Security Directory

C

Celerion

celerion.com

40

Celerion is a well-established clinical research organization specializing in translational medicine and early drug development services. The company offers a broad range of clinical research solutions, bioanalytical sciences, and regulatory affairs support, targeting pharmaceutical and biotech companies globally. Their website reflects a mature business with consistent branding, good content quality, and a clear focus on their specialized healthcare sector. Technically, the site is built on WordPress and hosted on Pantheon, utilizing modern marketing and analytics tools such as Google Tag Manager, Pardot, and LinkedIn Insight Tag. However, the website suffers from a critical security deficiency due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture and trustworthiness of the site. Privacy and cookie policies are present with consent mechanisms, but no explicit security or incident response policies are found. WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, while the business and content quality are strong, the lack of proper SSL/TLS security is a major concern that should be addressed promptly.

C

Cumulo IT Solutions GmbH

cumulo.at

31

Cumulo IT Solutions GmbH is a specialized IT consulting firm based in Linz, Austria, founded in 2011. The company focuses on network infrastructure, identity and access management, WLAN solutions, and managed IT services targeting businesses, universities, and other institutions. Their market position is that of a trusted expert provider with a strong emphasis on quality and customer satisfaction, supported by certifications and client testimonials. Technically, the website is built on a modern WordPress platform with WooCommerce and Divi theme, integrating analytics and GDPR compliance tools. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security weakness that undermines the overall security posture. Privacy policies and cookie consent mechanisms are well implemented, reflecting good compliance with GDPR. Overall, the business demonstrates strong credibility and professionalism but must urgently address its SSL/TLS security to improve trust and security.

A

Atempo

atempo.com

40

Atempo is a mature technology company founded in 1997 specializing in data management solutions for mid-sized and corporate organizations globally. Their offerings include data protection, migration, archiving, and endpoint/server protection, targeting industries such as banking, life sciences, research, and media. The website is built on WordPress with modern plugins and technologies, hosted on OVHcloud, but lacks HTTPS which is a critical security gap. Privacy and cookie policies are comprehensive and GDPR compliant with active consent management. The security posture is weak due to missing SSL/TLS and security headers, exposing users to risks. Business credibility is supported by customer testimonials, case studies, and active social media presence. Overall, the site is professional and content-rich but requires urgent security improvements.

A

Applied Chemicals International AG

acat.com

30

Applied Chemicals International AG operates as a medium-sized international chemical supplier specializing in innovative chemical products and technologies for wastewater treatment, paper production, and specialty industrial chemicals. The company maintains multiple offices across Europe and Africa, serving industrial clients with a B2B business model. Their website is professionally designed, multilingual, and optimized for SEO, reflecting a mature digital presence. However, the absence of a valid SSL certificate and HTTPS support significantly undermines their security posture. While security headers and content security policies are implemented, they are weakened by permissive settings and lack of modern TLS protocols. Privacy compliance is addressed with clear privacy and cookie policies, and contact information is readily available. Overall, the company presents a credible business front but must urgently address critical security gaps to protect user data and maintain trust.

C

Choctaw Casinos & Resort

choctawcasinos.com

37

Choctaw Casinos & Resort operates a network of casino and resort properties primarily in Oklahoma, offering gaming, hospitality, live entertainment, dining, and rewards programs. The business is positioned as a regional leader with a strong brand presence and a focus on customer experience. Technically, the website is built on WordPress, hosted on WP Engine, and uses modern web technologies and third-party integrations such as Google Tag Manager and Vimeo. However, the absence of a valid SSL certificate and HTTPS support is a critical security vulnerability that undermines user trust and data protection. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance practices. Overall, the website is professionally designed and content-rich but requires urgent security improvements to meet modern standards.

I

ICSL GmbH

icsl.at

35

ICSL GmbH is a specialized provider of secure communication systems, focusing on high-quality, NATO-approved solutions such as Silentel and SecuSUITE. With over 20 years of experience and 13 years dedicated to secure communication, ICSL positions itself as a trusted partner for government and enterprise clients requiring robust security. The website reflects a professional and consistent brand image, targeting a niche market with a clear business model centered on consulting and secure communication services. Technically, the site is built on WordPress with a modern plugin ecosystem, but suffers from critical security shortcomings due to an invalid SSL certificate and lack of HTTPS, which significantly impacts its security posture. Privacy and legal compliance are well addressed with accessible policies and cookie consent mechanisms. Overall, ICSL demonstrates strong business credibility but must urgently address its SSL/TLS configuration to enhance trust and security.

