Security Directory

ChargePoint, Inc. operates the be.ENERGISED platform, a modular SaaS solution designed to support businesses in building and expanding electric vehicle (EV) charging services. The website targets enterprises, fleet operators, partners, and EV drivers primarily in Germany and Europe, offering comprehensive services including charge point operation, software integration, billing, roaming, and white-label solutions. The company holds a strong market position with significant penetration among Fortune 50 companies and a large active charging network. Technically, the site is built on Drupal 10 and hosted on Pantheon, with integrations such as Google Tag Manager and Google Maps API enhancing functionality. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, despite the presence of some security headers and GDPR-compliant privacy and cookie policies. Overall, the site demonstrates high content quality and business credibility but requires urgent improvements in security infrastructure to protect user data and maintain trust.

Metro by T-Mobile is a prominent prepaid wireless telecommunications provider operating under the parent company T-Mobile US. The website offers a comprehensive range of prepaid phone plans, devices, and home internet services targeting consumers in the United States and Puerto Rico. It positions itself as a value-driven brand with competitive pricing, device promotions, and benefits such as Amazon Prime and Google One integration. The site is professionally designed with clear navigation and rich content tailored to its target audience.

K

Kreisel Electric GmbH

kreiselelectric.com

21

Kreisel Electric GmbH is a medium-sized Austrian company specializing in advanced battery technology and high-voltage battery systems for electrification projects across commercial, marine, off-highway, and motorsport sectors. The company leverages patented immersion cooling technology to deliver high safety, performance, and longevity in their products. Their market position is strengthened by strategic partnerships with industry leaders such as BASF and Allego, reflecting a commitment to sustainability and innovation. The website is professionally designed, content-rich, and targets B2B customers seeking electrification solutions. Technically, the site is built on WordPress with modern SEO and marketing tools like Google Tag Manager and OneTrust for cookie consent. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks. Privacy compliance is addressed through comprehensive policies linked to Deere & Company, indicating a strong privacy posture. Contact information is clearly provided, enhancing business credibility. Overall, while the business and technical maturity are solid, urgent improvements in security infrastructure are recommended.

EssenceMediacom Holdings Limited operates as a global media and communications agency, delivering integrated media solutions, analytics, and creative futures to a diverse range of brands. With a mature domain age of 20 years and a presence in 96 markets supported by 120 offices and over 10,000 employees, the company holds a strong market position within the media industry. Their website reflects a professional and content-rich platform targeting brands seeking breakthrough communications strategies. Technically, the website leverages modern frameworks such as Next.js and React, hosted on Cloudflare, and managed via DatoCMS, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines the security posture despite the presence of robust security headers and content security policies. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

Trūata Limited is a UK-based technology company specializing in privacy-enhancing data analytics solutions. Their offerings include anonymization services, privacy risk assessments, and privacy-compliant analytics platforms designed to help businesses extract value from data while maintaining compliance with global data protection regulations. The company targets enterprises and organizations seeking to leverage data securely and ethically, positioning itself as a leader in privacy technology with notable partnerships including IBM, Microsoft Azure, and Mastercard. The website is professionally designed, content-rich, and well-structured, supporting a positive user experience and clear navigation. Technically, the site is built on WordPress with integrations of marketing and analytics tools such as Adobe Analytics and HubSpot, and hosted on Microsoft Azure infrastructure. However, the security posture is weakened by the absence of a valid SSL certificate and lack of enabled TLS protocols, which is a critical vulnerability that undermines secure communications and user trust. Privacy compliance is well addressed with comprehensive privacy and cookie policies and GDPR-aligned consent mechanisms. WHOIS data confirms the domain's legitimacy and consistent registration history. Overall, while the business and content quality are strong, urgent improvements in SSL/TLS security are necessary to elevate the site's security and trustworthiness.

L

Linde PLC

the-linde-group.com

40

Linde PLC is a leading global industrial gases and engineering company focused on delivering innovative solutions to support customers across various sectors including clean energy and sustainability. The website reflects a mature, enterprise-level business with comprehensive content covering their expertise, sustainability initiatives, investor relations, and corporate governance. The technical infrastructure leverages modern tools such as Sitecore CMS, Azure Application Insights, and OneTrust for compliance, indicating a digitally mature platform. However, the security posture is currently weak due to the absence of a valid SSL certificate and lack of modern TLS protocol support, which exposes the site to potential risks and impacts user trust. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and compliance.

Grayling is a large, international PR and public affairs agency operating in over 30 countries with a strong global network of offices and affiliates. The company specializes in brand communications, corporate affairs, and public affairs, serving a diverse range of clients including major global brands. Their website reflects a professional and consistent brand image, with comprehensive content showcasing their services, case studies, and client portfolio. Technically, the site is built on WordPress with modern frontend frameworks and integrates multiple marketing and analytics tools such as Google Analytics, HubSpot, and OneTrust for cookie consent management. However, the security posture is notably weak due to the absence of a valid SSL certificate and lack of HTTPS support, which poses significant risks to user data and trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates good business credibility and digital maturity but requires urgent security improvements to protect visitors and maintain trust.

