Security Directory

N

Niort Séminaires

niort-seminaires.com

47

Niort Séminaires is a regional hospitality and event facilitation service focused on professional and corporate events in the Niort and Marais Poitevin area of France. The website positions itself as a destination marketing platform offering seminars, congresses, team building, and other corporate event services. The business targets companies and event organizers seeking turnkey or customized event solutions. The site demonstrates a moderate level of digital maturity with a WordPress CMS, modern JavaScript libraries, and structured data for SEO. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness, exposing visitors to potential risks and undermining trust. The site includes basic privacy and cookie policies but lacks explicit security or incident response documentation. Contact information and social media presence are clearly provided, supporting business credibility. Overall, the website is functional and professionally designed but requires urgent security improvements to meet modern standards.

P

Persistent Systems

persistent.com

59

Persistent Systems is a well-established technology services company specializing in AI, digital engineering, and enterprise modernization. The company positions itself as a trusted partner for enterprises seeking to transform their AI journey and digital capabilities. Their website reflects a mature digital presence with comprehensive service offerings, a strong partner ecosystem, and extensive client success stories. The company targets large enterprises across multiple industries, leveraging a B2B business model with a focus on innovation and technology leadership. Technically, the website is built on WordPress and employs a modern tech stack including jQuery, Bootstrap, and various marketing and analytics tools such as Google Tag Manager, Pardot, and CookiePro. Hosting is via AWS CloudFront CDN, ensuring global content delivery. The site is well-optimized for SEO and accessibility, with multilingual support and responsive design. However, performance metrics are not explicitly available. From a security perspective, the site has several security headers configured and uses HttpOnly cookies and a detailed Content Security Policy. However, a critical issue is the absence of a valid SSL certificate and HTTPS support, severely impacting the security posture. Other TLS protocols and features like OCSP stapling and session resumption are not enabled. DNS CAA records appear malformed, which could affect certificate issuance policies. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a high level of professionalism and business credibility but suffers from a critical security gap due to missing HTTPS. Strategic remediation of SSL/TLS configuration is essential to improve trust and security compliance.

C

ComplyAdvantage

complyadvantage.com

60

ComplyAdvantage is a leading enterprise SaaS provider specializing in AI-driven fraud and Anti-Money Laundering (AML) risk detection solutions. The company offers a comprehensive risk intelligence platform that automates manual compliance processes, significantly reduces false positives, and accelerates onboarding cycles. With a strong market position and recognition as a category leader in KYC solutions, ComplyAdvantage serves over 3000 global businesses across the financial sector and fintech industries. Technically, the website is built on WordPress with modern frontend technologies including jQuery and Bootstrap. It leverages Cloudflare for hosting and CDN services and integrates Google Tag Manager and Cookiebot for analytics and consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance metrics are moderate. From a security perspective, while several security headers are properly configured, the absence of a valid SSL certificate and lack of HTTPS support represent critical vulnerabilities. This significantly lowers the security posture and exposes the site to risks. Privacy compliance is strong with clear policies and consent mechanisms in place. Overall, the website is professional, content-rich, and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions and maintain compliance with industry standards.

A

Anqa IT-Security GmbH

anqa.ch

37

Anqa IT-Security GmbH is a specialized provider of IT security awareness and training services, focusing on cyber-sensibilization for employees primarily targeting Swiss SMEs. Their offerings include phishing simulations, e-learning with certification, dark web scans, and review meetings to enhance organizational cybersecurity culture. The company maintains a partnership with Mobiliar Versicherung, providing exclusive discounts and free training options for insurance customers. Technically, the website is built on WordPress with multilingual support and uses modern JavaScript libraries for UI elements. However, the site suffers from a lack of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts its security posture. DNS records show proper email security configurations such as SPF and DMARC with a reject policy, but no advanced security headers or TLS protocols are enabled. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information is clearly provided, enhancing business credibility. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect users and data.

F

France FinTech

frenchfintechweek.org

40

French FinTech Week is a prominent initiative supported by France FinTech, the AMF, and the ACPR to promote the dynamic fintech ecosystem in France. The website serves as a platform to showcase the annual event, with the upcoming fifth edition scheduled from October 1 to 17, 2025. It targets institutional partners, public entities, corporates, incubators, research institutes, and academic institutions involved in fintech. The business model focuses on event promotion and ecosystem engagement, positioning itself as a key national fintech promoter. Technically, the site is built on WordPress with the Divi theme, hosted on OVHcloud, and uses standard web technologies including PHP 7.4 and jQuery. The site is mobile optimized and presents good SEO practices but lacks advanced accessibility features. Security posture is basic with a valid SSL certificate but missing important security headers and email protection mechanisms like DMARC. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy measures.

P

ProcessMaker

processmaker.com

59

ProcessMaker is an established enterprise software company specializing in business process automation and workflow optimization solutions. With over 3 million users worldwide, it offers a comprehensive suite of products including the ProcessMaker Platform, Process Intelligence, and Agentic AI tools. The company targets enterprises seeking to enhance productivity through automation and AI-enriched workflows. The website reflects a mature digital presence with strong branding, multilingual support, and extensive customer trust signals. Technically, the site is built on WordPress with modern SEO and performance plugins, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and disabled TLS protocols, which significantly impacts its security posture. Privacy compliance is well addressed with visible cookie consent and GDPR-aligned policies. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and maintain trust.

