Security Directory

G

glatec

glatec.ch

56

glatec is a non-profit business incubator based in Zurich-Dubendorf, Switzerland, supporting startups and collaborative research in materials science, environmental science, and technology. It operates in partnership with prominent research institutions such as Empa and Eawag, providing infrastructure and professional support to new companies. The website is built on the Liferay CMS platform with React and Alloy UI technologies, featuring a comprehensive navigation structure and multilingual support. However, the site suffers from a lack of a valid SSL certificate, impacting its security posture. Cookie consent mechanisms are implemented, but no explicit privacy policy or terms of service were found in the scanned content. Contact information including phone numbers and physical addresses for multiple Swiss locations is clearly provided, alongside active social media channels.

E

Empa - Swiss Federal Laboratories for Materials Science and Technology

empa.ch

69

Empa is a Swiss federal research institute specializing in materials science and technology, operating under the ETH Domain. The organization focuses on interdisciplinary research to address industrial and societal challenges, aiming to transform research into marketable innovations. The website reflects a mature digital presence with extensive content, multilingual support, and a professional design tailored to industry partners, researchers, and the public. Technically, the site is built on Liferay CMS with React and Alloy UI, integrating modern web technologies and analytics tools. Security posture is adequate with HTTPS and SPF/DMARC email protections, though improvements in HSTS, DNSSEC, and DMARC policy are recommended. Privacy compliance is partially addressed with a cookie policy and consent mechanism, but no explicit privacy policy page was found. Overall, the site demonstrates a high level of professionalism and trustworthiness, suitable for a leading research institution.

E

Eawag

eawag.ch

63

Eawag is a leading water research institute within the ETH domain in Switzerland, focusing on sustainable water resource management, aquatic ecology, and environmental research. The website serves as a comprehensive portal for research, education, consulting, and public information, targeting researchers, policymakers, and the general public. Technically, the site is built on TYPO3 CMS and integrates modern web technologies and analytics tools, but suffers from slow load times and lacks a valid SSL certificate, impacting security and user trust. The security posture is basic with HSTS enabled but no valid TLS protocols or certificate, which is a critical issue. Privacy policies are present and GDPR compliant, though no explicit cookie consent mechanism is implemented. Overall, the site is professional and content-rich but requires urgent improvements in security and performance to enhance trust and compliance.

O

Open Research Data Portal

open-research-data-portal.ch

40

The Open Research Data Portal is a collaborative platform dedicated to implementing Open Research Data (ORD) practices within the ETH Domain, encompassing prominent Swiss research institutions such as ETH Zurich, EPFL, Eawag, PSI, WSL, and Empa. The portal provides comprehensive information on ORD projects, services, and training resources, targeting researchers and academic institutions. Technically, the website is built on WordPress using Elementor and various Jet plugins, with integration of Google Analytics for minimal user tracking. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. The presence of SPF and DMARC records indicates some email security awareness, though the DMARC policy is set to 'none', offering no enforcement. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the site offers good content quality and professional design but requires urgent security improvements to protect user data and enhance trust.

Q

Quarkslab

quarkslab.com

50

Quarkslab is a cybersecurity company specializing in offensive and defensive security solutions, combining consulting, R&D, and proprietary software to help organizations protect their digital assets. The company is recognized in the Gartner Emerging Tech report and serves a target audience of companies and governmental organizations seeking advanced cyber defense. Technically, the website is built on WordPress with Elementor and integrates multiple analytics and marketing tools. However, the site lacks a valid SSL certificate and modern TLS support, which significantly impacts its security posture. While email authentication is well configured with SPF and DMARC, the absence of HTTPS and security headers exposes the site to risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

All Channels Communication Austria GmbH is a medium-sized marketing and communication agency operating primarily in Austria and the CEE region. The company offers a comprehensive range of services including campaign management, brand management, PR, digital strategies, and social media marketing. Positioned as one of the fastest growing and most awarded agencies in its region, it targets businesses seeking integrated multi-channel marketing solutions. The website content is well-structured and professionally presented in German, with clear navigation and mobile optimization. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and Google Analytics, but suffers from a lack of a valid SSL certificate, impacting security and trust. Security posture is basic with no advanced headers or policies implemented, and privacy compliance is minimal with only a basic disclaimer modal and cookie consent banner. Contact information is clearly provided including phone, email, physical address, and a contact form. Overall, the website is functional and professional but requires significant improvements in security and privacy compliance to meet modern standards.

L

Lansons

lansons.com

63

Lansons is a communications and reputation management consultancy operating primarily in the media sector with offices in London and New York. It is part of the larger Team Farner group, positioning itself as an established player offering a wide range of services including public relations, financial communications, crisis management, and sustainability advisory. The website content is professionally presented, targeting organizations and individuals seeking expert communications consultancy. Technically, the site uses modern JavaScript frameworks such as Alpine.js and GSAP, is built on Craft CMS, and is hosted by UKFast. However, performance metrics indicate slow loading times, and the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Security headers are well configured, but the absence of HTTPS significantly reduces the overall security posture. Privacy compliance is strong with a clear privacy policy and cookie consent mechanism. Contact information including email and phone number is clearly provided, enhancing business credibility. Overall, the site is professional and trustworthy but requires urgent SSL/TLS implementation to improve security and user trust.

