Security Directory

A

ArborXR

arborxr.com

59

ArborXR is a technology company specializing in enterprise-grade management solutions for AR and VR devices. Their platform enables organizations to remotely manage XR devices, deploy content, and customize user experiences with features such as kiosk mode and ArborXR Home Launcher. The company is positioned as a market leader, trusted by over 3,000 companies including Fortune 500 firms and preferred by Qualcomm. The website reflects a mature digital presence with professional design, comprehensive content, and strong trust signals including media coverage and customer testimonials. Technically, the site is built on Webflow, hosted via Cloudflare, and integrates marketing and analytics tools like Google Tag Manager and HubSpot. However, a critical security issue exists due to an invalid SSL certificate and disabled modern TLS protocols, which significantly impacts the security posture. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional and credible but requires urgent security improvements to ensure safe user interactions and compliance.

S

Scout Monitoring

scoutapm.com

49

Scout Monitoring is a specialized SaaS provider offering application performance monitoring solutions tailored for software engineering teams. Their platform emphasizes ease of use, rapid setup, and comprehensive monitoring features including app metrics, log management, tracing, query analysis, and alerting. The company targets developers and DevOps professionals seeking to optimize application performance and reliability. Technically, the website is built on modern web technologies including Webflow CMS, Google Tag Manager, and Cookiebot for privacy compliance. Hosting is via Amazon AWS infrastructure. However, the site suffers from a lack of a valid SSL certificate, resulting in no HTTPS support, which is a critical security gap. Performance is suboptimal with slow page load times and a high number of resources loaded. Security posture is weak due to missing security headers, invalid SPF configuration, and absence of HSTS and modern TLS protocols. Privacy compliance is reasonably well addressed with a privacy policy, cookie consent, and GDPR indicators. Business credibility is supported by clear branding, testimonials, and active social media presence. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

C

Curotec

curotec.com

49

Curotec is a medium-sized technology company specializing in software development services including SaaS, web, mobile, AI/ML, and e-commerce development. Positioned as a trusted and top-rated development agency, it serves SaaS and enterprise teams with flexible engagement models such as project delivery, staff augmentation, and support retainers. The company boasts multiple industry recognitions and partnerships, including official Laravel and Vue.js partnerships, enhancing its market credibility. Technically, the website is built on a modern tech stack featuring Laravel, React, Vue.js, Python, Node.js, and AWS, hosted on an Nginx server with Cloudflare DNS. The site uses WordPress CMS with Elementor for content management and includes advanced SEO and accessibility features. However, performance metrics are not available, though the site is mobile-optimized and well-structured. From a security perspective, the site lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability impacting user trust and data security. While SPF and DMARC records are properly configured, the absence of HTTPS and security headers like HSTS reduces the overall security posture. Privacy and cookie policies are present with consent mechanisms, indicating good compliance with GDPR and related regulations. Overall, Curotec's website is professional and content-rich, supporting its business credibility. The critical security issue of missing SSL must be addressed promptly to improve trust and protect user data. Strategic improvements in SSL configuration and security headers will enhance the site's security and compliance standing.

K

Kirschbaum Development

kirschbaumdevelopment.com

49

Kirschbaum Development is a small technology company specializing in web application development, staff augmentation, training, and technical leadership services. They primarily focus on Laravel, Vue.js, Angular, Drupal, and Wordpress frameworks, serving a diverse client base including Fortune 50 companies and smaller organizations. Their market position is strengthened by partnerships with Laravel and endorsements from industry leaders. The website presents a professional and consistent brand image with comprehensive service offerings and client testimonials. Technically, the website leverages modern web technologies including Laravel and Vue.js frameworks, hosted on AWS CloudFront CDN. The site includes Google Tag Manager for analytics and marketing purposes. While the site is mobile optimized and SEO friendly, performance metrics are unavailable. Accessibility is basic but functional. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. No advanced security headers or mechanisms such as HSTS or OCSP stapling are implemented. Cookie consent mechanisms are absent, indicating limited privacy compliance. The site uses secure cookies with CSRF tokens but overall security posture is weak. Overall, the website is professional and credible but requires urgent improvements in SSL/TLS implementation and privacy compliance to enhance security and user trust.

P

Planet

weareplanet.com

52

Planet is a large, established technology company specializing in integrated payment solutions, hospitality and retail software, and global VAT refund services. The company targets retail, hospitality, and travel sectors with a comprehensive suite of products including payments, property management software, booking engines, and tax free solutions. With over 35 years of experience and a global presence in 120+ markets, Planet positions itself as a leading provider offering a unified platform for payments and software. Technically, the website is built on Drupal 10 with modern JavaScript libraries and integrates multiple third-party analytics and marketing tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that significantly impacts the security posture. Privacy and cookie policies are present and include consent mechanisms, supporting GDPR compliance. Contact information is primarily via a contact form, with no explicit emails or phone numbers listed. Overall, the website is professionally designed, content-rich, and user-friendly but requires urgent security improvements to protect user data and enhance trust.

