Security Directory

E

ECM Label Production GmbH / ECM Marking Solutions GmbH

ecm.at

36

ECM.at represents a medium-sized Austrian manufacturing business specializing in label production and marking solutions with approximately 40 years of industry experience. The company offers a comprehensive range of services including label printing, dispensing systems, coding technologies, and engineering solutions tailored to various industries such as food packaging, automotive, electronics, and pharmaceuticals. The website reflects a professional B2B business model targeting companies requiring marking and labeling services. Technically, the site is built on WordPress with modern plugins and SEO optimizations but suffers from slow performance and lacks a valid SSL certificate, which is a critical security concern. Security posture is weak due to missing HTTPS, absence of security headers, and no incident response or security policy disclosures. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

A

Adria Film

adriafilm.com

26

Adria Film is a small media company based in Austria specializing in film production, distribution, and festival organization. The website serves as a platform to promote their films, provide news updates, and facilitate ticket sales. The company targets European cinema audiences and diaspora communities with a focus on regional film culture. Technically, the website is built on WordPress using a professional theme and several popular plugins, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate is a critical security weakness, exposing users to potential risks. The presence of tracking pixels from Facebook and TikTok suggests moderate user tracking, balanced by a visible cookie consent mechanism. Overall, the site is functional and professional but requires urgent security improvements and enhanced privacy compliance to reduce risk and build trust.

P

prentner engineering & consulting

prentner-ec.com

25

Prentner engineering & consulting is a small German-based engineering consultancy specializing in product development, design, FEM/MKS calculations, tooling technology, automation, assembly technology, and project management services. The company targets businesses requiring specialized engineering and consulting support in manufacturing and product innovation. Their website is built on WordPress with common plugins and provides content primarily in German with English alternatives. The site includes a cookie consent mechanism and a privacy policy, demonstrating GDPR compliance awareness. However, the absence of HTTPS is a critical security shortfall that undermines user trust and data protection. Technically, the website uses PHP 7.2.34 on an nginx server hosted by tele.net. The site employs popular WordPress plugins such as WPBakery Page Builder, LayerSlider, Contact Form 7, and Complianz GDPR. Performance data is missing or indicates slow loading, and SEO and accessibility optimizations are basic. Mobile optimization is good, and navigation is clear and professional. From a security perspective, the lack of SSL/TLS encryption is the most significant vulnerability, exposing users to potential data interception. No advanced security headers or incident response policies are found. Cookie consent is implemented properly, but no explicit security or incident response contacts are provided. WHOIS data aligns well with the website's business claims, indicating legitimacy. Overall, the website is functional and professional in content and design but requires urgent security improvements, especially enabling HTTPS and enhancing security headers. Privacy compliance is adequate, but business credibility could be improved by adding direct contact information and certifications.

W

Webconomy internet commerce GmbH

webconomy.com

24

Webconomy internet commerce GmbH operates a B2B-focused digital marketing agency website offering services such as growth boosting, SEO, Google Ads, mentoring, and performance marketing. The company targets B2B clients seeking to accelerate their digital growth and improve marketing performance. The website is built on WordPress with WooCommerce and several marketing and SEO plugins, indicating a moderate level of digital maturity. However, the site lacks a valid SSL certificate, serving content over HTTP only, which significantly impacts its security posture. No advanced security headers or incident response policies are evident, and cookie consent mechanisms are missing despite the use of tracking and analytics tools. The domain is mature and consistent with the business claims, registered since 1998 without privacy protection, but domain protection locks are not enabled, posing a moderate risk. Overall, the website presents good content quality and business credibility but requires urgent security improvements to protect user data and enhance trust.

A

Austrian Institute of Economics and Social Philosophy

austrian-institute.org

25

The Austrian Institute of Economics and Social Philosophy is a small non-profit organization focused on promoting classical liberal social philosophy and Austrian economics primarily to a German-speaking audience. The website serves as an educational platform offering blogs, videos, podcasts, and events such as the Austrian Academy. The organization is funded by donations and maintains a professional online presence with consistent branding and active social media channels. Technically, the website is built on WordPress with modern plugins and page builders, but lacks a valid SSL certificate, which is a critical security flaw. The absence of HTTPS significantly undermines the site's security posture despite good privacy compliance and cookie consent mechanisms. No explicit security or incident response policies are published, and no phone contact is provided, only an official email address. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

C

CCL Industries

cclind.com

39

CCL Industries is a global leader in specialty packaging and the largest label company worldwide, with headquarters in Canada and the USA. The company operates across multiple sectors including home & personal care, premium food & beverage, healthcare, automotive, and security, supported by subsidiaries such as Avery, Checkpoint, Innovia, CCL Design, and CCL Secure. Their website reflects a mature enterprise with comprehensive investor relations, sustainability initiatives, and corporate governance information. Technically, the site is built on WordPress with common plugins and libraries, hosted behind Cloudflare, but suffers from a lack of a valid SSL certificate, impacting security posture. The absence of HTTPS and security headers, along with no visible cookie consent mechanism, represents significant security and privacy compliance gaps. Overall, the site is professional and content-rich but requires urgent improvements in security configuration and privacy compliance to align with best practices.

