Security Directory

U

untermStrich Software GmbH

untermstrich.com

33

untermStrich Software GmbH is a technology company specializing in SaaS-based office management and controlling software tailored for architects and engineers. The company has a strong market presence with approximately 87,000 users worldwide and operates in multiple countries including Austria, Germany, and the USA. Their flagship product, untermStrich X4, offers comprehensive tools for project management, electronic invoicing, CRM, and document management, targeting architectural and engineering firms. The website demonstrates a high level of digital maturity with professional design, structured data, and SEO optimization. However, the current lack of a valid SSL/TLS certificate and disabled HTTPS protocols represent a critical security vulnerability that must be addressed promptly. Privacy and cookie policies are well implemented and GDPR compliant, enhancing user trust. Overall, untermStrich presents a credible and professional business with a solid technical infrastructure but requires immediate improvement in its security posture.

S

Successfactory Consulting Group

successfactory.cc

39

Successfactory Consulting Group is a specialized consulting firm based in Austria focusing on organizational development, process optimization, product and system development, sustainability, agile transformation, and digitalization including artificial intelligence. The company offers a combination of consulting, training, coaching, and digital solutions targeting organizations seeking to improve productivity and adapt to modern trends. The website is built on WordPress with Elementor and Astra theme, showing a moderate level of digital maturity but lacking a valid SSL certificate, which is a critical security gap. The presence of GDPR-compliant cookie consent and privacy policy indicates attention to privacy compliance. Social media presence on major platforms supports business credibility. However, the absence of HTTPS and modern TLS protocols significantly impacts the security posture and overall trustworthiness of the site.

C

CANBERRA PACKARD Central Europe GmbH

cpce.net

40

CANBERRA PACKARD Central Europe GmbH is a well-established company specializing in the sales, installation, and servicing of nuclear and environmental radiation detection and measurement equipment, as well as medical radiation diagnostic and therapy equipment. Founded in 1987 in Austria, the company has grown to become the largest supplier in Central and Eastern Europe, serving a diverse clientele including government organizations, nuclear power plants, research centers, and international bodies. The website reflects a professional corporate presence with relevant content and clear contact information, targeting industry professionals and institutional customers. Technically, the website is built on WordPress 6.8.1 running PHP 8.2.28 and hosted on DigitalOcean infrastructure. While the site demonstrates good mobile optimization and accessibility, performance metrics are lacking, and SEO optimization is basic. The absence of a valid SSL certificate and HTTPS support is a critical security shortfall, exposing users to potential risks and undermining trust. Security headers are minimal, and no advanced security frameworks or incident response policies are evident. From a security perspective, the site’s posture is weak due to the lack of HTTPS, no cookie or privacy policies, and no vulnerability disclosure mechanisms. The SPF record is valid, and DNS configurations are consistent with the business location, but the SSL/TLS configuration is non-existent, which is a major vulnerability. No WAF or blocking mechanisms are detected, indicating open accessibility but also potential exposure. Overall, the site is functional and professional in content but requires urgent improvements in security and privacy compliance to meet modern standards. Strategic recommendations include implementing HTTPS with a valid certificate, publishing privacy and cookie policies, and enhancing security headers and incident response readiness to improve trust and compliance.

B

Bob Silverstein

bobsilverstein.com

31

Bob Silverstein's website represents a small professional services business specializing in therapy, coaching, and crisis management consulting, primarily targeting individuals and organizations in high-stress professions such as investment professionals and corporate lawyers. The business is positioned as a niche provider with over 25 years of experience, offering unique tools and personalized services. The website content is well-structured and professionally presented, though lacking formal privacy and cookie policies. Technically, the site is built on WordPress with common plugins like Contact Form 7 and Yoast SEO, hosted on HostPapa infrastructure. However, the site suffers from poor performance with a very slow load time and large page size. Mobile optimization and accessibility are basic, and SEO is adequately addressed through Yoast. From a security perspective, the site has significant weaknesses: no valid SSL certificate or HTTPS support, no security headers, and malformed DNS CAA records. While Google reCAPTCHA is implemented to protect forms, the lack of HTTPS and other security best practices exposes the site to risks. No incident response or vulnerability disclosure policies are present, and privacy compliance is minimal. Overall, the site is functional and credible as a professional service platform but requires urgent improvements in security and privacy compliance to protect users and enhance trust.

biolution GmbH is a specialized scientific consulting and visualization company serving the life sciences sector with over 20 years of experience. Their services include scientific consulting, 3D visualizations, grant and funding support, project management, coaching, workshops, and media design. The company targets researchers and organizations in the life sciences domain, positioning itself as a niche expert with a professional online presence. Technically, the website is built on WordPress with modern plugins like Elementor and WooCommerce, hosted on a LiteSpeed server by mysecurecloudhost.com. While the site has good SEO and structured data, it lacks a valid SSL certificate, which is a critical security gap. Privacy compliance is well addressed with iubenda cookie and privacy policies, including consent mechanisms. Social media integration is strong, enhancing trust and engagement. Security posture is weak due to missing HTTPS and lack of advanced security headers, exposing the site to potential risks. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

