Security Directory

W

Webroot

webroot.com

40

Webroot, a subsidiary of Open Text Corporation, is a well-established cybersecurity company founded in 2004, providing multi-vector protection solutions for endpoints, networks, and identity protection. The company targets both home users and businesses, offering a broad portfolio of products including antivirus, identity protection, cloud backup, VPN, and threat intelligence services. The website reflects a mature enterprise with consistent branding, comprehensive content, and strong market positioning supported by industry awards and customer testimonials. Technically, the website is built on a Concrete5 CMS platform, leveraging Apache server technology, jQuery, Google Fonts, and is delivered via Imperva CDN. While the site is mobile-optimized and accessible with good SEO practices, performance data is limited and suggests moderate speed. The site uses modern marketing and analytics tools such as Google Tag Manager and Sitespect for tracking and optimization. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS or modern TLS protocols, which is a critical vulnerability exposing users to potential interception and attacks. Security headers are partially implemented but key protections like HSTS and OCSP stapling are missing. No explicit security policy or incident response information is provided, which could be improved to enhance trust and compliance. Overall, the website demonstrates high business credibility and content quality but suffers from significant security configuration issues that must be addressed to protect users and maintain compliance. Strategic improvements in SSL/TLS deployment and security best practices are recommended to elevate the security posture and user trust.

A

acib GmbH

acib.at

35

acib GmbH is an international research center specializing in industrial biotechnology, focusing on sustainable and advanced processes for the biotech, pharmaceutical, and chemical industries. The website targets industry professionals, scientists, and the public, offering information about research projects, events, and career opportunities. The company maintains a moderate digital presence with a WordPress-based website enhanced by Elementor and several embedded multimedia services. However, the absence of a valid SSL certificate and HTTPS significantly undermines the site's security posture. While privacy compliance is well addressed through a comprehensive privacy policy and cookie consent mechanism, the lack of explicit security policies and incident response information indicates room for improvement in security governance. Overall, the site is professional and trustworthy but requires urgent security enhancements to protect user data and improve trust.

P

PwC Legal Rechtsanwälte GmbH

pwclegal.at

40

PwC Legal Österreich operates as a leading legal advisory firm in Austria, leveraging the global PwC network to provide comprehensive legal services across multiple sectors including corporate governance, compliance, data protection, and emerging technologies such as AI and blockchain. The website is professionally designed, targeting business clients in Austria with content primarily in German. Technically, the site uses modern JavaScript frameworks and Adobe Experience Manager CMS, but suffers from critical SSL/TLS misconfigurations that undermine its security posture. Despite strong branding and privacy compliance mechanisms like OneTrust cookie consent, the lack of HTTPS and valid certificates is a major security concern. Overall, the site is credible and trustworthy but requires urgent security improvements.

A

Austrian Power Grid

apg.at

40

Austrian Power Grid (APG) operates the national electricity transmission grid in Austria, ensuring secure and reliable power supply across the country. The company is positioned as a key infrastructure provider in the energy sector, focusing on grid operation, expansion, and innovation to support Austria's energy transition. The website reflects a mature digital presence with comprehensive content, clear navigation, and multilingual support, targeting market participants, stakeholders, and the general public. Technically, the site is built on TYPO3 CMS with Vue.js components and integrates Matomo for analytics, indicating a modern and privacy-conscious technology stack. However, the SSL/TLS configuration is critically deficient, with no valid certificate and no modern TLS protocols enabled, which severely impacts security posture and user trust. Security headers are well implemented, including CSP, HSTS (though limited), and X-Frame-Options, demonstrating awareness of web security best practices. Privacy compliance is strong, with clear cookie consent mechanisms and a comprehensive privacy policy aligned with GDPR requirements. Business credibility is supported by consistent branding, social media presence, and detailed organizational information. Overall, while the business and content aspects are robust and professional, the lack of proper SSL/TLS implementation is a critical vulnerability that must be addressed urgently to protect users and maintain trust.

W

Wienerberger

wienerberger.it

39

Wienerberger Italy operates a comprehensive website focused on manufacturing and distributing clay building materials, targeting construction professionals and architects. The site offers detailed product catalogs, technical resources, and support services, positioning Wienerberger as a key player in the Italian building materials market. The digital infrastructure is built on Adobe Experience Manager, leveraging modern web technologies and integrated marketing tools such as Google Tag Manager and Cookiebot for consent management. However, the absence of a valid SSL certificate and HTTPS support represents a critical security vulnerability that undermines user trust and data protection. While the site includes privacy and cookie policies compliant with GDPR, it lacks explicit security and incident response disclosures. The domain registration is consistent with the business claims, reinforcing legitimacy. Strategic improvements in SSL deployment and security posture are essential to elevate the site's trustworthiness and compliance.

The domain apler.at currently hosts a minimal placeholder website indicating that the domain is not assigned to any webspace. There is no business content, no contact information, and no privacy or cookie policies present. The website is served over HTTP without SSL/TLS encryption, which is a significant security concern. The hosting provider is kasserver.com, and the server runs Apache. The lack of HTTPS and security headers exposes the site to potential risks and reduces user trust. Overall, the website is inactive and does not present any business or security maturity.

