Security Directory

C

conova communications GmbH

conova.com

40

conova communications GmbH is a well-established Austrian IT service provider specializing in tailored IT solutions including data center services, managed hosting, cloud, virtualization, and security. Founded in 1988, conova positions itself as a strategic partner for businesses requiring high availability and secure IT infrastructure, primarily serving the Austrian market with international reach. The company operates its own data centers and offers hybrid cloud solutions, emphasizing data sovereignty and security. The website reflects a mature digital presence with comprehensive service descriptions, customer testimonials, and certifications such as ISO 27001 and EN 50600, reinforcing its market credibility. Technically, the website is built on WordPress with modern plugins like Slider Revolution and Borlabs Cookie for cookie management, and integrates marketing tools such as HubSpot. The site is mobile-optimized and SEO-friendly, with structured data and Open Graph metadata enhancing search visibility. However, the absence of a valid SSL/TLS certificate and disabled TLS protocols represent significant security shortcomings, undermining the otherwise strong security posture indicated by HTTP headers and certifications. Security-wise, conova demonstrates good practices with multiple security headers and GDPR-compliant privacy and cookie policies. Yet, the lack of HTTPS and modern TLS support is a critical vulnerability that must be addressed urgently to protect data in transit and maintain trust. No incident response or vulnerability disclosure information was found, suggesting an area for improvement in transparency and security readiness. Overall, conova presents a professional and trustworthy business with strong market positioning and technical maturity, but the critical SSL/TLS issues pose a risk that could impact customer confidence and compliance. Strategic remediation of these security gaps is recommended to align the website's security posture with its business reputation.

M

Mondial GmbH & Co. KG

mondial-congress.com

37

Mondial GmbH & Co. KG is a medium-sized Austrian company specializing in congress and event management services, including green meetings, virtual events, and travel management. The company holds several industry certifications and maintains a multilingual, content-rich website targeting organizations seeking professional event solutions. Technically, the website is built on WordPress with modern libraries but lacks a valid SSL certificate, resulting in a critical security gap. The absence of HTTPS and security headers exposes users to risks and reduces trust. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to meet modern standards.

I

ICW Group

icwgroup.com

36

ICW Group is a national commercial insurance provider specializing in workers' compensation, catastrophe insurance, and assumed reinsurance coverage. The company targets businesses seeking comprehensive insurance solutions and risk management services. Their website reflects a mature digital presence built on WordPress with Elementor, featuring well-structured content, clear navigation, and integration with multiple marketing and analytics tools such as Hotjar, Pardot, and Google Tag Manager. However, the site lacks a valid SSL certificate, which significantly impacts its security posture. While cookie consent mechanisms and privacy policies are in place, explicit security policies and incident response information are absent. Overall, the website demonstrates good business credibility and user experience but requires urgent improvements in security to protect user data and enhance trust.

N

NNZ United States

nnzusa.com

40

NNZ United States is a well-established multinational packaging company with a history dating back to 1922. The company specializes in providing customized packaging solutions primarily for the fresh produce and industrial sectors. It operates through a broad network of subsidiaries across Europe, North America, and Africa, positioning itself as a market leader with a strong emphasis on sustainability and innovation. The website reflects a professional and comprehensive digital presence, offering detailed product portfolios, sustainability initiatives, and corporate information. Technically, the website is built on WordPress with modern tools such as Gravity Forms and Google Tag Manager integrated for analytics and marketing. While the site is well-structured, mobile-optimized, and SEO-friendly, it suffers from a critical security shortfall: the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Security headers are properly configured, but the lack of encryption undermines user trust and data protection. The company demonstrates good privacy compliance with clear privacy and cookie policies, including consent mechanisms. Contact information is readily available, including phone numbers, physical address, and contact forms, enhancing business credibility. However, no explicit security policy or incident response information is found on the site. Overall, NNZ USA presents a strong business and digital profile but must urgently address its SSL/TLS configuration to improve security and trustworthiness. Strategic improvements in this area will enhance user confidence and align the website with modern security standards.

D

DIE FLIEGENDEN KÖCHE GMBH

fliegende-koeche.com

25

DIE FLIEGENDEN KÖCHE GMBH operates Austria's largest chefs agency, providing professional kitchen staff placement services nationally and internationally since 2007. The company targets gastronomy businesses such as restaurants and hotels, offering temporary and permanent staffing solutions including various chef roles. Their market position is strong within Austria, supported by over a decade of experience and multiple regional offices. Technically, the website is built on WordPress with common plugins and libraries but suffers from critical security shortcomings, notably the absence of a valid SSL certificate and use of outdated PHP. The site includes privacy and cookie policies with consent mechanisms, but lacks explicit security or incident response policies. Overall, the business credibility is good, but the security posture is weak, exposing the site to risks. Strategic improvements in HTTPS deployment, server software updates, and security headers are recommended to enhance trust and compliance.