H

HAINZL Industriesysteme GmbH

hainzl.at

40

HAINZL Industriesysteme GmbH is a well-established Austrian industrial technology company specializing in system technology, testing technology, hydrogen technologies, process automation, embedded systems, and electrical engineering. With a history dating back to 1965, it holds a leading position in the European market, supported by multiple subsidiaries across Europe. The company targets industrial clients in machinery, vehicle manufacturing, metal industry, and construction sectors, offering comprehensive technological solutions and services. The website reflects a mature digital presence with professional design, multilingual support, and strong SEO practices. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate and disabled TLS protocols, which severely impact the security posture. While security headers are properly configured, the lack of HTTPS undermines trust and data protection. Privacy policies are present and GDPR compliant, but no explicit cookie consent mechanism is implemented. Overall, the site is professional and credible but requires urgent security improvements to align with best practices and protect user data.

B

Boom Software

boomsoftware.com

39

Boom Software is an established software company specializing in innovative solutions for maintenance, service, and production management across selected industrial sectors such as transportation, manufacturing, and energy. With over 25 years of experience, the company offers tailored software products including Maintenance Manager, Production Manager, and Rail Solutions, targeting niche markets like rail and public transport. The website reflects a professional digital presence with comprehensive content and clear business focus. Technically, the site is built on WordPress with Elementor and integrates modern marketing and analytics tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, exposing users to potential risks. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the company demonstrates strong business credibility but must urgently address its SSL/TLS configuration to improve security posture and user trust.

B

BEWOTEC GmbH

bewotec.de

24

BEWOTEC GmbH is a German-based technology company specializing in software solutions for travel agencies and tour operators. Their product suite includes myJACK, a comprehensive travel agency software, DaVinci for tour operators, and dynamic packaging tools like flexStore and OTDS Player. The company has a strong market presence in the German-speaking travel industry, with a history dating back to 1988. Technically, the website is built on WordPress with modern plugins and tools, offering good content quality and user experience. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR. Overall, the site is professional and trustworthy but requires urgent security improvements to enable HTTPS and enhance protection.

Q

Qidenus Technologies

qidenus.com

31

Qidenus Technologies is a specialized manufacturer of high-performance V-shaped book scanners and related capture software, serving a global clientele including libraries, archives, museums, and cultural heritage organizations. The company positions itself as a market leader with a strong product portfolio and a network of trusted partners and distributors worldwide. The website reflects a professional and well-branded digital presence with comprehensive product information and customer engagement features. Technically, the site is built on WordPress with modern plugins for SEO and analytics, hosted on LiteSpeed servers with PHP 8.1. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is partially addressed with cookie policies and consent mechanisms, but GDPR compliance indicators are limited. Overall, the business credibility is strong, but the security posture requires urgent improvement to protect data and enhance trust.

G

GIG Fassaden GmbH

gig.at

32

GIG Fassaden GmbH is a medium-sized Austrian company specializing in premium metal and glass facade solutions for international architecture projects. Their business model focuses on B2B services including design, engineering, prototyping, manufacturing, installation, maintenance, and renovation of building envelopes. The company maintains a strong market position with a consistent brand presence and comprehensive service offerings. Technically, the website is built on WordPress with modern libraries and plugins, optimized for SEO and mobile responsiveness. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing the site to risks and undermining user trust. Privacy policies and cookie consent mechanisms are well implemented, reflecting GDPR compliance. Overall, the site is professional and content-rich but requires urgent security improvements to meet modern standards.

A

Apitech

apitech.fr

39

Apitech is a French technology company specializing in open source productivity solutions and custom software development. With over 30 years of experience, it positions itself as a trusted partner for organizations seeking sovereign and secure digital tools. The company leverages open source expertise and partnerships with major technology providers like Microsoft and Dell to deliver tailored solutions. The website reflects a professional and consistent brand image targeting business clients in France. Technically, the site is built on WordPress with the Divi theme and uses modern plugins and analytics tools. However, a critical security issue is the lack of a valid SSL certificate, resulting in no HTTPS, which significantly impacts the security posture. While some security headers are present, the absence of HTTPS and modern TLS protocols is a major vulnerability. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and trust.

eSYS Informationssysteme GmbH is a regional IT service provider based in Austria, specializing in IT support, network management, software development, and cloud solutions, with a strong focus on serving businesses and schools in Upper Austria. The company maintains a professional online presence with comprehensive service descriptions and a clear target audience. Their website is built on WordPress with Elementor and uses modern plugins for SEO and cookie management. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security shortfall that undermines user trust and data protection. The site includes privacy and cookie policies with consent mechanisms, indicating good GDPR compliance. Social media integration and structured data enhance their digital maturity. Overall, eSYS demonstrates a solid business and technical foundation but must urgently address its SSL/TLS configuration to improve security posture and user confidence.