T

Trigon Entwicklungsberatung

trigon.at

20

Trigon Entwicklungsberatung is a well-established consulting firm specializing in organizational development, leadership, strategy, coaching, mediation, and innovation services primarily serving clients in Austria, Germany, and Switzerland. With over 40 years of experience and a team of 40+ consultants, the company holds a strong market position in the German-speaking consulting sector. Their website is professionally designed, content-rich, and targets organizational leaders and teams seeking transformational support. Technically, the site is built on WordPress with common plugins for SEO, multilingual support, and cookie management, but suffers from critical security shortcomings including the absence of a valid SSL certificate and HTTPS support. This significantly impacts the security posture and user trust. Privacy policies are comprehensive and GDPR compliant, and contact information is clearly provided via email and forms. Social media presence on LinkedIn and Facebook supports brand trust and outreach.

E

Erste Digital GmbH

s-itsolutions.com

39

Erste Digital GmbH is the digital and IT services arm of Erste Group, the largest banking group in Central and Eastern Europe. The company focuses on delivering best-in-class IT solutions and digital transformation services to banking entities across the region, supporting both operational and innovation activities. The website reflects a professional and modern digital presence with rich content describing the business and its mission to enhance financial health for millions of customers. Technically, the site uses modern web technologies including JavaScript modules, service workers, and ElasticSearch for search functionality, hosted behind Amazon CloudFront CDN for performance and reliability. However, a critical security gap exists as the site lacks a valid SSL/TLS certificate and does not serve content over HTTPS, which significantly impacts the security posture and trustworthiness. Privacy and cookie policies are present and appear comprehensive, indicating good compliance with GDPR requirements. Contact information such as emails and phone numbers are not explicitly provided on the homepage, which may affect user engagement. Overall, the site demonstrates strong business credibility and technical maturity but requires urgent security improvements to enable HTTPS and strengthen its security framework.

Z

Zahnarztpraxis Dr. Christian Pastor

zahnarzt-pastor.de

21

Zahnarztpraxis Dr. Christian Pastor is a small, local dental and oral surgery practice based in Beilstein, Germany. The website presents a professional image with a comprehensive range of dental services including prophylaxis, implantology, oral surgery, and aesthetic dentistry. The practice emphasizes patient-centered care and modern technology. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, hosted by agenturserver.de, and includes cookie consent mechanisms and Google Tag Manager for analytics. However, the site lacks HTTPS encryption, which is a critical security flaw. Security headers are minimal, and no advanced security policies or incident response information is provided. The WHOIS data is consistent with the business claims, supporting legitimacy. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

K

KremsChem Austria

metadynea.com

24

KremsChem Austria is a well-established chemical manufacturing company specializing in adhesives, resins, fine chemicals, and flame retardants. The company holds a strong regional market position in Austria and emphasizes sustainability and innovation. Their website reflects a professional and comprehensive digital presence, leveraging TYPO3 CMS and modern web technologies. However, the lack of a valid SSL certificate and HTTPS support is a critical security shortfall that undermines user trust and data protection. The site includes GDPR-compliant cookie consent mechanisms and active social media engagement, but lacks explicit published security or incident response policies. Overall, the business appears credible and mature, but urgent improvements in security infrastructure are recommended.

I

ICMPD

icmpd.org

40

ICMPD is an established international organization focused on migration policy development, capacity building, and research, serving 21 member states with a global project footprint. The website reflects a mature, professional entity with comprehensive content and strong branding consistency. Technically, the site uses modern CMS technology (eZ Platform) and integrates analytics tools like Google Analytics and Matomo, but suffers from poor SSL implementation and lacks critical security headers, impacting its security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the site is functional and content-rich but requires urgent security improvements to protect user data and enhance trust.

S

Steyr Motors AG

steyr-motors.com

20

Steyr Motors AG is a mature Austrian company specializing in the development and production of high-performance diesel engines for heavy-duty vehicles and marine applications. The company offers a range of products including marine engines, vehicle engines, generator sets, and integrated software solutions, supporting customers throughout the product lifecycle. The website reflects a professional and well-structured digital presence with multilingual support and investor relations content. Technically, the site is built on WordPress with modern plugins for SEO and cookie management, but critically lacks a valid SSL certificate, exposing users to security risks. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Business credibility is strong with clear contact information, certifications, and legal documents available. Overall, the site is functional and professional but requires urgent security improvements to enable HTTPS and enhance trust.

The website ask-us.cc represents a business entity named 'ask-us!! GesmbH' but currently hosts only a minimal placeholder page stating 'In Arbeit!!!' indicating that the site is under construction or inactive. There is no substantive business description, contact information, or user engagement features. The technical infrastructure is basic, served by an Apache server with no SSL certificate installed, resulting in an unsecured HTTP connection. DNS records are standard with no DNSSEC or CAA enforcement, and the hosting provider appears to be easyname.eu. Security posture is weak due to lack of HTTPS, minimal security headers, and absence of privacy or cookie policies. No analytics or tracking technologies are detected, and no social media or external links are present. The WHOIS data confirms domain registration but lacks detailed registrant information, which combined with minimal site content, reduces trustworthiness. Overall, the site is not production-ready and poses security and compliance risks.

IT-Services der Sozialversicherung GmbH (ITSV) is a specialized technology company focused on managing and coordinating IT activities for the Austrian social insurance sector. The company plays a pivotal role in driving digital transformation and efficiency improvements within the healthcare and social insurance ecosystem in Austria. Their key services include IT coordination, digitalization of social insurance services, and SAP support through a dedicated Customer Center of Expertise. The website reflects a professional and consistent brand presence targeting social insurance entities and insured individuals in Austria. Technically, the site uses a modern tech stack including Apache, Jakarta Faces, and jQuery, supported by a Gentics CMS platform. However, performance appears slow and SSL/TLS security is critically lacking, with no valid certificate or secure protocols enabled. Security headers such as Content Security Policy are well implemented, but the absence of HTTPS and TLS protocols represents a significant risk. Privacy compliance is strong, with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the site is content-rich and trustworthy but requires urgent security improvements to protect user data and maintain trust.