V

VIM Group

vim-group.com

61

VIM Group is a specialized consulting firm focused on supporting world-leading brands through complex rebranding and brand change projects. They offer services in brand management, rebranding, and brand technology, positioning themselves as experts in ensuring smooth, on-time, and on-budget brand transformations. The company is part of the Team Farner group, which adds corporate credibility and resources. Technically, the website is built on the Framer platform and integrates Google Analytics and HubSpot for marketing and data collection. However, a critical security weakness is the absence of a valid SSL certificate and modern TLS protocols, which undermines the security posture of the site. Privacy and cookie policies are present and indicate GDPR compliance, and contact is facilitated via email and HubSpot forms. Overall, the site presents a professional and trustworthy image but requires urgent security improvements to protect user data and enhance trust.

A

Affective Advisory GmbH

affective-advisory.com

54

Affective Advisory GmbH is a specialized behavioural science consultancy based in Switzerland, founded in 2017. The company applies scientific insights from behavioural economics, psychology, and decision science to design strategy and policy solutions aimed at human behaviour change. Their clientele includes governments and private organizations globally, positioning them as a leading consultancy in their niche. The website is professionally designed using Squarespace CMS, featuring client testimonials and partner logos that enhance trust and credibility. However, the site suffers from a lack of a valid SSL certificate, which significantly impacts its security posture. The absence of HTTPS and modern TLS protocols exposes the site to potential risks and undermines user trust. Privacy compliance is basic, with a cookie consent banner present but no comprehensive GDPR indicators or detailed privacy policies. Contact information is clearly provided, including email, phone, and physical addresses, supporting business credibility.

E

eKomi Holding GmbH

ekomi.nl

40

eKomi Holding GmbH operates a global SaaS platform specializing in collecting and managing authentic customer and product reviews to enhance business trust and conversion rates. The company is positioned as a market leader with over 15,000 clients worldwide and integrates with major search engines and platforms such as Google to provide seller rating extensions and social commerce technology. Their services focus on increasing SEO, conversion, and customer engagement through verified feedback. Technically, the website is built on WordPress with common web technologies and includes modern marketing and analytics tools like Google Analytics and Intercom. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is supported by clear contact information, client testimonials, and industry awards. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

E

eKomi Holding GmbH

ekomi.es

40

eKomi Holding GmbH operates a global SaaS platform specializing in authentic customer and product reviews to enhance business conversion rates and SEO performance. The company is well-positioned in the technology and e-commerce sectors, serving over 15,000 clients worldwide with recognized certifications and awards. Technically, the website is built on WordPress with modern frameworks and includes essential marketing and analytics integrations with user consent. Security posture is solid with HTTPS and SPF/DMARC email protections, though improvements like HSTS and OCSP stapling are recommended. Overall, the website demonstrates good professionalism, trustworthiness, and compliance with privacy regulations.

V

VRM Anna

vrm-anna.de

40

VRM Anna operates as an online platform facilitating ad submission and management for newspapers and weekly papers primarily in the Rhein-Main and Mittelhessen regions of Germany. The service targets both private and business customers, offering features such as ad drafting, personal ad archives, and payment method storage. The website reflects a regional media service provider with a moderate digital presence and a focus on user convenience for ad bookings. Technically, the site employs modern frontend technologies like React and integrates Google Analytics and Tag Manager for tracking, alongside a GDPR-compliant cookie consent mechanism. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture, exposing users to potential risks. No advanced security headers or DNS security features are implemented, and no explicit security or incident response policies are found. Overall, while the business model and content quality are solid, the technical and security implementations require urgent improvements to meet modern standards and build user trust.

V

VRM

vrm-immo.de

40

VRM-Immo.de operates as a regional real estate marketplace focused on the Rhein-Main area in Germany, providing property listings for rent and purchase, along with expert advice and valuation services. The platform targets individuals and investors interested in residential and commercial properties within this economically significant region. The business is positioned as a trusted regional leader affiliated with the Rhein Main Presse media group, offering a comprehensive digital real estate service. Technically, the website employs modern JavaScript libraries and advertising/tracking tools such as Google Tag Manager, Google Analytics, Cxense, and Yieldlove, but suffers from a lack of HTTPS security due to an invalid or missing SSL certificate, which significantly impacts its security posture. The site is mobile-optimized and provides a good user experience, though performance is slow with a high page load time. Privacy compliance is strong with clear cookie consent mechanisms and comprehensive privacy policies. Overall, the site demonstrates moderate business credibility but requires urgent security improvements to protect user data and enhance trust.

E

empfehlio

empfehlio.de

40

empfehlio is a leading European provider specializing in NFC and QR code solutions designed to enhance customer engagement and online reputation management. The company offers a comprehensive range of products and services including NFC tags, QR code stickers, digital business cards, and software solutions aimed at generating Google and social media reviews, as well as increasing followers on platforms like Instagram and TikTok. Their market position as a leader in this niche is supported by a strong brand presence and partnerships with notable clients. Technically, the website is built on a modern WordPress and WooCommerce stack with extensive use of marketing and analytics tools such as Google Tag Manager and Facebook Pixel. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent significant security weaknesses that must be addressed to protect user data and maintain trust. Privacy compliance is well managed with clear privacy and cookie policies and consent mechanisms in place. Overall, empfehlio demonstrates a strong business model and digital maturity but requires urgent improvements in security infrastructure to align with best practices.