A

ACI Worldwide

aciworldwide.com

40

ACI Worldwide is a mature, enterprise-level financial technology company specializing in global payments software and solutions. The company offers a broad portfolio of services including payments orchestration, fraud management, bill pay, and real-time payments, targeting banks, merchants, and billers worldwide. The website reflects a strong market position with extensive customer testimonials, partner logos, and a global reach across 95 countries. Technically, the site is built on WordPress hosted on WP Engine with Cloudflare CDN, leveraging modern marketing and analytics tools such as Google Tag Manager, Hotjar, and HubSpot. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture score. Security headers and content security policies are well implemented, but the lack of HTTPS is a major vulnerability. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional, content-rich, and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

K

Kellner & Kunz AG

reca.co.at

33

Kellner & Kunz AG, part of the RECA Group, is a leading specialist in C-parts management with a strong presence across Europe. The company offers a comprehensive range of over 140,000 quality products and services tailored to industry and trade sectors, supporting customers in optimizing their work processes and gaining competitive advantages. Their business model focuses on B2B supply and service, leveraging an extensive network of subsidiaries and partners across multiple countries. Technically, the website is built on WordPress with modern technologies such as Vue.js for search, Algolia, and Factfinder integrations, providing a good user experience with responsive design and SEO optimization. However, the site suffers from a critical security issue due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts its security posture. Security headers are well implemented, and privacy policies are comprehensive and GDPR compliant, but the lack of proper SSL/TLS encryption is a major vulnerability. The site uses standard tracking tools like Google Analytics and Facebook Pixel with moderate user tracking levels and appropriate consent mechanisms. Overall, the website is professional and trustworthy in content and business representation but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include immediate SSL/TLS certificate installation, enabling HSTS, and improving security configurations.

I

Interlingua Language Services ILS GmbH

interlingua.at

31

Interlingua Language Services ILS GmbH is a professional translation service provider based in Vienna, Austria, offering certified language services in over 90 languages. The company holds ISO certifications (EN ISO 17100 and EN ISO 9001:2015), positioning itself as a reliable and quality-focused player in the language services market. Their website is content-rich, professionally designed, and targets both business and private customers seeking translation, localization, and related services. Technically, the website is built on WordPress with modern plugins and multilingual support, but suffers from a critical lack of a valid SSL certificate, which undermines its security posture. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good GDPR compliance. Overall, the business demonstrates strong credibility through certifications, testimonials, and clear contact information.

Ocean Maps GmbH is a specialized engineering company focused on surveying, visualization, and application solutions primarily for the energy and construction sectors. Their services include underwater surveying using advanced sonar systems, UAV and laser scanning for aerial data collection, and custom software development for digital twins and GIS data visualization. The company positions itself as a leader in precise data acquisition and intuitive data presentation, targeting industry professionals requiring accurate and actionable spatial data. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their target audience. Technically, the website is built on WordPress with a modern plugin ecosystem including Colibri Page Builder and TranslatePress for multilingual support. It integrates Google Analytics and AddThis for analytics and social sharing. However, the site lacks a valid SSL certificate, serving content over HTTP only, which is a significant security concern. DNS records appear misconfigured or missing, which could impact domain resolution and email services. Performance data is unavailable, but the site appears mobile-optimized and SEO-friendly. From a security perspective, the absence of HTTPS and missing DNS records are critical vulnerabilities that reduce trust and expose users to risks. While no direct vulnerabilities or malware are detected, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism aligned with GDPR requirements. Overall, Ocean Maps GmbH presents a credible and professional business with strong domain expertise but requires urgent improvements in technical security infrastructure to protect users and enhance trust. Strategic recommendations include immediate SSL certificate installation, DNS configuration correction, and implementation of security best practices to elevate the security posture and compliance maturity.

L

Lürzer's Archive

luerzersarchive.com

35

Lürzer's Archive is a well-established media company specializing in providing a comprehensive archive and magazine platform for advertising professionals worldwide. With over 30 years of curated creative content, it serves as a leading resource for creatives, agencies, and industry stakeholders. The website offers subscription services, a searchable archive of print campaigns, TV commercials, and digital designs, as well as a profiles platform connecting creatives and agencies. Technically, the site is built on WordPress with WooCommerce and leverages Cloudflare CDN for performance and security. However, the absence of a valid SSL certificate and HTTPS significantly undermines its security posture. While the site includes privacy and terms policies, cookie consent mechanisms and explicit security policies are lacking, indicating room for compliance improvements. Overall, the site is professionally designed with rich content but requires urgent security enhancements to protect user data and maintain trust.

F

FLOCERT GmbH

flocert.net

39

FLOCERT GmbH is a globally recognized certification and social auditing body, primarily serving as the sole certifier for Fairtrade products. Established in 2003 and based in Germany, FLOCERT offers a comprehensive suite of services including Fairtrade and EDGE certification, social audits, and customized sustainability programs. Their mission centers on promoting fairness in global trade, ensuring ethical business practices, and supporting sustainable development across diverse sectors. The website reflects a mature digital presence with rich content, multi-language support, and strong branding aligned with their non-profit sector focus. Technically, the site is built on WordPress with modern SEO and marketing tools, but currently lacks a valid SSL certificate, which significantly impacts its security posture. Despite this, the site maintains good privacy compliance with clear policies and consent mechanisms. The absence of HTTPS and modern TLS protocols is a critical security gap that should be addressed promptly to protect user data and enhance trust. Overall, FLOCERT demonstrates a strong market position and credible business model, but must improve its technical security to align with best practices.