A

Anaplan Inc

anaplan.com

40

Anaplan Inc operates a mature, enterprise-grade AI-infused scenario planning and connected planning platform targeting large organizations across multiple industries including finance, supply chain, sales, marketing, and HR. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency. Technically, the site uses Adobe Experience Manager CMS with modern marketing and analytics tools such as Marketo and OneTrust for privacy compliance. However, a critical security issue is the invalid or missing SSL certificate and lack of TLS protocol support, which significantly impacts the security posture score. Privacy compliance is strong with clear cookie consent mechanisms and a comprehensive privacy policy. Business credibility is high, supported by analyst recognitions and a large customer base. Overall, the site is trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

Coca-Cola Europacific Partners is a leading enterprise in the manufacturing and distribution of beverages across 31 markets, offering globally recognized brands such as Coca-Cola, Sprite, Fanta, and Monster. The company emphasizes sustainability and value creation for customers and consumers. The website reflects a mature digital presence with comprehensive content, investor relations, and sustainability initiatives. Technically, the site uses modern tools like Google Tag Manager and Cloudflare but lacks a valid SSL certificate and HTTPS, which is a critical security flaw. Security headers are well configured, but the absence of TLS protocols and HSTS reduces the security posture significantly. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional and trustworthy but urgently needs to address SSL/TLS issues to improve security and user trust.

C

Caesars Entertainment

caesarsjobs.com

40

Caesars Entertainment operates a comprehensive career website showcasing its extensive hospitality and gaming operations across the United States. The company is a large enterprise with a long history and a broad portfolio of casino resorts and digital sportsbook services. The website is professionally designed, mobile-optimized, and rich in content relevant to job seekers and corporate social responsibility. Technically, the site uses Microsoft IIS, ASP.NET, Adobe Experience Manager, and integrates advanced analytics and marketing tools such as Dynatrace and Google Tag Manager. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy and cookie policies are well implemented with OneTrust, reflecting good privacy compliance. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain trust.

R

Rexel

rexel.com

40

Rexel is a global leader in multichannel distribution for the energy sector, providing sustainable and innovative solutions to professional customers worldwide. The company operates in 17 countries with nearly 2,000 branches and a workforce of approximately 27,000 employees. Their business model focuses on supporting electricians, installers, commercial and industrial companies, and suppliers with a broad portfolio of energy-related products and services. The website reflects a mature digital presence with comprehensive content, investor relations, and sustainability commitments. Technically, the site is built on WordPress with modern SEO plugins and integrates multiple analytics and marketing tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security deficiency that undermines user trust and data protection. The site implements strong cookie consent mechanisms and complies with GDPR requirements, but lacks explicit security policies or incident response information. Overall, Rexel's website demonstrates high professionalism and business credibility but requires urgent security improvements to align with best practices.

Raiffeisen Landesbank Kärnten is a prominent regional bank in Austria, specializing in comprehensive financial services for private and corporate clients. The website reflects a mature digital presence with extensive service offerings including corporate banking, private banking, investment, insurance, and online banking solutions. The bank emphasizes personalized service and regional economic support, positioning itself as a trusted partner for businesses and individuals in Carinthia. Technically, the site is built on Adobe Experience Manager with modern JavaScript frameworks and includes advanced cookie consent management. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which severely impacts the security posture. Privacy policies and legal documents are well presented, supporting GDPR compliance. Overall, the site is professional and trustworthy but urgently requires remediation of its SSL/TLS configuration to ensure secure communications and maintain customer trust.

M

MAN Truck & Bus Vertrieb Österreich GmbH

mantruckandbus.at

36

MAN Truck & Bus Vertrieb Österreich GmbH operates a comprehensive commercial vehicle website targeting the Austrian market, offering trucks, buses, transporters, and related services. The website demonstrates a strong market position with extensive product information, digital services, and customer engagement tools such as configurators and contact forms. The technical infrastructure leverages modern web technologies including AWS CloudFront CDN, Bootstrap, and jQuery, ensuring a responsive and user-friendly experience. However, the absence of HTTPS and a valid SSL certificate significantly undermines the site's security posture, exposing users to potential risks. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good GDPR compliance. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

C

Clariant Ltd.

clariant.com

40

Clariant Ltd. is a leading global specialty chemicals company focused on delivering innovative and sustainable chemical solutions across multiple industries including energy, manufacturing, and plastics. The website reflects a mature enterprise with comprehensive content, strong branding, and a clear business model targeting industrial customers, investors, and job seekers. Technically, the site is built on a modern CMS platform (Sitecore) and integrates multiple marketing and analytics tools, demonstrating a high level of digital maturity. However, the absence of a valid SSL/TLS certificate and disabled TLS protocols represent a critical security weakness that undermines user trust and data protection. While security headers and privacy policies are well implemented, the lack of HTTPS significantly lowers the overall security posture. Strategic improvements in SSL deployment and enhanced incident response documentation would strengthen the site’s security and compliance standing.

