Security Directory

M

MIT

marmit.co.za

23

MIT is a specialized manufacturer and supplier of professional and calibrated light and UV meters in Africa, with a strong market position as the only manufacturer of such instruments on the continent. They also provide custom solutions for radiation measurement and imaging sourced from global manufacturers, including the Goldilux series of light meters and Tissuegnostics products. The website is built on WordPress with Elementor and includes detailed product information, staff profiles, and partner testimonials, indicating a professional digital presence. However, the lack of HTTPS and security headers represents a significant security risk. The site uses Google Analytics for user tracking but lacks comprehensive privacy and cookie policies, which may impact compliance. Overall, the business appears credible and focused on niche industrial and scientific markets in South Africa, but improvements in security and privacy compliance are recommended.

W

Wilhelm Schwarzmüller GmbH

schwarzmueller.com

38

Wilhelm Schwarzmüller GmbH operates as one of Europe's largest providers of towed commercial vehicles, specializing in manufacturing and servicing premium transport solutions tailored to various industries such as construction, logistics, and tank transport. The company maintains a strong market position with a broad portfolio of over 150 vehicle types and a commitment to quality, evidenced by ISO certifications and industry awards. Their digital presence is robust, featuring multilingual support, active social media channels, and comprehensive customer service offerings including telematics and rental services. Technically, the website is built on WordPress with modern frameworks and SEO optimizations, although it lacks HTTPS encryption, which is a significant security concern. The security posture is weak due to the absence of SSL/TLS, HSTS, and other critical security headers, exposing users to potential risks. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the business credibility is high, supported by consistent branding, detailed contact information, and trust signals. Strategic improvements in security infrastructure are essential to enhance trust and protect user data.

S

SanLucar Fruit S.L.U.

sanlucar.com

39

SanLucar Fruit S.L.U. is a well-established company specializing in fresh fruits, vegetables, and related products, with a strong emphasis on quality, sustainability, and natural health benefits. The website reflects a mature digital presence with comprehensive product categories, corporate responsibility initiatives, and multilingual support targeting consumers and business partners globally. Technically, the site is built on WordPress with modern plugins and a reputable theme, offering good SEO and user experience. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to potential risks and undermining trust. Privacy policies and cookie consent mechanisms are present and appear GDPR compliant, supporting responsible data handling. Overall, while the business and content quality are high, urgent improvements in SSL/TLS implementation are necessary to enhance security and user trust.

S

STUDEN & CO Holding

sco-group.com

23

STUDEN & CO Holding is an international agribusiness holding company specializing in the processing, trading, and distribution of agricultural commodities such as sugar, edible oils, oilseeds, and grains. The company operates through subsidiaries including AGRANA-STUDEN Group and BIMAL Group, targeting agribusiness stakeholders and investors. The website presents a professional corporate image with multilingual support and clear business descriptions. Technically, the site is built on WordPress with common plugins like Yoast SEO and Visual Composer, but suffers from outdated PHP and lack of HTTPS, impacting security and performance. Security posture is weak due to missing SSL, no modern TLS support, and absence of advanced security headers. Privacy compliance is minimal with no visible privacy policy but a cookie consent banner is present. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

L

Linz Center of Mechatronics GmbH

lcm.at

29

Linz Center of Mechatronics GmbH (LCM) is a medium-sized Austrian research and development service provider specializing in mechatronics and manufacturing technologies. The company supports medium and large enterprises in sectors such as machinery, automotive, and medical technology by integrating scientific research into practical, economically viable solutions. Their services include integrated hydraulic and electrical drive systems, vibration technology, Industrial IoT, measurement services, and transformation consulting. The website is professionally designed, multilingual, and targets industrial clients seeking innovation and sustainability improvements. Technically, the site runs on WordPress with the Divi theme and includes modern SEO and multilingual plugins, but suffers from slow load times and lacks a valid SSL certificate, which impacts security posture. Security measures include GDPR-compliant cookie consent and captcha-protected contact forms, but the absence of HTTPS and security headers are critical vulnerabilities. Overall, LCM presents a credible and professional digital presence aligned with its business objectives, but should urgently address SSL and security header issues to improve trust and compliance.

H

Hirtenberger Defence Systems

hirtenberger.com

29

Hirtenberger Defence Systems is a medium-sized manufacturing company specializing in the development and production of mortar systems and related defense technologies. The company operates globally, targeting military and defense sector customers with a comprehensive product range including mortar ammunitions, weapon systems, and auxiliary equipment. The website reflects a professional business presence with consistent branding and good content relevance, though it lacks some advanced features such as detailed contact information and comprehensive privacy compliance mechanisms. Technically, the website is built on WordPress using the Divi theme and incorporates SEO tools like Rank Math. However, the site suffers from slow load times and basic mobile optimization. The hosting provider is hosttech.at, and the DNS setup is standard without advanced security features like DNSSEC or CAA records. From a security perspective, the website has critical shortcomings including the absence of a valid SSL certificate, lack of HTTPS support, and missing security headers. These issues significantly reduce the security posture and expose the site to potential risks. Privacy compliance is minimal, with a basic privacy policy present but no cookie consent mechanism or GDPR compliance indicators. No incident response or vulnerability disclosure information is available, which may impact trust and security readiness. Overall, the website is functional and presents the business adequately but requires urgent improvements in security and privacy compliance to enhance trustworthiness and protect user data. Strategic recommendations include implementing HTTPS, enabling security headers, and establishing clear privacy and incident response policies.

