Security Directory

A

ABCIS

abcis.org.br

0

ABCIS is a Brazilian association focused on digital transformation and improvement of the healthcare sector through integration and education of IT managers in health. It holds a strong market position as the largest community of healthcare CIOs in Brazil, offering services such as information dissemination, education, networking, certification, and events. The website reflects a medium-sized organization with a clear target audience of healthcare IT executives and professionals. Technically, the site is built on WordPress with common plugins and hosted on DreamHost, but suffers from slow performance and lacks some advanced security configurations. Security posture is basic with TLS 1.3 support and no critical vulnerabilities detected, but improvements are needed in security headers, HSTS, and certificate transparency. The site uses common marketing and analytics tools including Google Tag Manager and Facebook Pixel, with a GDPR-compliant cookie consent mechanism. Overall, the website is professional, trustworthy, and well-branded, but could benefit from technical and security enhancements.

H

Hostinger

hostinger.com.br

0

Hostinger is a well-established global web hosting and domain registration provider founded in 2004, serving over 3 million users worldwide. The company offers a comprehensive suite of services including shared hosting, VPS, cloud hosting, WordPress optimized hosting, domain registration, and AI-powered website builders. Their market position is strong, supported by numerous trust indicators such as WordPress.org recommendation, Trustpilot reviews, and a 30-day refund policy. Technically, Hostinger employs modern web technologies including Nuxt.js and Vue.js, with integrations for Google Tag Manager, Microsoft Clarity, and Bing Ads, indicating a mature digital infrastructure. Security measures include valid SSL certificates, SPF and DMARC records with strict policies, though improvements can be made by enabling HSTS and DNSSEC. Overall, Hostinger demonstrates a solid security posture with no evident vulnerabilities and a good compliance level. The website is professionally designed, optimized for mobile, and provides a seamless user experience with clear navigation and comprehensive content. Strategic recommendations include enhancing security headers, implementing DNSSEC, and maintaining regular audits of third-party scripts to further strengthen security and trust.

J

JET e-Business

jet.com.br

0

JET e-Business is a Brazilian e-commerce platform provider specializing in high-performance solutions for B2C, B2B, D2C, and B2B2C business models. The company offers a comprehensive suite of services including marketplace integration, storefront customization, search optimization, shipping facilitation, and analytics. Positioned as a strategic partner, JET supports e-commerce businesses with technology and expert guidance to enhance sales and operational efficiency. The website reflects a professional and consistent brand presence targeting Brazilian e-commerce companies. Technically, the site is built on WordPress with WPBakery Page Builder, hosted on Hostinger, and protected by Cloudflare. It integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, and Hotjar, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and lack of HTTPS enforcement represent significant security weaknesses. The site has basic privacy compliance with a privacy policy and SPF/DMARC DNS records configured, but lacks cookie consent mechanisms and security.txt disclosures. Overall, the security posture is basic and requires improvements to meet modern standards and regulatory requirements.

W

Wake Creators

wakecreators.com.br

0

Wake Creators is a Brazilian technology company specializing in influencer marketing data and solutions. With a decade of experience, it holds a leading market position by maintaining the largest influencer database and leveraging AI and machine learning to optimize marketing campaigns. The company operates as part of the LWSA group and integrates into the broader Wake ecosystem, targeting brands, advertisers, and influencers. Technically, the website is built on WordPress using Oxygen Builder, hosted on AWS with DNS managed by Cloudflare. However, the site lacks a valid SSL certificate and modern TLS support, which poses significant security risks. The presence of SPF and DMARC records indicates some email security awareness, but the DMARC policy is permissive. Analytics usage is moderate with Google Analytics and Tag Manager implemented, but no cookie consent mechanism is present, which may impact privacy compliance. Overall, the site demonstrates moderate digital maturity with room for security and compliance improvements.

A

ApexBrasil

apexbrasil.com.br

0

ApexBrasil is a Brazilian government agency dedicated to promoting Brazilian exports and attracting foreign investments across multiple sectors including energy, agribusiness, infrastructure, and innovation. The website reflects a mature digital presence with comprehensive content targeting Brazilian exporters, foreign investors, and companies seeking international expansion. The agency leverages advanced technologies such as Adobe Experience Manager CMS, multiple analytics and marketing tools, and strong SSL configurations to deliver a professional and trustworthy user experience. Security posture is solid with modern TLS protocols and SPF/DMARC email protections, though improvements are recommended in DNSSEC deployment, HSTS enforcement, and explicit security policies. The site demonstrates good compliance with privacy regulations including LGPD and GDPR through cookie consent mechanisms and privacy policies. Overall, ApexBrasil's digital infrastructure supports its mission effectively while maintaining a high level of professionalism and trust.