N

NDI

ndi.video

63

NDI.video is a leading technology provider specializing in IP-based video connectivity solutions that enable seamless multimedia experiences across various industries including broadcast, corporate collaboration, education, and content creation. The company offers a comprehensive ecosystem including SDKs, tools, certification programs, and a connected community platform to support developers and users. Their market position is strong, supported by a large product ecosystem and partnerships with notable organizations. Technically, the website is built on a modern WordPress VIP platform with Elementor and optimized for performance, mobile responsiveness, and SEO. Security posture is adequate with HTTPS and basic security headers, though improvements in DNS security and HTTPS hardening are recommended. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website reflects a professional and trustworthy business with a strong focus on developer enablement and user engagement.

A

AVANSA International GmbH

avansa.eu

21

AVANSA International GmbH is a consulting and training company specializing in sales training, leadership development, and change management consulting. The company targets businesses across various sectors including banking, insurance, pharma, medtech, industry, and trade, aiming to foster sustainable growth and measurable performance improvements. Their business model focuses on delivering tailored training and coaching services to enhance leadership and sales capabilities. Technically, the website is built on WordPress with modern plugins such as Elementor and WP Rocket, hosted on Hostpoint AG infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support and exposing users to potential risks. The site implements cookie consent and uses Google Analytics for tracking, indicating moderate privacy compliance. Overall, the website is professionally designed with rich content and clear navigation, but the lack of HTTPS significantly impacts its security posture and trustworthiness.

V

Versicherungsbüro Schättle GmbH

schaettle.at

33

Versicherungsbüro Schättle GmbH is an independent insurance brokerage firm based in Vienna, Austria, operating three physical offices and offering a range of insurance advisory and brokerage services. The company emphasizes personal consultation, competitive pricing, and strong partnerships with major insurance providers. Their website is professionally designed with good content quality and clear navigation, targeting private individuals and families in Vienna seeking insurance solutions. Technically, the website is built on WordPress with Elementor and several plugins, hosted on a LiteSpeed server with DNS managed by Dynamix. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information is comprehensive and easily accessible. Overall, the site demonstrates good business credibility but requires urgent security improvements.

E

ECM Label Production GmbH / ECM Marking Solutions GmbH

ecm.at

36

ECM.at represents a medium-sized Austrian manufacturing business specializing in label production and marking solutions with approximately 40 years of industry experience. The company offers a comprehensive range of services including label printing, dispensing systems, coding technologies, and engineering solutions tailored to various industries such as food packaging, automotive, electronics, and pharmaceuticals. The website reflects a professional B2B business model targeting companies requiring marking and labeling services. Technically, the site is built on WordPress with modern plugins and SEO optimizations but suffers from slow performance and lacks a valid SSL certificate, which is a critical security concern. Security posture is weak due to missing HTTPS, absence of security headers, and no incident response or security policy disclosures. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

L

LOOP21 Mobile Net GmbH

loop21.net

22

LOOP21 Mobile Net GmbH is a specialized provider of WLAN hotspot management software, offering customizable and legally compliant solutions primarily targeting businesses in tourism, hospitality, retail, and public sectors. The company operates a professional WordPress-based website with good content quality and clear business information, including contact details and social media presence. Technically, the site uses modern WordPress plugins and themes but lacks a valid SSL certificate, resulting in no HTTPS support and weak security posture. The cookie consent mechanism is GDPR compliant, reflecting awareness of privacy regulations. However, the absence of security headers and proper SSL configuration exposes the site to potential risks. Overall, the business appears legitimate and consistent with its domain registration data, but security improvements are critical to enhance trust and protect user data.

C

CubeServ Group

cubeserv.com

38

CubeServ Group is a well-established consulting company specializing in SAP Business Intelligence, Advanced Analytics, and Business Analytics solutions. With over 21 years of domain presence and more than 5,000 analytics projects, CubeServ holds a strong market position in the technology sector, particularly focusing on SAP products and services. Their offerings include business analytics platforms, SAP analytics products, software development, and application management services, targeting companies seeking to leverage SAP for data-driven decision making. The website is professionally designed, content-rich, and well-structured, supporting a positive user experience and clear navigation. Technically, the site uses WordPress with Elementor and various modern plugins, hosted likely on AWS infrastructure. However, a critical security gap exists due to the absence of HTTPS/SSL, which significantly impacts the security posture and trustworthiness. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Overall, CubeServ demonstrates strong business credibility but must urgently address the lack of SSL to improve security and user trust.

S

SanLucar Fruit S.L.U.

sanlucar.com

39

SanLucar Fruit S.L.U. is a well-established company specializing in fresh fruits, vegetables, and related products, with a strong emphasis on quality, sustainability, and natural health benefits. The website reflects a mature digital presence with comprehensive product categories, corporate responsibility initiatives, and multilingual support targeting consumers and business partners globally. Technically, the site is built on WordPress with modern plugins and a reputable theme, offering good SEO and user experience. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to potential risks and undermining trust. Privacy policies and cookie consent mechanisms are present and appear GDPR compliant, supporting responsible data handling. Overall, while the business and content quality are high, urgent improvements in SSL/TLS implementation are necessary to enhance security and user trust.