A

Allot

allot.com

55

Allot is a global enterprise specializing in network intelligence and security solutions tailored for service providers and enterprises, with a strong emphasis on 5G, broadband, and enterprise networks. The company offers a broad portfolio of services including network security, DDoS protection, traffic intelligence, and policy control, positioning itself as a key player in the telecommunications technology sector. The website reflects a mature digital presence with comprehensive content and structured data supporting SEO and user engagement. Technically, the site is built on WordPress, hosted on WP Engine, and utilizes Cloudflare CDN, integrating multiple marketing and analytics tools such as HubSpot, Google Tag Manager, LinkedIn Insight, and Microsoft Clarity. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, despite the presence of security headers and HSTS configuration. This significantly impacts the site's security posture and trustworthiness. Privacy compliance is partially addressed with a cookie consent mechanism but lacks visible privacy and terms of service policies. Overall, the site demonstrates good business credibility and technical implementation but requires urgent security improvements to protect user data and enhance trust.

F

Fundtruck

fundtruck.com

67

Fundtruck is a bi-national entrepreneurial competition operating in France and Belgium, focused on promoting startups and innovation by providing a platform for entrepreneurs to pitch their projects to investors and ecosystem stakeholders. Established in 2015, it has built a reputable position within the startup ecosystem, having engaged over 430 projects and partnered with numerous national investment funds. The website reflects a professional and consistent brand presence, targeting startups seeking funding and visibility. Technically, the site is built on Webflow, leveraging modern web technologies and CDN services for performance and scalability. Security posture is solid with HTTPS enforcement and valid SPF/DMARC DNS records, though improvements are recommended in security headers and privacy compliance. The absence of explicit privacy and cookie policies, as well as contact information, represents compliance and trust gaps. Overall, the site is functional, well-designed, and moderately optimized but would benefit from enhanced privacy transparency and security hardening.

N

Nexigen Digital Pty Ltd

nexigen.digital

53

Nexigen Digital Pty Ltd is a medium-sized Australian technology company specializing in providing online solutions and digital innovation services to Australian businesses. Founded in 2008, the company hosts over 250,000 websites and supports more than 300,000 customers with a 100% Australian-based team. Their market position is strong within the Australian digital services sector, offering web hosting and technology-led business growth tools. Technically, the website is built on WordPress and served via LiteSpeed servers with caching enabled, but lacks a valid SSL certificate, which is a critical security concern. The site uses Google Tag Manager for analytics and tracking but does not have a cookie consent mechanism, indicating partial privacy compliance. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly lowers the security posture. Overall, the website is professionally designed with good content quality and clear navigation, but the lack of SSL and privacy compliance mechanisms present risks that should be addressed promptly.

E

ENSAE Paris

ensae.fr

40

ENSAE Paris is a reputable French engineering school specializing in economics, data science, finance, and actuarial studies. The website reflects a well-structured educational institution with a clear focus on academic programs, research, and partnerships. The site is built on Drupal 10 with modern PHP and uses standard web technologies and analytics tools. However, the lack of a valid SSL certificate and proper HTTPS configuration is a significant security concern that undermines user trust and data protection. While security headers are well implemented, the absence of incident response and vulnerability disclosure information indicates room for improvement in security transparency and readiness. The website demonstrates good content quality, navigation, and branding consistency, targeting students, academics, and corporate partners. Strategic improvements in SSL deployment, security practices, and privacy compliance would enhance the overall security posture and user confidence.

B

Buybox

buybox.net

51

Buybox is a French-based company specializing in omnichannel gift card solutions for brands, targeting both B2C and B2B markets as well as network distribution. The company positions itself as a strategic partner for major brands in Europe, offering integrated tools and native CMS/PSP/POS integrations to optimize gift card programs. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. However, the absence of a valid SSL certificate and lack of security headers represent significant security weaknesses that could impact user trust and data protection. The site employs modern marketing and analytics tools such as HubSpot and Google Tag Manager, with a compliant cookie consent mechanism in place. Overall, while the business and content quality are strong, the technical security posture requires urgent improvement to meet industry standards.

K

Kinsta

sevalla.com

65

Sevalla, a product of Kinsta, is a comprehensive platform-as-a-service (PaaS) solution designed to host and manage web projects including applications, databases, and static sites. Positioned as a flexible and scalable platform, Sevalla targets developers and teams seeking to simplify deployment and infrastructure management. The platform leverages Google Cloud Platform and Cloudflare to provide global deployment capabilities and enhanced performance. The website reflects a professional and modern design with clear navigation and extensive content describing its services and benefits. Security and privacy are prominently emphasized, with certifications such as SOC II Type 2, ISO 27001, GDPR, and CCPA compliance highlighted, reinforcing trustworthiness. The presence of a detailed cookie consent mechanism and privacy policies further supports compliance efforts. Technically, the site uses modern frameworks like Next.js and React, integrates analytics and marketing tools such as Plausible Analytics, Google Tag Manager, and Intercom, and is hosted on a robust cloud infrastructure. However, performance metrics indicate a slow load time, and some security best practices like HSTS and DNSSEC are not fully implemented. Overall, Sevalla presents a strong market position with a secure and privacy-conscious platform, though improvements in technical optimization and security hardening could enhance its posture.