P

Pointy Hills Media Ltd

fall-line.co.uk

35

Fall Line Skiing is a specialized UK-based media company operating a ski magazine and website focused on ski gear reviews, resort guides, and skiing stories. The company targets ski enthusiasts and offers subscriptions, single issue sales, advertising, and an e-commerce shop. The website is built on WordPress with WooCommerce and uses modern marketing and analytics tools, including Google Analytics, Tag Manager, and Microsoft Clarity. The content quality and branding are excellent, with clear navigation and professional design. However, the website lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability. Security headers are present but insufficient without HTTPS. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms implemented. Contact information is clearly provided, including a UK physical address and phone number. Overall, the website is trustworthy but requires urgent security improvements to protect user data and enhance trust.

M

MBI Institut für Marketingberatung

mbi.eu

23

MBI Institut für Marketingberatung is a healthcare-focused private broker based in Austria, specializing in increasing accessibility to licensed medical products for vulnerable populations. With over 30 years of experience, the company partners with globally recognized vaccine manufacturers and genetic testing providers to supply governments and NGOs. The website is built on WordPress using Elementor and related plugins, hosted on a LiteSpeed server. While the site is professionally designed and provides clear contact information and GDPR-compliant cookie consent, it lacks a valid SSL certificate and modern TLS support, which is a critical security concern. No explicit security or incident response policies are found, and no vulnerability disclosure mechanisms are present. Overall, the business appears credible and established, but the technical security posture requires urgent improvement.

E

EC2U

ec2u.eu

40

EC2U is a European educational alliance focused on collaboration among city universities, providing joint academic programs, mobility opportunities, and research initiatives. The website targets students, staff, researchers, and citizens, offering multilingual content and resources. Technically, the site is built on WordPress with a modern tech stack including jQuery and various plugins, hosted via Gandi. While the site has good design, accessibility, and SEO practices, it critically lacks a valid SSL certificate, exposing users to security risks. Security headers are present but their effectiveness is diminished without HTTPS. Privacy and cookie policies are implemented with consent mechanisms, supporting GDPR compliance. Overall, the domain registration is consistent and trustworthy, with active social media presence enhancing credibility.

A

ATMOsphere

atmo.org

56

ATMOsphere is a globally recognized event organizer specializing in conferences and networking events focused on natural refrigerants and clean cooling technologies. Established in 2009 and managed by the parent company shecco, ATMOsphere serves as a market accelerator by bringing together key industry stakeholders including policy makers, manufacturers, and end users. The website effectively communicates the business purpose, upcoming events, and team information, supported by multimedia testimonials and social media engagement. Technically, the website is built on WordPress with Elementor and uses modern plugins to enhance user experience and analytics. However, the absence of a valid SSL certificate and lack of a privacy policy represent significant security and compliance gaps. The cookie consent mechanism is implemented, but GDPR compliance cannot be fully confirmed due to missing privacy documentation. Overall, the business credibility is strong, but the security posture requires urgent improvement to protect user data and build trust.

A

ATMOsphere

naturalrefrigerants.com

48

NaturalRefrigerants.com is a well-established industry portal published by ATMOsphere, focusing on natural refrigerant-based cooling and heating technologies. It serves as a global marketplace and news source, connecting buyers and providers worldwide. The website demonstrates a strong market position as a leading source of information since 2006, with a professional design and comprehensive content. Technically, the site is built on WordPress with Elementor and WooCommerce, leveraging modern web technologies but suffers from slow performance and lacks a valid SSL certificate, which impacts its security posture. The absence of HTTPS and security headers are critical vulnerabilities that need immediate attention. Privacy compliance is partial, with a privacy policy and terms of service present but no cookie consent mechanism detected. Overall, the site is credible and trustworthy but requires significant security improvements to protect user data and enhance trust.

A

AIM Group International

aimgroupinternational.com

35

AIM Group International is a medium-sized service provider specializing in event management, digital communication, and consultancy services primarily targeting companies and associations. The company offers a broad portfolio including conference management, virtual and hybrid events, healthcare meetings, digital marketing, and consultancy services. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress with modern libraries and plugins, hosted on Amazon AWS infrastructure. However, the website lacks a valid SSL certificate and does not support HTTPS, which significantly impacts its security posture. While cookie consent and privacy policies are implemented and GDPR compliant, the absence of HTTPS and security headers exposes the site to risks. Overall, the business appears legitimate and well-established with active social media presence and trust indicators such as an annual report and newsletter. Strategic improvements in security configuration are recommended to enhance trust and compliance.