E

Erne Fittings GmbH

ernefittings.com

40

Erne Fittings GmbH is a well-established manufacturer of premium quality pipe fittings with over 100 years of experience, serving a global industrial clientele primarily in the manufacturing and energy sectors. The company offers a comprehensive range of products including stock and production programs as well as special-purpose solutions, supported by quality certifications and a dedicated test laboratory. Their website reflects a professional and consistent brand image with clear navigation and multilingual support, targeting industrial distributors and project businesses worldwide. Technically, the site is built on WordPress with modern plugins and hosted behind Cloudflare CDN, but suffers from critical SSL/TLS misconfigurations that undermine secure communications. Security headers are partially implemented, but the lack of a valid SSL certificate and modern TLS protocols significantly lowers the security posture. Privacy compliance is generally good with a comprehensive privacy policy and terms of service, though no cookie consent mechanism is evident. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and maintain trust.

M

MM Group

mm-karton.com

40

MM Group is a global leader in consumer packaging, specializing in cartonboard, folding cartons, kraft papers, uncoated fine papers, leaflets, and labels. The company targets businesses in the packaging and manufacturing sectors, emphasizing sustainability and innovation. Their website reflects a mature digital presence with multilingual support, comprehensive business information, and investor relations transparency. Technically, the site is built on WordPress with modern JavaScript libraries and integrates analytics and consent management tools. However, the security posture is weak due to the absence of a valid SSL certificate and lack of TLS support, which poses risks to data confidentiality and user trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security.

P

Precision Valve & Automation, Inc.

pva.net

39

Precision Valve & Automation, Inc. (PVA) is a medium-sized manufacturing company specializing in precision fluid dispensing, selective conformal coating, and custom automation equipment. The company positions itself as a leader in its niche, serving global manufacturers with a comprehensive product and service offering. Their website reflects a professional and well-structured digital presence, leveraging WordPress CMS with advanced plugins and integrations for marketing, analytics, and user engagement. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks and undermining trust. While privacy compliance is well addressed through cookie consent mechanisms and a comprehensive privacy policy, the lack of HTTPS significantly impacts the overall security posture. Strategic improvements in SSL implementation and security policy transparency are recommended to enhance trust and compliance.

E

EXIAS Medical GmbH

exias-medical.com

39

EXIAS Medical GmbH is a specialized healthcare company founded in 2014, focusing on the development and distribution of analyzers for point-of-care and laboratory applications. The company maintains a professional online presence with detailed product information and a clear business model targeting healthcare professionals and laboratories. Technically, the website is built on WordPress with modern plugins and SEO optimizations, though it suffers from a critical lack of HTTPS, which undermines security. Privacy compliance is strong, with GDPR-aligned cookie consent and a comprehensive privacy policy. The security posture is weak due to missing SSL/TLS and modern security headers, posing risks to user data and trust. Overall, the website is credible and well-structured but requires urgent security improvements to protect visitors and enhance trust.

V

Van Wagner

vanwagner.com

37

Van Wagner is a prominent full-service sports advertising and entertainment agency specializing in creating, connecting, and selling on behalf of world-class sports leagues, teams, colleges, and brands. The company offers a broad range of services including TV-visible signage, event production, college marketing, aerial advertising, and broadcast control center solutions. Their market position is strong, supported by partnerships with major sports leagues and Fortune 500 companies. The website reflects a mature digital presence with professional design, rich content, and effective SEO practices. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Privacy and cookie policies are well implemented, indicating good compliance with GDPR and related regulations. The site leverages modern web technologies and is hosted on a reputable platform, but performance could be improved. Overall, the business demonstrates credibility and professionalism but must address fundamental security issues to enhance trust and protect visitors.

B

Big Brothers Big Sisters of America

bbbs.org

32

Big Brothers Big Sisters of America is a large, well-established non-profit organization dedicated to youth mentoring across the United States. The website provides comprehensive information about their programs, impact, and notable individuals associated with the organization. The technical infrastructure is based on WordPress with modern web technologies and analytics tools, hosted on Pantheon. While the site is professionally designed and content-rich, it suffers from a critical security issue due to the lack of a valid SSL/TLS certificate and proper HTTPS configuration, which significantly impacts its security posture. Privacy compliance is basic, with no clear cookie consent mechanism detected. Overall, the site is trustworthy and authoritative in its domain but requires urgent security improvements.

T

The Ritz London

theritzlondon.com

35

The Ritz London is a prestigious luxury 5-star hotel located in Mayfair, London, offering premium accommodation, Michelin starred dining, and exclusive services such as chauffeur and butler service. The website reflects a high level of professionalism with rich multimedia content and clear navigation, targeting affluent travelers seeking an iconic hospitality experience. Technically, the site is built on WordPress with WooCommerce and uses common libraries like jQuery and Owl Carousel, hosted behind Cloudflare. However, a critical security issue is the absence of a valid SSL certificate and HTTPS, which significantly impacts the security posture. Privacy and terms policies are present, but no cookie consent mechanism is detected. The business information is consistent and trustworthy, supported by WHOIS data and trust indicators such as the Royal Warrant and affiliation with The Leading Hotels of the World.