S

SEMSEA Suchmaschinenmarketing AG

semsea.ch

40

SEMSEA Suchmaschinenmarketing AG is a Swiss-based premium online marketing agency specializing in Google Ads, SEO, social media advertising, and analytics. Positioned among the top 3% of Swiss agencies and part of the exclusive Google Leading Agencies Switzerland Program, SEMSEA offers comprehensive digital marketing services including consulting, campaign management, and training. Their target audience includes businesses seeking expert digital advertising solutions with a focus on omnichannel strategies. Technically, the website is built on Contao CMS and integrates multiple marketing and analytics tools such as Google Tag Manager, HubSpot, and Hotjar. However, the site suffers from a lack of HTTPS due to an invalid SSL certificate and missing modern TLS protocols, which significantly impacts its security posture. The cookie consent mechanism is robust and GDPR compliant, with detailed cookie categories and user controls. Overall, SEMSEA demonstrates strong business credibility and marketing transparency but needs urgent improvements in security infrastructure to protect user data and enhance trust.

My Health Toolkit, LLC operates a healthcare benefits management platform targeting members of various Blue Cross and Blue Shield plans across multiple states in the United States. The platform offers services such as claims status checking, digital ID card management, coverage confirmation, provider search, and medical spending account management. It serves as a centralized portal for eligible members to manage their health insurance benefits efficiently. Technically, the website relies on the Dojo Toolkit 1.13.0 for frontend functionality and integrates Google Analytics and Google Tag Manager for user tracking and analytics. The site is hosted on infrastructure associated with Level3. However, the website suffers from slow load times and basic mobile optimization. SEO and accessibility features are present but minimal. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, exposing users to significant risks. No security headers or advanced security configurations are implemented. Privacy and cookie policies are absent, and no GDPR compliance indicators are present. These deficiencies represent critical vulnerabilities and compliance gaps that must be addressed to protect user data and build trust. Overall, while the business model and service offerings are clear and well-targeted, the technical and security posture of the website is weak. Immediate remediation of SSL/TLS issues and implementation of privacy policies are recommended to improve security and compliance. Enhancements in performance and mobile responsiveness would also benefit user experience and trust.

V

VRM Holding GmbH & Co. KG

vrm-mediasales.de

40

VRM Media Sales is a regional media sales company operating primarily in the Rhein-Main and Mittelhessen regions of Germany. They specialize in developing tailored advertising solutions and media campaigns for local businesses, leveraging print and online media channels. The company positions itself as a competent partner for marketing strategies, offering services such as campaign planning, mediamix consulting, and corporate publishing. Their website reflects a medium-sized enterprise with a professional digital presence, targeting businesses seeking regional advertising opportunities. Technically, the site uses JavaScript, Google Analytics, Google Tag Manager, and a consent management platform, hosted on Versatel infrastructure and built on the ecomaXL CMS platform. However, the website suffers from a lack of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Other security best practices such as DNSSEC, DMARC, and security headers are missing, exposing the site to potential risks. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent mechanism, and GDPR notices. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

S

SEMSEA GmbH

semsea-hh.de

40

SEMSEA GmbH is a specialized online marketing agency based in Hamburg, Germany, offering tailored services in SEA, SEO, and digital analytics. The company positions itself as a trusted partner for businesses aiming to enhance their digital presence and marketing effectiveness. The website reflects a mature digital infrastructure built on WordPress and Elementor, integrating modern tracking and consent management tools such as Google Tag Manager and Borlabs Cookie. Security posture is solid with HTTPS, SPF, and DMARC configured, though improvements like HSTS and DNSSEC could enhance protection. The site demonstrates good privacy compliance with a comprehensive privacy policy and cookie consent mechanism. Overall, SEMSEA GmbH presents a professional and credible online presence with strong trust indicators and partner affiliations.

P

Portus Data Centers

portusdatacenters.com

39

Portus Data Centers operates as a carrier-neutral edge colocation data center provider with facilities in Germany and Luxembourg. The company targets businesses requiring high-performance, low-latency IT infrastructure, offering hybrid cloud and colocation services. Their market position is that of a medium-sized regional operator with a focus on sustainability and modern digital infrastructure. Technically, the website is built on WordPress with Elementor and integrates Google Analytics and Tag Manager for tracking. However, the site lacks a valid SSL certificate, which severely impacts security posture and user trust. The absence of cookie consent mechanisms and limited privacy compliance further reduce the site's compliance maturity. Security best practices such as SPF and DMARC are partially implemented but could be strengthened. Overall, the website presents professional content and clear business information but requires urgent improvements in security and privacy to meet modern standards.