G

Grassfish

grassfish.com

40

Grassfish is a mature and established digital in-store platform and consulting company headquartered in Sweden, with additional presence in Austria. The company offers a comprehensive suite of digital signage and customer experience solutions tailored for retail brands and stores, positioning itself as the leading digital in-store platform in Europe trusted by over 500 brands. Their business model combines a SaaS platform with strategic, technical, and operational consulting services, targeting brands seeking to enhance their physical retail environments with digital innovation. Technically, the website is built on WordPress, leveraging modern web technologies and CDNs for content delivery, but currently suffers from critical SSL/TLS misconfigurations that undermine secure communications. The security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocols, posing significant risks to data confidentiality and user trust. Privacy compliance is well addressed with clear cookie consent mechanisms and comprehensive privacy policies aligned with GDPR requirements. Overall, while the business and content quality are excellent, the critical security gaps notably reduce the website's trustworthiness and require urgent remediation. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and enhancing security headers and session management to safeguard user data and maintain compliance.

T

timeCOM GmbH

bfit.at

19

timeCOM GmbH is a small Austrian technology company specializing in time management solutions including personnel time tracking, project time tracking, workflow, personnel deployment planning, access control, and payroll export. With over 25 years of experience, they serve business clients primarily in Austria and maintain partnerships with notable software and hardware providers such as Atoss AG, Datafox GmbH, and PCS GmbH. The website is built on WordPress with Elementor and provides clear contact information but lacks critical security and privacy features such as HTTPS and privacy policies. Technically, the site uses standard web technologies but suffers from missing SSL/TLS, which is a significant security risk. No web application firewall or blocking mechanisms are detected, and the site is fully accessible.

W

WunderLand Group

wunderlandgroup.com

37

WunderLand Group is a mature, medium-sized staffing solutions firm specializing in digital, creative, and marketing workforce services. The company offers a broad range of expertise including UX design, content editing, front-end development, and project management. Their market position is supported by strong client and consultant testimonials and industry awards such as the Best of Staffing®. Technically, the website is built on WordPress with Elementor and uses a variety of modern JavaScript libraries and marketing tools, hosted on WP Engine with Cloudflare CDN. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to risks and undermining trust. Privacy compliance is partially addressed with a cookie consent mechanism, but GDPR compliance is not clearly demonstrated. Overall, the business credibility is solid, but the security weaknesses require urgent remediation.

P

prentner engineering & consulting

prentner-ec.com

25

Prentner engineering & consulting is a small German-based engineering consultancy specializing in product development, design, FEM/MKS calculations, tooling technology, automation, assembly technology, and project management services. The company targets businesses requiring specialized engineering and consulting support in manufacturing and product innovation. Their website is built on WordPress with common plugins and provides content primarily in German with English alternatives. The site includes a cookie consent mechanism and a privacy policy, demonstrating GDPR compliance awareness. However, the absence of HTTPS is a critical security shortfall that undermines user trust and data protection. Technically, the website uses PHP 7.2.34 on an nginx server hosted by tele.net. The site employs popular WordPress plugins such as WPBakery Page Builder, LayerSlider, Contact Form 7, and Complianz GDPR. Performance data is missing or indicates slow loading, and SEO and accessibility optimizations are basic. Mobile optimization is good, and navigation is clear and professional. From a security perspective, the lack of SSL/TLS encryption is the most significant vulnerability, exposing users to potential data interception. No advanced security headers or incident response policies are found. Cookie consent is implemented properly, but no explicit security or incident response contacts are provided. WHOIS data aligns well with the website's business claims, indicating legitimacy. Overall, the website is functional and professional in content and design but requires urgent security improvements, especially enabling HTTPS and enhancing security headers. Privacy compliance is adequate, but business credibility could be improved by adding direct contact information and certifications.

C

CP BAP

bankseminar.eu

35

CP BAP is a consulting company specializing in financial services and related sectors, offering tailored consulting, IT solutions, and blended learning services. The company positions itself as a trusted partner with a focus on sustainable success and regulatory compliance. The website is professionally designed with good content quality and SEO optimization, targeting financial institutions such as banks and IT service providers. Technically, the site is built on WordPress with Elementor and uses various plugins for search and cookie management. However, a critical security gap is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and enhance trust.