F

Fundermax GmbH

fundermax.at

40

Fundermax GmbH is a large Austrian manufacturer specializing in high-quality wood-based materials and compact laminates used in interior and exterior design applications. The company offers a diverse portfolio including raw chipboard, coated chipboard, laminate panels, compact panels, and biofiber panels, targeting architects, designers, and manufacturers. Their website demonstrates a professional and consistent brand presence with multiple industry certifications and awards, indicating a strong market position. Technically, the site is built on Pimcore CMS with Bootstrap framework and integrates modern tools like Google Tag Manager and Cookiebot for analytics and cookie consent management. However, the website currently lacks a valid SSL certificate, which significantly impacts its security posture. While security headers are present, the absence of a valid HTTPS setup and explicit security or incident response policies are notable gaps. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR compliance indicators. Overall, the site is professional and trustworthy but requires urgent attention to its SSL configuration and security policy transparency to enhance its security posture and user trust.

Stadttaxi Amstetten e.U. is a small, locally focused transportation service provider operating since 2005 in Amstetten and the western Mostviertel region of Austria. The company offers a range of services including taxi rides, limousine service, airport transfers, patient and sick transport, courier services, and minibus rentals. Their fleet consists of modern vehicles suitable for individual and group transport. The website reflects a business with a clear local market focus and provides multiple contact methods including phone, email, and a contact form. However, the technical infrastructure shows signs of aging with older JavaScript libraries and a lack of modern security protocols.

F

FRANZ OBERNDORFER GmbH & Co KG

oberndorfer.at

27

FRANZ OBERNDORFER GmbH & Co KG is Austria's largest precast concrete manufacturer with over 100 years of experience in planning, development, and production of concrete elements. The company holds a leading market position in Austria, offering a comprehensive product portfolio and full-service solutions including logistics and assembly. Their website reflects a mature digital presence built on Drupal 9, with good content quality and clear navigation targeting B2B customers in construction and real estate sectors. However, the absence of a valid SSL/TLS certificate and HTTPS support is a critical security gap that undermines user trust and data protection. While cookie compliance and privacy policies are well implemented, the lack of explicit security policies and incident response information indicates room for improvement in security governance. Overall, the business is credible and professional, but urgent action is needed to secure the website infrastructure.

G

Gesundheit Österreich GmbH

goeg.at

39

Gesundheit Österreich GmbH (GÖG) is a national Austrian government-owned research and planning institute specializing in healthcare and health promotion. The website serves as an authoritative platform providing health data, policy advice, publications, and event information targeted at healthcare professionals, policymakers, and the public. The organization holds a strong market position as a key player in Austria's healthcare sector. Technically, the website is built on Drupal 10 with modern frontend technologies and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the website suffers from a critical security issue: the SSL certificate is invalid or missing, resulting in no proper HTTPS support, which significantly impacts the security posture. Other security headers are partially implemented, but improvements are needed to meet best practices. Privacy compliance is good with a comprehensive privacy policy, though no cookie consent mechanism is present despite analytics usage. Overall, the website is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

S

SpenglerFox

spenglerfox.com

40

SpenglerFox is a globally recognized executive search and talent solutions provider, ranked in the top 40 worldwide. The company operates through a large network of over 380 consultants across 76 offices in 47 countries, offering services including executive search, leadership advisory, interim management, recruitment process outsourcing, and board solutions. Their business model focuses on delivering agile talent solutions to corporate clients seeking leadership and executive talent globally. The website content is professionally crafted, with detailed service descriptions and team profiles, reflecting a mature and established business. Technically, the website is built on WordPress, leveraging common plugins such as Yoast SEO and includes integrations with analytics and tracking tools like Microsoft Clarity, Google Tag Manager, and LinkedIn Insight. The site uses Apache hosting with DNS managed via AWS Route53. However, the website lacks HTTPS encryption, which is a critical security shortfall. Performance is moderate to slow, with good mobile optimization and basic accessibility features. From a security perspective, the absence of a valid SSL certificate and HTTPS is a major vulnerability, exposing users to potential data interception risks. The site also lacks important security headers and cookie consent mechanisms, which are important for GDPR compliance and user privacy. No incident response or security policy pages are found, and no certifications are displayed. The domain registration is consistent and transparent, with a mature domain age of 22 years and strong domain protection, supporting the legitimacy of the business. Overall, while the business and content quality are high, the security posture is weak due to missing HTTPS and security headers. Strategic improvements in SSL deployment, security headers, and privacy compliance are recommended to enhance trust and protect user data.

R

ruwido austria gmbh

ruwido.com

29

Ruwido Austria GmbH is a well-established Austrian manufacturer specializing in the design, development, and production of remote controls and smart home devices. Founded in 1969, the company emphasizes sustainability, innovation, and high design quality, holding a strong market position supported by numerous prestigious awards. Their operations are vertically integrated under one roof in Austria, powered by 100% renewable energy, reflecting a commitment to environmental responsibility. The website is professionally designed, content-rich, and targets businesses and consumers interested in premium, sustainable remote control solutions. Technically, the website runs on TYPO3 CMS with a PHP backend served by Apache. While the site is mobile-optimized and SEO-friendly, it suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in HTTP-only access despite HSTS header presence. Analytics are implemented via Google Analytics and YouTube embeds, with a compliant cookie consent mechanism in place. Contact information is clearly presented, enhancing business credibility. Security posture is basic with no major vulnerabilities detected but significant improvement needed in SSL/TLS configuration to protect user data and enhance trust. No explicit security or incident response policies are published, which could be improved to strengthen security culture and compliance. Overall, the site is trustworthy and professional but requires urgent SSL implementation and enhanced security policies to align with best practices and regulatory expectations.