C

Curotec

curotec.com

49

Curotec is a medium-sized technology company specializing in software development services including SaaS, web, mobile, AI/ML, and e-commerce development. Positioned as a trusted and top-rated development agency, it serves SaaS and enterprise teams with flexible engagement models such as project delivery, staff augmentation, and support retainers. The company boasts multiple industry recognitions and partnerships, including official Laravel and Vue.js partnerships, enhancing its market credibility. Technically, the website is built on a modern tech stack featuring Laravel, React, Vue.js, Python, Node.js, and AWS, hosted on an Nginx server with Cloudflare DNS. The site uses WordPress CMS with Elementor for content management and includes advanced SEO and accessibility features. However, performance metrics are not available, though the site is mobile-optimized and well-structured. From a security perspective, the site lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability impacting user trust and data security. While SPF and DMARC records are properly configured, the absence of HTTPS and security headers like HSTS reduces the overall security posture. Privacy and cookie policies are present with consent mechanisms, indicating good compliance with GDPR and related regulations. Overall, Curotec's website is professional and content-rich, supporting its business credibility. The critical security issue of missing SSL must be addressed promptly to improve trust and protect user data. Strategic improvements in SSL configuration and security headers will enhance the site's security and compliance standing.

K

Kirschbaum Development

kirschbaumdevelopment.com

49

Kirschbaum Development is a small technology company specializing in web application development, staff augmentation, training, and technical leadership services. They primarily focus on Laravel, Vue.js, Angular, Drupal, and Wordpress frameworks, serving a diverse client base including Fortune 50 companies and smaller organizations. Their market position is strengthened by partnerships with Laravel and endorsements from industry leaders. The website presents a professional and consistent brand image with comprehensive service offerings and client testimonials. Technically, the website leverages modern web technologies including Laravel and Vue.js frameworks, hosted on AWS CloudFront CDN. The site includes Google Tag Manager for analytics and marketing purposes. While the site is mobile optimized and SEO friendly, performance metrics are unavailable. Accessibility is basic but functional. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. No advanced security headers or mechanisms such as HSTS or OCSP stapling are implemented. Cookie consent mechanisms are absent, indicating limited privacy compliance. The site uses secure cookies with CSRF tokens but overall security posture is weak. Overall, the website is professional and credible but requires urgent improvements in SSL/TLS implementation and privacy compliance to enhance security and user trust.

A

Allot

allot.com

55

Allot is a global enterprise specializing in network intelligence and security solutions tailored for service providers and enterprises, with a strong emphasis on 5G, broadband, and enterprise networks. The company offers a broad portfolio of services including network security, DDoS protection, traffic intelligence, and policy control, positioning itself as a key player in the telecommunications technology sector. The website reflects a mature digital presence with comprehensive content and structured data supporting SEO and user engagement. Technically, the site is built on WordPress, hosted on WP Engine, and utilizes Cloudflare CDN, integrating multiple marketing and analytics tools such as HubSpot, Google Tag Manager, LinkedIn Insight, and Microsoft Clarity. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, despite the presence of security headers and HSTS configuration. This significantly impacts the site's security posture and trustworthiness. Privacy compliance is partially addressed with a cookie consent mechanism but lacks visible privacy and terms of service policies. Overall, the site demonstrates good business credibility and technical implementation but requires urgent security improvements to protect user data and enhance trust.

M

Maddyjobs

maddyjobs.com

62

Maddyjobs is a French job board platform specializing in digital and startup sector employment, offering a free service for innovative companies and candidates. The site is positioned as a niche player targeting startups and digital professionals, supported by a network of related brands such as Maddyness and Maddyplay. Technically, the site is built on WordPress using the Divi theme, with integrations including Bridget for resume uploads and OneTrust for cookie consent. However, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and disabled TLS protocols, which severely impact its security posture. While cookie consent and privacy policies are present, the lack of advanced security measures and incident response information indicates room for improvement. Overall, the site provides a professional user experience and good content quality but must address its SSL/TLS issues to enhance trust and compliance.

N

Nexigen Digital Pty Ltd

nexigen.digital

53

Nexigen Digital Pty Ltd is a medium-sized Australian technology company specializing in providing online solutions and digital innovation services to Australian businesses. Founded in 2008, the company hosts over 250,000 websites and supports more than 300,000 customers with a 100% Australian-based team. Their market position is strong within the Australian digital services sector, offering web hosting and technology-led business growth tools. Technically, the website is built on WordPress and served via LiteSpeed servers with caching enabled, but lacks a valid SSL certificate, which is a critical security concern. The site uses Google Tag Manager for analytics and tracking but does not have a cookie consent mechanism, indicating partial privacy compliance. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly lowers the security posture. Overall, the website is professionally designed with good content quality and clear navigation, but the lack of SSL and privacy compliance mechanisms present risks that should be addressed promptly.