S

SINN Consulting GmbH

sinn.at

23

SINN Consulting GmbH is an Austria-based international consulting firm specializing in SAP BRIM solutions, focusing on industries such as telecommunications, energy, online retail, transport, media, and insurance. The company holds a reputable market position as a SAP Gold Partner and offers a comprehensive portfolio of SAP-related consulting and implementation services. Their website reflects a professional and consistent brand image targeting enterprise and medium-sized clients primarily in Austria and Germany. Technically, the website is built on WordPress with modern plugins and technologies, supporting multilingual content and GDPR compliance. However, a critical security gap exists due to the absence of a valid SSL certificate, despite the presence of HSTS headers, which undermines the security posture. Privacy compliance is well addressed with cookie consent mechanisms and a detailed privacy policy. Overall, the site demonstrates good business credibility and user experience but requires urgent security improvements to enable HTTPS and enhance trust.

P

Peak Technology

peaktechnology.at

29

Peak Technology is a specialized engineering company focused on manufacturing bespoke carbon fibre components and high pressure vessels primarily for the space and motorsport industries. The company positions itself as a trusted partner with over 15 years of motorsport championship involvement and expertise in space mission components. Their business model is B2B, providing high-tech composite solutions with certifications such as ISO 9001 and EN 9100 that underline their quality management commitment. The website is professionally designed using WordPress with modern SEO practices and structured data, targeting industry professionals and partners. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines trust and data protection. The site lacks a cookie consent mechanism despite setting cookies, and no incident response or vulnerability disclosure policies are visible. Overall, the technical infrastructure is moderate with room for improvement in security and privacy compliance. Strategic recommendations include immediate SSL deployment, enhanced security headers, and formalized security policies to improve the security posture and trustworthiness of the digital presence.

M

MMX e.U.

silberdraht.agency

37

Silberdraht Agency is a small Austrian online marketing firm specializing in services tailored for the BestAger demographic (age 50+). Founded in 2019 and operated by MMX e.U., the agency offers website analysis, creation, optimization, search engine marketing, social media marketing, and newsletter distribution. Their market position is niche-focused with a dedicated team and partnerships that enhance their service offerings. Technically, the website runs on WordPress with popular plugins and themes, but lacks HTTPS, which is a critical security shortfall. The site is mobile-optimized and SEO-friendly but suffers from slow or unmeasured performance. Security posture is weak due to missing SSL and security headers, and privacy compliance is minimal with no cookie consent mechanism. Overall, the business appears legitimate and consistent with its domain registration data, but security improvements are urgently needed.

G

Gymnasium Camphusianum

camphusianum.nl

36

Gymnasium Camphusianum is a small, community-oriented gymnasium school located in Gorinchem, Netherlands, providing secondary education focused on broad academic knowledge and personal development. The website reflects a well-structured educational institution with clear communication channels, active social media presence, and comprehensive privacy and cookie policies compliant with GDPR. Technically, the site is built on WordPress with modern plugins and themes, leveraging Cloudflare CDN for content delivery. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. This exposes users to potential data interception risks and reduces trustworthiness from a security perspective. Overall, while the content and business credibility are strong, the lack of HTTPS is a major vulnerability that must be addressed promptly.

L

Lebenshilfe Österreich

lebenshilfe.at

19

Lebenshilfe Österreich is a well-established non-profit organization dedicated to advocating for the rights and support of people with intellectual and multiple disabilities across Austria. Serving as the umbrella organization for regional Lebenshilfe groups, it offers services including support, advocacy, public relations, and organizes events such as the Austrian Inclusion Prize. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency targeting individuals and stakeholders interested in disability rights and inclusion. Technically, the site is built on WordPress with modern plugins like Yoast SEO and Cookiebot for consent management. It uses Apache hosting with DNS managed by easyname.eu. Accessibility features and structured data are implemented, enhancing user experience and SEO. However, performance metrics are not provided. From a security perspective, the site lacks a valid SSL/TLS certificate, exposing it to significant risks and undermining user trust. No advanced security headers or protocols are configured, and no incident response or security policies are publicly disclosed. Cookie consent is properly implemented, and privacy policies are present and GDPR compliant. Overall, while the website excels in content quality, user experience, and privacy compliance, the absence of HTTPS is a critical vulnerability that must be addressed immediately to protect users and maintain credibility. Strategic improvements in security posture and transparency around security policies are recommended to enhance trust and resilience.

Tarian Group, LLC is a large US-based security services provider specializing in guarding services, integrated security technology, risk advisory, and preparedness training. The company targets critical infrastructure, government, healthcare, commercial, and residential sectors, positioning itself as North America’s fastest growing security provider with a client-centric and innovative approach. The website is built on WordPress with the Divi theme and several plugins, showing a modern but somewhat basic technical infrastructure. However, the absence of HTTPS and SSL certificates is a significant security shortfall. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and multiple licensed office locations. The security posture is weak due to lack of HTTPS and missing security headers, but no active vulnerabilities were detected. Overall, the site is professional and trustworthy but requires urgent security improvements.