T

TECHNOMA Technology Consulting & Marketing GmbH

technoma.at

40

TECHNOMA Technology Consulting & Marketing GmbH is an Austrian consulting company specializing in environmentally friendly mobility solutions, particularly in rail and electromobility sectors. Established in 1995, it serves an international clientele with services including e-bus consulting, management systems, procurement, authorizations management, research projects, and system engineering. The company maintains a professional online presence with a well-structured website showcasing its services and client partnerships. Technically, the website is built on WordPress with common plugins and libraries, but lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes users to potential data interception risks. Privacy compliance is partially addressed with a cookie consent banner and a privacy policy page, though the latter is in German and may limit accessibility for international users. Overall, the website demonstrates good business credibility but requires urgent security enhancements to protect user data and improve trust.

T

TAC | The Assistant Company

tac.eu.com

40

TAC | The Assistant Company is a medium-sized technology provider specializing in all-in-one business software solutions tailored for the hospitality and wellness sectors, including spas, fitness clubs, and thermal baths. Their product suite includes Reservation Assistant, Club Assistant, and Entry Assistant software, complemented by automated wristband issuance and online webshop capabilities. The company has a solid market position supported by long-term client relationships and partnerships with notable industry players. Their website reflects a professional and consistent brand image with good content quality and user experience, targeting businesses seeking integrated software solutions to streamline operations. Technically, the website is built on a modern WordPress CMS platform using PHP 8.1, nginx, and popular plugins such as WPBakery Page Builder and Slider Revolution. The site employs lazy loading for images and integrates marketing and analytics tools like Google Analytics and Sendinblue. Hosting is managed by internex.at, and the site demonstrates good SEO and mobile optimization practices. However, performance is moderate, and accessibility features are basic. From a security perspective, the site implements several important HTTP security headers and a cookie consent mechanism compliant with GDPR. Unfortunately, the SSL/TLS configuration is critically lacking, with no valid SSL certificate installed, no TLS protocols enabled, and malformed CAA DNS records. This significantly reduces the security posture and exposes the site to risks associated with unencrypted traffic. No explicit security policies or incident response information are found. Overall, TAC presents a trustworthy and professional business with strong privacy compliance and marketing transparency. The primary risk lies in the absence of HTTPS, which should be urgently addressed to protect user data and maintain trust. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and improving SSL configuration to enhance security and user confidence.

S

SIGNA

signa.at

26

SIGNA is a well-established international holding company founded in 2000, operating primarily in the real estate and retail sectors. The website presents a bilingual (German and English) overview of the business, highlighting its core subsidiaries and business areas. The company targets investors and industry stakeholders with a professional and consistent brand presence. Technically, the website is built on WordPress with modern plugins and tools such as Google Analytics and Complianz for GDPR compliance. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS protection, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and a privacy policy. No direct contact information or security policies are publicly available, which could limit user trust and incident response readiness. Overall, the site is functional and professional but requires urgent security improvements.

C

Constable Alan Rosen

pct1constable.net

51

The website pct1constable.net represents the Harris County Constable's Office Precinct 1, a government law enforcement entity serving residents and visitors of Harris County, Texas. The site provides detailed information about the office's mission, divisions, community programs, and contact information, positioning itself as a trusted local public safety resource. The business model is that of a government service provider focused on law enforcement and community engagement. Technically, the site is built on WordPress with common plugins such as WPBakery Page Builder, Slider Revolution, and Contact Form 7, and integrates Google Analytics for visitor tracking. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Security headers are partially implemented, but modern TLS protocols and HSTS are missing, exposing the site to potential risks. Privacy compliance is weak, with no visible privacy or cookie policies and no consent mechanisms, despite the use of tracking technologies. Overall, the site is functional and informative but requires urgent improvements in security and privacy to meet modern standards.

C

conova communications GmbH

conova.com

40

conova communications GmbH is a well-established Austrian IT service provider specializing in tailored IT solutions including data center services, managed hosting, cloud, virtualization, and security. Founded in 1988, conova positions itself as a strategic partner for businesses requiring high availability and secure IT infrastructure, primarily serving the Austrian market with international reach. The company operates its own data centers and offers hybrid cloud solutions, emphasizing data sovereignty and security. The website reflects a mature digital presence with comprehensive service descriptions, customer testimonials, and certifications such as ISO 27001 and EN 50600, reinforcing its market credibility. Technically, the website is built on WordPress with modern plugins like Slider Revolution and Borlabs Cookie for cookie management, and integrates marketing tools such as HubSpot. The site is mobile-optimized and SEO-friendly, with structured data and Open Graph metadata enhancing search visibility. However, the absence of a valid SSL/TLS certificate and disabled TLS protocols represent significant security shortcomings, undermining the otherwise strong security posture indicated by HTTP headers and certifications. Security-wise, conova demonstrates good practices with multiple security headers and GDPR-compliant privacy and cookie policies. Yet, the lack of HTTPS and modern TLS support is a critical vulnerability that must be addressed urgently to protect data in transit and maintain trust. No incident response or vulnerability disclosure information was found, suggesting an area for improvement in transparency and security readiness. Overall, conova presents a professional and trustworthy business with strong market positioning and technical maturity, but the critical SSL/TLS issues pose a risk that could impact customer confidence and compliance. Strategic remediation of these security gaps is recommended to align the website's security posture with its business reputation.