T

Télécom Paris

telecom-paris.fr

40

Télécom Paris is a prestigious French engineering school specializing in digital and technological education and research. As a founding member of the Institut Polytechnique de Paris and part of the Institut Mines-Télécom, it holds a strong market position in higher education and innovation. The institution offers a wide range of programs including engineering degrees, masters, specialized masters, doctoral studies, and continuing education, supported by active research laboratories and a vibrant innovation ecosystem. Its target audience includes students, researchers, and industry partners, with a significant international presence. Technically, the website is built on WordPress with modern JavaScript libraries and plugins such as jQuery and RoyalSlider. It employs Matomo for privacy-conscious analytics and implements a comprehensive GDPR-compliant cookie consent mechanism. However, the site currently lacks a valid SSL/TLS certificate and does not serve content over HTTPS, which is a critical security deficiency. The site is well-structured, mobile-optimized, and provides rich, relevant content with clear navigation. From a security perspective, the presence of HSTS is positive, but the absence of valid SSL/TLS and modern encryption protocols significantly undermines the site's security posture. No critical vulnerabilities or malware were detected in the content. Privacy policies and data protection officer contact information are clearly provided, indicating good compliance with GDPR requirements. Overall, while the business and content aspects of the site are excellent, the critical lack of HTTPS and valid SSL/TLS certificate severely impacts the security score and poses risks to user data confidentiality and trust. Strategic improvements in SSL/TLS deployment and security configurations are urgently recommended.

I

Immobilière Atlantic Aménagement

atlantic-amenagement.com

39

Immobilière Atlantic Aménagement is a well-established real estate company based in France's Nouvelle-Aquitaine region, specializing in affordable, eco-friendly housing solutions and related social services. With over 60 years of history, it holds a significant market position as a major regional housing actor managing over 18,000 housing units. The company emphasizes innovation, sustainability, and social inclusion in its business model, targeting residents and tenants seeking quality housing and supportive services. Technically, the website is built on WordPress with modern JavaScript libraries and SEO optimizations, but suffers from slow load times and lacks a valid SSL certificate, impacting security and user trust. Security posture is weak due to missing HTTPS, lack of security headers, and minimal email protection policies. Privacy compliance is basic with a cookie consent mechanism and a privacy policy present, but no advanced GDPR indicators or data protection officer information. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

O

Office de tourisme de Niort

niortmaraispoitevin.com

59

Niort Marais Poitevin Tourisme operates as the official tourism office for the Niort Marais Poitevin region in France, providing comprehensive information and services related to accommodations, activities, events, and local experiences. The website serves as a key digital touchpoint for tourists and visitors, offering rich content, destination guides, and booking options. The organization positions itself as a regional tourism promoter with a strong local presence and partnerships. Technically, the website is built on WordPress with a modern plugin ecosystem including Yoast SEO, Cloudflare CDN, and various custom Iris Interactive plugins. While the site is well-structured, mobile-optimized, and SEO-friendly, it suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support, exposing visitors to potential risks. Privacy compliance is addressed with a clear privacy and cookie policy, including consent mechanisms. Social media integration and trust signals are strong, enhancing business credibility. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and maintain trust.

The website represents the official online presence of the Parc naturel régional du Marais Poitevin, a regional natural park in France focused on tourism and nature discovery. It provides visitors with information on activities, itineraries, and experiences within the park, targeting tourists and nature enthusiasts. The site is built on WordPress with a range of plugins including Yoast SEO and Mapbox for mapping features. While the content quality and SEO are good, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security flaw. The presence of SPF and DMARC records with strict policies indicates good email security practices. Social media integration and cookie consent mechanisms are well implemented, supporting GDPR compliance. However, the absence of visible phone numbers and physical addresses limits direct contact options. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

M

MAIF

maif-evenements.fr

40

MAIF Evénements is a French event listing platform affiliated with the MAIF insurance group, focusing on promoting local community events across France. The website provides an interactive map and search functionality for users to find events by department and date. It leverages WordPress CMS with a variety of plugins and scripts to deliver a responsive and SEO-optimized user experience. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which significantly impacts its security posture. While privacy and cookie policies are referenced, they reside on the main MAIF domain rather than this subdomain. Social media links connect to official MAIF accounts, enhancing trust. Overall, the site is functional and professionally designed but requires urgent security improvements to protect user data and ensure compliance.

R

Retis

retis-innovation.fr

40

Retis Innovation is a French national network dedicated to supporting and promoting territorial innovation ecosystems. The organization focuses on assisting innovation actors, public institutions, and private experts to foster the creation and growth of innovative companies across French territories. The website reflects a mature digital presence built on WordPress with modern technologies and SEO best practices. Security posture is solid with HTTPS, SPF, and DMARC configured, though improvements in HTTP security headers and DNS security could enhance protection. Privacy compliance is strong, featuring comprehensive GDPR-aligned policies and cookie consent mechanisms. Contact information is transparent and multi-channel, supporting business credibility. Overall, Retis Innovation demonstrates a professional and trustworthy online presence suitable for its sector and audience.