R

Ricoh USA, Inc.

ricoh-usa.com

40

Ricoh USA, Inc. is a leading enterprise providing digital business services and printing solutions primarily targeting businesses, government agencies, and educational institutions in the United States. The company offers a comprehensive portfolio including managed print services, cloud and IT infrastructure, cybersecurity, and business process automation. Their market position is reinforced by industry recognitions such as being named a leader in cloud print services by Quocirca and IDC MarketScape. Technically, the website is built on modern frameworks like React and Next.js, managed via Contentful CMS, and hosted with Cloudflare DNS services. However, the site suffers from a critical security weakness due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy and cookie policies are well implemented with consent mechanisms, and contact information is readily available through multiple channels. Overall, the website demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

A

Autohaus Birngruber

birngruber.at

38

Autohaus Birngruber is a medium-sized automotive dealership based in Austria, representing major brands such as Volkswagen, Audi, Seat, Skoda, and Cupra. The company offers new and used car sales, vehicle servicing, financing, and insurance services, targeting car buyers and service customers in the Austrian market. The website reflects a professional and consistent brand presence with good content quality and user experience. Technically, the site is built on the Plone CMS platform using Python and Zope, with Cloudflare as CDN and security proxy. However, the security posture is weak due to an invalid or missing SSL certificate and lack of enabled TLS protocols, which significantly impacts the overall security score. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. The business credibility is supported by extensive customer reviews and social media presence. Overall, the site is functional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

VML is a globally recognized marketing and communications agency operating under the parent company WPP. The company offers a broad range of services including brand experience, commerce, customer experience, and enterprise solutions, targeting enterprise-level clients. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content showcasing their work and insights. Technically, the site uses modern JavaScript frameworks and integrates analytics and marketing tools effectively, though performance is moderate. Security posture is weak due to the absence of a valid SSL certificate and HTTPS enforcement, which is a critical risk. Privacy compliance is strong with clear policies and consent mechanisms. Overall, VML presents a credible and professional business but must urgently address its SSL/TLS configuration to ensure secure user interactions.

S

Sandvik AB

sandvik.com

40

Sandvik AB is a global, high-tech engineering group headquartered in Sweden, specializing in products and solutions for mining, rock excavation, rock processing, and metal cutting. The company emphasizes innovation, digitalization, and sustainability to enhance productivity and profitability in manufacturing, mining, and infrastructure sectors. The website reflects a mature enterprise with comprehensive investor relations, sustainability governance, and career opportunities, targeting industry professionals, investors, and job seekers. Technically, the site uses modern analytics and consent management tools, hosted on Cloudflare, with good mobile optimization and accessibility. However, a critical security issue exists due to an invalid SSL certificate and disabled TLS protocols, significantly impacting the security posture. Privacy compliance is strong with clear cookie consent and data privacy policies. Overall, the site is professional and trustworthy but requires urgent remediation of SSL/TLS to ensure secure communications.

Bunge Global SA operates a comprehensive global agribusiness and food ingredient supply chain, connecting farmers to consumers with a focus on sustainability and renewable energy. The website reflects a large enterprise with a professional digital presence, including regional sites and investor relations. Technically, the site uses modern JavaScript libraries, Google Tag Manager for analytics, and OneTrust for cookie consent, but suffers from a critical lack of valid SSL/TLS certificates, impacting security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect user data and trust.

EssenceMediacom is a global media agency specializing in creating breakthroughs for brands across diverse industries. With over 10,000 employees operating in 96 markets, the company offers integrated media solutions, analytics, creative futures, and specialist B2B marketing services. The website reflects a strong market position supported by a comprehensive service portfolio and global reach. Technically, the site is built on modern frameworks such as Next.js and React, hosted via Cloudflare, and uses DatoCMS for content management. While the site demonstrates good mobile optimization, accessibility, and SEO practices, performance metrics indicate slower load times that could be improved. Security posture is moderate; although security headers and content security policies are well implemented, the lack of a valid SSL certificate and disabled TLS protocols represent significant vulnerabilities. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent SSL and TLS improvements to enhance security and user trust.