G

Gottschligg

gottschligg.com

29

Gottschligg is a medium-sized manufacturing company based in Austria specializing in the development and delivery of customized and standard load carriers for industrial clients, particularly in the automotive and manufacturing sectors. The company offers a range of products including special load carriers, universal load carriers, plastic and textile carriers, wooden carriers, and repair services. Their website reflects a professional and consistent brand presence with clear contact information and compliance with GDPR and cookie consent regulations. Technically, the site is built on WordPress with Yoast SEO and jQuery, hosted on Google Cloud infrastructure. However, the absence of a valid SSL certificate and HTTPS support significantly weakens their security posture. Security headers are properly configured but cannot compensate for the lack of encryption. Overall, the site is accessible and well-structured but requires urgent security improvements to protect user data and enhance trust.

D

Distillery | Paranormal Agency

distillery.cc

20

Distillery | Paranormal Agency is a small creative agency based in Austria specializing in transformative branding, experiential marketing, media production, and communication design. The company positions itself as a niche player focusing on immersive and genuine cultural experiences. The website is built on WordPress with a modern tech stack including Yoast SEO and Contact Form 7, but lacks a valid SSL certificate, which is a critical security concern. The site implements cookie consent mechanisms indicating GDPR awareness but lacks explicit privacy policy and terms of service pages. Contact information including company emails and physical address is clearly presented, alongside active social media profiles. Overall, the website is professionally designed with good content quality and navigation but suffers from poor security posture due to missing HTTPS.

N

Ninefeb

ninefeb.com

37

Ninefeb is a European service provider specializing in technical documentation, eLearning, consulting, and personnel services. The company operates primarily in Austria with a subsidiary in the UK, targeting businesses requiring comprehensive technical communication support. The website presents a professional image with clear service offerings and client testimonials, positioning Ninefeb as a trusted partner in its niche. Technically, the site is built on WordPress using the Avada theme and Yoast SEO plugin, indicating a modern CMS approach but lacks HTTPS support, which is a significant security concern. The absence of a valid SSL certificate exposes users to potential data interception risks and undermines trust. Privacy compliance is well addressed with a clear cookie consent mechanism and a comprehensive privacy policy. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

U

unit-IT Dienstleistungs GmbH & Co KG

unit-it.at

20

unit-IT Dienstleistungs GmbH & Co KG is a medium-sized Austrian IT services company specializing in SAP solutions, IT operations, infrastructure, and mobile solutions. The company targets the Austrian mid-market and benefits from its international affiliation with the parent company Atos. Their website presents a professional image with clear service offerings, references, and certifications, positioning them as a trusted regional player in the technology sector. Technically, the website is built on WordPress with common plugins and frameworks, but suffers from a critical lack of HTTPS and modern TLS support, which significantly impacts its security posture. Privacy compliance is well managed with comprehensive privacy and cookie policies and a consent mechanism. Contact information and social media presence are clearly provided, enhancing business credibility. Overall, the website is functional and professional but requires urgent security improvements to protect user data and build trust.

M

MP Corporate Finance GmbH

mpcf.net

33

MP Corporate Finance GmbH is a market-leading industrial M&A advisory firm based in Vienna, Austria. They specialize in maximizing shareholder value through dedicated sector teams and have a strong track record of over 700 projects worldwide. Their services cover buy-side, sell-side, capital raise, carve-out, and private equity lifecycle management, targeting corporates, family businesses, and financial sponsors in industrial sectors. The website is professionally designed, multilingual, and optimized for SEO and accessibility, reflecting a mature digital presence. However, the lack of a valid SSL certificate and HTTPS configuration significantly undermines their security posture, exposing users to risks. Security headers are well configured, but the absence of modern TLS protocols and strong cipher suites is a critical vulnerability. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Overall, the business credibility is high, but urgent improvements in SSL/TLS security are recommended to protect client data and maintain trust.

P

Paul Lange Austria

thalinger-lange.com

38

Paul Lange Austria operates as a specialized wholesaler and supplier for the Austrian bicycle and fishing retail markets, providing a wide range of accessories and components from well-known brands such as Shimano. The company supports its dealer network with training, catalogs, and online portals, positioning itself as a key regional player with a professional digital presence. The website is built on WordPress with Elementor and incorporates modern SEO and UI tools, reflecting a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS significantly undermines the site's security posture, exposing users to risks and potentially impacting trust. While cookie consent mechanisms and privacy policies are in place, the lack of advanced security headers and modern TLS protocols indicates room for improvement in security practices. Overall, the business appears legitimate and well-established, but urgent remediation of SSL/TLS issues is recommended to enhance security and compliance.

U

UNiQUARE Software Development GmbH

uniquare.com

22

UNiQUARE Software Development GmbH is an Austrian company specializing in software solutions for customer-centric banking, with 36 years of experience. The company offers digitized, integrated end-to-end banking processes and provides a complete service package including software development, integration, implementation, and maintenance. Their market position is strong within the banking sector, serving over 1,500 financial institutions and 200,000 users across three continents. The website reflects a professional and comprehensive digital presence with clear business information and customer testimonials. Technically, the site is built on WordPress with Elementor and related plugins, optimized for SEO and mobile use, but suffers from slow performance and basic accessibility.