W

Weitzer Parkett Vertriebs GmbH

weitzer-parkett.com

40

Weitzer Parkett Vertriebs GmbH is a well-established Austrian family-owned manufacturer and distributor of parquet flooring and wooden stairs, with a history dating back to 1831. The company holds a leading market position in Austria and is recognized as one of the top parquet manufacturers in Europe. Their product portfolio includes innovative parquet solutions such as Pflegefrei-Parkett, Gesund-Parkett, and Flüster-Parkett, emphasizing sustainability and ecological responsibility. The website reflects a mature digital presence with comprehensive product information, multi-language support, and strong branding consistency. Technically, the website is built on WordPress with WooCommerce, utilizing modern libraries and plugins such as jQuery, Slick Slider, and Borlabs Cookie for cookie management. It is hosted behind Cloudflare, providing CDN and security services. However, the absence of a valid SSL certificate and HTTPS support is a significant security shortfall, impacting user trust and data protection. The site implements GDPR-compliant privacy and cookie policies with explicit consent mechanisms. From a security perspective, while the site benefits from Cloudflare's protection and uses reCAPTCHA on forms, the lack of HTTPS and modern TLS protocols, as well as missing security headers like HSTS, reduce its security posture. No explicit security policy or incident response information is found, which could be improved to enhance transparency and readiness. Overall, the website is professional, content-rich, and business-credible but requires urgent security improvements to protect user data and maintain trust. Strategic recommendations include implementing a valid SSL certificate, enabling HTTPS, and enhancing security headers and protocols.

S

SINN Consulting GmbH

sinn.at

23

SINN Consulting GmbH is an Austria-based international consulting firm specializing in SAP BRIM solutions, focusing on industries such as telecommunications, energy, online retail, transport, media, and insurance. The company holds a reputable market position as a SAP Gold Partner and offers a comprehensive portfolio of SAP-related consulting and implementation services. Their website reflects a professional and consistent brand image targeting enterprise and medium-sized clients primarily in Austria and Germany. Technically, the website is built on WordPress with modern plugins and technologies, supporting multilingual content and GDPR compliance. However, a critical security gap exists due to the absence of a valid SSL certificate, despite the presence of HSTS headers, which undermines the security posture. Privacy compliance is well addressed with cookie consent mechanisms and a detailed privacy policy. Overall, the site demonstrates good business credibility and user experience but requires urgent security improvements to enable HTTPS and enhance trust.

W

Webconomy internet commerce GmbH

webconomy.com

24

Webconomy internet commerce GmbH operates a B2B-focused digital marketing agency website offering services such as growth boosting, SEO, Google Ads, mentoring, and performance marketing. The company targets B2B clients seeking to accelerate their digital growth and improve marketing performance. The website is built on WordPress with WooCommerce and several marketing and SEO plugins, indicating a moderate level of digital maturity. However, the site lacks a valid SSL certificate, serving content over HTTP only, which significantly impacts its security posture. No advanced security headers or incident response policies are evident, and cookie consent mechanisms are missing despite the use of tracking and analytics tools. The domain is mature and consistent with the business claims, registered since 1998 without privacy protection, but domain protection locks are not enabled, posing a moderate risk. Overall, the website presents good content quality and business credibility but requires urgent security improvements to protect user data and enhance trust.

A

ANGER MACHINING GmbH

anger-machining.com

21

ANGER MACHINING GmbH is a medium-sized manufacturing company specializing in turnkey machining solutions for the automotive industry, focusing on battery trays, profiles, and structural components. The company has a mature online presence with a domain registered since 2007 and holds recognized certifications such as TÜV Süd. Their website is multilingual and professionally designed, targeting B2B clients in automotive manufacturing. Technically, the site is built on WordPress with common plugins for SEO, multilingual support, and cookie compliance. However, the website suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in no HTTPS support. This significantly impacts the security posture and user trust. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site provides good business credibility and content quality but requires urgent security improvements.

L

Lakeside Labs GmbH

lakeside-labs.com

35

Lakeside Labs GmbH operates as a research and innovation hub specializing in self-organizing networked systems. The organization targets researchers, technology innovators, and academic-industry partners, offering research projects, publications, and collaborative partnerships. The website reflects a medium-sized technology entity based in Austria with a professional online presence and consistent branding. Technically, the site is built on WordPress with common plugins and libraries, but suffers from slow performance and basic mobile optimization. Security posture is weak due to the absence of a valid SSL certificate and missing DNS records, which undermines trust and exposes the site to potential risks. Privacy compliance is minimal, lacking cookie consent and comprehensive GDPR indicators. Overall, the site is functional but requires significant improvements in security and compliance to enhance trustworthiness and protect user data.

C

Christof Group

christof-group.at

26

Christof Group is a large, family-owned industrial group specializing in critical process equipment manufacturing and plant engineering services, operating across Austria, Germany, and Slovenia. The company is positioned as a world leader in its sector with a strong portfolio of subsidiaries and a history of over 150 years in the industry. The website reflects a professional B2B business model targeting industrial clients in energy, petrochemical, and pharmaceutical sectors. Technically, the site is built on WordPress with modern SEO and multilingual capabilities but lacks HTTPS, which is a significant security shortfall. The security posture is weak due to the absence of SSL/TLS encryption and limited security headers, exposing the site to potential risks. Privacy compliance is addressed with a cookie consent mechanism and privacy policy, but incident response and security policies are missing. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

S

SPAR International

spar-international.com

32

SPAR International is a well-established global voluntary food retail group founded in 1932, operating over 13,900 stores across 48 countries. The business model focuses on licensed wholesalers and retailers working in partnership to deliver diverse store formats and retail solutions. The website reflects a mature digital presence with comprehensive content, clear navigation, and a focus on partner engagement and responsible retailing. Technically, the site is built on WordPress with common plugins and libraries, but suffers from significant security shortcomings including lack of a valid SSL certificate and DNS configuration issues. Privacy compliance is well addressed through Cookiebot consent management and a comprehensive privacy policy. However, the absence of HTTPS and security headers poses risks to user data and trust. Overall, the site is professional and content-rich but requires urgent security improvements to align with best practices and user expectations.