R

Raiffeisen Bank International

cashpresso.com

40

Cashpresso is a financial service platform provided by Raiffeisen Bank International AG, offering flexible credit and payment solutions such as installment payments and purchase on account. The website targets private and business customers primarily in Austria, providing a digital-first experience with quick online registration and management via mobile apps. The platform is well integrated with multiple partner shops and maintains a strong brand presence supported by awards and customer ratings. Technically, the site uses modern frameworks and Adobe Experience Manager CMS but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business appears legitimate and trustworthy, but the security posture requires urgent improvement to protect user data and maintain trust.

B

Brenntag

brenntag.com

40

Brenntag is a global enterprise specializing in chemical distribution, logistics, and value-added services tailored to customer needs. The website serves as a multilingual portal with a splash page for country and language selection, indicating a broad international presence. The technical infrastructure leverages modern JavaScript frameworks such as Nuxt.js and integrates with Google Tag Manager and OneTrust for analytics and cookie consent management. However, the site lacks a valid SSL certificate, which significantly impacts its security posture. No explicit privacy policy, terms of service, or contact information are readily available on the splash page, which may affect user trust and compliance. Overall, Brenntag's website reflects a professional business with good design and user experience but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

Sulzer Ltd is a globally recognized leader in fluid engineering, specializing in the manufacturing and servicing of pumps, agitators, mixers, separation, and purification technologies. The company serves essential industries such as energy, manufacturing, and process industries, positioning itself as a key player in enabling sustainable and efficient industrial operations worldwide. Their website reflects a mature enterprise with comprehensive product and service offerings, strong branding, and a clear focus on sustainability and innovation. Technically, the website employs a modern technology stack including Apache server, Vue.js framework, and integrates multiple third-party analytics and marketing tools such as Google Analytics, Pardot, and Hotjar. The site is hosted with Azure DNS and demonstrates good SEO and mobile optimization practices. However, performance metrics are not explicitly available. From a security perspective, while the site implements several important security headers and content security policies, it critically lacks a valid SSL/TLS certificate and does not support HTTPS, which severely undermines its security posture. This exposes users to potential risks and reduces trustworthiness. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website is professional and credible but requires urgent remediation of its SSL/TLS configuration to ensure secure communications and improve its security score. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and enhancing security header configurations to protect users and maintain trust.

A

All for One Customer Experience GmbH

b4b-solutions.com

40

All for One Customer Experience GmbH is a Germany-based technology company specializing in delivering innovative customer experience solutions leveraging the SAP Customer Experience Suite. Positioned as a SAP Platinum Partner and part of the All for One Group, the company offers comprehensive cloud-based services including consulting, software implementation, and custom development to enhance customer journeys and digital transformation for businesses. The website reflects a professional and consistent brand image targeting enterprises seeking to optimize their customer engagement and sales processes. Technically, the website is hosted on Amazon Web Services using Amazon S3 and CloudFront CDN, employing modern web technologies such as JSON-LD structured data and OneTrust for cookie consent management. The site is well-optimized for SEO, accessibility, and mobile responsiveness, providing a high-quality user experience. However, performance metrics were not available. From a security perspective, while the site implements several important security headers and content security policies, it critically lacks a valid SSL/TLS certificate and does not support modern TLS protocols, resulting in a poor security posture. This exposes users to risks and undermines trust. Privacy compliance is strong with comprehensive privacy and cookie policies and consent mechanisms in place. Overall, the website demonstrates strong business credibility and digital maturity but requires urgent remediation of SSL/TLS issues to ensure secure communications and maintain trust. Strategic improvements in security infrastructure will significantly enhance the site's risk profile and user confidence.

C

CloudBees, Inc.

cloudbees.com

40

CloudBees, Inc. is a leading enterprise software company specializing in continuous integration and continuous delivery (CI/CD) solutions, primarily based on Jenkins. The company offers a comprehensive suite of DevOps tools and platforms designed to accelerate software delivery, improve developer productivity, and ensure security and compliance at scale. CloudBees holds a strong market position as the #1 Jenkins enterprise CI/CD platform provider, serving large enterprises globally with a focus on technology sectors. Their business model includes SaaS and on-premises offerings, targeting enterprise development teams and IT executives. Technically, CloudBees employs modern web technologies such as React and Next.js, hosted on AWS infrastructure with integrations to major cloud providers. The website demonstrates good digital maturity with responsive design, SEO optimization, and accessibility considerations. Marketing and analytics tools are implemented with user consent mechanisms, reflecting privacy compliance. From a security perspective, while the website implements multiple security headers and policies, a critical issue is the invalid or missing SSL certificate and disabled TLS protocols, which significantly impact the security posture. The company maintains security policies, incident response contacts, and certifications such as SOC 2 and ISO 27001, indicating a mature security framework. However, immediate remediation of SSL and TLS configurations is necessary to protect user data and maintain trust. Overall, CloudBees presents a professional and trustworthy online presence with strong business credibility and technical infrastructure. Addressing the SSL and TLS issues will elevate their security posture and align with their enterprise-grade offerings.