M

MH|Direkt

mhdirekt.com

25

MH|Direkt is a mature and established e-commerce fulfillment service provider based in Austria with over 28 years of experience. The company operates multiple fulfillment centers across Austria, Germany, and the UK, offering comprehensive services including warehousing, packaging, cross-border shipping, personalization, and API integration. Their business model focuses on supporting online shops to efficiently manage logistics and shipping across Europe, including direct market entry into Switzerland. The website reflects a professional and well-branded digital presence with extensive content and customer testimonials, positioning MH|Direkt as a reliable partner in the e-commerce logistics sector. Technically, the website is built on WordPress using popular plugins and frameworks such as Elementor, Gravity Forms, and WP Rocket. It integrates multiple marketing and analytics tools including Google Analytics, Google Ads, Facebook Pixel, and LinkedIn Insight Tag, indicating a mature digital marketing strategy. The site is mobile-optimized and SEO-friendly, though performance is moderate and accessibility features are basic. From a security perspective, the website lacks a valid SSL certificate, which is a critical issue impacting user trust and data security. Other security best practices such as HSTS, DNSSEC, and domain protection locks are not implemented, reducing the overall security posture. No explicit security or incident response policies are published on the site. Privacy and cookie policies are present and appear GDPR compliant, with consent mechanisms in place. Overall, MH|Direkt presents a credible and professional business with strong market positioning in e-commerce fulfillment. However, the lack of HTTPS and some security best practices pose risks that should be addressed promptly to enhance trust and compliance. Strategic recommendations include immediate SSL certificate installation, enabling HSTS and DNSSEC, and publishing security policies to improve transparency and security culture.

hoog.at is a small, community-driven alternative social network and blog platform primarily focused on social activism, photography, and personal projects by Wolf Hoog and collaborators. The website targets a German-speaking audience interested in social causes and alternative culture. It leverages WordPress with BuddyPress and ActivityPub plugins to provide social networking features and content sharing. The site has a moderate market position within its niche and maintains a consistent, good-quality content offering with active social media channels. Technically, the site runs on Apache and is hosted by easyname.eu, but suffers from a lack of valid SSL/TLS certificates, resulting in insecure HTTP connections. Performance data is missing, and mobile optimization is basic. Security posture is weak due to missing HTTPS, lack of strong security headers, and no modern TLS protocols enabled. Privacy compliance is minimal, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Business credibility is moderate, supported by consistent domain registration and social media presence but limited direct contact information. Overall, the site is functional but requires significant security and privacy improvements to enhance user trust and compliance.

B

BELFOR

belfor.com

40

BELFOR is a global leader specializing in disaster recovery and property restoration services, serving a worldwide audience with a strong presence across multiple countries. The website is built on WordPress and leverages modern SEO tools like Yoast, with Cloudflare providing hosting and CDN services. Despite a professional design and good content relevance, the site lacks a valid SSL certificate, which significantly impacts its security posture. The cookie consent mechanism is implemented, indicating some level of privacy compliance, but explicit privacy policies and terms of service are not found in the provided content. Social media integration and global office listings enhance business credibility. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols is a critical weakness. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

V

VOQUZ Group

voquz.com

38

VOQUZ Group is a well-established international IT service provider headquartered in Germany, with over 40 years of experience and more than 300 employees. The company serves both private and public sectors, offering a broad range of IT services including software development, SAP consulting, infrastructure planning, project management, and software testing. It operates through specialized subsidiaries such as VOQUZ Public and VOQUZ IT Solutions, targeting public administration and private enterprises respectively. The website reflects a professional and consistent brand presence with good content quality and clear navigation.

F

Federico Solutions

federico.pro

28

Federico Solutions operates a professional website focused on design, prototyping, and manufacturing services, targeting businesses seeking custom solutions. The company presents a mature market presence with a domain registered since 2009 and consistent branding. Technically, the site is built on WordPress using the Divi theme and integrates SEO and analytics tools, but lacks HTTPS, which is a significant security gap. The security posture is weak due to the absence of SSL/TLS encryption and modern security headers, exposing users to potential risks. Privacy compliance is addressed with cookie consent mechanisms and a privacy policy, though direct contact details are limited to a contact form. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

S

SPIDI Friedl & Partner Unternehmensberatungs GmbH

spidi.at

28

SPIDI Friedl & Partner Unternehmensberatungs GmbH operates a professional language and intercultural learning institute based in Vienna, Austria. The company offers a broad portfolio of language courses, including group and individual training, online courses, and certification test centers such as ÖSD and Linguaskill. The business targets both private individuals and corporate clients, positioning itself as a quality provider in adult education with recognized certifications. The website reflects a mature digital presence built on WordPress with modern SEO and consent management tools, supporting GDPR compliance. However, the absence of a valid SSL certificate undermines the security posture and user trust. The company maintains clear contact channels and social media engagement, enhancing business credibility.