L

Ludwig Boltzmann Gesellschaft

rare-diseases.at

35

The Ludwig Boltzmann Institute for Rare and Undiagnosed Diseases (LBI-RUD) is a specialized Austrian research institute focused on investigating rare diseases, particularly those affecting the immune system, blood formation, and nervous system. The institute operated for seven years until March 2023, contributing valuable scientific insights and supporting patients through its research. The website serves as an informational platform targeting researchers, medical professionals, and affected patients, providing news, research areas, and organizational information. The business model is non-profit, funded by grants and public sources, and it operates under the Ludwig Boltzmann Gesellschaft umbrella. Technically, the website is built on WordPress and hosted on servers associated with domaindiscount24.net. While the site has a professional design with good navigation and mobile optimization, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support. This exposes visitors to potential risks and undermines trust. The site uses Matomo analytics for user tracking and includes a cookie consent banner, indicating some level of privacy compliance, though GDPR compliance is not fully evident. Security posture is weak due to missing HTTPS, lack of security headers, and outdated SSL/TLS configurations. No incident response or security policies are publicly disclosed. Contact information is clearly provided, including phone, address, and an obfuscated email address. Social media presence is active across major platforms, enhancing outreach and trust. Overall, the website is functional and informative but requires urgent security improvements to protect users and enhance credibility. Strategic recommendations include implementing HTTPS, improving security headers, and enhancing privacy compliance documentation.

V

VAMED WWH

vamed.com

37

VAMED WWH is a globally recognized provider of modern hospital solutions, specializing in turnkey projects that encompass design, construction, medical equipment supply, and operational support for healthcare facilities. The company has a strong international presence with a portfolio of approximately 1,000 projects across more than 98 countries, serving government health ministries and healthcare providers. The website reflects a professional and comprehensive presentation of their services and project achievements, targeting healthcare infrastructure stakeholders worldwide. Technically, the site is built on WordPress with Elementor and related plugins, offering good mobile optimization and accessibility but suffers from the critical absence of a valid SSL certificate, resulting in no HTTPS support. This significantly impacts the site's security posture and user trust. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the business credibility and content quality are high, but the lack of HTTPS is a major security concern that needs immediate remediation.

Bacardi Limited is the world's largest privately held spirits company, with a rich heritage dating back over 160 years. The company operates globally with a portfolio of over 200 brands and labels, serving a diverse audience including consumers, industry professionals, investors, and job seekers. The website reflects a mature business model focused on brand management, production, distribution, and corporate sustainability initiatives. Technically, the site is built on WordPress, hosted on WP Engine with Cloudflare CDN, and integrates modern marketing and analytics tools such as Google Tag Manager and OneTrust for cookie consent. However, the absence of a valid SSL certificate and lack of HTTPS significantly undermine the site's security posture, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent mechanisms, but explicit security policies and incident response information are missing. Overall, the site is professional and trustworthy but requires urgent security improvements to align with best practices.

E

evolaris next level GmbH

evolaris.net

37

evolaris next level GmbH is a technology-focused company specializing in mobile communication and digital innovation services. Their website highlights their role as a bridge between science and business, offering digital assistance systems, customized solutions, software engineering, user experience design, and research activities. The company targets enterprises seeking to enhance their digital capabilities and innovation potential. The website is professionally designed, with clear navigation and relevant content, supporting their market position as an established innovation center in Austria. Technically, the website runs on WordPress CMS with common plugins such as NextGEN Gallery and EvoSlider, and uses Apache server hosting likely provided by Hetzner. While the site includes Google Analytics for user tracking, performance metrics are not optimal, and mobile optimization is good. However, a critical technical shortfall is the lack of a valid SSL certificate and HTTPS support, exposing users to security risks. From a security perspective, the site lacks HTTPS, HSTS, and modern TLS protocol support, which are fundamental for secure communications. No advanced security headers or incident response contacts are found. The absence of cookie consent mechanisms and limited privacy policy details indicate partial GDPR compliance. The WHOIS data aligns well with the website's business information, supporting legitimacy. Overall, the website presents a moderate risk profile primarily due to missing HTTPS and security best practices. Strategic improvements in SSL configuration, security headers, and privacy compliance would significantly enhance trust and security posture.

CARE Österreich is a well-established non-profit organization focused on humanitarian aid and sustainable development in over 100 countries. The website reflects a professional and content-rich platform targeting donors, partners, and beneficiaries. The technical infrastructure is based on WordPress hosted on WP Engine, utilizing modern plugins and tracking tools with GDPR-compliant cookie consent. However, the absence of a valid SSL/TLS certificate is a critical security flaw that exposes users to risks and undermines trust. While privacy policies and contact information are comprehensive and transparent, the lack of incident response and security policy pages indicates room for improvement in security governance. Overall, the site demonstrates strong business credibility and user experience but requires urgent security enhancements.