F

Forerunners Network

roadmap2050.at

35

Forerunners Network is a German-language media platform based in Austria focusing on ESG (Environmental, Social, Governance) topics, infrastructure, and sustainability. It offers news articles, podcasts, videocasts, and a newsletter subscription service targeting an audience interested in sustainable development and innovation. The platform maintains a consistent brand presence and active social media engagement across multiple channels. Technically, the website runs on WordPress with the Bricks theme and uses plugins such as Borlabs Cookie for consent management and Podigee for podcast integration. However, the site lacks HTTPS, which is a critical security shortcoming. Security headers are minimal, and no incident response or security policies are publicly disclosed. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanism. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Arthur Hunt is a French-based human resources consulting firm specializing in executive search, HR strategy consulting, transition management, and talent development across France and Europe. The company positions itself as a medium-sized, established player with a professional and consistent brand presence. The website is built on WordPress using the Divi theme and incorporates modern plugins for multilingual support and user experience enhancements. However, the technical infrastructure lacks a valid SSL certificate and does not support modern TLS protocols, which poses a significant security risk. The site includes GDPR-compliant cookie consent mechanisms and clear contact information but lacks explicit security policies or incident response details. Overall, the business is credible and professionally presented, but the absence of HTTPS critically impacts the security posture.

E

EBNER Industrieofenbau GmbH

ebner.cc

35

EBNER Industrieofenbau GmbH is a well-established global leader in manufacturing heat treatment furnace facilities for the steel, aluminum, and copper base metal industries. The company is family-owned, founded in 1948, and headquartered in Austria. Their website reflects a mature digital presence with multilingual support, professional content, and clear business information targeting industrial B2B customers. Technically, the site runs on WordPress with modern plugins and Cloudflare CDN, but suffers from critical SSL/TLS misconfiguration, lacking a valid HTTPS certificate and modern protocol support, which severely impacts security posture. Privacy compliance is well addressed with GDPR cookie consent and a comprehensive privacy policy. However, no explicit security policy or incident response information is publicly available, which could be improved to enhance trust. Overall, the site is professional and credible but requires urgent security upgrades to protect visitors and maintain reputation.

B

BMTS Technology

bmts-technology.com

25

BMTS Technology is a medium-sized, globally active Tier 1 automotive supplier specializing in powertrain and clean mobility technologies including turbochargers, electric turbo systems, heat pump compressors, and fuel cell boosters. The company targets automotive manufacturers and suppliers focused on new energy vehicles and autonomous driving technologies. The website is built on WordPress with a modern tech stack including PHP 8.2 and popular plugins for SEO and multilingual support. However, the site lacks a valid SSL certificate, resulting in no HTTPS, which is a critical security vulnerability. Security headers and advanced security practices are minimal. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is primarily via a contact form with no direct emails or phone numbers visible. Overall, the site presents professional content and branding but requires urgent security improvements to protect user data and enhance trust.

Ö

Österreichische Staatsdruckerei

staatsdruckerei.at

32

The Österreichische Staatsdruckerei (Austrian State Printing House) is a well-established government-related entity specializing in secure identity document production and digital identity solutions. With over 200 years of experience, it holds a strong market position internationally, offering tailored ID products and digital government services. The website reflects a mature digital presence with professional design, comprehensive content, and strong branding consistency. Technically, the site is built on WordPress with modern SEO and analytics tools, but suffers from a critical SSL/TLS misconfiguration that undermines its security posture. Privacy compliance is robust, featuring detailed policies and a consent mechanism. Overall, the business credibility is high, supported by multiple certifications and active social media engagement.

L

lemonconsulting

lemonconsulting.es

25

Lemon Consulting is a Spanish strategic consulting company specializing in credit insurance, health insurance, and business innovation consulting. The company targets businesses seeking to improve their overall results and risk management. The website presents a professional and consistent brand image with clear service offerings and contact information. Technically, the site is built on WordPress with Elementor and uses modern web technologies and plugins for SEO, accessibility, and GDPR compliance. However, the absence of a valid SSL certificate and HTTPS significantly impacts the security posture. The site employs Google Analytics and cookie consent mechanisms aligned with GDPR. Security policies and incident response information are not publicly available, which could be improved to enhance trust. Overall, Lemon Consulting appears to be a legitimate small business with a moderate digital maturity level but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

F

Fuhrparkverband Austria

fuhrparkverband.at

36

Fuhrparkverband Austria (FVA) is a specialized Austrian platform dedicated to fleet management information and networking. It serves as an independent voice and competence partner for fleet operators, companies, and policymakers in Austria. The organization offers membership-based services including events, seminars, newsletters, and surveys to foster knowledge exchange and professionalization in corporate mobility management. The website reflects a medium-sized organization with a clear focus on the transportation sector and a strong presence in Austria. Technically, the site is built on WordPress with modern plugins and SEO tools, but lacks HTTPS, which is a critical security gap. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. The site integrates Google Analytics and Mailchimp for marketing and analytics purposes. Social media presence is robust across major platforms. Overall, the site is professional and content-rich but requires urgent security improvements to enable HTTPS and modern TLS protocols.