A

Agence de Développement et d'Innovation Nouvelle-Aquitaine

accel-na.fr

40

Accel-NA is a regional business accelerator focused on supporting small and medium enterprises (PME) and intermediate-sized enterprises (ETI) primarily in the Nouvelle-Aquitaine and Charente regions of France. The website presents multiple acceleration programs tailored to companies of varying sizes and revenue thresholds, offering structured support, seminars, and workshops to foster business growth. The site includes testimonials, news updates, and partner references, indicating an active engagement with its target audience. Technically, the website is built on WordPress using the Avada theme and Fusion Builder, integrating common web technologies such as jQuery, YouTube embeds, and Matomo analytics. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of modern TLS protocols, resulting in insecure HTTP connections. Security headers and email authentication records are also missing or incomplete, exposing the site to potential risks. Privacy compliance is minimal, with no cookie consent mechanism or explicit GDPR indicators. Overall, the website is functional and professionally designed but requires urgent security improvements to protect user data and enhance trust.

I

Invest in Nouvelle Aquitaine

invest-in-nouvelle-aquitaine.fr

40

Invest in Nouvelle Aquitaine is a regional business support network in France, specializing in assisting companies with their implantation projects in the Nouvelle-Aquitaine region. The organization offers personalized and free services including real estate search, administrative procedures, public funding, and networking with regional experts. The website is built on WordPress using the Avada theme and integrates various plugins for enhanced functionality and user experience. Despite a professional design and good content quality, the site lacks a valid SSL certificate, which impacts its security posture significantly. Additionally, there is no cookie consent mechanism or DMARC record, indicating partial privacy compliance. The presence of Google Analytics and Matomo Tag Manager shows moderate user tracking. Overall, the website serves its business purpose well but requires critical security improvements to enhance trust and compliance.

N

Néo Terra - Demain devient possible

neo-terra.fr

33

Néo Terra is a regional government initiative by the Région Nouvelle-Aquitaine focused on accelerating ecological and social transition in the Nouvelle-Aquitaine region of France. The website serves as a platform to promote projects, engage stakeholders, and provide information about the region's ambitions in areas such as natural resources, solidarity, agriculture, economy, mobility, and health. The target audience includes public and private actors, partners, and citizens interested in sustainability and ecological transition. The business model is centered on community engagement and regional support rather than commercial activities. Technically, the website is built on WordPress 6.8.1 using PHP 8.2.28 and the Yootheme theme with UIkit framework. It is hosted on OVH infrastructure. SEO is well implemented with Yoast SEO plugin and structured data (JSON-LD) is used for enhanced search engine understanding. However, performance metrics are missing and the site is likely slow. Mobile optimization is good, but accessibility is basic. From a security perspective, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical issue. No modern TLS protocols or cipher suites are enabled, and several security best practices are missing. The only positive security header is HSTS, but without HTTPS it is ineffective. No explicit security or incident response policies are published. Privacy compliance is good with a clear privacy and cookie policy and GDPR adherence. Overall, the site is functional and professional but has a critical security vulnerability due to missing SSL. Strategic improvements in SSL deployment and security hardening are essential to protect user data and improve trust.

D

Digital et Assurance

digital-et-assurance.com

53

Digital et Assurance is a specialized French media platform focused on delivering weekly curated news, analyses, and interviews related to innovation in the insurance sector and insurtech developments. It operates under the parent company Eficiens and targets insurance professionals and industry stakeholders. The website is built on WordPress, leveraging plugins such as Yoast SEO and Algolia for search functionality, hosted on OVH infrastructure. While the site offers good content quality and user experience with responsive design, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy and cookie policies are present but hosted on the parent domain, and contact information relies on a personal email address, which may affect trust. Overall, the site is functional but requires urgent security improvements to protect user data and enhance credibility.

F

France FinTech

francefintech.org

40

France FinTech is a prominent French fintech association dedicated to supporting and representing the fintech ecosystem in France. The website serves as a hub for news, events, member information, and initiatives such as educational programs and fintech panoramas. It targets fintech companies, investors, and ecosystem stakeholders, positioning itself as a key national player in fintech advocacy and networking. Technically, the site is built on WordPress using the Divi theme, integrating various plugins for content display, social media feeds, and newsletter management. While the site offers good content quality and user experience, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS enforcement, which undermines user trust and data security. Privacy compliance is basic, with a cookie consent mechanism present but no visible privacy or terms of service policies. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

A

Altæ Technopole Niort Deux-Sèvres

altae-technopole.fr

32

Altæ Technopole Niort Deux-Sèvres is a regional innovation and entrepreneurship hub based in the Deux-Sèvres region of France. The organization focuses on catalyzing innovation and supporting startups and entrepreneurs through ecosystem animation, tailored accompaniment programs, and promoting territorial attractiveness. The website is built on WordPress using Elementor and Yoast SEO, with a modern but basic technical infrastructure hosted likely on OVH. While the site offers good content quality and SEO optimization, it lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security gap. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information is limited to a contact form, with no explicit emails or phone numbers found. Social media presence includes LinkedIn and YouTube. The site integrates Piwik PRO analytics and uses WP Rocket for performance optimization, though performance data indicates slow loading. Security posture is weak due to missing HTTPS and lack of security headers. Strategic recommendations include implementing HTTPS, enabling modern TLS protocols, adding security headers, and improving privacy compliance. Overall, the site is functional and professional but requires significant security improvements to meet modern standards.