A

ABIMÓVEL - Associação Brasileira das Indústrias do Mobiliário

abimovel.com

0

ABIMÓVEL is a Brazilian industry association focused on representing and supporting the furniture manufacturing sector. The organization promotes export initiatives, sustainability programs, design integration, and regulatory compliance education to enhance the competitiveness of its members. The website serves as a portal for industry news, projects, and resources, targeting furniture manufacturers, designers, and exporters primarily in Brazil but with international outreach. Technically, the website is built on WordPress with Elementor and various Jet plugins, hosted on Locaweb infrastructure. However, the site lacks a valid SSL certificate and modern TLS support, which undermines its security posture. There are no visible privacy or cookie policies, and no formal security or incident response policies are published. Social media presence and contact forms indicate active engagement and data collection, but privacy compliance appears minimal. Overall, the site is professionally designed but requires significant security and compliance improvements to meet modern standards.

M

MOVERGS - Associação das Indústrias de Móveis do Estado do RS

movergs.com.br

0

MOVERGS is a regional industry association focused on supporting and strengthening the furniture manufacturing sector in Rio Grande do Sul, Brazil. The organization provides member benefits, industry representation, event coordination, and sector data to its target audience of furniture manufacturers and related stakeholders. The website reflects a medium-sized organization with a solid regional presence and partnerships with recognized industry and governmental entities. Technically, the website uses a legacy technology stack including jQuery 1.7.2 and several JavaScript libraries for UI and media handling. It relies on Cloudflare for DNS but lacks a valid SSL certificate, resulting in no HTTPS support and poor security posture. Performance is slow with a large page size and many resources. SEO and accessibility are basic but functional. From a security perspective, the site has SPF and DMARC configured for email security but lacks critical HTTPS implementation, security headers, and DNSSEC. No incident response or vulnerability disclosure policies are found. Cookie consent is implemented, but GDPR compliance is uncertain. The overall security score is low, exposing the site and users to risks. Strategically, the site should prioritize obtaining a valid SSL certificate and enabling HTTPS, improve security headers and DNS configurations, and publish clear security and privacy policies. Enhancing technical modernization and performance will also improve user trust and engagement.

S

Sebrae

sebrae.com.br

0

Sebrae is a prominent Brazilian government-supported organization dedicated to fostering entrepreneurship and supporting micro and small businesses across Brazil. The website serves as a comprehensive portal offering free online courses, consulting services, digital tools, and extensive educational content tailored to entrepreneurs, individual microentrepreneurs (MEI), students, educators, and public agents. Sebrae holds a leading market position as a trusted non-profit entity with a large operational scale and a strong digital presence. Technically, the site is hosted on Google Cloud infrastructure, employs modern web technologies including Apache, Keycloak for authentication, and OneTrust for cookie consent, and integrates accessibility tools such as VLibras. The website demonstrates excellent design, mobile optimization, and SEO practices, ensuring a high-quality user experience.

O

Obispa Metalúrgica Ltda

obispadesign.com.br

0

Obispa Metalúrgica Ltda is a Brazilian manufacturing company specializing in the design and production of metal accessories with a focus on beauty, sophistication, and quality. With over 35 years of experience, the company offers multiple product collections and targets customers seeking high-quality metal accessory products. The website reflects a medium-sized enterprise with consistent branding and a good level of content quality. Technically, the site uses modern JavaScript libraries and frameworks such as jQuery, Slick Carousel, FancyApps UI, and Livewire, hosted on Locaweb infrastructure. However, the website suffers from a lack of a valid SSL certificate and modern security configurations, which impacts its security posture negatively. The presence of Google Analytics and Tag Manager indicates moderate user tracking and marketing efforts. Overall, the company maintains a moderate trust level with clear contact information and privacy policies but requires significant improvements in security and compliance.

C

Cinex

cinex.com.br

0

Cinex is a Brazilian manufacturing company with Italian roots specializing in innovative glass and aluminum products for architectural and furniture applications. The company has a strong market presence with over two decades of experience, offering a diverse product portfolio including doors, frames, coatings, and partitions. Their business model focuses on combining technology, design, and sustainability to serve architects, designers, engineers, and end consumers. Technically, the website infrastructure leverages common web technologies such as jQuery, Glider.js, and Typekit fonts, hosted behind Cloudflare DNS services. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of modern TLS protocols, which exposes users to significant risks. The company has implemented SPF and DMARC DNS records, indicating some email security awareness. Overall, the digital maturity is moderate with room for improvement in performance, security, and privacy compliance.