U

unit-IT Dienstleistungs GmbH & Co KG

unit-it.at

20

unit-IT Dienstleistungs GmbH & Co KG is a medium-sized Austrian IT services company specializing in SAP solutions, IT operations, infrastructure, and mobile solutions. The company targets the Austrian mid-market and benefits from its international affiliation with the parent company Atos. Their website presents a professional image with clear service offerings, references, and certifications, positioning them as a trusted regional player in the technology sector. Technically, the website is built on WordPress with common plugins and frameworks, but suffers from a critical lack of HTTPS and modern TLS support, which significantly impacts its security posture. Privacy compliance is well managed with comprehensive privacy and cookie policies and a consent mechanism. Contact information and social media presence are clearly provided, enhancing business credibility. Overall, the website is functional and professional but requires urgent security improvements to protect user data and build trust.

D

dmcgroup

dmcgroup.eu

24

dmcgroup is a design and digital agency specializing in strategic consulting, branding, UX/UI design, and web and software development. Positioned as a top-ten brand agency in Austria with notable industry rankings, it serves a diverse clientele including national and international companies. The website reflects a professional and consistent brand image with comprehensive service offerings and strong trust indicators such as reputable client logos and industry recognition. Technically, the site is built on WordPress with modern frontend libraries and caching mechanisms, but lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented, and privacy policies are present and GDPR compliant, though cookie consent mechanisms are not evident. Overall, the security posture is basic and requires urgent improvements to protect user data and enhance trust. The website is accessible and well-structured, with good mobile optimization and SEO practices, but performance metrics are missing and inferred to be slow. Strategic recommendations include immediate SSL deployment, enabling modern TLS protocols, enhancing security headers, and implementing cookie consent mechanisms to improve compliance and user trust.

A

AdWords Agentur GmbH

adwordsagentur.at

38

AdWords Agentur GmbH is a specialized Google AdWords agency based in Vienna, Austria, focusing on delivering measurable and cost-efficient search engine advertising services. The company offers comprehensive campaign analysis, management, and optimization services, emphasizing conversion tracking and ROI maximization. Their market position is supported by over 100 partners and detailed case studies showcasing significant client success. Technically, the website is built on WordPress with modern plugins and technologies, though it suffers from critical SSL/TLS misconfiguration, impacting security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business demonstrates professionalism and trustworthiness but must urgently address its HTTPS implementation to improve security and user trust.

N

n-ce Neuwirth Consulting & Engineering

n-ce.at

40

n-ce Neuwirth Consulting & Engineering is a small Austrian consulting and engineering firm specializing in foundry technology and related industrial applications. The company offers consulting, engineering services, and seminars targeted at clients in the foundry and manufacturing sectors. Their website reflects a professional and consistent brand presence with clear contact information and client references, positioning them as a niche specialist in their market. Technically, the website is built on WordPress with common plugins like WPBakery and Slider Revolution, but suffers from very poor performance and lacks HTTPS security. The absence of SSL/TLS and security headers represents a critical security risk. Privacy compliance is addressed with a cookie consent banner and a privacy policy, but no terms of service or incident response information is provided. Overall, the site is accessible and informative but requires urgent security improvements.

S

Sphera Solutions, Inc.

thinkstep.com

33

Sphera Solutions, Inc. is a leading provider of enterprise sustainability management software, data, and consulting services, targeting large enterprises across multiple industries globally. The company offers a comprehensive platform, SpheraCloud, that integrates sustainability, operational risk, and EHS management to help organizations meet regulatory and strategic goals. The website demonstrates a high level of digital maturity with modern technologies, multilingual support, and rich content including case studies, events, and resources. However, a critical security issue is the invalid SSL certificate, which undermines secure communications and trust. The presence of strong privacy and cookie policies with consent mechanisms indicates good compliance posture. Overall, the company is well-positioned in the market with strong branding and trust indicators but should urgently address SSL and related security configurations.

P

Pioneers Innovation GmbH

pioneers.io

22

Pioneers Innovation GmbH is an established innovation consulting and corporate venture building firm founded in 2013, serving a broad range of corporate clients across sectors such as energy, transportation, banking, and technology. The company offers comprehensive services including innovation strategy, setup, execution, venture building, and startup services, positioning itself as a trusted partner for innovation-powered transformation and growth. The website reflects a mature digital presence with professional design, clear navigation, and rich content including client testimonials and references to large organizations. Technically, the site is built on WordPress with modern marketing and analytics tools integrated, but suffers from critical security shortcomings including the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the business credibility is high, but the lack of HTTPS is a major risk that should be urgently addressed.

I

iMedia Web Solutions

imediasolutions.biz

22

iMedia Web Solutions is a small technology company based in India specializing in web design, WordPress development, eCommerce solutions, and responsive websites. With over 9 years of operation and more than 500 satisfied clients, the company positions itself as a reliable service provider offering white label and outsourcing solutions. The website is built on WordPress with a modern tech stack including PHP 7.4, LiteSpeed server, and popular plugins such as WPBakery and Slider Revolution. However, the site lacks a valid SSL certificate, which critically impacts its security posture. No privacy or cookie policies are present, indicating poor compliance with data protection regulations. Contact information is clearly provided, including phone, email, physical address, and a detailed contact form. Overall, the site demonstrates good content quality and business credibility but suffers from significant security and privacy shortcomings.