E

EDITORIAL. LOGÍSTICA .LA

logistica.la

36

EDITORIAL. LOGÍSTICA .LA is a specialized editorial platform focused on logistics and supply chain management in Latin America, providing professional content, industry insights, and resources primarily in Spanish. The website is hosted on WordPress.com, leveraging WordPress CMS and related technologies such as Jetpack and Gutenberg. The site targets professionals, academics, and students interested in logistics and SCM, with a small but engaged subscriber base. Technically, the site uses modern web technologies but suffers from a critical lack of valid SSL/TLS configuration, exposing users to potential security risks. Privacy compliance is basic, with cookie consent implemented but no explicit privacy policy or terms of service found. The domain is mature and well-protected, registered with GoDaddy, supporting the site's legitimacy. Overall, the site offers valuable content but requires urgent security improvements to protect visitors and enhance trust.

A

Amadeus International School Vienna

amadeus-vienna.com

28

Amadeus International School Vienna is a well-established private international school offering IB education and boarding services with a unique integrated Music and Arts Academy. The school targets international students and families seeking high-quality education in Vienna. The website is professionally designed with rich content and multimedia, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and frameworks, but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are implemented with consent mechanisms, supporting GDPR compliance. Contact information is clearly presented, enhancing business credibility. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

D

dmcgroup

dmcgroup.eu

24

dmcgroup is a design and digital agency specializing in strategic consulting, branding, UX/UI design, and web and software development. Positioned as a top-ten brand agency in Austria with notable industry rankings, it serves a diverse clientele including national and international companies. The website reflects a professional and consistent brand image with comprehensive service offerings and strong trust indicators such as reputable client logos and industry recognition. Technically, the site is built on WordPress with modern frontend libraries and caching mechanisms, but lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented, and privacy policies are present and GDPR compliant, though cookie consent mechanisms are not evident. Overall, the security posture is basic and requires urgent improvements to protect user data and enhance trust. The website is accessible and well-structured, with good mobile optimization and SEO practices, but performance metrics are missing and inferred to be slow. Strategic recommendations include immediate SSL deployment, enabling modern TLS protocols, enhancing security headers, and implementing cookie consent mechanisms to improve compliance and user trust.

Schullin Wien is a well-established luxury jewelry and watch retailer based in Vienna, Austria, with a rich family tradition dating back to 1802 and formal business founding in 1974. The company specializes in fine jewelry design and manufacturing, luxury watch sales including Rolex, and certified pre-owned Rolex watches. Their market position is strong within the luxury retail sector, targeting affluent customers seeking unique and high-quality pieces. The website reflects a mature digital presence with multilingual support, rich content, and integration of modern web technologies such as WordPress, WooCommerce, Alpine.js, and Swiper.js. Marketing and analytics tools like Google Analytics, Facebook Pixel, and Adobe Analytics are actively used with GDPR-compliant cookie consent mechanisms in place. However, the security posture is significantly weakened by the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical vulnerability that undermines user trust and data protection. The site employs standard security headers but lacks advanced protections such as HSTS and OCSP stapling. Overall, the business credibility and content quality are high, but urgent remediation of SSL/TLS issues is necessary to ensure secure user interactions and compliance with best practices.

A

AXIS Flight Training Systems GmbH

axis-simulation.com

38

AXIS Flight Training Systems GmbH is a medium-sized Austrian company specializing in the design and manufacture of advanced flight simulation solutions, including full flight simulators and training devices that comply with international aviation standards such as EASA, FAA, and ICAO. Founded in 2004, AXIS positions itself as an innovator in the flight simulation industry, emphasizing quality, efficiency, and responsiveness to customer needs. The company maintains ISO 9001-2015 certification and has committed to CO2 neutrality since 2021, reflecting corporate responsibility values. Technically, the website is built on WordPress with Elementor and integrates various plugins for event management, galleries, and cookie consent. The site uses Google Analytics and Google Ads for analytics and marketing, with a compliant cookie consent mechanism in place. However, the website lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability. The DNS configuration shows some malformed CAA records, and no modern TLS protocols are enabled, exposing the site to potential security risks. Security posture is weak due to the absence of HTTPS and related security headers, although no active vulnerabilities or malware were detected. Privacy compliance is strong, with clear privacy and cookie policies and user consent mechanisms. Business credibility is high, supported by detailed company information, social media presence, and trust indicators such as certifications and CO2 neutrality. Overall, the website is professional and content-rich but requires urgent security improvements, particularly SSL/TLS implementation, to protect user data and enhance trustworthiness.

D

Die Grünen

gruene.at

36

Die Grünen Austria is a well-established political party focused on environmental protection, social justice, and green policies. The website serves as a comprehensive platform for information dissemination, event promotion, and member engagement, targeting Austrian citizens interested in green politics. The site is professionally designed with excellent content quality, clear navigation, and strong branding consistency. Technically, it is built on WordPress with modern frameworks and uses Cloudflare for hosting and CDN services. However, the absence of a valid SSL certificate and HTTPS significantly weakens its security posture. Privacy compliance is well addressed through GDPR-compliant consent management and detailed privacy policies. Overall, the site is trustworthy and credible but requires urgent security improvements.