Ingraphics Soluções & Imagens is a small digital marketing agency based in the ABC region of São Paulo, Brazil. The company offers a range of services including digital marketing, web design, graphic design, illustration, and campaign management. Their website demonstrates a professional approach with clear service offerings and client testimonials, targeting businesses seeking to improve their digital presence and marketing effectiveness. Technically, the website is built on WordPress using Elementor and integrates marketing tools such as ActiveCampaign and Yoast SEO, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Privacy policies and cookie consent mechanisms are present but basic, with no explicit GDPR compliance or incident response information. Overall, the site is functional and informative but requires urgent security improvements to meet modern standards.

T

Treibacher Industrie AG

treibacher.com

26

Treibacher Industrie AG is a well-established Austrian company specializing in chemical and metallurgical precursors with a global market presence and over 125 years of experience. The website reflects a professional and comprehensive digital presence with detailed product portfolios, sustainability focus, and clear contact information. Technically, the site is built on WordPress with modern plugins for SEO, caching, and cookie management, but critically lacks HTTPS, exposing visitors to security risks. Privacy compliance is well addressed with cookie consent and a detailed privacy policy. The absence of explicit security policies and incident response information suggests room for improvement in security governance. Overall, the site is trustworthy and business credible but requires urgent security enhancements.

GCC is a large multinational company specializing in the production and distribution of cement, concrete, aggregates, and innovative construction products across Mexico, the United States, Latin America, and Canada. The company positions itself as a sustainable and innovative leader in the construction materials industry, targeting construction professionals and businesses. The website is built on WordPress with a modern tech stack including jQuery, Flickity, and integrates analytics and marketing tools such as Google Analytics, Google Tag Manager, and New Relic. While the site is professionally designed, mobile-optimized, and rich in content, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support. Security headers are partially implemented, and privacy compliance is well addressed with clear privacy and cookie policies including consent mechanisms. Contact information and business details are clearly presented, enhancing business credibility. Overall, the site demonstrates strong business and technical maturity but requires urgent remediation of SSL/TLS issues to improve security posture and user trust.

S

Samsung SDI Battery Systems GmbH

samsungsdibs.at

25

Samsung SDI Battery Systems GmbH is a medium-sized company specializing in the development, testing, and industrialization of advanced lithium-ion battery systems for electric and hybrid vehicles. Located in Kalsdorf near Graz, Austria, the company is part of the Samsung SDI family and holds multiple ISO certifications demonstrating a strong commitment to quality, environmental management, information security, and cybersecurity. The website presents a professional and content-rich digital presence targeting automotive OEMs and stakeholders in the e-mobility sector. Technically, the site is built on WordPress with Elementor and uses Matomo for analytics, but lacks HTTPS, which is a critical security shortfall. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the company shows a strong market position in energy and transportation sectors with a focus on sustainability and innovation.

J

JUDO.eu

judo.eu

26

JUDO.eu is a well-established German company specializing in water treatment solutions, with a history dating back to 1936. The company offers a broad range of products including protective filters, softening systems, lime protection, dosing pumps, leakage protection, wellness, heating protection, and smart home water solutions. Their market position is strong with a focus on innovation and sustainability, targeting both professional and consumer markets internationally. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and various plugins for SEO, cookie management, and user interaction. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security weakness. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

Ö

ÖAR GmbH

oear.at

24

ÖAR GmbH is a consulting company specializing in regional development, organizational cooperation, and evaluation services primarily targeting organizations, communities, and regions. The company positions itself as a professional and experienced niche player with international reach, supported by a well-structured and content-rich website. Technically, the site is built on WordPress with common plugins and libraries, but suffers from a lack of HTTPS and valid SSL certificate, which significantly impacts its security posture. Privacy and legal compliance are well addressed with clear policies and contact information. Overall, the website is professional and trustworthy but requires urgent improvements in security to protect user data and enhance trust.

H

Heller Consulting

teamheller.com

27

Heller Consulting is a mature and reputable technology consulting firm specializing in nonprofit and higher education sectors. They provide tailored technology strategies and implementations focusing on platforms such as Salesforce, Microsoft, and Blackbaud. The company has a strong market position supported by client testimonials, certifications like Certified B Corporation, and partnerships with major technology providers. Technically, the website is built on WordPress with modern plugins and SEO tools, offering good mobile optimization and accessibility. However, the absence of HTTPS is a critical security gap, exposing users to potential risks. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the business credibility is high, but security posture needs urgent improvement to protect user data and enhance trust.