F

Finance Innovation

finance-innovation.org

51

Finance Innovation is a French competitive cluster established in 2007, focused on supporting financial startups and innovation. It operates as a membership and partnership network with over 600 members, including startups, large companies, and SMEs. The organization provides services such as visibility, networking, fundraising assistance, and event organization, positioning itself as a leader in the French fintech ecosystem. The website reflects a mature digital presence with structured data, SEO optimization, and multilingual support. However, the technical infrastructure shows weaknesses, notably the absence of a valid SSL certificate and HTTPS support, which critically impacts security posture. Despite these issues, the site maintains good privacy compliance with clear cookie consent mechanisms and comprehensive privacy policies. The business credibility is reinforced by government affiliations and a strong partner ecosystem.

P

PLANETE CSCA

planetecsca.fr

40

PLANETE CSCA is a professional syndicate representing insurance brokers in France, providing advocacy, legal assistance, training, and operational tools to its members. The website is well-structured, content-rich, and targets insurance professionals and brokers. Technically, it is built on WordPress with modern technologies such as PHP 8.3, Apache, and integrates SEO and search optimization tools like Yoast SEO and Algolia. The site uses HTTPS with TLS 1.3 and 1.2 protocols, but lacks some advanced SSL security features such as HSTS and OCSP stapling. Privacy and cookie policies are present with consent mechanisms, indicating good GDPR compliance. Contact information is available primarily through a contact page, with no direct emails or phone numbers exposed. Social media presence is active, enhancing trust and engagement. Overall, the site demonstrates a good balance of business professionalism, technical implementation, and security posture.

E

Eficiens

eficiens.com

52

Eficiens is a specialized digital agency focused on the insurance sector, providing services such as website creation and redesign, UX design for insurance quote and subscription journeys, maintenance, email marketing, and digital advertising. The company holds a strong market position in France as a leading digital agency dedicated to insurance and related financial services. Their client portfolio includes major insurance and mutual companies, supported by positive client testimonials and a high customer satisfaction rating. Technically, the website is built on WordPress with modern JavaScript libraries and SEO optimizations, but lacks a valid SSL certificate, which is a critical security gap. The absence of HTTPS and security headers exposes the site to potential risks and undermines user trust. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the site demonstrates professional design and content quality but requires urgent security improvements to align with best practices.

D

DARVA

darva.com

55

DARVA is a French software platform editor specializing in innovative service platforms that connect insurers, their partners, and clients across automotive, habitation, and health insurance sectors. The company offers a suite of solutions including claims management platforms, electronic invoicing, contract termination solutions, and partner network creation tools. DARVA maintains a medium-sized presence with a consistent brand and a strong client base in the insurance industry. Technically, the website is built on WordPress with modern SEO and privacy tools such as Yoast SEO and Cookiebot, and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to risks and undermining trust. The DNS configuration shows partnerships with email security providers like Vade Secure and Oodrive. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, DARVA presents a professional and trustworthy online presence but must urgently address its SSL/TLS deficiencies to improve security posture and user trust.

S

Stelliant

stelliant.com

55

Stelliant is a large French company specializing in comprehensive insurance-related services including risk prevention, expertise, client relations, post-claim solutions, crisis management, and innovation through dedicated campuses and labs. With approximately 3000 employees, it positions itself as a major player offering agile and personalized services to insurance professionals and clients. The website is built on WordPress with modern plugins and SEO optimizations, providing a professional and user-friendly experience with clear navigation and multilingual support. However, the technical infrastructure shows weaknesses in security, notably the absence of a valid SSL certificate and lack of HTTPS enforcement, which significantly impacts the security posture. Security headers are partially implemented but insufficient to compensate for the missing TLS security. Privacy compliance is weak, with no visible privacy or cookie policies and no GDPR compliance indicators. Contact information is available via email and contact forms, and social media presence is established on major platforms. Overall, the site is functional and professional but requires urgent improvements in security and privacy compliance to meet modern standards.

Switzerland Innovation Park Biel/Bienne AG is a private Swiss non-profit organization focused on applied research and development, bridging the gap between research and industry. It operates as part of the Switzerland Innovation Foundation network, promoting innovation, startups, and research investment in Switzerland. The website is professionally designed using WordPress and Elementor, showcasing multiple research centers, projects, and partnerships. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. The overall security posture is basic with room for significant improvement in SSL/TLS configuration and security headers.