S

seele

seele.com

26

Seele is a globally recognized technology leader specializing in façade construction and building envelopes, serving architects, developers, and construction companies with innovative glass façade solutions. The company operates with over 1,000 employees worldwide and maintains a strong market position in the manufacturing and real estate sectors. The website reflects a professional and consistent brand image with comprehensive business information and a clear focus on façade technologies and projects. Technically, the site is built on TYPO3 CMS and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the absence of HTTPS and modern security protocols represents a significant security risk. Privacy compliance is partially met with a comprehensive privacy policy but lacks cookie consent mechanisms. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

K

Klenk & Meder GmbH

klenk.at

23

Klenk & Meder GmbH is a well-established Austrian family-owned company specializing in electrical engineering services with over 55 years of experience and a workforce of approximately 750 employees. The company offers a broad range of services including electrical installation, network technology, photovoltaic systems, maintenance, and sales of electrical materials and devices. Their market position is strong within Austria, supported by a network of subsidiaries and partners. The website is professionally designed, content-rich, and targets both private and business customers as well as apprentices. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and good SEO practices, but suffers from a critical lack of HTTPS security due to an invalid or missing SSL certificate. The security posture is weak, lacking HTTPS and advanced security headers, which poses a significant risk. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Overall, the business credibility is high with clear contact information, certifications, and trust signals. Strategic improvements in security infrastructure are recommended to enhance trust and protect user data.

H

Hyperwave GmbH

hyperwave.com

40

Hyperwave GmbH is an established Austrian technology company specializing in intranet and private cloud solutions designed to facilitate efficient and secure information management within enterprises. With over 20 years of market presence, the company offers a range of services including document management, knowledge management, collaboration tools, and consulting services. The website targets businesses seeking robust data and information processing solutions, emphasizing ease of use, security, and adaptability. Technically, the website is built on a modern stack including Apache, Bootstrap, and JavaScript with Lottie animations, hosted via World4You DNS services. While the site is mobile-optimized and well-structured with good SEO practices, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and proper HTTPS configuration, which undermines user trust and data security. Performance metrics are unavailable, suggesting potential monitoring gaps. From a security perspective, the site implements some security headers but lacks a valid SSL/TLS setup, OCSP stapling, and DNSSEC, exposing it to potential risks. No explicit security policies or incident response contacts are published, indicating gaps in security governance and transparency. Privacy compliance is partially addressed with cookie consent mechanisms and a privacy policy, but no data protection officer or vulnerability disclosure information is provided. Overall, the website presents a professional business front with solid content and branding but requires urgent improvements in security infrastructure and transparency to enhance trustworthiness and compliance. Strategic recommendations include immediate SSL certificate deployment, DNS record corrections, and publication of security and incident response policies to align with best practices and regulatory requirements.

ALPINE Bau GmbH is an Austrian construction company currently in insolvency proceedings since 2013. The website primarily serves as an informational portal regarding the insolvency status and provides official legal references and company contact details. The business operates in the manufacturing sector with a focus on construction services. The company is small-sized and based in Austria, with official registration and VAT numbers clearly displayed. Technically, the website is very basic, served over HTTP without SSL/TLS encryption, hosted on an Apache server with DNS hosted by world4you.at. There is no evidence of modern web technologies, CMS, or performance optimization. The site lacks mobile optimization and accessibility features, and no analytics or marketing tools are detected. From a security perspective, the absence of HTTPS is a critical vulnerability, exposing users to potential data interception. No security headers or advanced configurations are present, and no privacy or cookie policies are implemented, indicating poor compliance with GDPR and modern privacy standards. Contact information is limited to an email and physical address, with no phone or social media presence. Overall, the website presents significant risks due to lack of encryption and privacy compliance, minimal content, and outdated technical implementation. Strategic recommendations include immediate implementation of HTTPS, addition of privacy and cookie policies, enhancement of security headers, and modernization of the website to improve trust and user experience.

H

HAUSER GmbH

hauser.com

28

HAUSER GmbH is a well-established European provider specializing in refrigeration furniture and cooling technology, serving international clients primarily in the food retail and industrial sectors. The company offers comprehensive solutions including innovative, energy-efficient cooling systems, project management, and lifecycle services. With approximately 75 years of experience, HAUSER holds a strong market position as a trusted B2B Komplettanbieter in Austria and Europe. The website is professionally designed, content-rich, and targets business customers seeking high-quality refrigeration solutions. Technically, the website is built on Drupal 10 and employs modern web technologies including Matomo for analytics and TRUENDO for privacy management. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a significant security and trust concern. Performance data is missing, and DNS records are incomplete, suggesting possible use of CDN or proxy services. The site is mobile-optimized and accessible with good SEO practices. From a security perspective, while several security headers are implemented, the absence of HTTPS and TLS protocols severely undermines the security posture. No explicit security policies or incident response contacts are provided, and no vulnerability disclosure mechanisms are found. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, HAUSER GmbH presents a credible and professional business online presence but must urgently address SSL/TLS implementation to improve security and trust. Strategic recommendations include securing the website with valid certificates, enabling modern TLS protocols, and enhancing security transparency to align with best practices and regulatory requirements.

