEUC and SMEunited

consumerlawready.eu

38

ConsumerLawReady.eu is an EU-backed educational platform focused on providing consumer law training for Small and Medium Enterprises (SMEs) and consumer law trainers across the European Union. The website offers dedicated portals for each EU country, supporting multilingual content and localized training resources. The project is implemented by reputable organizations including Eurochambres, BEUC, and SMEunited on behalf of the European Commission, establishing strong trust and legitimacy in the market. The platform targets legal experts, SME owners, and employees seeking to enhance their knowledge of consumer law.

The Latin America IP SME Helpdesk is an official European Commission service providing free intellectual property assistance to SMEs from the EU and SMP-associated countries targeting the Latin American market. It offers confidential advice, training, and resources to improve global competitiveness. The website is professionally designed, content-rich, and well-structured, targeting SMEs seeking IP support in Latin America. Technically, the site is built on Drupal 10 and hosted by Level27 bv, with moderate performance and good mobile and accessibility features. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is strong with clear cookie and privacy policies, and contact information is transparent and institutional. Overall, the site is trustworthy but urgently needs to address its SSL/TLS configuration to improve security posture and user trust.

C

Cámara de Comercio de España

camara.es

40

Cámara de Comercio de España is a well-established governmental and non-profit organization dedicated to supporting SMEs, entrepreneurs, and self-employed individuals in Spain. The website offers a comprehensive range of services including business creation, innovation support, foreign trade facilitation, training, and mediation. It serves as a national chamber of commerce with a strong market position and a broad service portfolio. The digital infrastructure is built on Drupal 10 with Apache and PHP backend, hosted likely by Cloud4B, and includes modern frontend technologies ensuring good mobile optimization and accessibility. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS configuration, exposing users to potential risks. Privacy and cookie compliance are well implemented, with clear policies and consent mechanisms. The WHOIS data confirms the legitimacy and consistency of the domain registration, aligning with the organization's official status. Strategic improvements in SSL/TLS deployment and security hardening are recommended to enhance trust and security posture.

SEB Eesti operates as a major banking institution in Estonia, providing a broad spectrum of financial services including retail, corporate, and private banking. The website reflects a mature and professional digital presence with comprehensive content targeting private individuals and business clients. The technical infrastructure is based on Drupal CMS with modern frontend technologies, offering good mobile optimization and accessibility. However, the security posture is significantly weakened by the absence of a valid SSL certificate and lack of HTTPS support, which is a critical vulnerability for a financial services website. Privacy compliance is well addressed with clear cookie and privacy policies, and the domain registration is consistent and trustworthy. Strategic improvements in SSL/TLS configuration and security headers are urgently recommended to protect user data and maintain trust.

SEB.lv is the official website of SEB bank in Latvia, a major financial institution offering comprehensive banking services to private individuals, businesses, and large enterprises. The website provides extensive information on daily banking, loans, investments, insurance, and private banking, supported by a professional and well-structured Drupal-based platform. Multilingual support and clear navigation enhance user experience. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. DNS configurations show good email security practices with SPF and DMARC policies in place. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting strong privacy awareness. Overall, the site demonstrates a mature digital presence but requires urgent remediation of its SSL/TLS configuration to meet modern security standards.