M

MCR

morse.com

40

MCR is a well-established and large hotel management and ownership company, recognized as the third largest hotel owner-operator in the United States. The company operates a diverse portfolio of hotels across multiple states and brands, with a strong reputation supported by numerous industry awards and recognitions. The website reflects a mature business with a professional online presence, targeting investors, partners, and hospitality professionals. Technically, the website is built on WordPress with a modern tech stack including jQuery and Google Maps integration, but suffers from a lack of HTTPS due to an invalid or missing SSL certificate, which significantly impacts its security posture. Security headers are well implemented, but the absence of SSL and modern TLS protocols is a critical vulnerability. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of use, but the lack of a cookie consent mechanism is a gap. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

P

Peak Technology

peaktechnology.at

29

Peak Technology is a specialized engineering company focused on manufacturing bespoke carbon fibre components and high pressure vessels primarily for the space and motorsport industries. The company positions itself as a trusted partner with over 15 years of motorsport championship involvement and expertise in space mission components. Their business model is B2B, providing high-tech composite solutions with certifications such as ISO 9001 and EN 9100 that underline their quality management commitment. The website is professionally designed using WordPress with modern SEO practices and structured data, targeting industry professionals and partners. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines trust and data protection. The site lacks a cookie consent mechanism despite setting cookies, and no incident response or vulnerability disclosure policies are visible. Overall, the technical infrastructure is moderate with room for improvement in security and privacy compliance. Strategic recommendations include immediate SSL deployment, enhanced security headers, and formalized security policies to improve the security posture and trustworthiness of the digital presence.

L

LVA GmbH

lva-gmbh.at

37

LVA GmbH is a well-established Austrian company specializing in food safety, quality control, certification, and training services primarily targeting the food, cosmetics, pharmaceutical, and supplement industries. Founded in 1926, it holds a strong market position as a leading competence center in the Central and Eastern European region, serving clients in over 80 countries. The company offers a comprehensive portfolio including laboratory analyses, expert assessments, inspections, research, and educational seminars. Technically, the website is built on WordPress with modern SEO and cookie consent tools, but lacks a valid SSL certificate, which impacts security and user trust. The security posture is basic with no HTTPS, no HSTS, and missing advanced security headers, exposing the site to potential risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional and content-rich but requires urgent security improvements to align with best practices.

C

CBmed GmbH

cbmed.org

23

CBmed GmbH is a public-private partnership based in Graz, Austria, specializing in biomarker research to advance applied precision medicine and personalized healthcare. The organization collaborates globally with over 50 partners from academia and industry, focusing on innovative technologies such as ex vivo compound screening, microbiome research, and data science. Their business model centers on research and development services, supported by funded projects and a commitment to quality and innovation. The website reflects a mature, professional entity with consistent branding and comprehensive content tailored to healthcare professionals and collaborators. Technically, the website is built on WordPress with modern plugins like Yoast SEO and WPForms, hosted on an Apache server. While the site is mobile-optimized and SEO-friendly, performance metrics indicate slow loading times. Security posture is weak due to the absence of HTTPS, lack of security headers, and missing DNSSEC, exposing the site to potential risks. No explicit security or incident response policies are published, which could impact trust and compliance. Overall, the domain registration data aligns well with the business claims, showing a consistent and legitimate presence since 2014. Contact information is clearly provided, including multiple physical locations, email, phone, and a contact form. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms in place. However, the critical lack of SSL/TLS encryption significantly lowers the security score and poses a risk to user data confidentiality. Strategically, CBmed should prioritize implementing HTTPS, enhancing security headers, and publishing security policies to improve trust and compliance. The website’s strong content and business credibility provide a solid foundation for growth and partnership expansion, but technical and security improvements are essential to safeguard operations and reputation.

I

ILF Consulting Engineers

ilf.com

23

ILF Consulting Engineers is a large, privately owned international engineering and consulting firm specializing in infrastructure, energy, water, and environmental projects. With over 3,000 employees and a global presence spanning 45+ offices across six continents, ILF positions itself as a leader in sustainable engineering solutions. The website reflects a professional and comprehensive digital presence, offering detailed information about their services, business areas, and corporate values. Technically, the site is built on WordPress with modern JavaScript libraries and frameworks, providing a good user experience and mobile optimization. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to potential risks. Security headers are present, but the lack of TLS protocols and HSTS reduces overall security. Privacy compliance is addressed with a comprehensive privacy and cookie policy, though no explicit consent mechanism is detected. Business credibility is strong with clear company information and trust indicators such as ISO 27001 certification and Great Place to Work recognition. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

A

Amomed Pharma GmbH

amomed.com

25

Amomed Pharma GmbH is a medium-sized healthcare company specializing in pharmaceutical products for intensive care, emergency medicine, anesthesia, psychiatry, and neurology. The company operates as a member of the AOP Health Group, providing critical care medications aimed at reducing mortality and improving quality of life. The website targets healthcare professionals and institutions, offering product information and therapy solutions. Technically, the website is built on WordPress with a PHP backend and uses common web technologies such as jQuery, Bootstrap, and Font Awesome. However, the site lacks a valid SSL certificate, resulting in no proper HTTPS support, which is a significant security concern. Security headers are partially implemented, but critical configurations like TLS protocols and cipher suites are missing. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Contact information is not readily visible on the homepage, limiting user trust and engagement. Overall, the website demonstrates moderate digital maturity but requires urgent improvements in security and privacy to meet modern standards.