E

ETM professional control GmbH

etm.at

40

ETM professional control GmbH is a medium-sized Austrian company specializing in the development of the SIMATIC WinCC Open Architecture SCADA system, serving critical industrial sectors such as energy, transportation, and building automation. As a wholly owned subsidiary of Siemens AG, ETM benefits from strong corporate backing and a global partner network, positioning it as a reputable player in industrial automation software. The website reflects a professional and consistent brand presence with detailed company history and management information. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates marketing and analytics tools such as Adobe DTM and Google Analytics. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture, exposing users to risks and reducing trust. Security headers are present but insufficient without proper TLS implementation. Privacy and cookie policies are linked to Siemens global pages, indicating good compliance with GDPR and related regulations. Overall, the site is content-rich and credible but requires urgent security improvements to protect users and enhance trust.

C

CeMM Research Center for Molecular Medicine of the Austrian Academy of Sciences

cemm.at

26

CeMM is a reputable interdisciplinary research center affiliated with the Austrian Academy of Sciences, focusing on molecular medicine and biomedical research. The website reflects a strong academic and scientific orientation, targeting researchers, students, and collaborators. The technical infrastructure is based on TYPO3 CMS with Apache hosting, and includes privacy-conscious analytics via Matomo. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. The site is well designed, mobile optimized, and rich in content, but security improvements are urgently needed to align with best practices and compliance requirements.

M

Merkur Versicherung AG

merkur.at

40

Merkur Versicherung AG is Austria's oldest insurance company, specializing in private health, accident, life, property, and legal protection insurance. Positioned as the second largest private health insurer in Austria, it serves a broad audience including private customers, employees, and businesses. The website demonstrates a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to its target audience. Technically, the site is built on Liferay DXP with React and Clay UI components, but suffers from critical SSL misconfiguration that undermines its security posture. Security headers are well implemented, but the lack of a valid SSL certificate and disabled TLS protocols present significant risks. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site is trustworthy and professional but requires urgent remediation of SSL issues to ensure secure user interactions.

BRAUN Maschinenfabrik Gesellschaft m.b.H. is a well-established Austrian manufacturing company specializing in steel cutting and grinding machines, hydraulic steel structures, and decommissioning technologies. Founded in 1848, the company holds a strong market position as a technology leader with a global presence, serving industrial clients primarily in the energy and manufacturing sectors. Their product portfolio includes customized solutions for cutting, grinding, and dismantling applications, supported by in-house engineering and automation capabilities. The website reflects a professional business with clear branding and relevant content targeting industrial customers. Technically, the website runs on an Apache server and uses JavaScript libraries including Google Analytics and Google Maps API. However, the site lacks HTTPS encryption, which is a critical security shortfall. Performance metrics are not available, but the site shows basic mobile optimization and SEO practices. The hosting provider is identified via DNS as esys.at, an Austrian hosting service. From a security perspective, the absence of a valid SSL/TLS certificate and HTTPS is a major vulnerability, exposing users to potential data interception. No advanced security headers or policies are implemented, and there is no visible incident response or vulnerability disclosure information. Privacy compliance is minimal, with no cookie consent mechanism detected, although a basic privacy policy and terms of service are present. Overall, the website demonstrates moderate business credibility and content quality but suffers from significant security and privacy compliance gaps. Strategic improvements in SSL deployment, security headers, and privacy mechanisms are recommended to enhance trust and protect users.

Bilfinger SE is an established international industrial services provider specializing in maintenance, expansion, and operation of industrial plants primarily in the energy, chemicals, pharma, and oil & gas sectors. The company operates across Europe, North America, and the Middle East, offering a comprehensive service portfolio including consulting, engineering, manufacturing, assembly, maintenance, and digital applications. The website reflects a mature digital presence built on TYPO3 CMS with a professional design and multilingual support targeting industrial clients globally. Technically, the site uses Apache and PHP 7.4 with various JavaScript libraries and integrates Matomo for analytics and Consentmanager.net for cookie consent management. Security posture is moderate; while security headers and a content security policy are present, the SSL/TLS configuration is currently invalid or missing, which is a critical issue. No WAF or blocking mechanisms are detected, and the site is fully accessible. The domain registration data is consistent with the business claims, showing a long-established domain without privacy protection, supporting legitimacy. Overall, the site is professional and trustworthy but requires urgent SSL/TLS remediation to improve security and user trust.

P

Pers-Con

pers-con.at

24

Pers-Con is a specialized recruitment and personal consulting firm focusing on sectors such as automotive, IT, pharma, waste management, insurance, finance, law, and construction. The company operates primarily in Austria and neighboring countries, offering services including direct candidate approach, media-supported search, and social media utilization. The website reflects a professional business with clear service offerings and team member contacts, targeting both companies and job seekers. Technically, the site is built on Joomla CMS with common web technologies like jQuery and Bootstrap, but lacks modern performance optimizations and mobile responsiveness is basic. Critically, the absence of HTTPS and a valid SSL certificate severely impacts security posture and trustworthiness. Cookie consent and privacy policies are implemented, indicating GDPR awareness. Overall, the site is functional but requires urgent security upgrades to meet modern standards.