O

Office de tourisme de Niort

niortmaraispoitevin.com

59

Niort Marais Poitevin Tourisme operates as the official tourism office for the Niort Marais Poitevin region in France, providing comprehensive information and services related to accommodations, activities, events, and local experiences. The website serves as a key digital touchpoint for tourists and visitors, offering rich content, destination guides, and booking options. The organization positions itself as a regional tourism promoter with a strong local presence and partnerships. Technically, the website is built on WordPress with a modern plugin ecosystem including Yoast SEO, Cloudflare CDN, and various custom Iris Interactive plugins. While the site is well-structured, mobile-optimized, and SEO-friendly, it suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support, exposing visitors to potential risks. Privacy compliance is addressed with a clear privacy and cookie policy, including consent mechanisms. Social media integration and trust signals are strong, enhancing business credibility. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and maintain trust.

R

Retis

retis-innovation.fr

40

Retis Innovation is a French national network dedicated to supporting and promoting territorial innovation ecosystems. The organization focuses on assisting innovation actors, public institutions, and private experts to foster the creation and growth of innovative companies across French territories. The website reflects a mature digital presence built on WordPress with modern technologies and SEO best practices. Security posture is solid with HTTPS, SPF, and DMARC configured, though improvements in HTTP security headers and DNS security could enhance protection. Privacy compliance is strong, featuring comprehensive GDPR-aligned policies and cookie consent mechanisms. Contact information is transparent and multi-channel, supporting business credibility. Overall, Retis Innovation demonstrates a professional and trustworthy online presence suitable for its sector and audience.

D

Dogfinance

dogfinance.com

61

Dogfinance is a specialized professional social network and job platform targeting finance professionals primarily in France. It offers a comprehensive suite of services including job listings, company profiles, news, events, and networking opportunities tailored to the finance sector. The platform leverages modern web technologies such as React and Next.js, hosted on Google Cloud infrastructure, providing a responsive and professional user experience. Security is implemented with HTTPS using modern TLS protocols, though some improvements are recommended such as enabling HSTS and adding DNS security records. Privacy policies and terms of service are present and comprehensive, indicating a commitment to compliance, although cookie consent mechanisms are not evident. Overall, Dogfinance presents a credible and professional online presence with room for security enhancements.

V

Vade

vadesecure.com

60

Vade is a leading enterprise-level cybersecurity company specializing in AI-powered email security solutions, protecting over 1.4 billion mailboxes globally. Their flagship product, 365 Total Protection, integrates advanced AI and machine learning to provide comprehensive protection against phishing, ransomware, malware, and business email compromise, primarily targeting Microsoft 365 and Google Workspace users. The company is recognized as a leader in the cybersecurity market, with strong trust indicators such as G2 awards and a broad partner ecosystem. Technically, the website is built on HubSpot CMS, leveraging Cloudflare CDN and modern web technologies, offering a responsive and professional user experience. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which is a critical vulnerability that must be addressed. Privacy compliance is well managed with clear policies and consent mechanisms. Overall, Vade demonstrates strong business credibility and digital maturity but requires urgent improvements in SSL/TLS configuration to ensure secure communications and maintain trust.

A

Agence Locale Pour la Coopération Européenne (ALPC)

europe-en-nouvelle-aquitaine.eu

40

The website europe-en-nouvelle-aquitaine.eu serves as the official digital presence of the Europe office for the Nouvelle-Aquitaine region in France. It provides comprehensive information and support related to European funding, project submission, and regional development initiatives. The site targets a diverse audience including regional businesses, public entities, associations, and individual beneficiaries seeking European aid and partnership opportunities. The business model is that of a public regional agency facilitating access to European funds and promoting regional cooperation. Technically, the website is built on the Drupal CMS platform, utilizing common web technologies such as Bootstrap, jQuery, Google Fonts, and Google Maps API. While the site is mobile-optimized and offers good navigation and content relevance, its performance is slow with a page load time exceeding 12 seconds. SEO and accessibility are basic but functional. From a security perspective, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS protection. No security headers or DNS security features like DNSSEC or CAA records are implemented. Cookie consent is present, but privacy and security policies are basic. The absence of HTTPS and security headers significantly lowers the security posture, posing risks to user data confidentiality and integrity. Overall, the website is professionally designed and serves its informational purpose well but requires urgent improvements in security infrastructure, especially SSL implementation and security headers. Enhancing performance and accessibility would also benefit user experience and trustworthiness.

T

Thought Machine Group Limited

thoughtmachine.net

54

Thought Machine Group Limited is a leading provider of cloud-native core banking and payments platforms, offering innovative solutions such as Vault Core and Vault Payments. Their technology empowers banks and fintechs worldwide to build flexible, scalable financial products and payment schemes. Recognized as a leader in the 2025 Gartner Magic Quadrant for Retail Core Banking Systems, Thought Machine serves a global clientele including major financial institutions and investors. The website reflects a mature digital presence with comprehensive content, multi-language support, and strong branding. Technically, the site leverages modern web technologies including Webflow CMS, JavaScript libraries, and integrates marketing and analytics tools such as HubSpot, Google Analytics, and LinkedIn Insight. However, the site suffers from a lack of a valid SSL certificate and absence of key security headers, which significantly impacts its security posture. Performance is suboptimal with slow load times and a large number of resources. Security-wise, while no critical vulnerabilities or malware indicators were found, the missing HTTPS and security headers represent a major risk that should be addressed promptly. Privacy compliance is well-handled with a clear privacy policy and cookie consent mechanism via Cookiebot. Contact information is detailed with multiple global office addresses and a contact form, but no direct company emails or phone numbers were found. Overall, Thought Machine's website is professional and content-rich, supporting its position as a trusted technology provider in the finance sector. Addressing the SSL and security header issues would greatly enhance trust and security for visitors and clients.