M

MMX e.U.

silberdraht.agency

37

Silberdraht Agency is a small Austrian online marketing firm specializing in services tailored for the BestAger demographic (age 50+). Founded in 2019 and operated by MMX e.U., the agency offers website analysis, creation, optimization, search engine marketing, social media marketing, and newsletter distribution. Their market position is niche-focused with a dedicated team and partnerships that enhance their service offerings. Technically, the website runs on WordPress with popular plugins and themes, but lacks HTTPS, which is a critical security shortfall. The site is mobile-optimized and SEO-friendly but suffers from slow or unmeasured performance. Security posture is weak due to missing SSL and security headers, and privacy compliance is minimal with no cookie consent mechanism. Overall, the business appears legitimate and consistent with its domain registration data, but security improvements are urgently needed.

K

Kienbaum Consultants Austria GmbH

kienbaum.at

22

Kienbaum Consultants Austria GmbH is a well-established HR and management consulting firm with a strong presence in Austria since 1958 and origins dating back to 1945. The company offers a comprehensive range of services including assessment, executive search, compensation management, and organizational transformation. Their Vienna office serves as an international hub for compensation data and global studies. Technically, the website is built on WordPress using the Divi theme, with modern tools like Matomo analytics and Cookiebot for privacy compliance. However, the absence of a valid SSL certificate and HTTPS significantly weakens the security posture, exposing the site to risks and reducing trust. Despite this, the site demonstrates good privacy compliance and business credibility with clear contact information and certifications. Strategic improvements in SSL/TLS implementation and security headers are recommended to enhance overall security and user trust.

L

Leftshift One

leftshift.one

23

Leftshift One is an established Austrian technology company specializing in generative AI solutions, particularly their MyGPT platform which leverages Retrieval-Augmented Generation (RAG) to provide secure, scalable, and customizable AI-powered knowledge management for enterprises and SMEs. The company positions itself as a technology leader with over 8 years of experience and 200 successful AI projects, emphasizing data privacy and compliance with GDPR. Technically, the website is built on WordPress with modern frameworks like Elementor and optimized with WP Rocket, but lacks a valid SSL certificate and proper TLS configuration, which are critical security gaps. The security posture is moderate with some vulnerabilities such as a subdomain takeover risk. Overall, the website is professional, content-rich, and compliant with privacy regulations, but requires urgent improvements in SSL/TLS security to enhance trust and protect user data.

G

Gymnasium Camphusianum

camphusianum.nl

36

Gymnasium Camphusianum is a small, community-oriented gymnasium school located in Gorinchem, Netherlands, providing secondary education focused on broad academic knowledge and personal development. The website reflects a well-structured educational institution with clear communication channels, active social media presence, and comprehensive privacy and cookie policies compliant with GDPR. Technically, the site is built on WordPress with modern plugins and themes, leveraging Cloudflare CDN for content delivery. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. This exposes users to potential data interception risks and reduces trustworthiness from a security perspective. Overall, while the content and business credibility are strong, the lack of HTTPS is a major vulnerability that must be addressed promptly.

A

Austrian Institute of Economics and Social Philosophy

austrian-institute.org

25

The Austrian Institute of Economics and Social Philosophy is a small non-profit organization focused on promoting classical liberal social philosophy and Austrian economics primarily to a German-speaking audience. The website serves as an educational platform offering blogs, videos, podcasts, and events such as the Austrian Academy. The organization is funded by donations and maintains a professional online presence with consistent branding and active social media channels. Technically, the website is built on WordPress with modern plugins and page builders, but lacks a valid SSL certificate, which is a critical security flaw. The absence of HTTPS significantly undermines the site's security posture despite good privacy compliance and cookie consent mechanisms. No explicit security or incident response policies are published, and no phone contact is provided, only an official email address. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

E

ekey biometric systems GmbH

ekey.net

35

ekey biometric systems GmbH is a medium-sized Austrian technology company founded in 2002, specializing in fingerprint-based access control and smart home integration solutions. The company holds a leading market position in Europe for fingerprint access systems, offering a range of products including door-integrated fingerprint readers, wall-mounted units, and retrofit kits. Their business model focuses on manufacturing, sales, and providing support and training services. The website reflects a mature digital presence with multilingual support and comprehensive product information targeting homeowners, businesses, and smart home users. Technically, the site is built on WordPress with modern plugins and analytics tools, but suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Security headers are well configured, and privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

Lab Zero Games is an independent game development studio known for titles such as Skullgirls and Indivisible. The website serves primarily as a promotional platform for their games, targeting gamers interested in indie and retro-style games. The business model focuses on game development and publishing within the technology sector. The company appears to be small-sized with consistent branding and good content quality. Technically, the website is built on WordPress 5.2.21 with PHP 7.3.33 and Apache server. The site lacks HTTPS support, which is a significant security concern. Performance metrics are not available, but the site shows basic mobile optimization and accessibility features. No advanced frameworks or analytics tools are detected. From a security perspective, the absence of SSL/TLS encryption, lack of security headers, and missing privacy and cookie policies indicate a low security posture. No incident response or vulnerability disclosure mechanisms are present. The domain registration data is consistent and legitimate, but the site would benefit greatly from implementing modern security best practices. Overall, the website is functional and professional in design but requires urgent improvements in security and privacy compliance to protect users and enhance trustworthiness.