M

Montanuniversität Leoben

mu-leoben.at

33

Montanuniversität Leoben is a well-established technical university in Austria specializing in sustainable technologies and circular engineering. The website reflects a strong academic and research focus with comprehensive educational offerings and active international partnerships. Technically, the site uses TYPO3 CMS with modern frontend libraries but lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS and incomplete security headers, though privacy compliance is well addressed with cookie consent and GDPR-aligned policies. Overall, the site is professional and trustworthy but requires urgent improvements in security infrastructure to protect user data and enhance trust.

V

Verticalfarminstitute

verticalfarminstitute.org

29

The Vertical Farm Institute is a specialized research and consulting organization focused on advancing urban agriculture and vertical farming. Established in 2013 and based in Vienna, Austria, it collaborates on international projects such as Horizon 2020's euPOLIS. The website presents a professional digital presence with rich content including project descriptions, journals, and service offerings targeted at real estate developers, architects, and sustainability-focused stakeholders. Technically, the site is built on WordPress with modern plugins and SEO tools, but lacks a valid SSL certificate, which is a significant security concern. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site demonstrates moderate maturity and credibility but requires urgent improvements in security and privacy practices.

B

BHDT GmbH

bhdt.at

22

BHDT GmbH is a specialist company focused on high pressure equipment and components for the chemical and petrochemical industries, operating primarily in Austria. The company is part of the Dr. Aichhorn Group and offers engineering, design, and production services. The website reflects a medium-sized B2B manufacturing business with a professional online presence and clear business segmentation. Technically, the site is built on WordPress with common plugins for SEO, multilingual support, and marketing analytics. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing users to potential risks. Privacy policies are present but lack a cookie consent mechanism, which may affect GDPR compliance. Overall, the site is functional and professional but requires urgent security improvements.

W

Wienerberger AG

wienerberger.com

39

Wienerberger AG is a leading global manufacturer and supplier of building materials, specializing in bricks, clay roof tiles, pipe systems, and surface pavings. The company holds a strong market position as the world's largest brick producer and a market leader in Europe for clay roof tiles and infrastructure solutions. The website reflects a mature and professional digital presence with comprehensive content targeting investors, customers, and job seekers. Technically, the site is built on Adobe Experience Manager and uses modern web technologies, but critically lacks HTTPS/SSL encryption, exposing users to security risks. Security headers are partially implemented, but the absence of SSL/TLS significantly lowers the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high business credibility and content quality but requires urgent security improvements to protect user data and maintain trust.

W

WiLLTRON Technologies GmbH

willtron.at

36

WiLLTRON Technologies GmbH is a specialized Austrian company founded in 2005, focusing on testing, measuring, monitoring, and analyzing wired and wireless IP networks and communication systems. Their offerings include a range of hardware and software solutions, seminars, and webinars targeting network professionals and communication system installers. The company maintains strategic partnerships with international manufacturers, positioning itself as a niche provider in the telecommunications technology sector. The website reflects a professional and consistent brand image with clear contact information and service descriptions. Technically, the site is built on TYPO3 CMS with common frontend frameworks and libraries, but lacks a valid SSL certificate, which is a significant security concern. The absence of HTTPS exposes users to potential data interception risks and reduces trustworthiness. Privacy and cookie policies are present with consent mechanisms, but no terms of service or explicit security policies are found. Social media presence is moderate, including Facebook, LinkedIn, and Google Plus (deprecated). Overall, the website is functional and informative but requires urgent security improvements to meet modern standards.

Software Competence Center Hagenberg (SCCH) is a medium-sized research and development center based in Austria, specializing in software competence and computational intelligence for industrial applications. The organization maintains a strong market position with national and international partnerships, offering services in data science, software science, project collaboration, consulting, and training. The website content is professionally presented in German, targeting industry professionals, researchers, partners, and potential employees. The business model focuses on research and innovation in technology for industry advancement. Technically, the website is built on the Contao Open Source CMS platform, utilizing Apache server technology and modern JavaScript libraries such as jQuery and Slick Carousel. Hosting is managed via Azure DNS services. While the website demonstrates good mobile optimization and basic SEO practices, performance metrics indicate slow loading times. Accessibility features are basic but present. From a security perspective, the site implements several important HTTP security headers including Content Security Policy, X-Frame-Options, and X-XSS-Protection. However, a critical weakness is the invalid SSL certificate and lack of proper HTTPS support, which significantly undermines the security posture. No advanced incident response or security policy documentation is found on the site. Privacy compliance is strong, with a comprehensive privacy policy, cookie consent mechanism, and GDPR adherence. Overall, the website is trustworthy and professionally maintained but requires urgent remediation of SSL/TLS issues to ensure secure communications and improve the security score. Strategic recommendations include fixing the SSL certificate, enabling modern TLS protocols, and enhancing performance and accessibility to strengthen the digital presence and security posture.

F

Fraunhofer Austria Research GmbH

fraunhofer.at

40

Fraunhofer Austria Research GmbH is a well-established applied research partner for the Austrian industry, specializing in digital networking, automation, machine vision, artificial intelligence, factory planning, production management, supply chain management, and digital logistics. The company operates as part of the larger Fraunhofer-Gesellschaft, Europe's largest applied research organization, positioning itself as a key player in Industry 4.0 within Austria. Their business model focuses on applied research and development through industry collaborations and publicly funded projects. Technically, the website is built on an Apache server with Adobe Experience Manager CMS, utilizing RequireJS and standard web technologies. While the site is mobile-optimized and well-structured with good SEO practices, performance data is limited and suggests slow loading. Accessibility is basic but functional. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. Although some security headers like HSTS, X-Content-Type-Options, and X-XSS-Protection are present, the absence of HTTPS severely undermines the security posture. No incident response or vulnerability disclosure policies are evident, and cookie consent mechanisms are missing, indicating partial privacy compliance. Overall, the website is professional and credible with clear business information and social media presence. However, the critical lack of HTTPS and incomplete privacy mechanisms present significant risks. Strategic improvements in SSL deployment, security policies, and privacy compliance are recommended to enhance trust and security.