K

Kaleidoscope GmbH

kaleidoscope.at

27

Kaleidoscope GmbH is a medium-sized technology company specializing in terminology management, quality management, translation, and documentation services. They provide a comprehensive suite of software and consulting services aimed at enabling businesses to communicate content globally in a consistent and efficient manner. Their market position is supported by long-standing client relationships and partnerships with technology providers such as Eurocom, Congram, and Greatcontent. The website is professionally designed, content-rich, and optimized for SEO, targeting companies seeking global content solutions. Technically, the site is built on WordPress with modern plugins and themes but lacks a valid SSL certificate, which is a significant security concern. The security posture is basic with several missing best practices, including HTTPS and TLS support. Privacy compliance is well addressed with cookie consent and privacy policies in place. Overall, the site is trustworthy but requires urgent security improvements.

P

PARTNER Consulting+Projects GmbH

partner-cp.com

39

PARTNER Consulting+Projects GmbH is a specialized consulting and project realization company serving cultural institutions and museums primarily in Austria and beyond. With over 30 years of experience, the company offers comprehensive services including consulting, project management, sustainability solutions, and interim management. Their market position is well-established with a strong portfolio of projects and partnerships. Technically, the website is built on WordPress with modern plugins and hosted on WP Engine with Cloudflare CDN, reflecting a mature digital infrastructure. However, the lack of a valid SSL certificate and disabled TLS protocols represent significant security weaknesses. Privacy compliance is well addressed with GDPR-aligned cookie consent and privacy policies. Overall, the business demonstrates professionalism and trustworthiness but must urgently address its SSL/TLS security to protect user data and improve trust.

A

Axians ICT Austria GmbH

axians.at

40

Axians ICT Austria GmbH is a well-established IT service provider in Austria, offering a broad range of IT solutions including cloud services, cyber security, enterprise networks, and SAP consulting. The company targets business customers across various industries and emphasizes a human-centric approach to technology. Technically, the website is built on WordPress with modern libraries and integrates analytics and marketing tools such as Matomo and HubSpot. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate and lack of HTTPS support, which significantly impacts its security posture. Privacy compliance is strong, with comprehensive policies and consent mechanisms in place. Overall, the website is professional and trustworthy but requires urgent improvements in its SSL/TLS configuration to enhance security and user trust.

B

BioEnergy Consult

bioenergyconsult.com

25

BioEnergy Consult is a specialized advisory and consulting organization focusing on biomass energy, waste-to-energy, and waste management sectors. The website serves as a rich knowledge base with extensive articles targeting professionals and organizations interested in renewable energy and environmental sustainability. The technical infrastructure is based on WordPress with common plugins for SEO and analytics, but lacks HTTPS security, which is a critical vulnerability. The site has implemented privacy and cookie policies with consent mechanisms, but lacks explicit terms of service and security policies. Overall, the site is content-rich and professionally presented but requires significant security improvements to protect users and enhance trust.

R

Rosendahl Nextrom GmbH

rosendahlnextrom.com

39

Rosendahl Nextrom GmbH is a well-established global leader in production technologies serving the battery, cable & wire, and optical fiber industries. The company offers sophisticated manufacturing equipment and tailor-made solutions, targeting industrial manufacturers worldwide. The website reflects a mature business with a professional digital presence, including multi-language support and structured data for SEO. Technically, the site uses WordPress with Elementor and performance optimizations like WP Rocket, hosted behind Cloudflare CDN. However, a critical security gap exists as the site lacks HTTPS/SSL encryption, exposing users to potential risks. Privacy compliance is addressed with a privacy policy and cookie consent via Cookiebot. Business credibility is strong with clear contact forms and parent company affiliation to KNILL Gruppe. Overall, the site is content-rich and professionally maintained but requires urgent security improvements.

D

DDB Worldwide

tribalworldwide.com

40

DDB Worldwide is a highly ranked global advertising agency specializing in creative advertising and marketing services. The company operates an enterprise-level website built on WordPress, hosted on WP Engine and served via Cloudflare CDN, leveraging modern web technologies such as jQuery, Axios, and ReactPress. The website features professional design, clear navigation, and comprehensive privacy and cookie policies, indicating a mature digital presence. However, the absence of a valid SSL certificate significantly undermines the site's security posture, exposing users to potential risks and reducing trust. Security headers are well configured but cannot compensate for the lack of HTTPS. Contact information is limited to email addresses without phone numbers or physical addresses, and no explicit security or incident response policies are published. Overall, the site demonstrates good business credibility and privacy compliance but requires urgent security improvements.

D

Design Storz GmbH

designstorz.com

35

Design Storz GmbH is a small, established Austrian design studio with over 38 years of experience specializing in automotive, product, graphic design, branding, and design strategy. The company serves international clients including major automotive brands and consumer product companies. The website is built on WordPress using popular plugins and page builders, presenting professional content and clear navigation primarily in German. However, the technical infrastructure lacks a valid SSL certificate and modern TLS protocols, exposing the site to security risks. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit security or incident response policies are found. Overall, the business credibility is moderate, supported by consistent WHOIS data and a clear contact presence. The security posture is weak due to missing HTTPS and security headers, which should be addressed urgently to protect user data and improve trust.