E

economiesuisse

economiesuisse.ch

60

economiesuisse is the leading umbrella organization representing the interests of the competitive, internationally connected, and responsible Swiss economy. The website provides comprehensive information about their advocacy, publications, news, and events targeting Swiss businesses and policymakers. Technically, the site is built on Drupal 10 and integrates modern tools such as Google Tag Manager and Hotjar for analytics and user tracking. However, the site suffers from a lack of a valid SSL certificate and modern TLS protocols, which significantly impacts its security posture. While cookie consent and privacy policies are well implemented, the absence of security headers and HTTPS reduces trust and security. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

O

Option finance

optionfinance.fr

40

Option Finance is a well-established French financial media company providing news, analysis, and specialized content for finance professionals. The website serves as a hub for multiple partner publications and offers subscription-based premium content, events, and advertising services. Technically, the site is built on TYPO3 CMS and integrates modern marketing and analytics tools, but suffers from a critical lack of valid SSL/TLS configuration, impacting its security posture. Privacy and cookie policies are present with consent mechanisms, reflecting good compliance practices. Overall, the site offers rich, professional content with a strong brand presence but requires urgent security improvements to protect user data and enhance trust.

G

GFT Technologies SE

gft.com

63

GFT Technologies SE is a global technology company specializing in digital transformation and IT modernization services, primarily serving the banking, insurance, and manufacturing sectors. The company leverages advanced technologies such as cloud computing, AI, blockchain, and IoT to deliver innovative solutions that help enterprises stay competitive. Their strong partner ecosystem includes major cloud providers and fintech innovators, reinforcing their market position. Technically, the website is built on modern frameworks like Vue.js and managed via Magnolia CMS, with integrations for analytics and consent management tools such as Google Tag Manager, Microsoft Clarity, and Cookiebot. While the site is mobile-optimized and well-structured for SEO and accessibility, performance metrics were not available. The hosting is supported by Fastly CDN, ensuring global content delivery. From a security perspective, the site implements several best practices including a Content Security Policy, secure cookie flags, and security headers. However, the SSL certificate is invalid or missing, and modern TLS protocols are not supported, which significantly impacts the security posture. No explicit security policy or incident response information is publicly available, and no vulnerability disclosure or security.txt file was found. Overall, the website presents a professional and trustworthy image with comprehensive privacy and cookie policies, but the lack of valid SSL and modern TLS support are critical issues that should be addressed promptly to improve security and user trust.

W

Wevioo

wevioo.com

40

Wevioo is an international consulting company specializing in digital transformation, IoT, and innovation, serving major clients in banking, insurance, industry, logistics, and public sectors. The website is built on Drupal 8 and hosted on OVH infrastructure, leveraging modern web technologies such as Bootstrap and jQuery. While the site offers good content quality, clear navigation, and social media integration, it critically lacks HTTPS support, exposing visitors to security risks. The presence of cookie consent and privacy policies indicates some GDPR compliance, but absence of terms of service and security policies reduces overall trust. Strategic improvements in security posture and SSL implementation are essential to enhance user trust and compliance.

I

innovAARE AG

parkinnovaare.ch

36

innovAARE AG operates the Park Innovaare, a high-tech innovation and industrial park in Switzerland focused on accelerating deep-tech research and commercialization. The park provides modern office, laboratory, and specialized research spaces, along with community and networking services to startups, SMEs, and R&D departments. The website is professionally designed, content-rich, and well-structured, targeting innovation ecosystem participants. Technically, the site uses TYPO3 CMS with modern frontend libraries and is hosted by cyon AG. However, a critical security gap is the lack of HTTPS/SSL, exposing users to risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Business credibility is strong with clear contact details and legal information.

S

Switzerland Innovation Park Basel Area AG

sip-baselarea.com

40

Switzerland Innovation Park Basel Area AG operates a comprehensive innovation hub and coworking space platform focused on healthcare, life sciences, and technology sectors in Switzerland. The company provides flexible workspace solutions including ready-made offices, coworking spaces, lab spaces, and customizable workspaces tailored to startups, SMEs, and research institutions. Positioned as a key player in the Basel Area innovation ecosystem, it supports collaboration and growth through community building and event hosting. Technically, the website is built on WordPress with modern plugins and tracking tools, but lacks a valid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. The site is professionally designed with excellent content quality and user experience, though performance data is limited. Security weaknesses include missing HTTPS, HSTS, DMARC, DNSSEC, and vulnerability disclosure mechanisms, which should be prioritized to improve trust and compliance. Overall, the business demonstrates strong market positioning and digital maturity but requires urgent security enhancements to protect user data and maintain credibility.