S

Switzerland Innovation Park Basel Area AG

sip-baselarea.com

40

Switzerland Innovation Park Basel Area AG operates a comprehensive innovation hub and coworking space platform focused on healthcare, life sciences, and technology sectors in Switzerland. The company provides flexible workspace solutions including ready-made offices, coworking spaces, lab spaces, and customizable workspaces tailored to startups, SMEs, and research institutions. Positioned as a key player in the Basel Area innovation ecosystem, it supports collaboration and growth through community building and event hosting. Technically, the website is built on WordPress with modern plugins and tracking tools, but lacks a valid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. The site is professionally designed with excellent content quality and user experience, though performance data is limited. Security weaknesses include missing HTTPS, HSTS, DMARC, DNSSEC, and vulnerability disclosure mechanisms, which should be prioritized to improve trust and compliance. Overall, the business demonstrates strong market positioning and digital maturity but requires urgent security enhancements to protect user data and maintain credibility.

U

URL Networks

url.net.au

49

URL Networks is an Australian telecommunications provider specializing in business telephony and internet services, including hosted cloud PBX, SIP trunking, and various internet connectivity plans. The company positions itself as a trusted provider for businesses seeking stress-free telecommunications solutions. Their website is built on WordPress with modern plugins and tools, targeting Australian business customers with a focus on cloud and virtualized telephony services. The site includes detailed service descriptions and multiple contact channels, including phone, email, and social media. Technically, the website uses a WordPress CMS with Elementor, Yoast SEO, and several marketing and analytics tools such as Google Tag Manager and Chatlio live chat. Hosting appears to be on AWS infrastructure. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Performance data is missing, and no cookie consent mechanism is present, indicating limited privacy compliance. Security posture is weak due to the absence of HTTPS, no security headers, and no modern TLS protocols enabled. While no active vulnerabilities like Heartbleed or POODLE are detected, the lack of encryption exposes users to significant risks. Privacy policy is present and comprehensive but GDPR compliance is uncertain due to missing cookie consent. Incident response and security policies are not published. Overall, the website is functional and professionally designed but requires urgent security improvements, especially enabling HTTPS and implementing security best practices. Privacy compliance should be enhanced with cookie consent mechanisms. Business credibility is supported by clear contact information and social media presence, but security gaps reduce trustworthiness.

N

Niort Numeric

innn.fr

39

The website innn.fr represents Niort Numeric's flagship event focused on digital innovation, InsurTech, and risk management, held in Niort, France. It serves as a platform for networking, showcasing startups, and hosting conferences, targeting professionals and decision-makers in the insurance and technology sectors. The site is well-branded, content-rich, and optimized for SEO with structured data and social media integration. Technically, it is built on WordPress with modern JavaScript libraries for UI components and uses OVH as the hosting provider. However, a critical security gap is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. The site implements cookie consent via Piwik PRO, indicating good privacy compliance practices. Overall, the site is professional and functional but requires urgent security improvements.

M

Mantu

mantu.com

39

Mantu is a global consulting platform focused on providing guidance and services to businesses and entrepreneurs worldwide. With a large and diverse workforce spread across multiple continents, Mantu positions itself as a collaborative network of brands delivering transformative business solutions. The website reflects a professional and well-structured digital presence, leveraging WordPress CMS with modern tools such as Elementor and WP Rocket to optimize user experience and performance. However, the absence of a valid SSL certificate and lack of HTTPS support significantly weaken the site's security posture. While DNS records show good email authentication practices with SPF and DMARC, the lack of security headers and modern TLS protocols exposes the site to potential risks. Privacy compliance is partially addressed with a comprehensive privacy policy, but no cookie consent mechanism was detected. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

F

Free Pro

freepro.com

55

Free Pro is a French B2B telecommunications and IT services provider, a subsidiary of Groupe iliad, offering a broad portfolio of fixed and mobile telecom products and cloud/managed IT solutions tailored for enterprises of all sizes. The company positions itself as a trusted partner delivering expertise, competitive pricing, and proximity service across France with multiple regional offices. Technically, the website is built on WordPress with modern analytics and consent management tools, but suffers from a critical lack of valid SSL/TLS configuration, impacting security posture. While DNS email security is well configured with SPF and DMARC, the absence of HTTPS and security headers exposes the site to risks. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

F

French Assurtech

french-assurtech.com

40

French Assurtech is a French-based accelerator and innovation platform focused on the insurance technology sector. Supported by eight leading mutual insurance companies, it offers a comprehensive program including startup acceleration, an innovation lab (Lab XP), and a training campus to foster digital transformation and new insurance business models. The website positions French Assurtech as a key player in the French insurtech ecosystem, targeting startups, insurance professionals, and innovation managers. Technically, the site is built on WordPress using Elementor and integrates SEO and multilingual capabilities. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which significantly impacts its security posture. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy, but no explicit security or incident response policies are found. Overall, the website is professional and content-rich but requires urgent improvements in security and performance to enhance trust and user experience.

S

Switzerland Innovation Park Ost

startfeld.ch

40

Switzerland Innovation Park Ost operates a comprehensive startup support platform focused on the Eastern Switzerland region, providing services such as consulting, financing, infrastructure, and networking to ambitious startup founders. The organization holds a strong market position, recognized as the 3rd ranked startup hub in Switzerland within Europe’s Leading Start-Up Hubs 2024. The website is built on a modern WordPress stack with Elementor and WooCommerce, integrating advanced front-end libraries and marketing tools like Google Tag Manager and CleverReach for newsletters. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, exposing the site to potential risks and undermining user trust. Privacy and cookie policies are present and GDPR compliant, with clear contact information and social media presence enhancing business credibility.