S

Sayerlack

sayerlack.com.br

0

Sayerlack is a leading Brazilian multinational specializing in the manufacturing and distribution of wood paints, varnishes, and stains, serving Latin America and over 90 countries globally. The company targets professionals such as architects, decorators, interior designers, carpenters, painters, and hobbyists, offering tailored solutions and extensive product lines. Their digital presence includes multilingual support, educational content, and interactive tools like digital color charts. Technically, the website employs modern front-end technologies including jQuery, Slick Carousel, FontAwesome, and Tailwind CSS, hosted on Microsoft Online infrastructure. However, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of modern TLS protocols, which undermines user trust and data protection. From a security perspective, while basic email protection via SPF is configured and CSRF tokens are implemented in forms, the lack of HTTPS, HSTS, DMARC, and other security headers exposes the site to potential risks. Privacy and cookie policies are present with a consent mechanism, but GDPR compliance is not fully addressed. No explicit security or incident response policies are found. Overall, Sayerlack's website reflects a mature business with strong market positioning but requires urgent security enhancements to protect user data and maintain trust. Strategic improvements in SSL deployment, security headers, and compliance frameworks are recommended to align with best practices and regulatory requirements.

B

Banrisul - Banco do Estado do Rio Grande do Sul, S.A.

banrisul.com.br

0

Banrisul is a large, state-owned multiple bank operating primarily in the southern region of Brazil, specifically Rio Grande do Sul. It offers a range of banking and financial services including commercial banking, development banking, leasing, real estate credit, financing, and investment. The website serves as a portal for internet banking and related services, targeting residents and businesses in its regional market. The business model focuses on public banking services with a regional market position. Technically, the website infrastructure appears outdated, using framesets and lacking modern web technologies or CMS indicators. Performance is moderate but mobile optimization and accessibility are poor. The absence of modern security protocols and an invalid SSL certificate indicate significant technical debt and security risks. No advanced frameworks or analytics tools are detected, and SEO is basic. From a security perspective, the site lacks a valid SSL certificate and does not support any TLS protocols, exposing users to potential risks. There are no HTTP security headers, no privacy or cookie policies, and no visible incident response or vulnerability disclosure mechanisms. This reflects a low security maturity level and potential compliance gaps with data protection regulations. Overall, the website requires urgent improvements in security posture, modernization of technical infrastructure, and implementation of privacy and compliance policies to enhance trust and protect users. Strategic investments in security and digital modernization are recommended to align with industry standards and regulatory requirements.

S

Sindmóveis Bento Gonçalves

sindmoveis.com.br

0

Sindmóveis Bento Gonçalves is a well-established industry union representing the furniture manufacturing sector in Bento Gonçalves, Brazil, since 1977. The organization plays a pivotal role in fostering development within the local and national furniture industry by providing a range of services including labor area support, digital certification, training, sector data, international committees, projects, and trade fairs. Their market position is significant within the manufacturing sector, supported by partnerships with key industry players and active engagement in events and communications. The website reflects a medium-sized entity with consistent branding and good content quality aimed at industry stakeholders and associated members. Technically, the website is built on WordPress with a custom theme and employs various modern web technologies such as lazy loading, Google Analytics, Google Tag Manager, Facebook Pixel, and reCAPTCHA for security. Hosting is provided by KingHost, and the site uses a valid SSL certificate, although some SSL metadata appears unusual. Performance is currently slow due to large page size and load times, but mobile optimization and SEO are handled well. Security practices include spam protection and SPF records for email, but lack advanced HTTP security headers and DNSSEC. From a security perspective, the site demonstrates basic to moderate maturity with valid SSL, anti-spam measures, and GDPR cookie consent mechanisms. However, it lacks explicit privacy and terms of service pages, security policies, incident response contacts, and vulnerability disclosure information. There is room for improvement in security headers, HSTS enforcement, and DNS security. Overall, the site is trustworthy and professional but would benefit from enhanced security and compliance documentation. Strategically, Sindmóveis should focus on improving website performance, implementing comprehensive security headers, publishing clear privacy and terms policies, and enhancing incident response readiness to strengthen trust and compliance with evolving data protection regulations.

D

D4Sign

d4sign.com.br

0

D4Sign is Brazil's leading electronic and digital signature platform, offering a comprehensive SaaS solution that integrates advanced AI capabilities to streamline document signing and contract management. The company serves a broad audience including businesses and individuals, providing secure authentication methods linked to government data for enhanced trust and legal compliance. Technically, the website is built on WordPress with multiple modern plugins and integrates various marketing and analytics tools, hosted on AWS. However, the current SSL/TLS configuration is invalid, posing a significant security risk. The company demonstrates strong market presence with over 500,000 companies trusting its services and certifications such as Great Place To Work and sustainability seals. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms.