A

Arzneiwerk AG

teles.com

38

Arzneiwerk AG is a healthcare company specializing in securing the supply of newly developed or rare specialty pharmaceuticals across Europe. The company maintains a professional online presence focused on investor relations and business transparency. The website is built on WordPress using Elementor and includes SEO and cookie consent tools, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS support represents a significant security gap, exposing users to potential risks. Privacy policies are present and GDPR compliant, but no explicit security or incident response policies are found. Overall, the business appears legitimate and consistent with its domain registration and content, but security improvements are critical to enhance trust and compliance.

C

CATRO Personalberatung und Media GmbH

catro.com

22

CATRO Personalberatung und Media GmbH is an Austrian company specializing in personnel consulting and media services, offering a range of services including personnel search, applicant management, suitability diagnostics, and online learning platforms. The company targets businesses seeking professional support in human resources and media-related services. The website is built on WordPress with a modern tech stack including Apache server, LiteSpeed cache, and various JavaScript libraries. While the site is well-designed, mobile-optimized, and SEO-friendly, it lacks a valid SSL certificate, which is a critical security vulnerability. The company demonstrates good privacy compliance with a comprehensive privacy policy and cookie consent mechanism. However, there is no explicit security policy or incident response information available on the site. Overall, the website is professional and trustworthy but requires urgent improvements in its security posture to protect user data and enhance trust.

C

Caterpillar Energy Solutions GmbH

mwm.net

28

MWM, operating under Caterpillar Energy Solutions GmbH, is a well-established company specializing in highly efficient and environmentally friendly combined heat and power plants and block heating power plants. With over 150 years of experience, the company offers a broad portfolio of gas engines and power generation solutions targeting industrial, commercial, and public utility sectors globally. The website reflects a mature digital presence with comprehensive product and service information, supported by a global service and sales network. Technically, the site is built on WordPress with common libraries and plugins, but suffers from a critical lack of a valid SSL certificate, which severely impacts its security posture. Privacy policies and GDPR compliance are well addressed, and contact is primarily via web forms. Overall, the site is professional and trustworthy but requires urgent security improvements.

R

Raiffeisen Informatik GmbH & Co KG

raiffeiseninformatik.at

40

Raiffeisen Informatik GmbH & Co KG is a well-established IT service provider specializing in comprehensive IT solutions for financial and insurance sectors, with over 50 years of experience and a strong presence in Austria and neighboring countries. The company offers a broad range of services including data center operations, security services, IT consulting, and banking and insurance solutions. Their business model focuses on close collaboration with clients from planning through operation, supported by a large workforce and significant annual revenue. Technically, the website is built on WordPress with Apache server infrastructure and uses Cloudflare for DNS, but critically lacks a valid SSL certificate, exposing it to security risks. Security headers are implemented, but without HTTPS the security posture is severely weakened. Privacy compliance is basic with no visible cookie consent or incident response information. Overall, the website is professional and content-rich, but the lack of HTTPS is a major security concern that must be addressed urgently.

Q

Quest Global

quest-global.com

40

Quest Global is a well-established global engineering services provider with over 21,000 employees across 18 countries and 84 centers. The company specializes in delivering end-to-end engineering solutions across multiple industries including aerospace, automotive, healthcare, and energy. Their business model focuses on B2B partnerships with large enterprises, leveraging digital and embedded engineering expertise to solve complex engineering challenges. The website reflects a professional and comprehensive digital presence with strong branding and trusted partnerships with major technology companies such as NVIDIA, Microsoft, AWS, and Google Cloud. Technically, the website is built on WordPress with Elementor and hosted on WP Engine behind Cloudflare CDN. It uses modern marketing and analytics tools like HubSpot and Google Tag Manager. However, performance metrics are not provided, and the site shows signs of slow loading. Mobile optimization and SEO are good, but accessibility is basic. From a security perspective, the site has several strong security headers implemented, but critically lacks a valid SSL/TLS certificate and does not support any TLS protocols, which is a major vulnerability. This significantly reduces the security posture and exposes users to risks. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms in place, but no explicit security policy or incident response contacts are found. Overall, the website is professional and credible but urgently needs to address its SSL/TLS configuration to ensure secure communications and improve trustworthiness. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, enhancing security headers, and publishing explicit security and incident response policies.

M

MPG GmbH

michael-pachleitner-group.com

27

MPG GmbH is an established Austrian eyewear company specializing in manufacturing and retail of optical frames and lenses, serving both B2B and B2C markets. The company operates multiple subsidiaries and maintains a professional online presence with multilingual support and structured data. Technically, the website is built on WordPress using Elementor and Yoast SEO, integrating marketing tools such as Google Tag Manager and Facebook Pixel. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing users to potential risks. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the business demonstrates credibility and maturity, but security posture requires urgent improvement to align with best practices.