N

New Frontier Investment AG

newfrontier.eu

26

New Frontier Investment AG is a technology-focused investment group based in Vienna, Austria, specializing in leading digital transformation initiatives with enterprise customers globally. The company manages a portfolio of subsidiary companies across various technology sectors, positioning itself as a key player in digital innovation and enterprise solutions. The website reflects a professional business presence with clear branding and consistent messaging about its investment and transformation leadership role. Technically, the website is built on WordPress with common plugins such as LayerSlider and Contact Form 7, but suffers from critical security shortcomings including lack of a valid SSL certificate and disabled HTTPS, which significantly impacts its security posture. The absence of privacy and cookie policies further reduces compliance with GDPR and privacy best practices. Contact information is clearly provided, including a physical address, phone number, and a contact form protected by Google reCaptcha, indicating some level of user interaction security. Overall, the site is functional and professional but requires urgent improvements in security and privacy compliance to meet modern standards.

I

Informa Connect Australia

informa.com.au

40

Informa Connect Australia is a leading event organiser specializing in conferences, exhibitions, and corporate training services primarily targeting business professionals in Australia. As part of the global Informa PLC group, it holds a strong market position with a large-scale operational footprint. The website reflects a professional business model focused on event management and corporate learning, supported by a consistent brand presence and trust indicators such as testimonials and social media engagement. Technically, the site is built on WordPress with WooCommerce and uses modern web technologies and frameworks, although performance metrics are unavailable. Security posture is weak due to the absence of a valid SSL certificate and HTTPS support, despite the presence of some security headers and Cloudflare protection. Privacy compliance is moderate with clear privacy and cookie policies and consent mechanisms, but lacks explicit GDPR compliance indicators or security policies. Overall, the site is functional and credible but requires urgent improvements in security infrastructure to protect user data and enhance trust.

O

Opus Marketing GmbH

opus-marketing.de

23

Opus Marketing GmbH is a German branding agency specializing in transforming visions and ideas into impactful brands with a focus on strategic branding, digital transformation, and sustainability. The company targets businesses seeking creative and strategic brand development and positions itself as a medium-sized agency with a consistent and professional brand presence. Technically, the website is built on WordPress using WPBakery and integrates modern marketing and analytics tools such as Usercentrics for cookie consent, Google Tag Manager, and Facebook Pixel. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in no HTTPS support and lack of security headers, which significantly impacts its security posture. Performance is also suboptimal with a slow load time and large page size. Overall, the business credibility and content quality are high, but technical and security improvements are necessary to enhance trust and compliance.

J

JAWA Management Software GmbH

jawa.at

23

JAWA Management Software GmbH is an established Austrian technology company specializing in customized software solutions for process optimization and information management. Their flagship product, the inforum management platform, supports supplier management, quality control, production planning, and AI-enhanced business solutions. With over 25 years of market presence and a medium-sized operation, JAWA serves a broad international clientele with a focus on efficiency and productivity improvements. Technically, the website is built on a modern WordPress CMS infrastructure using popular plugins and frameworks such as WPBakery, WPML, and Woodmart theme. The site is well-structured, mobile-optimized, and SEO-friendly, demonstrating a mature digital presence. However, the hosting environment lacks a valid SSL certificate and proper TLS configuration, which significantly undermines the security posture. Security-wise, the absence of HTTPS and modern TLS protocols is a critical vulnerability, exposing users to potential data interception and trust issues. While no active vulnerabilities or malware are detected, the site misses essential security headers and DNS security configurations. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Overall, the website presents a professional and credible business front but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include immediate SSL deployment, enabling modern security protocols, and implementing advanced security headers and DNS protections.

D

decide Clinical Software GmbH

decide-clinical.com

26

decide Clinical Software GmbH operates the GlucoTab platform, a specialized clinical decision support system designed to assist healthcare professionals in managing diabetes patients in hospital settings. The company holds important certifications such as ISO 13485 and MDR Class IIa, underscoring its commitment to quality and regulatory compliance. Their product integrates evidence-based insulin dosing algorithms and workflow digitalization, targeting hospitals and clinical staff. The website is professionally designed, multilingual, and content-rich, reflecting a mature digital presence. However, the lack of a valid SSL certificate and HTTPS support significantly undermines the security posture, especially critical in healthcare. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Contact information and trust indicators are clearly presented, enhancing business credibility.

S

Sanochemia Pharmazeutika GmbH

sanochemia.at

20

Sanochemia Pharmazeutika GmbH is an established Austrian pharmaceutical manufacturer specializing in contrast agents for medical imaging, including MRI and CT products, with a focus on gadolinium-free alternatives to enhance patient safety. The company operates globally with distribution in over 50 countries and offers contract manufacturing and API production services. The website is built on WordPress with modern plugins and multilingual support, providing a professional and content-rich user experience. However, the absence of a valid SSL certificate is a critical security gap, exposing users to potential risks. Privacy policies and cookie consent mechanisms are well implemented, reflecting good GDPR compliance. Overall, the business presents a credible and professional digital presence but must urgently address its SSL/TLS configuration to improve security posture.

I

Interfood Lebensmittelgroßhandel Ges.m.b.H.

interfood.at

23

Interfood Lebensmittelgroßhandel Ges.m.b.H. is a medium-sized Austrian wholesaler specializing in international fine foods. The company emphasizes quality, freshness, and supply reliability, supported by certifications such as IFS, MSC, ASC, and organic labels. Their website targets retailers and fine food distributors, showcasing a curated product portfolio and strong logistics capabilities. Technically, the site runs on WordPress with popular plugins and themes but lacks HTTPS, which is a critical security gap. The site includes comprehensive privacy and cookie policies, indicating GDPR compliance. However, the absence of SSL/TLS significantly impacts the security posture and trustworthiness. Overall, the website is professionally designed with good content quality and user experience but requires urgent security improvements.