A

Alpen Privatbank AG

walserprivatbank.com

26

Alpen Privatbank AG is a well-established private banking and wealth management institution operating primarily in the German-speaking regions of Europe, with a strong presence in Austria and Germany. The company offers personalized asset management and investment advisory services, targeting private clients seeking tailored financial solutions. The website reflects a professional and consistent brand image, supported by multiple physical office locations and clear contact information. Technically, the site is built on TYPO3 CMS and hosted by maxcluster.net, but suffers from slow load times and lacks a valid SSL certificate, which significantly impacts security and user trust. The security posture is weak due to the absence of HTTPS and security headers, although privacy compliance is supported by a cookie consent mechanism and GDPR-aligned privacy policy. Overall, the site demonstrates moderate business credibility but requires urgent security improvements to protect user data and enhance trust.

P

Pankl SHW Industries AG

pankl.com

40

Pankl SHW Industries AG operates as a leading Austrian manufacturing group specializing in high-technology mechanical systems for niche markets including motorsport, luxury automotive, and aerospace. The company is majority-owned by Pierer Industrie AG and maintains a strong international presence with 21 locations and over 4,200 employees. Their product portfolio spans engine and turbo systems, drivetrain components, forged parts, aerospace components, and advanced powder metallurgy products. The website reflects a professional corporate identity with comprehensive content and clear navigation, targeting industrial clients and partners. Technically, the site is built on WordPress with modern plugins and frameworks, optimized for SEO and mobile use. However, the absence of a valid SSL certificate and HTTPS implementation significantly weakens the security posture, exposing users to potential risks. Privacy and cookie policies are well implemented, indicating GDPR compliance. The domain registration is mature and consistent with the business claims, enhancing trustworthiness. Strategic security improvements are recommended to elevate the site's protection and user trust.

S

Sandvik AB

home.sandvik

40

Sandvik AB operates a comprehensive global website presenting itself as a leading high-tech engineering group specializing in mining, manufacturing, and infrastructure solutions. The site targets industrial customers, investors, and job seekers with detailed business and investor information, sustainability commitments, and career opportunities. The technical infrastructure leverages modern JavaScript frameworks, Azure Application Insights for telemetry, and OneTrust for cookie consent, hosted behind Cloudflare CDN. However, the website suffers from a critical security flaw: the SSL certificate is invalid or missing, and no TLS protocols are enabled, severely impacting the security posture. Despite this, the site implements strong security headers and privacy mechanisms, including GDPR-compliant policies and cookie consent banners. The domain registration is consistent with the business identity, mature, and trustworthy. Overall, the website is professionally designed, content-rich, and well-branded but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

EC Red Bull Salzburg is a well-established professional ice hockey team with a strong brand presence linked to the global Red Bull brand. Their website offers comprehensive information about the team, schedules, tickets, merchandise, and multimedia content, targeting sports fans and enthusiasts. The technical infrastructure leverages modern web technologies such as React and integrates third-party services for analytics and cookie consent management. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate, resulting in no HTTPS support and lack of modern TLS protocols, which significantly impacts the security posture. Privacy compliance is well addressed with clear policies and active consent mechanisms. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

BMO Global Asset Management (BMO GAM) is a leading Canadian asset manager offering a broad range of investment products including mutual funds, ETFs, and alternative products. The website clearly targets investors, advisors, and institutional clients, reflecting a mature and well-established financial services business. The company operates under the larger Bank of Montreal (BMO) umbrella, reinforcing its market position and credibility. Technically, the website leverages modern web technologies such as Next.js and integrates with Adobe Launch and OneTrust for marketing and compliance. Hosting is provided via Akamai CDN, ensuring global content delivery. However, the absence of a valid SSL certificate and disabled TLS protocols represent significant technical and security shortcomings that undermine user trust and data protection. From a security perspective, while some security headers like HSTS and X-Frame-Options are present, the lack of HTTPS and modern TLS support is a critical vulnerability. No published security policies, incident response contacts, or vulnerability disclosure mechanisms were found, indicating gaps in security transparency and readiness. Overall, the website is professionally designed and content-rich, but the lack of proper SSL/TLS configuration and security disclosures lowers its security posture and trustworthiness. Strategic improvements in SSL deployment, security policy publication, and DNS security would significantly enhance the site's security and compliance standing.