G

Golem

golem.ai

64

Golem.ai is a French technology company specializing in AI-powered semantic analysis and automation solutions for business communication and document processing. Positioned as a trusted AI provider, it offers products like InboxCare and the Golem.ai Core platform, targeting industries such as insurance, retail, transport, defense, tourism, and customer relations. The company is recognized by Gartner and integrated into the French tech ecosystem, emphasizing explainability, sovereignty, and energy-efficient AI. Technically, the website is built on WordPress with Elementor, hosted on Scaleway, and uses modern web technologies with good performance and mobile optimization. Security posture is solid with HTTPS, DMARC, and SPF configured, though improvements in security headers and DNS security are recommended. Privacy compliance is strong with clear policies and consent mechanisms. Overall, Golem.ai presents a professional, trustworthy, and well-structured digital presence with strong business credibility and technical maturity.

L

LittleBig Connection

littlebigconnection.com

68

LittleBig Connection is a technology-focused collaborative platform that connects large companies with freelancers and consulting firms specializing in technology and engineering. It operates a global marketplace and management platform with a presence in 50 countries and a community of 500,000 experts. The company is part of the Mantu group and emphasizes long-term, high-impact projects. Technically, the website is built on WordPress with modern JavaScript libraries and animation frameworks, delivering a good user experience and mobile optimization. Security posture is strong with HTTPS, robust security headers, and certifications including ISO 27001 and ISO 9001. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the site demonstrates a mature digital presence with good SEO, trust indicators, and extensive analytics usage.

J

Jamespot

jamespot.com

48

Jamespot is a French technology company specializing in SaaS collaborative digital workplace solutions, including enterprise social networks, intranet, and AI-powered collaboration tools. The company positions itself as a flexible and customizable provider with over 20 years of experience, targeting professional organizations seeking to enhance internal communication and teamwork. The website demonstrates strong business credibility with comprehensive content, customer testimonials, and recognized certifications such as ISO 27001 and RGAA 4.1 accessibility compliance. Technically, the site is built on WordPress with modern SEO and marketing tools, but suffers from slow performance and lacks a valid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with detailed cookie policies and consent mechanisms. Security practices include SPF and DMARC DNS records, but the absence of HTTPS and modern TLS protocols is a critical weakness. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

W

WEBKINDER AG

webkinder.ch

71

WEBKINDER AG is a Swiss digital agency specializing in web design, development, and online strategies, primarily serving clients in Luzern and Zürich. The company offers comprehensive services including WordPress and WooCommerce development, SEO, and custom web applications, positioning itself as a trusted partner for businesses and non-profit organizations seeking effective digital solutions. The website reflects a mature digital presence with professional design, clear navigation, and rich content including client references and insights. Technically, the website is built on WordPress with a modern tech stack including Gravity Forms, Yoast SEO, and WP Rocket for performance optimization. Hosting is managed via cyon.ch, and the site employs HTTPS with valid SSL certificates and SPF records for email security. The site is mobile-optimized and accessible, with good SEO practices implemented. From a security perspective, the site enforces HTTPS, uses security headers like HSTS (though not fully enabled), and employs Google reCAPTCHA v3 on forms. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. Contact information is clearly presented, enhancing trust and credibility. Overall, WEBKINDER AG demonstrates a strong digital maturity and security posture suitable for its business model. Strategic improvements could include enabling full HSTS policies, OCSP stapling, and publishing a security.txt file to further enhance security transparency and resilience.

W

WP SYNTEX

polylang.pro

65

Polylang.pro is a technology-focused website offering a popular WordPress plugin that enables multilingual website creation. The company, WP SYNTEX, targets WordPress users and developers seeking to expand their sites' language capabilities. The business model centers on software sales via Easy Digital Downloads with integrated Stripe payment processing. The website is well-structured, professionally designed, and provides clear navigation and relevant content for its audience. Technically, the site is built on WordPress with common web technologies such as PHP and jQuery, and integrates third-party services for e-commerce and analytics. Performance is moderate with good mobile optimization and basic accessibility features. Security posture is weakened by the absence of a valid SSL certificate despite HSTS being enabled, and lack of advanced security headers or DNS security features. Privacy compliance is basic with a privacy policy and terms of sale present but no cookie consent mechanism or GDPR enforcement indicators. Overall, the site is functional and credible but would benefit from improved security and privacy practices.

O

Open Research Data Portal

open-research-data-portal.ch

40

The Open Research Data Portal is a collaborative platform dedicated to implementing Open Research Data (ORD) practices within the ETH Domain, encompassing prominent Swiss research institutions such as ETH Zurich, EPFL, Eawag, PSI, WSL, and Empa. The portal provides comprehensive information on ORD projects, services, and training resources, targeting researchers and academic institutions. Technically, the website is built on WordPress using Elementor and various Jet plugins, with integration of Google Analytics for minimal user tracking. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. The presence of SPF and DMARC records indicates some email security awareness, though the DMARC policy is set to 'none', offering no enforcement. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the site offers good content quality and professional design but requires urgent security improvements to protect user data and enhance trust.