Merit Group Limited is a UK-based B2B data and intelligence company specializing in technology-driven data capture and analysis to provide high-quality business and political intelligence. The company operates through subsidiaries including Dods Group Limited and Merit Data & Technology Limited, serving clients primarily in the UK and Europe. The website presents a professional image with clear business descriptions and subsidiary links, targeting business clients seeking data intelligence solutions. Technically, the site is built on WordPress, hosted on WP Engine with Cloudflare CDN, and uses common plugins and libraries such as jQuery and Genesis Blocks. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security deficiency. Privacy and cookie policies exist but lack advanced consent mechanisms, and no incident response or security policies are published. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

T

Therefore Corporation

therefore.net

31

Therefore Corporation operates a comprehensive information management platform targeting businesses across multiple industries. The company positions itself as a market leader in ECM and workflow automation, offering a wide range of software solutions designed to improve document management, workflow digitization, and data accessibility. Their website reflects a mature digital presence with professional design, rich content, and clear navigation. Technically, the site is built on WordPress with modern optimization plugins and uses Google Tag Manager for analytics. However, the absence of a valid SSL certificate is a significant security gap, undermining the otherwise strong security headers and policies. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the business credibility is high, supported by certifications, partner relationships, and extensive case studies.

E

Ecker & Partner

eup.at

24

Ecker & Partner is a well-established PR and Public Affairs agency based in Vienna, Austria, offering a broad range of communication services including crisis communication, litigation PR, digital content, and storytelling. The company positions itself as a leading agency in its sector with a strong network and long-standing client relationships. Technically, the website is built on WordPress with common marketing and analytics integrations but suffers from a critical lack of a valid SSL certificate, resulting in insecure HTTP connections. The site is content-rich and professionally designed but experiences slow load times and lacks some security best practices. Privacy compliance is partial, with a cookie consent banner present but no visible privacy policy page. Overall, the business credibility is high, but the security posture requires urgent improvement to protect user data and trust.

A

Amiblu Group

amiblu.com

25

Amiblu Group operates as the world's largest producer and technology partner for GRP (glass-fiber reinforced plastics) pipe systems, focusing on sustainable water infrastructure solutions. The company targets urban and rural communities, industries, and infrastructure planners, offering a broad portfolio of pipe products, technical documentation, and reference databases. Their market position is strong, supported by certifications such as EcoVadis and partnerships like the UNESCO World Engineering Day 2025. The website reflects a mature, well-established business with a professional and consistent brand presence. Technically, the website is built on WordPress with a modern tech stack including caching and multilingual support. However, performance is moderate and accessibility is basic. The site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security flaw. Security headers are minimal, and no advanced security policies are implemented. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The security posture is weak due to the absence of HTTPS and modern TLS protocols, exposing users to potential risks. No incident response or security policy information is publicly available. The domain registration is consistent and mature, supporting the legitimacy of the business. Overall, the website is professional and content-rich but requires urgent security improvements to protect users and enhance trust.

T

TeCoB GmbH

tecob.at

22

TeCoB GmbH's website is currently under construction and provides minimal information about the company or its services. The site uses WordPress with an under construction plugin and basic frontend technologies such as Bootstrap and Font Awesome. The domain is registered in Austria and DNS records are properly configured, including MX records pointing to Outlook mail protection. However, the website lacks a valid SSL certificate, serving content over HTTP only, which significantly impacts security and trust. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available, limiting user engagement and compliance with data protection regulations. Performance is poor with a very slow load time, and no analytics or tracking technologies are detected.

W

Werner Mertz Professional

wmprof.com

31

Werner Mertz Professional is a medium-sized manufacturing company specializing in high-performance hygiene solutions for professional cleaning markets. With over 50 years of history and a strong commitment to sustainability, the company operates under well-known brands such as Green Care Professional and Tana Professional. The website reflects a mature digital presence with comprehensive content, professional design, and strong SEO practices. However, the lack of a valid SSL certificate and proper HTTPS configuration represents a significant security risk that undermines user trust and data protection. The company has implemented cookie consent mechanisms and privacy policies compliant with GDPR, indicating awareness of privacy regulations. Overall, the business is credible and well-positioned in its sector but must urgently address its security posture to meet modern standards.

R

Rosenfelt & West Engineering A/S

rwe.dk

36

Rosenfelt & West Engineering A/S is a Danish engineering company specializing in railway safety systems, including automatic secured level crossings and marshalling yard safety installations. The company offers comprehensive services such as equipment renovation, training courses, and career opportunities within the railway safety sector. Their market position is supported by certifications in environmental management, quality management, and railway safety standards, reflecting a commitment to reliability and compliance. Technically, the website is built on WordPress with common plugins and hosted on a LiteSpeed server, but lacks a valid SSL certificate, which is a significant security concern. The absence of HTTPS and related security headers exposes the site and its visitors to potential risks. Privacy compliance is partial, with a privacy policy present but no cookie policy or consent mechanism detected. Contact information is limited to a phone number and contact page link, with no email addresses or social media profiles found. Overall, the website is professional and content-rich but requires urgent security improvements to protect users and enhance trust.