L

Leica Microsystems

leica-microsystems.com

40

Leica Microsystems is a well-established global leader in microscopy and imaging solutions, serving diverse sectors including life sciences, industrial manufacturing, medical specialties, and education. The company offers a broad portfolio of products ranging from light and confocal microscopes to software and consumables, supported by comprehensive service and application support. The website reflects a mature digital presence with rich, professional content and consistent branding, targeting scientific and industrial professionals worldwide. Technically, the site is built on TYPO3 CMS with modern frontend technologies and integrates marketing and analytics tools such as Google Tag Manager and OneTrust for cookie consent. However, the current lack of a valid SSL certificate and absence of HTTPS significantly undermines the security posture, despite the presence of several security headers and policies. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. WHOIS data confirms the domain's maturity and legitimacy, registered under Network Solutions without privacy protection, consistent with the company's profile. Strategic improvements in SSL/TLS configuration and enhanced security practices are recommended to elevate trust and protect user data.

A

ACI Worldwide

aciworldwide.com

40

ACI Worldwide is a mature, enterprise-level financial technology company specializing in global payments software and solutions. The company offers a broad portfolio of services including payments orchestration, fraud management, bill pay, and real-time payments, targeting banks, merchants, and billers worldwide. The website reflects a strong market position with extensive customer testimonials, partner logos, and a global reach across 95 countries. Technically, the site is built on WordPress hosted on WP Engine with Cloudflare CDN, leveraging modern marketing and analytics tools such as Google Tag Manager, Hotjar, and HubSpot. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture score. Security headers and content security policies are well implemented, but the lack of HTTPS is a major vulnerability. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional, content-rich, and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

Raiffeisen Zertifikate is a leading Austrian financial services provider specializing in certificate investment products, with a strong market position evidenced by multiple awards. The website is professionally designed, content-rich, and targets investors interested in sustainable and flexible investment options. Technically, the site uses TYPO3 CMS, integrates modern analytics and marketing tools, and is hosted behind Cloudflare. However, the security posture is weakened by the absence of a valid SSL certificate and disabled modern TLS protocols, which poses risks to data confidentiality and user trust. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the site is trustworthy but requires urgent SSL/TLS remediation to improve security and user confidence.

Bacardi Limited is the world's largest privately held spirits company, with a rich heritage dating back over 160 years. The company operates globally with a portfolio of over 200 brands and labels, serving a diverse audience including consumers, industry professionals, investors, and job seekers. The website reflects a mature business model focused on brand management, production, distribution, and corporate sustainability initiatives. Technically, the site is built on WordPress, hosted on WP Engine with Cloudflare CDN, and integrates modern marketing and analytics tools such as Google Tag Manager and OneTrust for cookie consent. However, the absence of a valid SSL certificate and lack of HTTPS significantly undermine the site's security posture, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent mechanisms, but explicit security policies and incident response information are missing. Overall, the site is professional and trustworthy but requires urgent security improvements to align with best practices.

Volkswagen Versicherungsdienst GmbH (VVD) is a medium-sized insurance service company operating as a subsidiary of Porsche Bank in Austria. It specializes in providing automotive insurance products and services to customers of Volkswagen Group brands and other vehicle owners. The website presents a professional and consistent brand image with comprehensive service offerings including liability, partial and full coverage insurance, legal protection, and additional guarantees. Technically, the site is built on Craft CMS and leverages Cloudflare for hosting and security, along with modern marketing and analytics tools such as Google Tag Manager and Facebook Pixel. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the security posture. Privacy compliance is well addressed with a detailed privacy policy and cookie consent mechanism. Contact information is clearly provided, enhancing business credibility.

Ecolab Inc. is a global enterprise specializing in water, hygiene, and infection prevention solutions and services. The company serves a broad range of industries including manufacturing, healthcare, hospitality, food and beverage processing, and energy. With a strong market position as a leader in sustainability and operational efficiency, Ecolab offers science-based solutions and data-driven insights to help customers improve safety, reduce environmental impact, and optimize operations. The website reflects a mature digital presence with comprehensive content, clear navigation, and multi-channel contact options. Technically, the website is built on the Sitecore CMS platform, leveraging modern technologies such as Coveo for search, Google Tag Manager for analytics, and OneTrust for cookie consent management. The site is hosted via Akamai CDN and integrates multiple third-party marketing and analytics tools, indicating a sophisticated digital marketing strategy. Accessibility and SEO practices are well implemented, contributing to a positive user experience. From a security perspective, the site implements strong HTTP security headers and content security policies. However, a critical issue is the invalid or missing SSL certificate and lack of enabled TLS protocols, which significantly undermines the security posture. This gap exposes the site to risks and should be addressed promptly. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms in place. Overall, Ecolab's website demonstrates high business credibility and professionalism but requires urgent remediation of SSL/TLS issues to ensure secure communications and maintain trust. Strategic recommendations include fixing the SSL certificate, enabling modern TLS protocols, enhancing HSTS policies, and continuing to maintain strong privacy and security practices.