L

Lebenshilfe Österreich

lebenshilfe.at

19

Lebenshilfe Österreich is a well-established non-profit organization dedicated to advocating for the rights and support of people with intellectual and multiple disabilities across Austria. Serving as the umbrella organization for regional Lebenshilfe groups, it offers services including support, advocacy, public relations, and organizes events such as the Austrian Inclusion Prize. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency targeting individuals and stakeholders interested in disability rights and inclusion. Technically, the site is built on WordPress with modern plugins like Yoast SEO and Cookiebot for consent management. It uses Apache hosting with DNS managed by easyname.eu. Accessibility features and structured data are implemented, enhancing user experience and SEO. However, performance metrics are not provided. From a security perspective, the site lacks a valid SSL/TLS certificate, exposing it to significant risks and undermining user trust. No advanced security headers or protocols are configured, and no incident response or security policies are publicly disclosed. Cookie consent is properly implemented, and privacy policies are present and GDPR compliant. Overall, while the website excels in content quality, user experience, and privacy compliance, the absence of HTTPS is a critical vulnerability that must be addressed immediately to protect users and maintain credibility. Strategic improvements in security posture and transparency around security policies are recommended to enhance trust and resilience.

Tarian Group, LLC is a large US-based security services provider specializing in guarding services, integrated security technology, risk advisory, and preparedness training. The company targets critical infrastructure, government, healthcare, commercial, and residential sectors, positioning itself as North America’s fastest growing security provider with a client-centric and innovative approach. The website is built on WordPress with the Divi theme and several plugins, showing a modern but somewhat basic technical infrastructure. However, the absence of HTTPS and SSL certificates is a significant security shortfall. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and multiple licensed office locations. The security posture is weak due to lack of HTTPS and missing security headers, but no active vulnerabilities were detected. Overall, the site is professional and trustworthy but requires urgent security improvements.

E

Edelweiss Consulting GmbH

edelweiss-consulting.at

51

Edelweiss Consulting GmbH is a small Austrian consulting firm specializing in strategy development, organizational development, and personnel development, primarily serving clients in Vienna and Linz. The company presents itself professionally with a well-structured website, social media presence, and recognized certifications such as the Top Berater Gütesiegel Kurier 2024. Technically, the website is built on WordPress using common plugins for SEO, forms, and cookie consent, hosted on world4you.at. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing visitors to risks and undermining trust. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, supporting GDPR adherence. Overall, the website is functional and professional but requires urgent security improvements.

C

ConVista Consulting AG

convista.com

40

ConVista Consulting AG is a leading SAP and IT consulting firm based in Germany, specializing in digital transformation across multiple industries including insurance, energy, healthcare, and manufacturing. The company offers comprehensive end-to-end solutions, combining deep industry expertise with technological innovation. Their market position is strong, supported by multiple industry awards and certifications such as SAP Gold Partner and Great Place to Work recognitions. The website reflects a professional and well-branded presence targeting enterprise clients seeking SAP and IT consulting services. Technically, the website is built on WordPress with modern optimization tools like WP Rocket and uses a variety of JavaScript libraries including jQuery and Swiper.js. The site is mobile-optimized and accessible, with good SEO practices and structured data enhancing search visibility. However, the technical infrastructure shows weaknesses in security, notably the absence of a valid SSL certificate and lack of TLS protocol support, which critically undermines secure communications. Security posture is currently basic, with several HTTP security headers implemented but critical SSL/TLS deficiencies present. Privacy compliance is strong, with clear GDPR-aligned privacy and cookie policies and consent mechanisms in place. Contact information is transparent and comprehensive, including phone, email, physical address, and contact forms. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility. Strategically, the company should prioritize obtaining and maintaining a valid SSL certificate and enabling modern TLS protocols to secure all communications. Enhancing security best practices will improve trust and compliance, supporting their strong market position and client relationships.

C

CONVISIO Völkermarkt WTH-STB GmbH & Co KG

convisio.at

24

CONVISIO Völkermarkt WTH-STB GmbH & Co KG is a medium-sized Austrian financial services company specializing in tax consulting, auditing, financial advisory, accounting, and startup consulting. The company operates multiple offices across Austria, targeting clients seeking professional financial and tax services. The website is built on WordPress with Elementor and includes modern SEO and cookie consent tools, reflecting a moderate level of digital maturity. However, the absence of a valid SSL certificate and lack of advanced security headers represent critical security weaknesses that could undermine user trust and data protection. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the company presents a professional image with clear contact information and trust signals such as certifications, but must urgently address its SSL and security posture to improve its risk profile.