S

South Carolina Blues

southcarolinablues.com

56

South Carolina Blues is a regional healthcare insurance provider focused on serving residents of South Carolina with Medicare, individual, family, and group health plans. The website provides basic information about plan options, member perks, and tools to find healthcare providers. The technical infrastructure relies on legacy JavaScript frameworks such as Dojo and uses Google Analytics and Tag Manager for tracking. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which severely impacts security posture. Security headers are present but their effectiveness is limited without HTTPS. Privacy and cookie policies are absent, and no contact or incident response information is provided, indicating gaps in compliance and transparency. Overall, the site demonstrates a basic digital maturity level with room for significant improvements in security, privacy, and user trust.

D

dmarcian

dmarc-academy.com

65

dmarcian operates DMARC Academy, a free online educational platform focused on DMARC, SPF, and DKIM technologies to improve email security and protect organizations from phishing and domain abuse. Founded in 2012 and certified as a B Corp, dmarcian is a recognized leader in the email security space, providing both educational content and tooling to help organizations deploy DMARC effectively. The website is built on the LearnWorlds platform and integrates modern tracking and marketing technologies, though performance optimization is needed due to slow load times. Security posture is solid with HTTPS, SPF, and DMARC reject policies in place, but could be improved by enabling HSTS and additional security headers. Privacy compliance is addressed with cookie consent and privacy policies, supporting GDPR requirements. Overall, the site presents a professional and trustworthy front for its educational mission.

V

Vision 6 Pty Ltd

vision6.com

71

Vision 6 Pty Ltd operates the Vision6 platform, a leading Australian SaaS provider specializing in email and SMS marketing solutions tailored for sectors such as government, higher education, finance, and healthcare. The company positions itself as Australia's most reliable and compliant communications platform, offering a comprehensive suite of services including email marketing, text message marketing, CRM and reporting, lead generation, and transactional email APIs. Their market presence is supported by strong trust indicators such as ISO 27001 certification and GDPR compliance, reinforcing their commitment to data security and privacy. Technically, the website is built on WordPress hosted on AWS infrastructure, leveraging modern web technologies and extensive third-party marketing and analytics tools. While the site is content-rich and professionally designed, performance optimization could be improved due to a relatively slow load time and large page size. Security posture is robust with enforced DMARC policies, valid SPF records, and TLS 1.3 support, though enhancements like HSTS and OCSP stapling are recommended. Overall, Vision6 demonstrates a mature digital presence with strong compliance and security practices, making it a trustworthy platform for its target audience.

R

Retention Science

retentionscience.com

63

Retention Science is a medium-sized SaaS company specializing in AI-driven email and SMS marketing automation for ecommerce businesses. Their platform integrates customer data and uses predictive analytics to optimize marketing campaigns, helping clients increase engagement and sales. The website is professionally designed using modern technologies like React and Gatsby, with good SEO and accessibility features. However, a critical security issue is the absence of a valid SSL certificate and HTTPS, which significantly impacts the site's security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the company presents a credible and trustworthy business front but must urgently address its SSL/TLS configuration to ensure secure communications and protect user data.

R

RB2B

rb2b.com

71

RB2B is a technology company specializing in real-time website visitor identification and lead generation for B2B sales and marketing teams, primarily in the United States. Their platform leverages a proprietary publisher network and integrates with popular CRMs and Slack to deliver enriched visitor data, including LinkedIn profiles, to sales teams. The company positions itself as a SOC2 Type II compliant provider with a strong focus on data privacy and compliance, offering both free and paid plans to accommodate different customer needs. The website demonstrates a high level of professionalism, with comprehensive content, customer testimonials, and clear navigation.

C

Carrier Logistics

carrierlogistics.com

67

Carrier Logistics is a medium-sized transportation technology company specializing in customizable transportation management software called FACTS™. The company serves transportation and logistics businesses, offering software solutions, training, and consultation services. It holds a recognized market position with industry awards and client testimonials, indicating a trusted brand in the transportation sector. The website is built on WordPress with a responsive design and includes modern marketing and analytics tools. However, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS, which severely impacts its security posture. Additionally, cookie consent mechanisms are missing despite the use of tracking scripts, raising privacy compliance concerns. Overall, the website provides good content quality and business credibility but requires urgent security and privacy improvements.

Rosenau Transport Ltd. is a large transportation and logistics company operating primarily in Western Canada, offering a broad range of freight and supply chain services including Less Than Truckload, Full Truckload, warehousing, and specialized transport. The company is part of GLS Logistics Systems Canada Ltd., which is affiliated with the GLS Group and Royal Mail Group plc, positioning it strongly in the regional market. The website presents a professional and content-rich platform targeting businesses and individuals needing reliable shipping solutions across Canada and the Western U.S. The technical infrastructure is based on WordPress CMS with common optimization and analytics tools, but suffers from slow load times and lacks a valid SSL certificate, which impacts security and user trust. Security posture is weak due to missing HTTPS, lack of security headers, and incomplete email security configurations. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is functional and credible but requires significant security improvements to meet modern standards.