P

Pierre Fabre Laboratories

pierre-fabre.com

40

Pierre Fabre Laboratories is a well-established French pharmaceutical and dermocosmetics group with a global presence and a strong portfolio of brands. The company focuses on developing innovative healthcare and beauty solutions inspired by patients and consumers. Their website reflects a mature digital presence with comprehensive content, multilingual support, and clear business information. However, the technical infrastructure shows weaknesses, particularly in security, as the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical issue for user trust and data protection. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism implemented via OneTrust. Overall, the website is professional and trustworthy but requires urgent security improvements to meet modern standards.

Accenture's SAP Customer Experience website presents a comprehensive and professional digital presence showcasing their partnership with SAP and their extensive capabilities in delivering customer experience solutions. The site targets global enterprises seeking advanced SAP commerce and customer data management services. Technically, the site leverages Adobe Experience Manager, integrates multiple analytics and marketing tools, and is hosted on AWS CloudFront. However, a critical security concern is the invalid or missing SSL certificate and lack of modern TLS protocol support, which significantly impacts the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site reflects a mature business with strong market positioning but requires urgent remediation of SSL and TLS issues to ensure secure user interactions.

M

MED-EL Medical Electronics

medel.com

40

MED-EL Medical Electronics is a mature and globally recognized healthcare company specializing in hearing implants and solutions. Their website provides comprehensive information about cochlear implants, middle ear implants, bone conduction systems, and related accessories, targeting individuals with hearing loss and healthcare professionals. The company maintains a strong market position as a leading hearing implant provider with a large operational scale and a well-established brand since 1996. The website content is professionally curated, with clear navigation and multilingual support, reflecting a high level of digital maturity.

Accenture Interactive's website for Accenture Song presents a mature, enterprise-level digital presence focused on delivering technology-powered creative and marketing services globally. The company positions itself as a leader in customer experience transformation, blending creativity and technology to drive business growth. The site is rich in multimedia content, well-structured navigation, and supports multiple languages and regions, reflecting a global market approach. Technically, the site leverages Adobe Experience Manager CMS, AWS CloudFront hosting, and integrates advanced analytics and consent management tools. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which undermines the otherwise strong security headers and policies in place. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

B

BearingPoint

bearingpoint.com

40

BearingPoint is a global management and technology consultancy with European roots, operating in over 70 countries with 13,000 employees. The company offers a broad range of consulting services, products, and capital advisory, targeting enterprises across multiple industries including technology, finance, manufacturing, and government sectors. The website reflects a mature digital presence with professional design, comprehensive content, and clear navigation tailored to enterprise clients. Technically, the site uses Apache server technology, modern JavaScript frameworks, and cookie consent management tools, but lacks a valid SSL certificate and has disabled TLS protocols, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and professional but requires urgent security improvements to enable HTTPS and modern TLS protocols.

O

Oberbank AG

oberbank.at

40

Oberbank AG is a well-established regional bank operating primarily in Austria and neighboring countries, offering a broad range of financial services including retail banking, corporate banking, savings, investments, financing, and online/mobile payment solutions. The website reflects a mature digital presence with comprehensive content tailored to private and corporate customers, supported by a modern technology stack based on Liferay and JavaServer Faces. The site demonstrates strong privacy compliance with detailed cookie consent mechanisms and GDPR-aligned privacy policies. However, the security posture is weakened by an invalid or missing SSL certificate and lack of TLS protocol support, which poses significant risks to secure communications. No explicit security or incident response policies are published, indicating room for improvement in transparency and readiness. Overall, the site is professional and trustworthy but requires urgent remediation of SSL issues to ensure secure user interactions.

S

Spencer Stuart

spencerstuart.com

40

Spencer Stuart is a globally recognized executive search and leadership consulting firm specializing in senior executive and board-level placements. The website reflects a mature, professional services business with a strong market position and comprehensive service offerings tailored to corporate clients. Technically, the site uses a custom ASP.NET CMS hosted on AWS CloudFront, integrating modern analytics and consent management tools. However, the absence of a valid SSL certificate and disabled modern TLS protocols represent significant security gaps. The site employs good security headers and cookie management but lacks advanced email security measures such as DMARC and DNSSEC. Overall, the website is content-rich and professionally designed but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

R

Raiffeisen Bank International

rbinternational.com

40

Raiffeisen Bank International AG is a leading business bank headquartered in Austria, serving Austria and Central and Eastern Europe. The website presents comprehensive information about the bank's services, sustainability efforts, investor relations, and career opportunities, targeting investors, corporate clients, institutions, and private customers. The technical infrastructure leverages modern web technologies including Vue.js, Adobe Experience Manager CMS, and Cloudflare hosting, with integrations for analytics and marketing such as Mouseflow, Leadfeeder, and Google Tag Manager. Security headers are well implemented; however, the absence of a valid SSL certificate and disabled TLS protocols represent critical vulnerabilities that undermine the site's security posture. Privacy and cookie policies are present with consent mechanisms, indicating good compliance with GDPR. Overall, the website is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