N

Novellini S.p.A

novellini.com

28

Novellini S.p.A is a well-established Italian manufacturer specializing in bathroom products such as shower cubicles, whirlpool baths, and shower trays. The company maintains a strong international presence with localized websites for many countries, targeting consumers and businesses in the bathroom fixtures market. The website is professionally designed using Adobe Experience Manager CMS and includes modern JavaScript libraries and Google Tag Manager for analytics. However, the site lacks HTTPS, which is a critical security vulnerability, and does not provide visible privacy or cookie policies, impacting privacy compliance. Social media presence is active and official, enhancing brand trust. Overall, the website demonstrates good business credibility but requires urgent security improvements.

D

Domain has been suspended

riseragency.com

35

The website riseragency.com is currently inaccessible for normal business operations as it displays a suspension notice due to failure to verify the registrant email address within the ICANN mandated 15-day period. No business-related content, contact information, or service descriptions are available, indicating the site is non-operational. The technical infrastructure is minimal, running on an Apache server with no SSL/TLS certificate, serving content over HTTP only. The presence of Google reCAPTCHA v2 on the suspension form suggests some basic bot protection on the verification process. Security posture is weak with no HTTPS, no modern TLS protocols, and no security headers implemented. The domain is registered and not vulnerable to subdomain takeover, but the suspension status and lack of compliance with ICANN email verification requirements significantly reduce trust and operational credibility. Overall, the site scores very low on content quality, security, privacy compliance, and business credibility, making it unsuitable for any business or customer engagement at this time.

T

TCG UNITECH GmbH

unitech.at

35

TCG UNITECH GmbH is a well-established manufacturing company based in Austria, specializing in lightweight metal and plastic components for the automotive industry. The company operates as part of the Gnutti Carlo Group and offers a range of services including die casting, injection molding, and engineering solutions. Their website reflects a professional corporate presence with detailed information about their products, services, and corporate values. Technically, the site is built on WordPress with modern SEO practices and multilingual support, but lacks a valid SSL certificate, which is a significant security concern. The absence of HTTPS impacts the overall security posture and trustworthiness of the site. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

G

GLOBAL HYDRO Energy GmbH

global-hydro.eu

23

GLOBAL HYDRO Energy GmbH is a specialized technology leader in the small hydropower sector, offering comprehensive turnkey solutions including design, engineering, digital plant control, revitalization, and lifetime service. The company operates globally with a strong Austrian headquarters and emphasizes sustainable energy solutions. The website reflects a professional and consistent brand image with clear business information and contact details. Technically, the site uses Pimcore CMS on an Apache server and integrates Cookiebot for cookie consent and Google reCAPTCHA for form security. However, the absence of a valid SSL certificate and HTTPS support significantly weakens the security posture. Security headers are partially implemented but modern TLS protocols and cipher suites are missing, exposing the site to potential risks. Privacy compliance is supported by a clear privacy policy and cookie consent mechanism. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

T

The United Nations in Vienna

unvienna.org

36

The United Nations in Vienna website serves as the official digital presence of the UN's Vienna-based offices and agencies. It provides comprehensive information about the UN family in Vienna, their initiatives, sustainable development goals, and visitor information. The site targets a broad audience including diplomats, researchers, media, and the general public interested in UN activities. The business model is informational and public service-oriented, reflecting the UN's governmental and non-profit nature. The website is well-branded, consistent, and authoritative in its domain space. Technically, the site uses a combination of AngularJS and React frameworks, served via Apache, with integration of Google Tag Manager for analytics. The site is mobile optimized and has good navigation and content quality. However, performance metrics are unavailable, and accessibility is basic. SEO is moderately implemented with proper meta tags and Open Graph data. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. While some security headers are present, the absence of TLS protocols, cipher suites, DMARC, DNSSEC, and CAA records indicates a weak security posture. No incident response or vulnerability disclosure information is publicly available. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism despite tracking scripts. Overall, the website is trustworthy and credible given its UN affiliation and mature domain. However, the lack of HTTPS and modern security practices significantly lowers its security score and poses risks to users. Strategic improvements in SSL deployment, email security, and privacy compliance are recommended to enhance trust and security.