G

General Logistics Systems US, Inc. (GLS)

gls-us.com

55

General Logistics Systems US, Inc. (GLS) operates a regional parcel delivery service focused on the Western United States, providing faster delivery services across multiple states including California, Washington, Oregon, Idaho, and Colorado. The company offers a variety of shipping tools, account management, and integration options for business customers. The website reflects a medium-sized transportation business with a clear focus on parcel delivery and customer support. Technically, the site uses modern JavaScript frameworks such as Vue.js and integrates multiple marketing and analytics tools including HubSpot, Marketo, Google Analytics, and Hotjar. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts the security posture and trustworthiness of the site. Privacy compliance is basic, with a privacy policy present but no visible cookie consent mechanism. Overall, the site provides good content and user experience but requires urgent security improvements to protect user data and enhance trust.

F

Fuerte Arts Movement

fuerte.org

39

Fuerte Arts Movement is a small non-profit organization focused on leveraging art and culture to drive collective action on social issues such as voting rights, housing justice, and environmental justice, with a focus on Arizona women of color and LGBTQ perspectives. The website serves as a community hub featuring advocacy campaigns, events, a zine library, and multimedia content. Technically, the site is built on WordPress with various plugins for event management and media display, but suffers from slow performance and lacks a valid SSL certificate, resulting in insecure HTTP connections. Security posture is weak due to missing HTTPS, lack of security headers, and absence of email authentication records. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site is content-rich and professionally designed but requires urgent improvements in security and privacy to protect users and build trust.

C

Connecticut Democratic Party

ctdems.org

59

The Connecticut Democratic Party website serves as the official online presence for the state-level Democratic Party organization. It focuses on voter engagement, volunteer recruitment, fundraising, and disseminating party information. The site targets Connecticut residents interested in Democratic politics and activism, providing resources such as voter registration links, event calendars, and donation portals. The party positions itself as a key political actor within the state, aiming to mobilize support and fight GOP extremism. Technically, the website is built on WordPress with a modern but somewhat heavy tech stack including jQuery, DataTables, and Google services. However, performance is slow with a large page size and long load times. Security posture is weak due to the absence of a valid SSL certificate, lack of HTTPS, and missing security headers, exposing users to potential risks. Privacy compliance is minimal with no cookie consent mechanism despite tracking scripts. Contact information and social media presence are clearly provided, enhancing business credibility. Overall, the site is functional and content-rich but requires urgent security and privacy improvements to protect users and enhance trust.

F

For Good

forgood.org

70

For Good is a well-established 501(c)(3) non-profit organization operating a technology-enabled donor-advised fund platform that facilitates charitable giving for individuals and companies. Founded in 2001 by tech executives from AOL, Yahoo!, and Cisco, it has positioned itself as a leader in digital philanthropic innovation, partnering with major platforms such as YouTube, Walmart, and Patagonia. The website clearly communicates its mission, services, and impact, targeting donors, nonprofits, and corporate partners. The business model centers on enabling donors to support charities efficiently and transparently through a secure online platform. Technically, the website is built on Webflow CMS, leveraging modern web technologies and hosting infrastructure with CDN support. It employs Google Tag Manager and Analytics for tracking and performance monitoring. The site is mobile-optimized and accessible, with good SEO practices and a moderate page load time. Security-wise, the site uses HTTPS with TLS 1.3 and 1.2, has valid SPF and DMARC records, and avoids known SSL vulnerabilities. However, it lacks some advanced security features such as HSTS, DNSSEC, OCSP stapling, and Certificate Transparency compliance, which are recommended for enhanced protection. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but no explicit cookie consent mechanism was detected, which may impact GDPR compliance. Contact information is clearly provided, including email, phone, and physical address, along with active social media profiles, enhancing business credibility and trustworthiness. Overall, the site demonstrates a strong professional presence with room for security and privacy improvements.

D

DMT GROUP

dmt-group.com

53

DMT GROUP is a well-established global engineering services and consulting company with a history dating back to 1737. It operates primarily in the energy, infrastructure, mining, and engineering sectors, offering a broad range of services including engineering, consulting, geotechnics, exploration, and critical infrastructure protection. The company is part of the TÜV NORD GROUP, which enhances its market credibility and access to resources. The website reflects a professional and comprehensive digital presence with clear business information, structured data, and rich content targeting industrial clients worldwide. Technically, the website is built on TYPO3 CMS and uses common web technologies such as Apache server, Google Analytics, and LinkedIn Insight Tag for analytics and marketing. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security shortfall. The absence of modern TLS protocols and security headers further weakens its security posture. Performance is rated slow due to missing SSL and possibly other optimizations. Privacy compliance is partial, with a privacy policy present but no visible cookie consent mechanism. Security-wise, the site has configured SPF and DMARC records for email security and shows no signs of common vulnerabilities like Heartbleed or POODLE. However, the lack of HTTPS and security headers significantly reduces the overall security score. There is no explicit incident response or vulnerability disclosure information available on the site. Overall, the website is professional and content-rich but requires urgent improvements in security infrastructure, especially SSL/TLS implementation, to protect user data and enhance trust. Privacy compliance could also be improved by adding cookie consent mechanisms. Strategic recommendations include implementing HTTPS, enhancing security headers, and improving privacy transparency.