F

Forerunners Network

roadmap2050.at

35

Forerunners Network is a German-language media platform based in Austria focusing on ESG (Environmental, Social, Governance) topics, infrastructure, and sustainability. It offers news articles, podcasts, videocasts, and a newsletter subscription service targeting an audience interested in sustainable development and innovation. The platform maintains a consistent brand presence and active social media engagement across multiple channels. Technically, the website runs on WordPress with the Bricks theme and uses plugins such as Borlabs Cookie for consent management and Podigee for podcast integration. However, the site lacks HTTPS, which is a critical security shortcoming. Security headers are minimal, and no incident response or security policies are publicly disclosed. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanism. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

F

F/LIST

f-list.at

38

F/LIST is a well-established Austrian family business specializing in luxury interior outfitting for business jets, private jets, and high-end living spaces such as hotels. The company emphasizes craftsmanship, innovation, and premium materials, positioning itself as a global leader in the luxury interiors market. The website reflects a professional and consistent brand image with multilingual support and rich content tailored to its affluent target audience. Technically, the site is built on WordPress with modern plugins and libraries, hosted on Hostinger with LiteSpeed server technology. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which critically impacts secure communications. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a clear privacy policy. Contact information is transparent and includes multiple channels, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

M

Medaprint Solutions Limited

mediaprint.design

37

Mediaprint Solutions Limited is a small UK-based company specializing in graphic design and print services, targeting businesses seeking professional branding and print solutions. The website is built on WordPress using the BeTheme and Revolution Slider plugins, hosted by IONOS SE. While the site presents a professional design and clear contact information, it lacks HTTPS support, which is a critical security deficiency. The absence of cookie consent mechanisms and limited privacy compliance indicators suggest room for improvement in regulatory adherence. Overall, the business appears legitimate with a mature domain age and consistent branding, but the technical and security posture requires enhancement to protect users and improve trust.

Arthur Hunt is a French-based human resources consulting firm specializing in executive search, HR strategy consulting, transition management, and talent development across France and Europe. The company positions itself as a medium-sized, established player with a professional and consistent brand presence. The website is built on WordPress using the Divi theme and incorporates modern plugins for multilingual support and user experience enhancements. However, the technical infrastructure lacks a valid SSL certificate and does not support modern TLS protocols, which poses a significant security risk. The site includes GDPR-compliant cookie consent mechanisms and clear contact information but lacks explicit security policies or incident response details. Overall, the business is credible and professionally presented, but the absence of HTTPS critically impacts the security posture.

E

EBNER Industrieofenbau GmbH

ebner.cc

35

EBNER Industrieofenbau GmbH is a well-established global leader in manufacturing heat treatment furnace facilities for the steel, aluminum, and copper base metal industries. The company is family-owned, founded in 1948, and headquartered in Austria. Their website reflects a mature digital presence with multilingual support, professional content, and clear business information targeting industrial B2B customers. Technically, the site runs on WordPress with modern plugins and Cloudflare CDN, but suffers from critical SSL/TLS misconfiguration, lacking a valid HTTPS certificate and modern protocol support, which severely impacts security posture. Privacy compliance is well addressed with GDPR cookie consent and a comprehensive privacy policy. However, no explicit security policy or incident response information is publicly available, which could be improved to enhance trust. Overall, the site is professional and credible but requires urgent security upgrades to protect visitors and maintain reputation.

IMAS International is a mature Polish market research company established in 1998, specializing in quantitative and qualitative research services including internet-based CAWI studies, CATI telephone surveys, and ethnographic research. The company targets businesses and organizations seeking data-driven insights to support decision-making. Their website reflects a professional presence with consistent branding and good content quality, offering reports, publications, and a panel internetowy service. Technically, the site is built on WordPress with common plugins for forms, slideshows, and marketing integrations such as Mailmunch and Jetpack. However, the site lacks HTTPS support, which is a significant security concern. No privacy or cookie policies are found, and contact information is limited to forms without explicit emails or phone numbers. Security posture is weak due to missing SSL/TLS and security headers, though no active vulnerabilities or malware are detected. Overall, the website is functional but requires urgent improvements in security and privacy compliance to enhance trust and protect user data.

C

CCL Industries

cclind.com

39

CCL Industries is a global leader in specialty packaging and the largest label company worldwide, with headquarters in Canada and the USA. The company operates across multiple sectors including home & personal care, premium food & beverage, healthcare, automotive, and security, supported by subsidiaries such as Avery, Checkpoint, Innovia, CCL Design, and CCL Secure. Their website reflects a mature enterprise with comprehensive investor relations, sustainability initiatives, and corporate governance information. Technically, the site is built on WordPress with common plugins and libraries, hosted behind Cloudflare, but suffers from a lack of a valid SSL certificate, impacting security posture. The absence of HTTPS and security headers, along with no visible cookie consent mechanism, represents significant security and privacy compliance gaps. Overall, the site is professional and content-rich but requires urgent improvements in security configuration and privacy compliance to align with best practices.