U

URL Networks

url.net.au

49

URL Networks is an Australian telecommunications provider specializing in business telephony and internet services, including hosted cloud PBX, SIP trunking, and various internet connectivity plans. The company positions itself as a trusted provider for businesses seeking stress-free telecommunications solutions. Their website is built on WordPress with modern plugins and tools, targeting Australian business customers with a focus on cloud and virtualized telephony services. The site includes detailed service descriptions and multiple contact channels, including phone, email, and social media. Technically, the website uses a WordPress CMS with Elementor, Yoast SEO, and several marketing and analytics tools such as Google Tag Manager and Chatlio live chat. Hosting appears to be on AWS infrastructure. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Performance data is missing, and no cookie consent mechanism is present, indicating limited privacy compliance. Security posture is weak due to the absence of HTTPS, no security headers, and no modern TLS protocols enabled. While no active vulnerabilities like Heartbleed or POODLE are detected, the lack of encryption exposes users to significant risks. Privacy policy is present and comprehensive but GDPR compliance is uncertain due to missing cookie consent. Incident response and security policies are not published. Overall, the website is functional and professionally designed but requires urgent security improvements, especially enabling HTTPS and implementing security best practices. Privacy compliance should be enhanced with cookie consent mechanisms. Business credibility is supported by clear contact information and social media presence, but security gaps reduce trustworthiness.

I

Institut Polytechnique de Paris

ip-paris.fr

40

Institut Polytechnique de Paris is a leading French higher education and research institution that unites five prestigious engineering schools to deliver world-class science and technology education. The website reflects a strong focus on education, research, innovation, and entrepreneurship, targeting students, researchers, entrepreneurs, and companies. The digital infrastructure is built on Drupal 10 with modern PHP and includes integrations for analytics and consent management. However, the security posture is weakened by the absence of a valid SSL certificate and proper HTTPS configuration, which is a critical vulnerability. Privacy compliance is well addressed with clear cookie management and privacy policies. Overall, the website is professionally designed, content-rich, and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

M

Mantu

mantu.com

39

Mantu is a global consulting platform focused on providing guidance and services to businesses and entrepreneurs worldwide. With a large and diverse workforce spread across multiple continents, Mantu positions itself as a collaborative network of brands delivering transformative business solutions. The website reflects a professional and well-structured digital presence, leveraging WordPress CMS with modern tools such as Elementor and WP Rocket to optimize user experience and performance. However, the absence of a valid SSL certificate and lack of HTTPS support significantly weaken the site's security posture. While DNS records show good email authentication practices with SPF and DMARC, the lack of security headers and modern TLS protocols exposes the site to potential risks. Privacy compliance is partially addressed with a comprehensive privacy policy, but no cookie consent mechanism was detected. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

A

appliedAI Institute for Europe gGmbH

ai-startups-europe.eu

40

The appliedAI Institute for Europe gGmbH is a non-profit organization focused on generating and disseminating high-quality knowledge about trustworthy Artificial Intelligence. It serves professionals and policymakers by providing educational formats, tools, community engagement, and regulatory guidance, positioning itself as a leading AI knowledge hub in Europe. Technically, the website employs modern JavaScript frameworks like Vue.js, Bootstrap for responsive design, and integrates marketing and analytics tools such as Google Tag Manager, HubSpot, and Usercentrics for consent management. However, the security posture is weakened by the absence of a valid SSL certificate, lack of HSTS, and missing DMARC records, which are critical for secure communications and email protection. Overall, the site is content-rich and professionally presented but requires urgent improvements in SSL/TLS configuration to enhance trust and security.

F

French Assurtech

french-assurtech.com

40

French Assurtech is a French-based accelerator and innovation platform focused on the insurance technology sector. Supported by eight leading mutual insurance companies, it offers a comprehensive program including startup acceleration, an innovation lab (Lab XP), and a training campus to foster digital transformation and new insurance business models. The website positions French Assurtech as a key player in the French insurtech ecosystem, targeting startups, insurance professionals, and innovation managers. Technically, the site is built on WordPress using Elementor and integrates SEO and multilingual capabilities. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which significantly impacts its security posture. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy, but no explicit security or incident response policies are found. Overall, the website is professional and content-rich but requires urgent improvements in security and performance to enhance trust and user experience.

G

glatec

glatec.ch

56

glatec is a non-profit business incubator based in Zurich-Dubendorf, Switzerland, supporting startups and collaborative research in materials science, environmental science, and technology. It operates in partnership with prominent research institutions such as Empa and Eawag, providing infrastructure and professional support to new companies. The website is built on the Liferay CMS platform with React and Alloy UI technologies, featuring a comprehensive navigation structure and multilingual support. However, the site suffers from a lack of a valid SSL certificate, impacting its security posture. Cookie consent mechanisms are implemented, but no explicit privacy policy or terms of service were found in the scanned content. Contact information including phone numbers and physical addresses for multiple Swiss locations is clearly provided, alongside active social media channels.

S

Switzerland Innovation Park Ost

startfeld.ch

40

Switzerland Innovation Park Ost operates a comprehensive startup support platform focused on the Eastern Switzerland region, providing services such as consulting, financing, infrastructure, and networking to ambitious startup founders. The organization holds a strong market position, recognized as the 3rd ranked startup hub in Switzerland within Europe’s Leading Start-Up Hubs 2024. The website is built on a modern WordPress stack with Elementor and WooCommerce, integrating advanced front-end libraries and marketing tools like Google Tag Manager and CleverReach for newsletters. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, exposing the site to potential risks and undermining user trust. Privacy and cookie policies are present and GDPR compliant, with clear contact information and social media presence enhancing business credibility.