M

Medical Harbour

medicalharbour.com

60

Medical Harbour is a Brazilian technology company specializing in medical imaging solutions, including software for radiology, teleradiology, and medical education. Their product portfolio includes advanced DICOM viewers, cloud PACS solutions, and educational tools such as virtual cadaver and anatomical atlases. The company targets hospitals, clinics, radiologists, and medical educators, positioning itself as a niche specialist in healthcare technology. The website is professionally designed, multilingual, and integrates modern marketing and analytics tools, although it suffers from slow performance and lacks a valid SSL certificate, which is a critical security concern. Despite strong email security policies like SPF and DMARC, the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, Medical Harbour demonstrates a solid business presence with room for improvement in technical and security infrastructure.

T

TÜV NORD GROUP

tuv-nord.com

62

TÜV NORD GROUP operates as a global service provider specializing in testing, certification, inspection, and training services across multiple sectors such as energy, transportation, real estate, and industry. The company maintains a strong market position as a large enterprise with a broad international presence and multiple subsidiaries. Their website reflects a professional and well-structured digital presence targeting both business and private customers. Technically, the site is built on TYPO3 CMS and integrates various marketing and analytics tools, including Pardot, HubSpot, and Google Analytics, with a good level of GDPR compliance and consent management. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which poses a critical risk to secure communications. The site implements strong security headers and content security policies but requires urgent remediation of SSL/TLS issues to ensure data protection and user trust. Overall, the website is functional and professional but needs immediate security improvements to align with best practices and compliance standards.

A

Afya Participações S.A

afya.com.br

72

Afya Participações S.A operates as the largest hub for medical education and digital solutions in Brazil, targeting medical students, professionals, and healthcare providers. The company offers a broad portfolio including undergraduate medical courses, postgraduate education, continuing medical education, and digital health solutions. It holds a strong market position with over 20,000 medical students and multiple subsidiaries and partners enhancing its ecosystem. Technically, the website is built on Webflow, hosted via Cloudflare, and integrates modern analytics and marketing tools, demonstrating a mature digital infrastructure with fast performance and good mobile optimization. Security posture is solid with HTTPS, strong security headers, and cookie consent mechanisms, although improvements in HSTS and vulnerability disclosure could be made. Privacy compliance is well addressed with comprehensive policies and consent management. Overall, the website reflects a professional, trustworthy, and well-managed digital presence aligned with its enterprise scale and sector focus.

Landitec GmbH is a specialized B2B technology company based in Germany, offering high-quality network hardware appliances and related services across Europe. Their business model combines e-commerce with consulting, testing, and support services, targeting enterprises and organizations requiring secure and flexible network infrastructure. The website is built on the Odoo CMS platform and hosted on Odoo.sh, featuring a professional design with clear navigation and multilingual support. However, the site lacks a valid SSL certificate, resulting in no HTTPS protection, which significantly impacts its security posture. While cookie consent mechanisms and privacy policies are present, explicit security policies and incident response information are missing. The company demonstrates trust through extended warranties, partner logos, and detailed product testing.

A

Arvato Systems

arvato-systems.de

40

Arvato Systems is a leading German IT service provider specializing in digital transformation across multiple industries including energy, manufacturing, healthcare, retail, government, and finance. The company offers a broad portfolio of services such as consulting, cloud and data center services, application development, security, and managed services. It holds multiple industry awards and certifications, including ISO 27001 and Top Employer Germany 2024, reflecting its strong market position and commitment to quality and security. Technically, the website is built on CoreMedia CMS and integrates various analytics and marketing technologies, but suffers from a critical lack of valid SSL/TLS certificates, impacting its security posture. Privacy compliance is well addressed with comprehensive cookie consent mechanisms and GDPR-aligned privacy policies. Overall, the company demonstrates a mature digital presence with strong business credibility but needs urgent improvements in SSL/TLS security to protect user data and maintain trust.

A

A1 Group

a1.group

60

A1 Group is a major telecommunications provider operating primarily in Central and Eastern Europe, serving approximately 30 million customers across seven core markets. The company offers a broad portfolio of services including voice telephony, broadband internet, mobile and home entertainment, smart home solutions, data and IT services, wholesale, payment solutions, and digital services. The website reflects a strong corporate identity with a focus on sustainability and ESG commitments, supported by detailed investor relations content and sustainability reports. Technically, the website is built on WordPress with multilingual support and integrates modern marketing and analytics tools such as Google Analytics, Microsoft Clarity, and Bugsnag. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which is a critical vulnerability that must be addressed promptly. Privacy compliance is well managed with a comprehensive cookie consent mechanism and clear privacy policy. Overall, the site demonstrates professionalism and trustworthiness but requires urgent improvements in SSL/TLS security to protect user data and maintain credibility.

B

Boxmyjob SAS

taleez.com

60

Taleez, operated by Boxmyjob SAS, is a French-based SaaS company specializing in recruitment management software (ATS). The company offers a comprehensive platform that centralizes recruitment processes, including job offer multi-diffusion, candidate sourcing, process automation, and analytics. With over 15,000 users and a strong presence in the French market, Taleez positions itself as a reliable and user-friendly solution for HR teams, managers, and candidates. The website reflects a professional and consistent brand image, supported by numerous client testimonials and case studies. Technically, the website is built on Webflow CMS and integrates multiple marketing and analytics tools such as HubSpot, Google Analytics, Amplitude, and ConvertBox. Hosting is managed via OVH with CDN support from Cloudfront. Despite a rich content offering and good mobile optimization, the site suffers from slow load times and lacks a valid SSL certificate, which critically impacts its security posture. Security-wise, the absence of a valid SSL certificate and HTTPS enforcement is a major vulnerability, exposing users to potential data interception risks. Additionally, the lack of security headers and modern TLS protocols further weakens the site's defense. Privacy compliance is well addressed with comprehensive GDPR-aligned policies and cookie consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, while Taleez demonstrates strong business credibility and content quality, its technical and security shortcomings, especially regarding SSL/TLS, pose significant risks. Addressing these issues is paramount to safeguarding user data and maintaining trust.