T-Mobile US is a leading telecommunications company providing wireless phone plans, devices, and home internet services primarily in the United States and Puerto Rico. The website reflects a mature digital presence with comprehensive product offerings, promotional deals, and customer benefits. It targets both consumer and business segments with a strong emphasis on 5G technology and competitive pricing. The company is a subsidiary of Deutsche Telekom and maintains consistent branding and messaging across its digital assets. Technically, the website leverages modern web technologies including Adobe Experience Manager, Alpine.js, and various third-party SDKs for analytics, marketing, and payment processing. The site is hosted on Akamai CDN, ensuring global content delivery. While the site is mobile-optimized and accessible, performance metrics are not provided, but the design and navigation are professional and user-friendly. From a security perspective, the site implements essential security headers and HSTS with preload, but the SSL certificate is currently invalid or missing, which is a critical issue impacting the overall security posture. No major vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear privacy and cookie policies, consent mechanisms, and GDPR indicators. Overall, the website is trustworthy and professional but requires immediate attention to SSL certificate management and TLS protocol support to enhance security and user trust. Strategic recommendations include updating SSL certificates, enabling modern TLS protocols, and continuous monitoring of security headers and compliance frameworks.

A

Allianz Elementar Versicherungs AG

allianz.at

40

Allianz Elementar Versicherungs AG operates a comprehensive insurance website targeting private customers in Austria, offering a wide range of insurance and financial products including vehicle, health, accident, and life insurance. The website demonstrates strong market positioning with extensive content, professional design, and consistent branding. Technically, the site is built on Adobe Experience Manager, leveraging Cloudflare for hosting and CDN services, and integrates modern marketing and analytics tools such as Adobe Analytics and OneTrust for GDPR compliance. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, significantly impacting the security posture. Privacy policies and cookie consent mechanisms are well implemented, reflecting good GDPR compliance. Overall, the site is trustworthy and professional but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

P

Pantheon Systems, Inc.

pantheon.io

56

Pantheon Systems, Inc. operates Pantheon.io, a leading WebOps platform designed for building, hosting, and managing high-impact websites primarily using WordPress, Drupal, and Next.js. The company positions itself as a comprehensive solution provider integrating operations, workflows, and governance to enable agile teams and fast digital launches. Their market position is strong, supported by recognized industry badges and a broad partner ecosystem including Google Cloud. Technically, the website is built on Drupal 10 and leverages modern marketing and analytics tools such as Marketo, Segment, and VWO, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with comprehensive policies and consent mechanisms via OneTrust. Overall, Pantheon.io demonstrates a professional, enterprise-grade web presence with excellent content and user experience but requires urgent improvements in SSL configuration to enhance security and trust.

G

Grupo Soma

somagrupo.com.br

58

Grupo Soma is a large Brazilian retail group operating a platform of multiple fashion brands including Animale, Farm, and Hering among others. The website serves as a corporate and investor relations portal, providing information about the company, its brands, sustainability efforts, and compliance policies. The target audience includes consumers and investors interested in the fashion retail sector in Brazil. Technically, the website is built on WordPress and uses modern JavaScript libraries and Google Analytics for tracking. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a significant security concern. Security headers are partially implemented but critical TLS protocols and HSTS are missing, reducing the overall security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism via OneTrust. Business credibility is supported by clear brand listings and compliance pages but lacks explicit contact emails or phone numbers on the homepage. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

H

HP Hood LLC

hphood.com

37

HP Hood LLC operates a well-established website promoting its dairy products brand, Hood®, with a history dating back to 1846. The website offers comprehensive product information, recipes, and store locator features targeting consumers in the United States. The site is professionally designed with consistent branding and good user experience, including mobile optimization and clear navigation. Technically, the site uses Microsoft IIS, Bootstrap, jQuery, and other modern frontend libraries, but lacks a valid SSL certificate and HTTPS support, which is a critical security gap. Cookie consent is implemented via OneTrust, and Google Tag Manager is used for analytics and tracking. Security posture is weak due to missing HTTPS and limited security headers, and no explicit security or incident response policies are found. Overall, the domain registration data aligns well with the business, indicating legitimacy. Strategic improvements in SSL/TLS deployment and security headers are recommended to enhance trust and compliance.

C

Cia. Hering

ciahering.com.br

40

Cia. Hering is a well-established Brazilian retail clothing franchise network with a strong market position as the largest clothing franchise in Brazil. The company operates an omnichannel business model, combining physical stores and e-commerce to provide convenience to its customers. The website reflects a professional corporate presence with multilingual support and investor relations information, indicating a mature business. Technically, the site is built on WordPress and uses common web technologies and services such as Cloudflare CDN and OneTrust for cookie consent. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security issue. Security headers are present but cannot compensate for the missing SSL. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and enhance trust.