G

Golem

golem.ai

64

Golem.ai is a French technology company specializing in AI-powered semantic analysis and automation solutions for business communication and document processing. Positioned as a trusted AI provider, it offers products like InboxCare and the Golem.ai Core platform, targeting industries such as insurance, retail, transport, defense, tourism, and customer relations. The company is recognized by Gartner and integrated into the French tech ecosystem, emphasizing explainability, sovereignty, and energy-efficient AI. Technically, the website is built on WordPress with Elementor, hosted on Scaleway, and uses modern web technologies with good performance and mobile optimization. Security posture is solid with HTTPS, DMARC, and SPF configured, though improvements in security headers and DNS security are recommended. Privacy compliance is strong with clear policies and consent mechanisms. Overall, Golem.ai presents a professional, trustworthy, and well-structured digital presence with strong business credibility and technical maturity.

L

LittleBig Connection

littlebigconnection.com

68

LittleBig Connection is a technology-focused collaborative platform that connects large companies with freelancers and consulting firms specializing in technology and engineering. It operates a global marketplace and management platform with a presence in 50 countries and a community of 500,000 experts. The company is part of the Mantu group and emphasizes long-term, high-impact projects. Technically, the website is built on WordPress with modern JavaScript libraries and animation frameworks, delivering a good user experience and mobile optimization. Security posture is strong with HTTPS, robust security headers, and certifications including ISO 27001 and ISO 9001. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the site demonstrates a mature digital presence with good SEO, trust indicators, and extensive analytics usage.

J

Jamespot

jamespot.com

48

Jamespot is a French technology company specializing in SaaS collaborative digital workplace solutions, including enterprise social networks, intranet, and AI-powered collaboration tools. The company positions itself as a flexible and customizable provider with over 20 years of experience, targeting professional organizations seeking to enhance internal communication and teamwork. The website demonstrates strong business credibility with comprehensive content, customer testimonials, and recognized certifications such as ISO 27001 and RGAA 4.1 accessibility compliance. Technically, the site is built on WordPress with modern SEO and marketing tools, but suffers from slow performance and lacks a valid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with detailed cookie policies and consent mechanisms. Security practices include SPF and DMARC DNS records, but the absence of HTTPS and modern TLS protocols is a critical weakness. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

A

Aternos

aternos.org

67

Aternos is a well-established provider of free Minecraft server hosting services, boasting a large user base exceeding 120 million users. The company offers personal Minecraft servers supporting both Java and Bedrock editions, with features such as mods, plugins, DDOS protection, automatic backups, and custom domains. Their business model is unique in that all services are free with no paid options, positioning them as a popular choice for Minecraft players seeking accessible multiplayer experiences. The website is professionally designed, multilingual, and provides clear navigation and extensive content about their offerings and team. Technically, the site leverages Cloudflare for DNS and CDN services, uses modern JavaScript libraries, and integrates Google Tag Manager for analytics. However, the absence of a valid SSL certificate and HTTPS support is a significant technical shortfall, impacting security and user trust. Performance is moderate, and mobile optimization is good, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and language alternates. From a security perspective, the site has strong DNS configurations including SPF and DMARC policies, reducing email spoofing risks. However, the lack of HTTPS, missing security headers, and no HSTS implementation are critical vulnerabilities that expose users to potential risks. No formal security policy, incident response contacts, or vulnerability disclosure mechanisms are evident, indicating room for improvement in security governance. Overall, Aternos presents a trustworthy and professional front for its free Minecraft server services but must urgently address its SSL/TLS deficiencies and enhance security best practices to protect its large user base and maintain compliance with privacy regulations.

E

Empa - Swiss Federal Laboratories for Materials Science and Technology

empa.ch

69

Empa is a Swiss federal research institute specializing in materials science and technology, operating under the ETH Domain. The organization focuses on interdisciplinary research to address industrial and societal challenges, aiming to transform research into marketable innovations. The website reflects a mature digital presence with extensive content, multilingual support, and a professional design tailored to industry partners, researchers, and the public. Technically, the site is built on Liferay CMS with React and Alloy UI, integrating modern web technologies and analytics tools. Security posture is adequate with HTTPS and SPF/DMARC email protections, though improvements in HSTS, DNSSEC, and DMARC policy are recommended. Privacy compliance is partially addressed with a cookie policy and consent mechanism, but no explicit privacy policy page was found. Overall, the site demonstrates a high level of professionalism and trustworthiness, suitable for a leading research institution.

E

Eawag

eawag.ch

63

Eawag is a leading water research institute within the ETH domain in Switzerland, focusing on sustainable water resource management, aquatic ecology, and environmental research. The website serves as a comprehensive portal for research, education, consulting, and public information, targeting researchers, policymakers, and the general public. Technically, the site is built on TYPO3 CMS and integrates modern web technologies and analytics tools, but suffers from slow load times and lacks a valid SSL certificate, impacting security and user trust. The security posture is basic with HSTS enabled but no valid TLS protocols or certificate, which is a critical issue. Privacy policies are present and GDPR compliant, though no explicit cookie consent mechanism is implemented. Overall, the site is professional and content-rich but requires urgent improvements in security and performance to enhance trust and compliance.