E

EUCUSA Consulting GmbH

eucusa.com

22

EUCUSA Consulting GmbH is a specialized provider of strategic feedback systems and consulting services focused on enhancing employee engagement, customer satisfaction, and leadership development. The company operates primarily in Austria and offers a suite of products including employee surveys, customer surveys, 360° feedback, and tools like the Future Readiness Check® and Trust Check. Their business model integrates consulting expertise with proprietary software solutions to deliver tailored feedback and actionable insights for organizations. Technically, the website is built on WordPress 6.8.1 with a modern tech stack including jQuery, FontAwesome, and GDPR compliance plugins. The site is mobile-optimized and SEO-friendly, with structured data enhancing search visibility. Hosting is managed via Cloudpit DNS services. However, the website lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. From a security perspective, while the site uses GDPR cookie consent mechanisms and has no known vulnerabilities in libraries, the absence of HTTPS and modern TLS protocols severely undermines its security posture. No explicit security policies or incident response contacts are provided, and no vulnerability disclosure or security.txt files are found. This gap poses risks to user data confidentiality and trust. Overall, the website presents a professional and credible business front with good content quality and privacy compliance. The critical recommendation is to urgently implement a valid SSL certificate and enable HTTPS to protect user data and improve trustworthiness. Additional security enhancements and transparency around security policies would further strengthen the company's risk management and compliance stance.

P

Polizeichor Dortmund

polizeichor-dortmund.de

23

Polizeichor Dortmund is a small, local non-profit choir organization based in Germany, founded in 1909. The choir serves as a bridge between the police and the community, inviting all interested individuals to participate regardless of prior choral experience. Their website provides information about rehearsal times, locations, and upcoming events, targeting local citizens and choir enthusiasts. Technically, the website is built on WordPress with a standard Apache/PHP hosting environment and uses common plugins such as Yoast SEO for optimization. However, the site lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes visitors to potential risks and undermines trust. Security headers are minimal, and no advanced security policies or incident response information is provided. Privacy compliance is basic, with a privacy policy page present but no cookie consent mechanism or GDPR-specific notices. Overall, the website is functional and informative but requires significant improvements in security and privacy to meet modern standards.

F

FLOTAINMENT

flotainment.com

37

FLOTAINMENT is a medium-sized Austrian media company established in 1998, specializing in audio production, PR management, design, studio services, and label operations. The company targets clients in the creative and entertainment sectors, offering a diversified portfolio through multiple subdomains representing its key services. The website is built on WordPress with Elementor and integrates Jetpack for analytics and security features. However, the site lacks HTTPS, which is a critical security shortfall. While cookie consent and privacy policies are well implemented and GDPR compliant, the absence of SSL/TLS encryption exposes visitors to potential risks. Contact information is clearly provided, enhancing business credibility. Overall, the digital infrastructure is functional but requires urgent security upgrades to meet modern standards.

7iD Technologies GmbH is an Austrian company specializing in IoT software and solutions focused on optimizing intralogistics and industrial production processes. Their offerings include track & trace technology, asset management, and predictive maintenance solutions leveraging various IoT technologies such as RFID, BLE, NB-IoT, and UWB. The company positions itself as a leading provider in the manufacturing sector, targeting businesses seeking digital transformation and efficiency improvements. Technically, the website is built on WordPress with common plugins and hosted behind Cloudflare, but lacks a valid SSL certificate, which is a significant security concern. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. The security posture is weak due to missing HTTPS and modern TLS protocols, exposing users to potential risks. Overall, the website is professional and trustworthy but requires urgent security improvements to protect data and enhance user trust.

C

CAPESPAN | We Deliver

capespan.com

27

Capespan is a large, established global distributor, marketer, and producer of fresh fruit with a strong market position supported by recognized brands such as Cape, Outspan, Outspan Gems, and Goldland. The company operates an integrated business model encompassing fruit growing, packing, marketing, and distribution, serving grower partners and retail customers worldwide. Their website reflects a professional and content-rich digital presence with active social media engagement and regular press updates. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and social media integration, hosted on Apache servers. However, the lack of a valid SSL certificate and absence of HTTPS significantly undermine the security posture, exposing users to risks. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Overall, the site demonstrates good business credibility and digital maturity but requires urgent security improvements to protect data and maintain trust.