Ing. Michael Josef EDER operates a small, specialized Baumeister (master builder) business based in Hallein, Austria, offering comprehensive construction planning, execution, management, and consultancy services primarily for private residential, commercial, and industrial clients. The company has an established local presence since 1995 and demonstrates professionalism through certifications and clear contact information. Technically, the website is built on WordPress with Elementor and Yoast SEO, showing good SEO and mobile optimization but suffers from critical security shortcomings due to the absence of a valid SSL certificate and modern TLS protocols. The security posture is weak, lacking essential HTTPS encryption and advanced security headers, which poses risks to user data and trust. Privacy compliance is adequate with a cookie consent mechanism and a privacy policy page, but no incident response or security policy information is provided. Overall, the website is functional and professional but requires urgent security improvements to protect visitors and enhance trust.

T

TTX

ttx.com

40

TTX is a well-established transportation company specializing in railcar pooling and maintenance services across North America. Founded in 1955, it operates a large fleet and extensive maintenance network, serving the rail industry with innovative logistics solutions. The website reflects a mature business with comprehensive service offerings and a clear market position. Technically, the site is built on WordPress with modern libraries and integrates Google Maps and analytics, but suffers from an invalid SSL certificate and lack of HTTPS enforcement, which impacts security posture. Security headers are present, but critical SSL/TLS configurations are missing, exposing the site to potential risks. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional and trustworthy but requires urgent SSL and security improvements to meet modern standards.

S

Sony DADC Europe GmbH

sonydadc.com

40

Sony DADC Europe GmbH operates a professional and comprehensive website presenting itself as a leading end-to-end supply chain and manufacturing service provider primarily serving the entertainment industry. The company offers a broad range of services including micro optics, manufacturing, assembly and packaging, logistics, and global business services. The website is well-structured, professionally designed, and targets B2B clients requiring specialized supply chain solutions. Technically, the site is built on WordPress with common libraries such as jQuery and Swiper.js, and includes SEO optimizations and accessibility features. However, a critical security weakness is the lack of a valid SSL certificate and proper HTTPS configuration, which severely impacts the security posture and user trust. Privacy and cookie policies are comprehensive and GDPR compliant, but no incident response or vulnerability disclosure information is provided. Overall, the site is credible and trustworthy but requires urgent security improvements to protect user data and ensure secure communications.

S

Stieglbrauerei zu Salzburg GmbH

stiegl.at

40

Stiegl Privatbrauerei is Austria's leading private brewery with a rich heritage dating back to 1492. The company offers a broad portfolio of beer specialties, operates an online shop, and provides B2B distribution and technical services. The website reflects a mature digital presence with professional design, comprehensive content, and active marketing integrations. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. The site implements GDPR-compliant privacy and cookie policies with consent mechanisms, indicating good privacy awareness. Overall, the business is well-established and credible, but urgent improvements in security infrastructure are recommended.

A

Addiko Bank AG

addiko.com

40

Addiko Bank AG operates as a regional digital bank serving multiple European countries with a focus on online banking products such as savings accounts and loans. The website reflects a professional and consistent brand presence with clear navigation and relevant content targeting retail and corporate banking customers. Technically, the site is built on WordPress with modern plugins and integrates multiple analytics and marketing tools. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which is critical for a financial institution. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, while the business and technical aspects are solid, the security deficiencies pose a significant risk that must be remediated promptly.

G

GrECo

greco.services

40

GrECo is a well-established insurance and risk management specialist with a strong presence in Central and Eastern Europe, operating since 1925. The company offers a broad range of services including risk consulting, cyber insurance, health and benefits, and international insurance programs. The website reflects a mature digital presence with professional design, multilingual support, and structured data for SEO. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate and lack of HTTPS support, which undermines user trust and data security. Privacy policies are present and GDPR compliant, but cookie consent mechanisms are minimal. Overall, the site is content-rich and credible but requires urgent security improvements to align with best practices.

L

Lexogen GmbH

lexogen.com

26

Lexogen GmbH is a specialized biotechnology company based in Vienna, Austria, focused on next generation sequencing (NGS) and transcriptomics solutions. The company offers a comprehensive portfolio of RNA analysis products, including RNA-Seq sample preparation kits, RNA spike-in controls, and bioinformatics data analysis services. Their target audience includes researchers, pharmaceutical companies, and academic institutions seeking innovative RNA sequencing and analysis solutions. Lexogen positions itself as a niche leader with ISO 9001 and ISO 13485 certifications, underscoring its commitment to quality and regulatory compliance. Technically, the website is built on WordPress using Elementor and WooCommerce, hosted on Cloudpit infrastructure. The site integrates modern web technologies such as Google Tag Manager and reCAPTCHA for analytics and security. While the site is mobile optimized and SEO friendly with good content quality and navigation, performance metrics are unavailable. The absence of a valid SSL/TLS certificate is a critical security gap, exposing users to insecure HTTP connections. From a security perspective, the site lacks HTTPS, HSTS, and other essential security headers, resulting in a low security posture score. No explicit security or incident response policies are published. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Contact information is detailed and trustworthy, including multiple phone numbers, emails, and physical addresses in Austria and the USA. Overall, Lexogen's website demonstrates strong business credibility and content quality but suffers from a critical security deficiency due to missing HTTPS. Strategic improvements in SSL implementation and security headers are essential to enhance user trust and data protection. The company’s digital maturity is moderate, with opportunities to improve technical infrastructure and security practices to better support its specialized biotech market presence.