B

BMTS Technology

bmts-technology.com

25

BMTS Technology is a medium-sized, globally active Tier 1 automotive supplier specializing in powertrain and clean mobility technologies including turbochargers, electric turbo systems, heat pump compressors, and fuel cell boosters. The company targets automotive manufacturers and suppliers focused on new energy vehicles and autonomous driving technologies. The website is built on WordPress with a modern tech stack including PHP 8.2 and popular plugins for SEO and multilingual support. However, the site lacks a valid SSL certificate, resulting in no HTTPS, which is a critical security vulnerability. Security headers and advanced security practices are minimal. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is primarily via a contact form with no direct emails or phone numbers visible. Overall, the site presents professional content and branding but requires urgent security improvements to protect user data and enhance trust.

R

rieg marketing

rieg-marketing.de

22

rieg marketing is a small German marketing consultancy specializing in creative marketing, communication, and promotional services primarily for the sporting goods, marine, and fashion industries. The company offers tailored marketing strategies, project management, public relations, promotions, and visual merchandising services. The website is built on WordPress and uses common plugins such as Contact Form 7 and Cookie Law Info for user interaction and compliance. While the website content is professional and well-structured, the technical infrastructure lacks a valid SSL certificate, resulting in no HTTPS support, which is a significant security concern. Cookie consent mechanisms and a privacy policy compliant with GDPR are present, indicating attention to privacy compliance. However, no incident response or security policy information is provided, and no terms of service page is found.

P

Pacific National

pacificnational.com.au

37

Pacific National is Australia's largest private rail freight operator, providing comprehensive rail logistics services across the country. The company emphasizes safety, customer service, and operational excellence, serving a broad range of industries with extensive rail assets including locomotives and wagons. Their market position is strong as a trusted logistics partner with a large customer base and national presence. Technically, the website is built on WordPress hosted on WP Engine with Cloudflare CDN, utilizing common web technologies such as jQuery, Bootstrap, and Owl Carousel. The site is moderately optimized for performance and mobile responsiveness, with good SEO practices and structured data implemented for enhanced search visibility. From a security perspective, the site currently lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. Security headers are minimal, and advanced protections like HSTS and OCSP stapling are not enabled. While some security best practices like HttpOnly and Secure cookie flags are set, the overall security posture is weak and requires urgent improvement. Overall, the website is professional and content-rich but suffers from significant security shortcomings that impact user trust and compliance. Strategic improvements in SSL/TLS deployment and privacy compliance mechanisms are recommended to enhance security and regulatory adherence.

S

Semantic Web Company

semantic-web.com

39

Semantic Web Company is a technology provider specializing in semantic AI solutions, including text mining, recommender systems, and data fabric platforms. Headquartered in Austria with subsidiaries in the US and UK, the company offers the PoolParty Semantic Suite as its flagship product. The website is professionally designed using WordPress with modern plugins and SEO optimizations, targeting businesses seeking advanced AI-driven knowledge management solutions. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Security headers are partially implemented, but TLS protocols are not enabled, exposing the site to potential risks. Privacy and cookie policies are present and GDPR compliant, with a functional consent mechanism. Contact is primarily via a web form, with no direct emails or phone numbers publicly listed. The domain registration data aligns well with the business claims, indicating legitimacy. Overall, the site demonstrates good business credibility and technical maturity but requires urgent security improvements.

S

System Industrie Electronic GmbH

sie.at

33

System Industrie Electronic GmbH (S.I.E) is a market-leading specialist in the development and manufacturing of embedded and cyber-physical systems. The company offers a comprehensive portfolio of services including ideation, engineering, production, and quality lifecycle management, targeting industrial clients requiring customized embedded solutions. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site is built on WordPress with modern plugins and integrations such as Google Analytics, Google Tag Manager, and OneSignal push notifications. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which poses a significant risk to data confidentiality and user trust. Privacy compliance is well addressed with comprehensive cookie consent mechanisms and GDPR-aligned privacy policies. Overall, the business demonstrates strong credibility and market positioning, but urgent improvements in SSL/TLS configuration are necessary to enhance security and trust.

T

TECHNOMA Technology Consulting & Marketing GmbH

technoma.at

40

TECHNOMA Technology Consulting & Marketing GmbH is an Austrian consulting company specializing in environmentally friendly mobility solutions, particularly in rail and electromobility sectors. Established in 1995, it serves an international clientele with services including e-bus consulting, management systems, procurement, authorizations management, research projects, and system engineering. The company maintains a professional online presence with a well-structured website showcasing its services and client partnerships. Technically, the website is built on WordPress with common plugins and libraries, but lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes users to potential data interception risks. Privacy compliance is partially addressed with a cookie consent banner and a privacy policy page, though the latter is in German and may limit accessibility for international users. Overall, the website demonstrates good business credibility but requires urgent security enhancements to protect user data and improve trust.

Ö

Österreichische Staatsdruckerei

staatsdruckerei.at

32

The Österreichische Staatsdruckerei (Austrian State Printing House) is a well-established government-related entity specializing in secure identity document production and digital identity solutions. With over 200 years of experience, it holds a strong market position internationally, offering tailored ID products and digital government services. The website reflects a mature digital presence with professional design, comprehensive content, and strong branding consistency. Technically, the site is built on WordPress with modern SEO and analytics tools, but suffers from a critical SSL/TLS misconfiguration that undermines its security posture. Privacy compliance is robust, featuring detailed policies and a consent mechanism. Overall, the business credibility is high, supported by multiple certifications and active social media engagement.