S

SIGNA

signa.at

26

SIGNA is a well-established international holding company founded in 2000, operating primarily in the real estate and retail sectors. The website presents a bilingual (German and English) overview of the business, highlighting its core subsidiaries and business areas. The company targets investors and industry stakeholders with a professional and consistent brand presence. Technically, the website is built on WordPress with modern plugins and tools such as Google Analytics and Complianz for GDPR compliance. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS protection, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and a privacy policy. No direct contact information or security policies are publicly available, which could limit user trust and incident response readiness. Overall, the site is functional and professional but requires urgent security improvements.

syslab.com GmbH is a well-established German software company specializing in content management, risk assessment, and digital collaboration solutions. With over 25 years of experience, it holds a strong market position as a leading Plone and Python developer in Germany, serving a diverse clientele including enterprises, government agencies, and research institutions. The company emphasizes open source contributions and maintains strategic partnerships with notable organizations. Technically, the website is built on WordPress with modern themes and SEO plugins, offering a rich user experience and good mobile optimization. However, the security posture is currently weak due to the absence of a valid SSL certificate and lack of HTTPS support, which poses significant risks. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, syslab.com demonstrates strong business credibility and digital maturity but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

I

Invenium Data Insights GmbH

invenium.io

26

Invenium Data Insights GmbH is a specialized data analytics company based in Austria focusing on anonymized mobile phone signaling data to provide insights into human mobility patterns. Their services support city planners, transportation authorities, tourism, retail, and event organizers by leveraging AI and big data technologies to optimize mobility and infrastructure planning. The website is professionally designed, content-rich, and GDPR compliant, targeting public and private sector clients who require data-driven decision-making tools. Technically, the site runs on WordPress with modern JavaScript libraries and is hosted on Hetzner servers. However, the lack of a valid SSL certificate and HTTPS significantly weakens the security posture. Privacy compliance is strong with cookie consent mechanisms and a comprehensive privacy policy. Business credibility is supported by testimonials and partner logos. Overall, the site is functional and trustworthy but requires urgent security improvements.

Elfriede Gerdenits operates a personal professional website focused on authoring, career consulting, and media contributions primarily in Austria. The site targets individuals interested in career development, coaching, and personal growth, leveraging a small business model centered on content publishing and consulting services. Technically, the website is built on WordPress with a standard Apache/PHP stack and uses common plugins for SEO and social media integration. However, the site lacks HTTPS support, which is a critical security shortfall. Security posture is weak due to missing SSL, lack of security headers, and no advanced TLS features. Privacy compliance is basic, with a privacy policy page present but no explicit GDPR compliance indicators or cookie consent mechanisms beyond a basic EU cookie law plugin. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

D

Dataphone GmbH

dataphone.at

25

Dataphone GmbH is an Austrian company specializing in digitalizing supply chain processes, offering innovative software and hardware solutions primarily for warehouse logistics, transport, and retail sectors. Their market position is strong within Austria, providing comprehensive services including warehouse management systems (LOGIS 4 and LOGIS Light), hardware products like barcode scanners and label printers, and professional maintenance and support services. The company targets businesses seeking to modernize and optimize their logistics and supply chain operations through digital transformation. Technically, the website is built on WordPress with a modern theme and uses a variety of plugins for SEO, performance optimization, cookie consent, and analytics. However, a critical security shortfall is the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. The site employs Google Analytics, Google Tag Manager, and other marketing tools with proper consent mechanisms, indicating good privacy compliance. Contact information and business details are clearly presented, enhancing business credibility. Overall, while the business and technical maturity are good, urgent improvements in security infrastructure are necessary to protect user data and build trust.

D

DAXNER GmbH

daxner.at

40

DAXNER GmbH is a medium-sized Austrian manufacturing company specializing in bulk material technology and engineering solutions for various industrial sectors including food, chemical, and non-food industries. The company has a strong market position as an internationally leading provider with a comprehensive portfolio of products and services such as engineering, production, assembly, and control technology. Their website reflects a professional and well-structured digital presence with excellent content quality and SEO optimization. Technically, the site is built on WordPress with modern plugins and scripts, but lacks a valid SSL certificate and proper HTTPS configuration, which is a significant security concern. Security headers are well implemented, but the absence of TLS protocols and session resumption reduces the overall security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Contact information and social media presence enhance business credibility. Overall, the website is trustworthy and professional but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

P

promitto organisationsberatung gmbh

promitto.at

26

promitto organisationsberatung gmbh is a small Austrian consulting firm specializing in organizational development, leadership coaching, and change management. Their website presents a professional image with clear descriptions of their services, targeting organizations and leadership teams seeking vitality and transformation support. The technical infrastructure is based on WordPress with common plugins like Yoast SEO and Contact Form 7, but lacks a valid SSL certificate, which is a significant security concern. The site includes GDPR-compliant privacy and cookie policies with consent mechanisms, but no terms of service or explicit security policies are found. Contact information is clearly provided, including email, phone, and physical address, enhancing business credibility. Overall, the website is functional and informative but requires urgent security improvements to protect user data and improve trust.

P

planetsoftware

cad.at

28

planetsoftware is a well-established Austrian company specializing in 3D CAD software solutions, primarily focusing on SOLIDWORKS and 3DEXPERIENCE platforms. As a partner of the Bechtle Group, they provide comprehensive product lifecycle management software and services including design, data management, simulation, and manufacturing solutions. Their website reflects a mature digital presence with detailed product offerings, customer references, and educational resources targeting industrial and technical sectors. Technically, the site is built on WordPress with modern plugins and tools, but lacks a valid SSL certificate, which is a significant security concern. Privacy compliance is well addressed with cookie consent mechanisms and GDPR-aligned policies. Overall, the business demonstrates strong market positioning and professional online representation but must urgently address its lack of HTTPS to improve security posture and trust.