W

WEBKINDER AG

webkinder.ch

71

WEBKINDER AG is a Swiss digital agency specializing in web design, development, and online strategies, primarily serving clients in Luzern and Zürich. The company offers comprehensive services including WordPress and WooCommerce development, SEO, and custom web applications, positioning itself as a trusted partner for businesses and non-profit organizations seeking effective digital solutions. The website reflects a mature digital presence with professional design, clear navigation, and rich content including client references and insights. Technically, the website is built on WordPress with a modern tech stack including Gravity Forms, Yoast SEO, and WP Rocket for performance optimization. Hosting is managed via cyon.ch, and the site employs HTTPS with valid SSL certificates and SPF records for email security. The site is mobile-optimized and accessible, with good SEO practices implemented. From a security perspective, the site enforces HTTPS, uses security headers like HSTS (though not fully enabled), and employs Google reCAPTCHA v3 on forms. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. Contact information is clearly presented, enhancing trust and credibility. Overall, WEBKINDER AG demonstrates a strong digital maturity and security posture suitable for its business model. Strategic improvements could include enabling full HSTS policies, OCSP stapling, and publishing a security.txt file to further enhance security transparency and resilience.

B

Behamics

behamics.com

49

Behamics is an AI-driven platform specializing in enhancing e-commerce performance through behavioral science and advanced analytics. The company offers a suite of products including Nudge, Diagnostic, Organic SEO, Merchandise optimization, and Automations, targeting enterprise clients to boost revenue, conversions, and visibility. The website reflects a professional and modern design with comprehensive content and clear navigation, although performance is hindered by slow load times and a lack of HTTPS. Technically, the site is built on WordPress with Elementor and integrates multiple marketing and analytics tools. Security posture is weak due to the absence of a valid SSL certificate and missing security headers, which poses risks to data protection and user trust. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but lacks a cookie consent mechanism. Overall, Behamics demonstrates strong business credibility and market positioning but requires urgent improvements in security and technical performance to enhance trust and compliance.

Q

Quarkslab

quarkslab.com

50

Quarkslab is a cybersecurity company specializing in offensive and defensive security solutions, combining consulting, R&D, and proprietary software to help organizations protect their digital assets. The company is recognized in the Gartner Emerging Tech report and serves a target audience of companies and governmental organizations seeking advanced cyber defense. Technically, the website is built on WordPress with Elementor and integrates multiple analytics and marketing tools. However, the site lacks a valid SSL certificate and modern TLS support, which significantly impacts its security posture. While email authentication is well configured with SPF and DMARC, the absence of HTTPS and security headers exposes the site to risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

L

Les Sherpas

truzzer.fr

40

Les Sherpas is a French education platform specializing in personalized tutoring and online courses for students across various academic levels. The company positions itself as a flexible and quality-driven service provider, leveraging a proprietary platform that integrates messaging and videoconferencing to enhance the learning experience. The website is content-rich, featuring extensive user testimonials and structured data to boost SEO and trust. Technically, the site uses modern web standards and is hosted by o2switch, with moderate performance and good mobile optimization. Security is adequate with HTTPS and valid SPF records, but lacks advanced features such as HSTS and OCSP stapling, and no security headers are present. Privacy compliance is basic, with a privacy policy found but no cookie consent mechanism detected. Overall, the site demonstrates a strong business credibility and user trust, though security and privacy practices could be improved.

C

Crossware Limited

crossware.co.nz

64

Crossware Limited is a New Zealand-based enterprise software company specializing in email signature management solutions for medium to large organizations. Positioned as a world-leading provider, Crossware offers SaaS products that integrate with Microsoft 365, Google Workspace, Microsoft Exchange, and HCL Domino to ensure consistent, compliant, and centrally managed email signatures. The website demonstrates a mature digital presence with professional design, comprehensive content, and multiple customer engagement points such as free trials and demo requests. Technically, the site is hosted on Cloudflare with Webflow CMS, uses modern web technologies, and implements good security practices including HTTPS and OCSP stapling. However, there is room for improvement in SPF record validity and DMARC policy enforcement. Privacy compliance is supported by a comprehensive privacy policy and GDPR adherence, though cookie consent mechanisms are not evident. Overall, the site reflects a high level of business credibility and technical maturity.

A

Applied Behavioural Science Academy by Affective Advisory Ltd.

behavioralscience.academy

40

The Applied Behavioural Science Academy by Affective Advisory Ltd. is a specialized education provider offering a unique three-day executive program in applied behavioural science and behavioural economics. The program targets executives, policy makers, and project leaders seeking practical insights to drive sustainable change. The academy operates with a small, exclusive cohort model, emphasizing quality and networking in a prestigious Zurich location. Technically, the website is built on Squarespace, leveraging modern web technologies and Google services for analytics and security. While the site is well-designed and content-rich, performance is somewhat slow due to large page size and resource count. Security posture is good with strong TLS configurations but lacks some advanced headers like HSTS and DMARC. Privacy compliance is basic with a cookie banner and privacy policy present but no explicit GDPR certification. Overall, the site projects high professionalism and trustworthiness, with clear contact channels and social media presence.