T

TS-Promotion

ts-promotion.at

23

TS-Promotion is a small Austrian digital marketing company specializing in social media advertising and content creation. The website presents a professional and consistent brand image targeting marketers and content creators. It leverages WordPress with popular plugins such as Yoast SEO and Borlabs Cookie for SEO and privacy compliance. The company maintains active social media profiles on Facebook, Instagram, TikTok, and Messenger, enhancing its market presence. However, the lack of HTTPS is a critical security gap that undermines user trust and data protection. The website includes comprehensive privacy and cookie policies with consent mechanisms, reflecting good GDPR compliance practices. Contact options include an email address and a contact form, but no phone number or physical address is provided.

M

motion06 gmbh

motion06.at

23

motion06 GmbH is a medium-sized Austrian company specializing in the manufacture and supply of advanced conveyor systems primarily for airport baggage handling, ecommerce logistics, and industrial intralogistics. As a global leader in its niche, motion06 offers customized hardware and software solutions to optimize logistics processes. The company operates under the parent company Duravant, reflecting a strong corporate backing and market presence. The website content is well-structured, professionally designed, and targets logistics and industrial sectors with clear product and service offerings. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and marketing integrations such as Google Analytics and Marketo. However, the site lacks HTTPS encryption, which is a critical security flaw. Performance metrics are missing but inferred to be slow. Mobile optimization and SEO are adequately addressed, though accessibility is basic. From a security perspective, the absence of SSL/TLS and security headers significantly lowers the security posture. While cookie consent and privacy policies are implemented and GDPR compliant, there is no visible security or incident response policy. The domain registration data is consistent with the business claims, enhancing trustworthiness. Overall, the website presents a professional business front but requires urgent security improvements, especially implementing HTTPS and enhancing security headers, to protect user data and improve trust. Strategic recommendations include upgrading security infrastructure, publishing security policies, and improving performance metrics for better user experience.

R

Research Center Pharmaceutical Engineering GmbH

rcpe.at

25

The Research Center Pharmaceutical Engineering GmbH (RCPE) is a non-profit organization specializing in pharmaceutical process engineering, combining academic expertise from Graz University of Technology, University of Graz, and Joanneum Research GmbH. The company is positioned as a global leader in pharmaceutical innovation, providing advanced scientific solutions including simulation, AI, and quality control to pharmaceutical partners worldwide. The website reflects a professional and consistent brand image targeting pharmaceutical industry stakeholders and researchers. Technically, the site is built on WordPress with modern plugins and themes but lacks a valid SSL certificate, impacting security posture. Borlabs Cookie is used for cookie consent, indicating GDPR compliance efforts. Security best practices are partially implemented but require improvements, especially in SSL configuration and security headers. Overall, the site is trustworthy and credible but should address critical security gaps to enhance user trust and compliance.

R

R-Biopharm AG

r-biopharm.com

35

R-Biopharm AG is a well-established German company specializing in clinical diagnostics, food and feed analysis, and nutrition care solutions. With over 35 years of experience and a presence in more than 120 countries, the company offers a broad portfolio of innovative products and services targeting healthcare professionals and the food industry. Their website reflects a professional and content-rich digital presence, supporting multiple languages and providing comprehensive information about their divisions and corporate responsibility initiatives. Technically, the site is built on WordPress with modern SEO and marketing tools, though performance could be improved. Security posture is currently weak due to the absence of a valid SSL certificate and HTTPS support, which is a critical risk that should be addressed immediately. Privacy compliance is strong, with clear policies and cookie consent mechanisms in place. Overall, the company demonstrates high business credibility and trustworthiness, but must prioritize securing their web infrastructure to protect users and maintain reputation.

V

Verticalfarminstitute

verticalfarminstitute.org

29

The Vertical Farm Institute is a specialized research and consulting organization focused on advancing urban agriculture and vertical farming. Established in 2013 and based in Vienna, Austria, it collaborates on international projects such as Horizon 2020's euPOLIS. The website presents a professional digital presence with rich content including project descriptions, journals, and service offerings targeted at real estate developers, architects, and sustainability-focused stakeholders. Technically, the site is built on WordPress with modern plugins and SEO tools, but lacks a valid SSL certificate, which is a significant security concern. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site demonstrates moderate maturity and credibility but requires urgent improvements in security and privacy practices.

H

Hotwell US

hotwellus.com

34

Hotwell US is a specialized company focused on developing advanced wireline well logging tools, systems, and software primarily serving the energy sector. The business operates a WordPress-based website that provides basic information about its products and services but lacks comprehensive content and contact details. The company appears to be a small-sized entity with a mature domain age of 18 years, indicating an established presence in its niche market. Technically, the website relies on older versions of WordPress and jQuery, with Cloudflare providing DNS and hosting services. SEO is moderately optimized using Yoast SEO, but mobile optimization and accessibility are basic. Security posture is weak due to the absence of HTTPS/SSL, lack of security headers, and missing privacy and cookie policies. Google Analytics is used for user tracking without any consent mechanism, raising privacy compliance concerns. Overall, the website presents a low trustworthiness level and requires significant improvements in security and compliance to meet modern standards.