E

ETH Zürich Foundation

ethz-foundation.ch

40

ETH Zürich Foundation is a reputable non-profit organization dedicated to supporting education, research, and innovation at ETH Zürich through donations and strategic projects. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting donors, alumni, and organizations interested in philanthropy. The technical infrastructure is based on WordPress with modern JavaScript libraries and SEO optimizations, hosted likely within ETH Zürich's infrastructure. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with detailed cookie consent mechanisms and a comprehensive privacy policy. Contact information and social media presence further enhance business credibility.

B

Behamics

behamics.com

49

Behamics is an AI-driven platform specializing in enhancing e-commerce performance through behavioral science and advanced analytics. The company offers a suite of products including Nudge, Diagnostic, Organic SEO, Merchandise optimization, and Automations, targeting enterprise clients to boost revenue, conversions, and visibility. The website reflects a professional and modern design with comprehensive content and clear navigation, although performance is hindered by slow load times and a lack of HTTPS. Technically, the site is built on WordPress with Elementor and integrates multiple marketing and analytics tools. Security posture is weak due to the absence of a valid SSL certificate and missing security headers, which poses risks to data protection and user trust. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but lacks a cookie consent mechanism. Overall, Behamics demonstrates strong business credibility and market positioning but requires urgent improvements in security and technical performance to enhance trust and compliance.

Q

Quarkslab

quarkslab.com

50

Quarkslab is a cybersecurity company specializing in offensive and defensive security solutions, combining consulting, R&D, and proprietary software to help organizations protect their digital assets. The company is recognized in the Gartner Emerging Tech report and serves a target audience of companies and governmental organizations seeking advanced cyber defense. Technically, the website is built on WordPress with Elementor and integrates multiple analytics and marketing tools. However, the site lacks a valid SSL certificate and modern TLS support, which significantly impacts its security posture. While email authentication is well configured with SPF and DMARC, the absence of HTTPS and security headers exposes the site to risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

O

Open Source Technology Improvement Fund

ostif.org

40

The Open Source Technology Improvement Fund (OSTIF) is a small non-profit organization focused on improving the security of open source software through facilitating security audits and reviews. Their website positions them as a key community-driven entity with a large network of security experts and partner projects. Technically, the site is built on WordPress using the OceanWP theme and is hosted behind Cloudflare DNS and CDN services. However, the website suffers from a lack of a valid SSL certificate and does not properly enable HTTPS, which is a critical security shortfall. Security headers are minimal, with only HSTS enabled but without full recommended settings. Privacy and cookie policies are absent, and no contact information such as emails or phone numbers are provided, which impacts trust and compliance. The site has a slow load time and basic SEO and accessibility features. Overall, OSTIF's website provides good content and branding but requires urgent improvements in security and privacy compliance to enhance trustworthiness and user safety.

K

KTHE | Team Farner

kthe.at

40

KTHE | Team Farner is a medium-sized Austrian communications company offering a comprehensive range of communication services including brand design, campaigns, PR concepts, and platforms. They position themselves as a leading provider in the Austrian market with a strong emphasis on creativity and international outlook. The website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and Yoast SEO, but suffers from slow performance and basic accessibility. Security posture is weak due to the absence of a valid SSL certificate and HTTPS, lack of security headers, and missing DNS security features. Privacy compliance is basic with a privacy policy and cookie notice present but no advanced GDPR indicators. Business credibility is moderate with clear contact information and social media presence but lacks certifications or detailed policies. Overall, the site is functional and professional but requires urgent security improvements.

S

Skills

skills.at

40

Skills is a well-established Austrian public relations and communication consultancy agency founded in 1984. The company specializes in full-service PR and communication consulting, focusing on sensitive and complex topics. It serves a broad business audience seeking expert communication services, supported by a strong network and quality certifications. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress with common frameworks like Bootstrap and uses jQuery and Yoast SEO for enhanced functionality and SEO. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts its security posture. Privacy compliance is partially addressed with a privacy policy and DMARC/SPF email protections, but lacks a cookie consent mechanism. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

M

MASSGESCHNEIDERT KOMMUNIKATIONSBÜRO GMBH

massgeschneidert.at

40

MASSGESCHNEIDERT KOMMUNIKATIONSBÜRO GMBH is a Vienna-based communications agency specializing in public relations, media, creative concepts, content, strategy, 360 communications, and partnerships. With approximately 10 years of experience, the company targets projects and brands seeking tailored communication strategies. The website reflects a professional branding approach with consistent messaging and a focus on creative communications services. Technically, the site is built on WordPress using the BeTheme theme and common plugins, but suffers from slow performance and lacks modern security configurations such as HTTPS. Security posture is weak due to the absence of a valid SSL certificate, missing security headers, and no cookie consent mechanism, which poses risks to user data protection and trust. Overall, the site is functional and informative but requires significant improvements in security and privacy compliance to meet modern standards.