A

AkzoNobel

duluxheritage.co.uk

69

Heritage by Dulux is a premium paint brand under the AkzoNobel umbrella, offering a curated collection of luxury and designer paints targeting homeowners and professional decorators in the UK market. The website provides rich content including product information, inspiration, and professional tools, supporting a strong market position in the retail paint sector. Technically, the site uses modern web technologies such as React and Next.js, hosted on AWS infrastructure with CDN support, but suffers from slow load times and could benefit from performance optimizations. Security posture is adequate with HTTPS and no major vulnerabilities detected, though improvements in SSL configuration and security headers are recommended. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-branded, supporting the business's premium market positioning.

A

Akzo Nobel N.V.

duluxtradepaintexpert.co.uk

52

Dulux Trade Paint Expert, operated under the parent company Akzo Nobel N.V., is a professional painting and decorating resource targeting trade professionals in the UK. The website offers a comprehensive range of products, colour matching tools, training courses, and professional advice, positioning itself as a leading brand in the retail and manufacturing sector for paints and coatings. The site is well-branded and consistent with corporate identity, providing a good user experience and clear navigation tailored for its professional audience. Technically, the site is built on Adobe Experience Manager and leverages modern marketing and analytics tools such as Google Tag Manager and OneTrust for cookie consent. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate, resulting in no HTTPS support and lack of security headers, which significantly impacts its security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect user data and maintain trust.

N

NoStress Commerce s.r.o.

nostresscommerce.cz

40

Koongo, operated by NoStress Commerce s.r.o., is a mature SaaS platform specializing in product feed management and marketplace integrations for e-commerce sellers. The company offers extensive integrations with over 500 sales channels and supports numerous e-commerce platforms, positioning itself as a comprehensive solution for online sellers seeking to expand their marketplace presence. The website content is professionally designed, rich in detail, and targets online sellers and businesses requiring automated order and inventory synchronization. Technically, the site is built on WordPress with a modern tech stack including jQuery, Google Analytics, and Intercom, hosted on Forpsi infrastructure. However, the absence of a valid SSL certificate and lack of TLS protocol support represent critical security weaknesses. While security headers and content security policies are partially implemented, the site’s security posture is significantly impacted by the missing HTTPS, which is a fundamental requirement for secure web operations. Privacy compliance is well addressed with clear privacy and cookie policies, consent mechanisms, and GDPR alignment. Overall, the site demonstrates strong business credibility and user experience but requires urgent security improvements to protect user data and maintain trust.

K

Koongo

koongo.dk

40

Koongo is a Danish-based SaaS company specializing in product feed management and multi-channel marketplace integration for online sellers. The platform supports over 500 sales channels including Amazon, eBay, and Google Shopping, enabling sellers to synchronize product data and orders automatically. Koongo positions itself as a cost-effective and user-friendly solution with extensive e-commerce platform integrations and a strong customer support reputation. The website is professionally designed, multilingual, and includes comprehensive business and contact information. Technically, the site is built on WordPress with modern JavaScript libraries and analytics tools, but suffers from a critical lack of valid SSL/TLS configuration, exposing it to security risks. Security headers are partially implemented, and privacy compliance is well addressed with cookie consent mechanisms and a detailed privacy policy. Overall, Koongo demonstrates a mature digital presence but must urgently address SSL issues to improve security posture and trust.

K

Koongo

koongo.gr

40

Koongo is a medium-sized e-commerce SaaS provider specializing in product feed management and marketplace integration, enabling online sellers to automate synchronization of product data and orders across multiple sales channels. The company is positioned as a trusted provider with a comprehensive service offering, including integrations with major marketplaces like Amazon and eBay, and supports over 500 sales channels. Technically, the website is built on WordPress with modern analytics and marketing tools, but lacks a valid SSL certificate, which impacts security posture significantly. Security headers and cookie consent mechanisms are properly implemented, reflecting good privacy compliance. However, the absence of HTTPS and modern TLS protocols is a critical vulnerability that must be addressed to improve trust and security. Overall, the site is content-rich, professionally designed, and provides clear business and contact information, supporting a positive user experience and business credibility.