T

TeDaLoS GmbH

tedalos.net

40

TeDaLoS GmbH is a small Austrian technology company specializing in cloud-based smart inventory monitoring solutions leveraging IoT devices. Their SaaS platform targets end users, technical wholesalers, and sensor manufacturers, providing real-time stock and consumption data to optimize supply chain and warehouse management. The website is professionally designed, content-rich, and consistent with the company's business focus. Technically, the site runs on WordPress with modern plugins for SEO, spam protection, and cookie consent, but lacks a valid SSL certificate and HTTPS support, which significantly impacts security posture. Privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. Overall, the business appears legitimate and trustworthy, but the lack of HTTPS is a critical security gap that should be addressed promptly.

P

Post & Co

post-co.com

28

Post & Co is an independent provider specializing in marine liability and logistics insurance, serving a broad range of clients in the maritime and logistics sectors including ship owners, charterers, terminal and transport operators, and port authorities. The company emphasizes quality service, innovation, and market focus, with a presence in Rotterdam, Antwerp, and Frankfurt. Their website reflects a professional business with multilingual support and clear contact channels. Technically, the site is built on WordPress using common plugins and frameworks but lacks a valid SSL certificate, which significantly impacts security posture. The site uses Google Analytics and has cookie consent mechanisms in place, indicating some privacy compliance. However, the absence of HTTPS and modern TLS protocols presents a critical security risk. Overall, the business appears legitimate and established, but the website requires urgent security improvements to protect user data and enhance trust.

A

AFFiRiS AG

affiris.com

27

AFFiRiS AG is a clinical-stage biopharmaceutical company based in Austria, specializing in the development of novel immunotherapies for chronic diseases such as neurodegenerative disorders and hypercholesterolemia. The company leverages its proprietary AFFITOME® technology to create Specific Active ImmunoTherapies (SAIT) aimed at improving patient outcomes beyond current treatment options. The website presents a professional and well-structured digital presence targeting patients, investors, and healthcare professionals, with clear business and contact information. However, the absence of a valid SSL certificate and HTTPS implementation represents a significant security risk that undermines user trust and data protection. The site uses WordPress CMS with common plugins and libraries, but performance metrics indicate slow loading times, suggesting room for technical optimization. Privacy compliance is addressed through a cookie consent banner and a privacy policy, though terms of service and explicit security policies are not evident. Overall, AFFiRiS demonstrates a credible business profile with a need to urgently improve its security posture to protect visitors and comply with best practices.

E

Ethical Workforce

ethicalworkforce.co.uk

33

Ethical Workforce is a specialist hospitality recruitment agency based in London, offering permanent and temporary staffing solutions with an international reach. The company targets both employers seeking hospitality staff and jobseekers looking for roles in the hospitality sector. Their website presents a professional image with clear service offerings and client testimonials from notable hospitality figures, positioning them as a trusted niche player in the recruitment market. Technically, the website is built on WordPress using PHP 7.4 and Apache, with common plugins such as Yoast SEO and WPBakery Page Builder. Google Tag Manager is used for analytics and marketing tracking. The site is mobile optimized and SEO friendly, but lacks performance metrics data. The hosting provider is not explicitly identified but uses hdodns.com nameservers. From a security perspective, the site has critical weaknesses: it does not have an SSL/TLS certificate installed, serving content over HTTP only, which severely impacts user trust and data security. No modern TLS protocols or security headers are present. Cookie consent is implemented, but no privacy policy or terms of service pages were found, indicating compliance gaps. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional and professional but requires urgent security improvements, especially implementing HTTPS and enhancing privacy compliance. Strategic recommendations include obtaining a valid SSL certificate, adding comprehensive privacy and terms pages, and improving security headers to protect users and build trust.

Ö

ÖSTU-STETTIN Hoch- und Tiefbau GmbH

oestu-stettin.at

39

ÖSTU-STETTIN Hoch- und Tiefbau GmbH is a large Austrian construction company specializing in underground and high-rise construction projects worldwide. As part of the HABAU GROUP, it offers a comprehensive range of services including mining, garage construction, general contracting, industrial construction, and tunnel building. The website is professionally designed, multilingual (German and English), and provides detailed service information targeting clients in the construction and infrastructure sectors globally. Technically, the site is built on WordPress with a mature plugin ecosystem and hosted on Azure DNS infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with a GDPR-compliant cookie consent mechanism and a comprehensive privacy policy. No explicit security or incident response policies are published, and no direct contact emails or phone numbers are visible, though social media channels and contact forms are available. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to protect visitors and enhance trust.

T

Tourismusschulen Bad Gleichenberg

tourismusschule.com

27

Tourismusschulen Bad Gleichenberg is a well-established private educational institution in Austria specializing in tourism and hospitality education. With a history dating back to 1946, it offers a variety of programs including practical internships and international exposure, positioning itself as a leading school in its sector. The website reflects a professional and consistent brand image targeting students interested in tourism careers. Technically, the site is built on WordPress with common plugins and scripts but suffers from a critical lack of valid SSL/TLS certificates, exposing it to security risks. Privacy compliance is addressed with cookie consent and a privacy policy, though some security policies are absent. Overall, the site is content-rich and credible but requires urgent security improvements to protect user data and enhance trust.

klar. Strategie- und Kommunikationsberatung GmbH is a specialized Austrian consultancy focused on strategy and communications, offering services such as strategy development, positioning, reputation management, and public relations. The company targets organizations and public sector clients seeking credible and clear communication solutions. The website is professionally designed, content-rich, and well-structured, reflecting a mature digital presence. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security shortfall that undermines user trust and data protection. Privacy and cookie policies are comprehensive and GDPR compliant, with clear consent mechanisms in place. Contact information is complete and transparent, supporting business credibility. Overall, the company demonstrates strong market positioning and trust indicators but must urgently address security infrastructure gaps to align with best practices.