I

iService d.o.o.

iservice.hr

20

iService d.o.o. operates the website iservice.hr, providing fast and professional repair services for smartphones, tablets, Mac computers, and Apple devices, alongside retail sales of related accessories. The company targets both individual consumers and businesses, offering services such as quick repairs, free diagnostics, and warranty-backed parts. The business is well-positioned in the Croatian market with a strong reputation supported by certifications like Apple IRP and a 15-year operational history. Technically, the website uses a standard Apache server with modern marketing integrations including Google Analytics and Facebook Pixel, but lacks a valid SSL certificate, which is a significant security concern. The site is mobile-optimized with good SEO and user experience, though performance metrics indicate slow loading times. Security posture is weak due to missing HTTPS, lack of modern TLS protocols, and absence of key security headers. Privacy compliance is addressed with visible policies and cookie consent mechanisms, but no explicit security or incident response policies are found. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

P

Post & Co

post-co.com

28

Post & Co is an independent provider specializing in marine liability and logistics insurance, serving a broad range of clients in the maritime and logistics sectors including ship owners, charterers, terminal and transport operators, and port authorities. The company emphasizes quality service, innovation, and market focus, with a presence in Rotterdam, Antwerp, and Frankfurt. Their website reflects a professional business with multilingual support and clear contact channels. Technically, the site is built on WordPress using common plugins and frameworks but lacks a valid SSL certificate, which significantly impacts security posture. The site uses Google Analytics and has cookie consent mechanisms in place, indicating some privacy compliance. However, the absence of HTTPS and modern TLS protocols presents a critical security risk. Overall, the business appears legitimate and established, but the website requires urgent security improvements to protect user data and enhance trust.

WEB Windenergie AG is a large Austrian renewable energy company specializing in wind, photovoltaic, and hydropower plants. The company emphasizes citizen participation and operates across eight countries on two continents. Their business model focuses on green energy production and investment opportunities, positioning them as a leading player in Austria's renewable energy sector. The website is professionally designed with comprehensive content targeting private customers, business clients, municipalities, and investors. Technically, the site uses TYPO3 CMS with modern JavaScript libraries and responsive design, but lacks HTTPS, which is a critical security flaw. Security headers are partially implemented, but the absence of SSL/TLS severely impacts the security posture. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms. Contact information and trust signals such as certifications and social media presence enhance business credibility. Overall, the site is functional and professional but urgently requires HTTPS implementation to improve security and trust.

H

HumanWare

humanware.com

40

HumanWare is a globally recognized leader in assistive technology for people who are blind or have low vision, offering a wide range of products including electronic magnifiers, braille devices, and software solutions. The company operates under the parent company EssilorLuxottica and serves a diverse audience including students, workers, veterans, and eye care professionals. Their website is professionally designed with rich content and multilingual support, reflecting a mature digital presence. Technically, the site is built on WordPress with Elementor and integrates modern marketing and analytics tools such as Google Analytics and Facebook Pixel. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts the site's security posture. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the business credibility and content quality are high, but urgent improvements in SSL/TLS security are recommended.

S

St. Anna Kinderspital

stanna.at

29

St. Anna Kinderspital is a well-established pediatric hospital located in Vienna, Austria, providing comprehensive medical care for children and adolescents. The website reflects a strong commitment to patient care and family support, offering detailed information about medical departments, services, and patient guidance. The institution operates as a non-profit entity supported by donations, with clear calls to action for donations and career opportunities. Technically, the website is built on WordPress with modern plugins for SEO, multilingual support, and cookie management, but lacks HTTPS which is a critical security shortfall. Security headers are partially implemented, but the absence of SSL/TLS and modern TLS protocols significantly weakens the security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is professional and trustworthy but urgently needs to implement HTTPS to protect user data and improve security.

C

Coop Himmelb(l)au

coop-himmelblau.at

26

Coop Himmelb(l)au is a globally recognized architecture firm headquartered in Vienna, Austria, with additional offices in Tirana and Dubai. The firm specializes in innovative architectural design and urban planning, serving a diverse international clientele. Their portfolio includes a wide range of projects such as cultural institutions, residential buildings, office complexes, and mixed-use developments, highlighting their expertise and market presence in the real estate and architectural sectors. The website reflects a professional and comprehensive presentation of their work, targeting clients and stakeholders interested in cutting-edge architectural solutions. Technically, the website is built on a modern stack including Apache server, JavaScript frameworks, and analytics tools like Google Analytics and Matomo. It uses Kirby CMS inferred from URL patterns and asset paths, and is hosted on weber.cloud. The site is well-optimized for mobile devices and accessibility, with good SEO practices and clear navigation. However, performance metrics are moderate, indicating room for improvement in loading speed. From a security perspective, the site lacks HTTPS, which is a critical vulnerability. While some security headers are present, the absence of SSL/TLS encryption severely impacts the overall security posture. No incident response or security policy documents are found, and no vulnerability disclosure or security.txt files are present. Privacy compliance is good, with a comprehensive privacy policy and cookie consent mechanisms in place, including GDPR compliance indicators. Overall, the website is professionally designed and content-rich, supporting the firm's strong market position. However, the lack of HTTPS is a major security risk that must be addressed immediately to protect user data and maintain trust. Strategic recommendations include implementing SSL/TLS, enhancing security headers, and publishing security and incident response policies to improve the security maturity and compliance posture.

M

mtms Solutions

eventdata-services.com

40

mtms Solutions is an Austrian technology company specializing in SaaS software solutions for the event management industry. Their offerings include ticketing, accreditation, messaging services, guest management, live streaming, and business intelligence solutions. The company targets event organizers and businesses requiring integrated event and messaging platforms, positioning itself as a flexible and innovative provider in the event technology sector. The website is professionally designed with consistent branding and clear navigation, supporting multiple languages and featuring customer testimonials and certifications such as the Sport Leading Company seal. Technically, the site uses a variety of modern web technologies including Apache, Bootstrap, jQuery, and Matomo analytics, and appears to be built on the Redaxo CMS. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security shortfall. Security headers are minimal, and no incident response or security policy information is provided. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism. Overall, the site demonstrates good business credibility and content quality but requires urgent improvements in security posture to protect user data and enhance trust.