L

Lansons

lansons.com

63

Lansons is a communications and reputation management consultancy operating primarily in the media sector with offices in London and New York. It is part of the larger Team Farner group, positioning itself as an established player offering a wide range of services including public relations, financial communications, crisis management, and sustainability advisory. The website content is professionally presented, targeting organizations and individuals seeking expert communications consultancy. Technically, the site uses modern JavaScript frameworks such as Alpine.js and GSAP, is built on Craft CMS, and is hosted by UKFast. However, performance metrics indicate slow loading times, and the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Security headers are well configured, but the absence of HTTPS significantly reduces the overall security posture. Privacy compliance is strong with a clear privacy policy and cookie consent mechanism. Contact information including email and phone number is clearly provided, enhancing business credibility. Overall, the site is professional and trustworthy but requires urgent SSL/TLS implementation to improve security and user trust.

R

Rod Kommunikation

rod.ag

40

Rod Kommunikation is a well-established communications agency based in Zurich, Switzerland, specializing in market, brand, and human-centered communication services. The website reflects a professional and creative business model targeting companies and brands seeking comprehensive communication and marketing solutions. The agency demonstrates strong market positioning with a portfolio of notable clients and industry memberships, supported by high-quality content and consistent branding. Technically, the site is built on Drupal 10, hosted by Hostpoint, and integrates modern marketing tools such as Google Tag Manager and HubSpot forms. However, the website suffers from an invalid SSL certificate and lacks modern TLS protocol support, which significantly impacts its security posture. While security headers are properly configured and no major vulnerabilities are detected, the absence of a valid SSL certificate and cookie consent mechanism are notable compliance and security gaps. Overall, the site offers excellent user experience, clear navigation, and trustworthy business information, but requires urgent improvements in SSL/TLS configuration and privacy compliance to enhance security and regulatory adherence.

K

komm.passion GmbH

komm-passion.de

33

komm.passion GmbH is a medium-sized full-service communication consultancy and creative agency operating primarily in Germany with offices in Düsseldorf, Hamburg, and Berlin. The company is affiliated internationally with Team Farner, enhancing its market position. Their service portfolio includes corporate communications, change management, digital health, employer branding, sustainability, and crisis communication among others. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting corporate clients seeking integrated communication solutions. Technically, the site is built on TYPO3 CMS and uses modern web technologies including Google Tag Manager and FontAwesome. However, a critical security gap exists as the website lacks HTTPS, exposing users to potential risks. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Social media presence and trust indicators such as Google Partner and BVDW membership support business credibility. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

J

jim & jim

jimjim.ch

40

jim & jim is a leading Swiss marketing agency specializing in NextGen Marketing, focusing on engaging young, hyperconnected customers through innovative digital and physical strategies. The company offers a wide range of services including content creation, community management, live execution, and strategic consulting, positioning itself as a comprehensive partner for brands targeting Millennials and Gen Z. The website reflects a professional and consistent brand image with strong client references and active social media presence. Technically, the site is built on WordPress with modern enhancements like Lottie animations and integrates marketing and analytics tools such as Google Tag Manager and HubSpot. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing the site to potential risks and undermining user trust. Privacy compliance is partially addressed with a comprehensive privacy policy, but lacks a cookie policy and explicit consent mechanisms. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to meet modern standards.

F

Farner Consulting AG

farner.ch

40

Farner Consulting AG is a well-established Swiss communication agency with over 70 years of experience and a large team of 300 experts. The company offers a broad range of communication services including public affairs, media relations, corporate communications, healthcare, financial services, technology communications, and more. Their target audience primarily consists of businesses and organizations in Switzerland seeking integrated communication solutions. The website is built on WordPress and leverages multiple modern JavaScript libraries and marketing tools such as HubSpot and Google Tag Manager. While the site is professionally designed with good SEO and mobile optimization, it suffers from a critical security issue due to the absence of a valid SSL certificate, which undermines HTTPS security. The presence of HSTS headers is positive but ineffective without proper SSL. Email authentication records like SPF have syntax errors, and the DMARC policy is minimal, indicating room for improvement in email security. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism despite tracking scripts. Overall, the website is functional and professional but requires urgent security enhancements to protect user data and improve trust.

B

BlueGlass | Team Farner

blueglass.ch

60

BlueGlass Interactive AG, operating as BlueGlass | Team Farner, is a leading digital marketing agency based in Zurich, Switzerland. The company offers a comprehensive suite of services including digital strategy consulting, SEO, content marketing, social media marketing, web design and development, data analytics, and e-sports video productions. With a strong market position supported by multiple industry awards and partnerships with major technology providers such as Google, Meta, and Microsoft, BlueGlass serves both national and international clients with a focus on data-driven and user-centric marketing solutions. The company is a medium-sized enterprise founded in 2007 and is part of the larger Team Farner communications group.

T

truzzer

truzzer.com

68

truzzer.com is a professionally designed e-commerce website specializing in customer trust solutions, including products to increase Google reviews and social media followers via NFC-enabled marketing materials. The company targets businesses seeking to enhance their online reputation and customer engagement. The site is built on WordPress with WooCommerce and uses modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Pinterest Pixel. Security posture is solid with HTTPS and several security headers, though improvements like HSTS could enhance it further. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms. Overall, the website presents a trustworthy and professional front with clear business information and contact options.