C

C-TEC

c-tec.co.uk

19

The website c-tec.co.uk serves primarily as a minimal landing page that redirects visitors to the main corporate website c-tec.com. It lacks substantive content about the business, its services, or contact information. The site is built on WordPress using the Divi theme and includes jQuery libraries. However, it suffers from significant security and compliance shortcomings, including the absence of an SSL certificate, no privacy or cookie policies, and no visible contact or security incident response information. Performance is slow, and SEO and accessibility features are minimal. Overall, the site appears to be a placeholder rather than a fully developed business portal. From a technical perspective, the site is hosted on Google Cloud infrastructure and uses standard WordPress technologies. The lack of HTTPS and security headers exposes it to potential risks and undermines user trust. No analytics or tracking tools are detected, indicating minimal user data collection. The DNS configuration is standard but lacks advanced security features like DNSSEC or DMARC. Security posture is weak due to missing HTTPS, lack of security headers, and no visible security or incident response policies. The absence of privacy and cookie policies also indicates non-compliance with GDPR and related regulations. No vulnerability disclosure or security.txt files are present to guide security researchers. The domain registration data is consistent with the UK presence and business identity, supporting legitimacy, but the website itself lacks professionalism and trust signals. Strategically, the site should prioritize implementing HTTPS, adding comprehensive privacy and cookie policies, and providing clear contact and security incident response information. Improving site performance, SEO, and accessibility would also enhance user experience and trust. These steps are critical to align the website with modern security and compliance standards and to support the business's digital credibility.

A

AT&S Austria Technologie & Systemtechnik AG

ats.net

33

AT&S Austria Technologie & Systemtechnik AG is a globally recognized leader in high-end printed circuit boards and IC substrates, serving key industries such as aerospace, automotive, communication, and medical technology. The company demonstrates a strong market position with a comprehensive digital presence, including investor relations, career opportunities, and sustainability initiatives. Technically, the website is built on WordPress with modern tools and plugins, offering good SEO and accessibility, though performance is moderate. Security posture is weakened by the absence of a valid SSL/TLS certificate and disabled TLS protocols, which poses significant risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business is credible and trustworthy, but urgent improvements in SSL/TLS configuration are recommended to enhance security and user trust.

S

Software Daten Service Gesellschaft m.b.H.

sds.at

40

Software Daten Service Gesellschaft m.b.H. (SDS) is a medium-sized Austrian company specializing in software and services for the international financial industry, with additional focus on telecommunications and digital entertainment sectors. The company offers a comprehensive portfolio including securities processing, regulatory reporting, compliance, consulting, managed services, and professional testing. SDS benefits from a strong market position supported by its 50 years of history and affiliation with the Deutsche Telekom Group. The website reflects a professional and consistent brand image targeting financial institutions and related industries globally. Technically, the site is built on WordPress with modern plugins and SEO optimizations, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and lack of HTTPS support. Security headers are present but insufficient to compensate for the missing encryption. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Contact information is clearly provided, enhancing business credibility. Overall, the site is content-rich and professionally maintained but urgently requires SSL/TLS remediation to improve security posture and trust.

F

feibra GmbH

feibra.at

40

feibra GmbH is a well-established Austrian company specializing in direct marketing and mailing services, including unaddressed and addressed mailings, campaign planning, and geomarketing. The company benefits from over 60 years of experience and is a subsidiary of the Österreichische Post Aktiengesellschaft, positioning it strongly in the Austrian media and marketing sector. The website targets businesses and marketing professionals seeking effective direct marketing solutions across Austria. Technically, the website is built on WordPress with a modern plugin ecosystem and SEO optimization, but lacks a valid SSL certificate, which is a critical security gap. The security posture is basic with some security headers present but no active TLS protocols or certificate transparency compliance. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

KTM AG is a well-established Austrian motorcycle manufacturer with a strong market presence and a focus on transparent communication with investors and the public. The website reflects a professional corporate image with clear navigation and relevant business content. Technically, the site is built on WordPress using the Divi theme and integrates modern marketing and analytics tools such as Google Tag Manager and OneTrust for cookie consent. However, the absence of a valid SSL certificate and HTTPS significantly undermines the site's security posture, exposing visitors to potential risks. No explicit security or incident response policies are published, which could be a concern for stakeholders. Overall, while the business credibility and content quality are good, the technical and security aspects require urgent improvement to meet modern standards.