B

BBMRI-ERIC

bbmri-eric.eu

26

BBMRI-ERIC is a European research infrastructure focused on biobanking and biomolecular resources, supporting researchers in health and life sciences to find new treatments. Established in 2013 and headquartered in Graz, Austria, it provides a range of services including a directory of biobank metadata, federated platforms for privacy-preserving data queries, and quality management. The website reflects a mature organization with consistent branding and professional content aimed at the scientific community. Technically, the site is built on WordPress with a variety of plugins supporting SEO, newsletter management, and social media integration. However, the site lacks HTTPS and a valid SSL certificate, which is a critical security vulnerability. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy but requires urgent security improvements to protect user data and maintain credibility.

F

Fenster. Türen. KATZBECK.

katzbeck.at

35

KATZBECK FensterGmbH Austria is a well-established manufacturer specializing in high-quality, custom windows and doors produced exclusively in Austria since 1950. The company emphasizes sustainability, regional production, and premium craftsmanship, targeting both end consumers and professional partners within Austria. Their website reflects a mature digital presence built on WordPress with the Divi theme, incorporating modern web technologies and user-friendly design. However, a critical security gap exists due to the absence of an SSL/TLS certificate, exposing users to potential risks. The site implements GDPR-compliant privacy and cookie policies, with clear contact channels and a professional content structure. To enhance trust and security, immediate implementation of HTTPS and additional security headers is recommended.

A

American Austrian Foundation

aaf-online.org

22

The American Austrian Foundation is a well-established non-profit organization dedicated to fostering knowledge transfer and experience exchange in medicine, culture, and media through fellowship programs and bilateral exchanges. The website reflects a professional and consistent brand with clear program offerings and international reach. Technically, the site is built on WordPress with Elementor and uses modern web technologies, but suffers from a critical lack of HTTPS, which undermines security and user trust. The security posture is weak due to the absence of a valid SSL certificate and missing security headers, although no major vulnerabilities were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Business credibility is strong, supported by trust badges and consistent WHOIS data. Overall, the site is functional and informative but requires urgent security improvements to protect users and enhance trust.

V

Virtual Identity AG

virtual-identity.com

35

Virtual Identity AG is a well-established digital agency founded in 1999, specializing in AI integration, UX design, software engineering, and digital marketing services. The company targets businesses aiming for digital transformation and human-centered business growth. Their market position is strong, supported by a reputable client portfolio and consistent branding. Technically, the website is built on WordPress, hosted on AWS CloudFront, and uses modern JavaScript libraries and SEO tools, though performance is moderate. Security posture is currently weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which poses risks to data confidentiality and user trust. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional and trustworthy but requires urgent security improvements to meet modern standards.

A

automate-it

a-it.cc

32

automate-it is an Austrian software and services company specializing in datacenter automation and hybrid cloud management through its LEON platform. The company has established a solid market presence with active customers in EMEA and partnerships with notable firms such as BMC Software. The website reflects a professional business focus with comprehensive content describing their automation and SecOps solutions. Technically, the website is built on WordPress with modern plugins and SEO optimizations but lacks HTTPS support, which is a critical security deficiency. Security headers are well configured, but the absence of SSL/TLS and HSTS significantly lowers the security posture. Privacy and cookie policies are present and GDPR compliant, though no explicit security or incident response policies are published. Overall, the website is functional and professional but requires urgent security improvements to enhance trust and compliance.

M

Mississippi University for Women

muw.edu

33

Mississippi University for Women (The W) is a public co-educational university founded in 1884, offering a broad range of undergraduate and graduate programs with a strong emphasis on academic excellence and leadership development. The university holds a solid market position in the southern United States, recognized for low student debt and transfer student friendliness. The website reflects a professional and comprehensive digital presence, targeting prospective and current students, faculty, staff, and alumni. The content is rich, well-structured, and supported by active social media channels and event management tools.

W

WELLCON

wellcon.at

22

Wellcon is an established Austrian company specializing in occupational health, safety, and workplace wellness services. With 25 years of experience and multiple locations, it serves companies seeking comprehensive occupational medicine, psychology, and safety technology solutions. The website is professionally designed using WordPress and Elementor, featuring good content quality and SEO optimization. However, the technical infrastructure lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism despite the use of Matomo analytics. Contact information is not explicitly provided on the homepage or footer, limiting direct communication channels. Overall, the business credibility is strong, but the security posture requires urgent improvement to protect user data and enhance trust.