D

Design Storz GmbH

designstorz.com

35

Design Storz GmbH is a small, established Austrian design studio with over 38 years of experience specializing in automotive, product, graphic design, branding, and design strategy. The company serves international clients including major automotive brands and consumer product companies. The website is built on WordPress using popular plugins and page builders, presenting professional content and clear navigation primarily in German. However, the technical infrastructure lacks a valid SSL certificate and modern TLS protocols, exposing the site to security risks. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit security or incident response policies are found. Overall, the business credibility is moderate, supported by consistent WHOIS data and a clear contact presence. The security posture is weak due to missing HTTPS and security headers, which should be addressed urgently to protect user data and improve trust.

F

feibra GmbH

feibra.at

40

feibra GmbH is a well-established Austrian company specializing in direct marketing and mailing services, including unaddressed and addressed mailings, campaign planning, and geomarketing. The company benefits from over 60 years of experience and is a subsidiary of the Österreichische Post Aktiengesellschaft, positioning it strongly in the Austrian media and marketing sector. The website targets businesses and marketing professionals seeking effective direct marketing solutions across Austria. Technically, the website is built on WordPress with a modern plugin ecosystem and SEO optimization, but lacks a valid SSL certificate, which is a critical security gap. The security posture is basic with some security headers present but no active TLS protocols or certificate transparency compliance. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

H

Hotel Restaurant Höldrichsmühle

hoeldrichsmuehle.at

23

Hotel Restaurant Höldrichsmühle is a historic hospitality business located in Hinterbrühl, Austria, offering hotel accommodation, restaurant services, seminar facilities, wedding venues, and equestrian activities. The business targets tourists, local visitors, and corporate clients seeking event spaces near Vienna. The website is built on WordPress with modern plugins and SEO optimizations, providing a good user experience and clear navigation. However, the absence of a valid SSL certificate is a critical security flaw that undermines user trust and data protection. The site implements cookie consent mechanisms and displays contact information prominently, but lacks advanced security policies and incident response contacts. Overall, the business appears legitimate and well-established, but the website's security posture requires urgent improvement to meet modern standards.

HOT Engineering GmbH operates a professional website serving the energy sector, specializing in consultancy, laboratory services, software, and training focused on underground energy storage and oil & gas field development. The company positions itself as a leading provider with a mature domain and a consistent business presence. The technical infrastructure is based on WordPress with common plugins and hosted by Hetzner, but lacks HTTPS, which is a critical security gap. The site includes cookie consent mechanisms and privacy policies compliant with GDPR, reflecting good privacy practices. However, the absence of SSL/TLS encryption significantly impacts the security posture and overall trustworthiness. Strategic improvements in security configuration are essential to protect user data and enhance credibility.

R

redmail Logistik & Zustellservice GmbH

redmail.at

36

redmail Logistik & Zustellservice GmbH is an established Austrian media distribution and logistics service provider specializing in the delivery of print advertising such as flyers and brochures. The company operates multiple offices across Austria and offers an online booking platform for print and delivery services. Their market position is supported by recognized certifications and a professional web presence. Technically, the website is built on WordPress with common plugins and modern design elements, but suffers from a critical lack of HTTPS and proper SSL/TLS configuration, exposing users to security risks. Privacy policies and cookie consent mechanisms are in place, reflecting GDPR compliance. Overall, while the business is credible and well-presented, the security posture requires urgent improvement to protect customer data and maintain trust.

I

ICB Engineering GmbH

icb-engineering.at

19

ICB Engineering GmbH is a small Austrian engineering firm specializing in energy and process plant engineering, offering services such as pre-engineering, process design, and project management. The company emphasizes quality and environmental responsibility, holding ISO 9001 and ISO 14001 certifications. Their website is professionally designed using WordPress and common plugins, targeting industrial clients and engineering professionals. However, the absence of HTTPS is a critical security flaw that undermines trust and data protection. The site includes cookie consent mechanisms but lacks explicit privacy policy and incident response disclosures. Overall, the company presents a credible business with moderate digital maturity but requires urgent security improvements.

P

Pinzgau Webdesign

pinzgauwebdesign.at

25

Pinzgau Webdesign is a small, locally focused WordPress web design agency based in Zell am See, Austria, operated by Martin Pletzenauer since 2013. The company offers custom WordPress website development and related services primarily targeting small to medium businesses in the Pinzgau region. The website presents a professional design with clear contact information and client references, supporting its local market position. Technically, the site is built on WordPress using the Salient theme and WPBakery Page Builder, with common plugins such as Contact Form 7. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security gap. Security headers are present but cannot compensate for the missing HTTPS, exposing visitors to potential risks. Privacy compliance is addressed with a GDPR-compliant privacy policy and cookie consent mechanism. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