Ö

ÖSB Consulting GmbH

oesb.at

38

ÖSB Consulting GmbH is a prominent consulting firm specializing in labor market policy and related services in Austria. As part of the ÖSB Group, it holds a strong market position with a broad portfolio including diversity, entrepreneurship, health management, and sustainability consulting. The company serves a diverse audience including businesses, unemployed individuals, and youth, with a focus on innovative and impactful labor market solutions. Technically, the website is built on WordPress with Elementor and uses LiteSpeed hosting and caching technologies, ensuring a modern and responsive user experience. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines trust and data protection. The site employs privacy-conscious analytics and cookie management, aligning well with GDPR requirements. Overall, the business demonstrates professionalism and credibility, but urgent improvements in security infrastructure are necessary.

A

AF Compressors

afcompressors.com

40

AF Compressors is a well-established manufacturer specializing in oil-free piston compressors, serving industrial sectors including PET bottling. The company positions itself as a world leader with a strong focus on energy and cost savings. Their website reflects a medium-sized enterprise with a global service network and a consistent brand presence. Technically, the site is built on WordPress with modern libraries and tracking tools, but suffers from a critical lack of HTTPS and valid SSL certificates, which severely impacts security posture. Privacy policies and cookie consent mechanisms are implemented, though extensive tracking scripts may affect privacy compliance. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

B

bluesource - mobile solutions gmbh

bluesource.at

23

bluesource - mobile solutions gmbh is a well-established Austrian company specializing in mobile app development and digital transformation services primarily for banking, retail, and industrial sectors. With over 20 years of experience, the company offers a comprehensive suite of services including app development, strategy and consulting, UX/UI design, accessibility, and data/AI solutions. Their market position is strong, supported by a portfolio of notable clients and an ISO 27001 certification that underscores their commitment to security and quality. The website is professionally designed, content-rich, and well-structured, targeting B2B clients seeking digital innovation. Technically, the site is built on WordPress with modern frontend libraries and integrates marketing tools such as HubSpot forms. However, the absence of a valid SSL certificate and HTTPS support is a critical security vulnerability that undermines the overall security posture. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Social media presence and trust indicators further enhance business credibility.

C

conova communications GmbH

conova.com

40

conova communications GmbH is a well-established Austrian IT service provider specializing in tailored IT solutions including data center services, managed hosting, cloud, virtualization, and security. Founded in 1988, conova positions itself as a strategic partner for businesses requiring high availability and secure IT infrastructure, primarily serving the Austrian market with international reach. The company operates its own data centers and offers hybrid cloud solutions, emphasizing data sovereignty and security. The website reflects a mature digital presence with comprehensive service descriptions, customer testimonials, and certifications such as ISO 27001 and EN 50600, reinforcing its market credibility. Technically, the website is built on WordPress with modern plugins like Slider Revolution and Borlabs Cookie for cookie management, and integrates marketing tools such as HubSpot. The site is mobile-optimized and SEO-friendly, with structured data and Open Graph metadata enhancing search visibility. However, the absence of a valid SSL/TLS certificate and disabled TLS protocols represent significant security shortcomings, undermining the otherwise strong security posture indicated by HTTP headers and certifications. Security-wise, conova demonstrates good practices with multiple security headers and GDPR-compliant privacy and cookie policies. Yet, the lack of HTTPS and modern TLS support is a critical vulnerability that must be addressed urgently to protect data in transit and maintain trust. No incident response or vulnerability disclosure information was found, suggesting an area for improvement in transparency and security readiness. Overall, conova presents a professional and trustworthy business with strong market positioning and technical maturity, but the critical SSL/TLS issues pose a risk that could impact customer confidence and compliance. Strategic remediation of these security gaps is recommended to align the website's security posture with its business reputation.

hoog.at is a small, community-driven alternative social network and blog platform primarily focused on social activism, photography, and personal projects by Wolf Hoog and collaborators. The website targets a German-speaking audience interested in social causes and alternative culture. It leverages WordPress with BuddyPress and ActivityPub plugins to provide social networking features and content sharing. The site has a moderate market position within its niche and maintains a consistent, good-quality content offering with active social media channels. Technically, the site runs on Apache and is hosted by easyname.eu, but suffers from a lack of valid SSL/TLS certificates, resulting in insecure HTTP connections. Performance data is missing, and mobile optimization is basic. Security posture is weak due to missing HTTPS, lack of strong security headers, and no modern TLS protocols enabled. Privacy compliance is minimal, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Business credibility is moderate, supported by consistent domain registration and social media presence but limited direct contact information. Overall, the site is functional but requires significant security and privacy improvements to enhance user trust and compliance.