K

Koongo

koongo.it

40

Koongo is a medium-sized e-commerce software company specializing in product feed management and marketplace integration services. Their platform enables online sellers to automate product listings, synchronize inventory and orders across multiple sales channels, and optimize marketplace operations. Positioned as a comprehensive solution provider, Koongo supports over 500 sales channels and integrates with major e-commerce platforms such as Shopify, Magento, WooCommerce, and others. The company is based in Prague, Czech Republic, and operates under the parent company NoStress Commerce s.r.o. Their website reflects a professional and consistent brand image with good content quality and user experience, targeting online sellers seeking multi-channel sales automation. Technically, the website is built on WordPress CMS with a modern tech stack including jQuery, Google Analytics, Intercom, and Bing Ads integrations. However, the site suffers from slow page load times and lacks a valid SSL certificate, which impacts security and user trust. Cookie consent mechanisms and privacy policies are well implemented, demonstrating GDPR compliance. The site uses multiple tracking and advertising tools, indicating extensive user tracking for marketing purposes. Security-wise, the absence of a valid SSL certificate and missing security headers are significant weaknesses. DNS security features like DNSSEC and CAA are not enabled, and email security via DMARC is missing. Despite these gaps, no critical vulnerabilities or malware indicators were found. The overall security posture is basic and requires urgent improvements to protect user data and enhance trust. In summary, Koongo presents a solid business offering with a mature digital presence but needs to address critical security deficiencies to improve its overall risk profile and user confidence. Strategic investments in SSL/TLS, security headers, and DNS/email security will elevate their security posture and compliance standing.

K

Koongo

koongo.es

40

Koongo is a SaaS platform specializing in product feed management and multi-channel marketplace integration for online sellers. The company offers extensive integrations with over 500 sales channels including Amazon, eBay, and Google Shopping, enabling sellers to synchronize inventory, automate order processing, and optimize product data. Positioned as a reliable and scalable solution, Koongo targets e-commerce businesses seeking to expand their online presence efficiently. The website is professionally designed with clear navigation and multilingual support, primarily in Spanish, and includes trust signals such as customer testimonials and third-party review badges. Technically, the site is built on WordPress with modern JavaScript libraries and integrates multiple analytics and marketing tools. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security shortfall that undermines user trust and data protection. Privacy compliance is well addressed with comprehensive cookie consent mechanisms and a detailed privacy policy. Overall, Koongo demonstrates a solid business and technical foundation but requires urgent improvements in security infrastructure to meet industry standards.

K

Koongo

koongo.de

40

Koongo is a medium-sized e-commerce technology company specializing in product feed management and multi-channel marketplace integration. The company offers a SaaS platform that enables online sellers to synchronize product data, inventory, and orders across over 500 sales channels including Amazon, eBay, and Google Shopping. Koongo positions itself as a comprehensive solution provider with integrations to numerous e-commerce platforms such as Magento, Shopify, WooCommerce, and others. The website is professionally designed, content-rich, and targets e-commerce businesses seeking to expand their online sales footprint efficiently. Technically, the site is built on WordPress with a modern tech stack including jQuery, Google Analytics, and Intercom for customer engagement. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall that undermines user trust and data protection. The site implements a detailed cookie consent mechanism and complies with GDPR requirements, reflecting a strong privacy posture. Overall, Koongo demonstrates a solid market presence with good business credibility but requires urgent improvements in its security infrastructure to meet industry standards.

K

Koongo

koongo.nl

40

Koongo is a medium-sized e-commerce technology company based in the Netherlands, owned by NoStress Commerce s.r.o. It provides a SaaS platform for product feed management and order synchronization across over 500 online marketplaces including Amazon, eBay, and Google Shopping. The website is professionally designed, content-rich, and targets online sellers seeking to expand multi-channel sales efficiently. Technically, the site runs on WordPress with modern JavaScript libraries and integrates multiple analytics and marketing tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the business demonstrates strong market positioning and trust signals but must urgently address security shortcomings to protect user data and maintain credibility.

B

Bildungswerk der Sächsischen Wirtschaft

bsw-sachsen.de

40

Bildungswerk der Sächsischen Wirtschaft is a well-established educational organization focused on vocational training and professional development in the Saxony region of Germany. With over 30 years of experience and multiple subsidiaries, it offers a broad portfolio of services including further education, training seminars, and integration courses. The organization targets companies, employees, job seekers, and schools, positioning itself as a key regional player in workforce qualification and development. Technically, the website is built on TYPO3 CMS with modern frontend frameworks like Bootstrap and includes SEO-friendly structured data and social media integration. However, the site suffers from a critical security weakness due to the absence of a valid SSL certificate, resulting in an insecure connection and lack of HTTPS enforcement. Other security best practices such as security headers, DNSSEC, and DMARC are also missing. Privacy compliance is addressed with a cookie consent mechanism and clear privacy and cookie policies. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

O

Ost-Ausschuss der Deutschen Wirtschaft e.V.

ost-ausschuss.de

40

The Ost-Ausschuss der Deutschen Wirtschaft e.V. is a medium-sized non-profit association based in Germany that facilitates economic cooperation and business relations between German companies and Eastern European and Central Asian markets. The organization provides services such as policy advocacy, networking events, delegations, and publishes relevant economic updates and reports. The website is professionally designed using Drupal 10 and integrates modern web technologies and analytics tools, targeting business stakeholders and policymakers. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which significantly weakens its security posture. Privacy and cookie policies are present and include consent mechanisms, reflecting good compliance with GDPR requirements. Contact information is clearly provided, enhancing business credibility.