C

Cardiovascular and Interventional Radiological Society of Europe

cirse.org

39

The Cardiovascular and Interventional Radiological Society of Europe (CIRSE) operates a comprehensive and professionally designed website serving as the primary digital presence for the world's largest community of healthcare professionals specializing in minimally invasive image-guided procedures. The site offers extensive educational resources, certification programs, research initiatives, and event information, positioning CIRSE as a leading authority in interventional radiology. The target audience includes healthcare professionals, trainees, medical students, and patients seeking information about interventional radiology. CIRSE's business model focuses on membership services, educational offerings, research collaborations, and publication dissemination within the healthcare sector. Technically, the website is built on a modern WordPress CMS platform with a robust technology stack including PHP 8.2, WooCommerce for e-commerce functionalities, and various plugins such as WPBakery Page Builder and Modern Events Calendar. Hosting and content delivery are managed via Cloudflare, enhancing availability and performance. Despite a rich content base and good mobile optimization, the site suffers from slow performance and lacks a valid SSL certificate, which critically impacts its security posture. From a security perspective, the absence of a valid SSL certificate and disabled TLS protocols represent significant vulnerabilities, exposing users to potential risks during data transmission. However, the site employs several security headers and Cloudflare protection, and no critical vulnerabilities or malware indicators were detected. Privacy compliance is strong, with clear privacy and cookie policies, GDPR adherence, and active consent mechanisms. The site also integrates analytics tools like Matomo and Facebook Pixel with moderate user tracking. Overall, CIRSE's website demonstrates high business credibility and content quality but requires urgent security improvements to ensure safe user interactions. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and enhancing security headers. These steps will strengthen trust, compliance, and user confidence, supporting CIRSE's mission and digital maturity.

G

GetWhy A/S

preely.com

62

Preely is a Denmark-based technology company offering a SaaS platform focused on enhancing product decision-making through remote user testing and continuous discovery. Their platform supports testing of prototypes across devices and integrates AI (ChatGPT) for advanced test analysis. The company targets product teams, UX professionals, and businesses seeking efficient user feedback mechanisms. The website demonstrates a professional presence with trusted clients and active social media engagement. Technically, the website is built on WordPress with WPBakery Page Builder, leveraging Cloudflare for DNS and CDN services. It employs standard marketing and analytics tools including Google Analytics, Facebook Pixel, and Cookiebot for GDPR-compliant cookie management. While the SSL certificate is valid, the site lacks advanced security headers and HSTS, and performance metrics indicate a slower load time. Security posture is moderate with no critical vulnerabilities detected, but improvements are recommended in HTTP security headers and DNSSEC implementation. Privacy compliance is strong, supported by a comprehensive privacy policy and cookie consent mechanism. Business credibility is reinforced by clear company information, testimonials, and client logos. Overall, Preely presents a trustworthy and functional online presence with room for technical and security enhancements to further strengthen its posture and user trust.

Polaria is a well-established Arctic experience center located in Tromsø, Norway, with a strong focus on education, sustainability, and family-friendly tourism. The organization operates a physical center featuring aquariums, seal exhibits, guided tours, and a panoramic cinema, supported by ticket sales and an online store. The website is built on WordPress, hosted on WP Engine with Google Cloud infrastructure, and uses modern web technologies including multilingual support via Weglot. While the site content and business information are comprehensive and professionally presented, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing visitors to potential risks. Privacy policies are present but cookie consent mechanisms are lacking, indicating partial compliance with GDPR requirements. The domain is mature and legitimate, with consistent WHOIS data and multiple certifications that reinforce trust. Strategic improvements in security and privacy compliance are recommended to enhance overall risk posture and user trust.

N

Nansensenteret

nersc.no

56

Nansensenteret (NERSC) is a Norwegian government-affiliated research center specializing in climate, ocean, sea ice, and atmospheric studies in the North Atlantic and Arctic regions. The website presents comprehensive information about ongoing research projects, publications, and organizational structure, targeting researchers, students, and stakeholders interested in climate and environmental sciences. The business model focuses on scientific research, data provision, and collaboration within the climate science community. Technically, the website is built on WordPress with modern plugins for SEO and multilingual support, delivering a moderate performance and good mobile optimization. However, the site lacks a valid SSL certificate, which critically impacts its security posture. The absence of HTTPS and security headers exposes the site to potential risks. Privacy compliance is weak due to missing privacy and cookie policies. Security evaluation reveals significant vulnerabilities, including invalid SSL, disabled TLS protocols, and missing security headers. These issues reduce trust and expose users to risks. The domain is mature and consistent with the organization's profile, enhancing business credibility despite technical shortcomings. Overall, the site is professionally designed with good content quality but requires urgent security improvements to protect users and comply with privacy regulations. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, implementing security headers, and publishing privacy and cookie policies.

F

FEADCV

feadcv.es

40

FEADCV is a non-profit federation representing entities that provide services to people with intellectual disabilities and their families in the Comunitat Valenciana, Spain. The organization focuses on advocacy, negotiation with government consellerías, and promoting social inclusion and autonomy for its target audience. The website clearly communicates its mission, vision, and values, positioning itself as a key sector representative. Technically, the site is built on WordPress with common plugins like Yoast SEO and WPBakery, hosted likely by 1&1 IONOS. However, performance is slow with a large page size and load time exceeding 8 seconds. Security posture is weak due to the absence of a valid SSL certificate, lack of HTTPS, missing security headers, and no advanced email authentication beyond SPF. Privacy policies exist but lack strong GDPR compliance indicators. Contact information is limited to an email address and social media links, with no phone numbers or physical addresses explicitly provided. Overall, the site is functional and informative but requires urgent security improvements to protect users and enhance trust.