P

Prima Estúdio Produções

primaestudio.com.br

0

Prima Estúdio Produções is a Brazilian digital communication company specializing in multimedia production, streaming, web development, and IT services. Established since 2016, it serves a medium-sized client base including notable companies, positioning itself as a reputable service provider in the technology sector. The website reflects a professional digital presence with good SEO and client trust indicators but lacks visible privacy and terms of service policies. Technically, the site is built on WordPress with Themify Ultra theme and uses several plugins including Sendinblue for marketing automation and Google Tag Manager for analytics. However, the site suffers from a lack of valid SSL/TLS configuration, resulting in insecure HTTP delivery and exposing visitors to potential risks. Security posture is weak with missing modern security headers and DNS security features. Cookie consent mechanisms are implemented, indicating some compliance with privacy regulations. Overall, the site demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

T

TI Inside

esgforum.com.br

0

ESG Forum is a small Brazilian event organizer focused on promoting sustainability and ESG principles through online events. The website serves as a platform to inform and register participants for the ESG Forum 2025 event, targeting corporate professionals and companies interested in environmental, social, and governance topics. The business is positioned as a niche event provider with institutional partners and sponsors, leveraging digital channels for outreach and engagement. Technically, the site is built on WordPress with the Divi theme and uses common plugins for forms, cookie consent, and accessibility. However, the lack of a valid SSL certificate and modern TLS protocols represents a significant security weakness. The site implements basic security measures like SPF and DMARC but lacks advanced protections such as HSTS and OCSP stapling. Analytics and tracking are moderately used via Google Analytics and LinkedIn Insight Tag, with a cookie consent mechanism in place. Overall, the site is functional and professional but requires urgent improvements in security and privacy compliance to enhance trust and protect user data.

P

pressi.com.br

pressi.com.br

0

The website pressi.com.br currently presents an empty HTML page with no visible content, metadata, or business information. The domain is registered and DNS records are configured with valid A, MX, and NS records, but lacks DNSSEC and CAA security enhancements. The SSL certificate is invalid or missing, resulting in no HTTPS support and exposing the site to potential interception risks. No privacy, cookie, or security policies are published, and no contact or business details are available on the site. The technical infrastructure appears minimal and outdated, with no modern web technologies or analytics detected. Overall, the site exhibits a very low digital maturity and security posture, with significant gaps in compliance and user trust factors.

J

JET e-Business

jetecommerce.com.br

0

JET e-Business is a Brazilian e-commerce platform provider specializing in high-performance omnichannel solutions for B2C, B2B, D2C, and B2B2C markets. The company offers a comprehensive suite of services including marketplace integrations, storefront customization, search optimization, shipping facilitation, and analytics. Positioned as a strategic partner for e-commerce businesses, JET emphasizes technology, professional support, and customer experience to help clients scale their online operations. The website reflects a medium-sized enterprise with a strong digital presence and a focus on the Brazilian market. Technically, the website is built on WordPress with WPBakery Page Builder and integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, Hotjar, and LinkedIn Insight Tag. Hosting and DNS services are provided by Hostinger and Cloudflare respectively. While the site has a valid SSL certificate and implements SPF and DMARC for email security, it lacks advanced DNS security features like DNSSEC and HSTS, and does not have a published security policy or vulnerability disclosure page. From a security perspective, the site demonstrates good baseline practices with valid SSL and email authentication records, but could improve by enabling HSTS, DNSSEC, and publishing explicit security and incident response policies. The presence of multiple tracking scripts indicates extensive user data collection, balanced by a cookie consent mechanism and a comprehensive privacy policy compliant with GDPR. Performance is a concern due to high page load times and large page size, which may impact user experience. Overall, JET e-Business presents a professional and trustworthy e-commerce platform with solid business and technical foundations. Strategic improvements in security hardening and performance optimization are recommended to enhance resilience and user satisfaction.

W

Wake Creators

squidit.com.br

0

Wake Creators, formerly known as Squid, is a Brazilian technology company specializing in influencer marketing data and campaign optimization. With a decade of experience, it offers a large influencer database and leverages AI and machine learning to enhance marketing performance. The company operates under the LWSA group and targets brands, advertisers, and influencers seeking data-driven marketing solutions. Technically, the website is built on WordPress using Oxygen builder and integrates Google Analytics and Tag Manager for tracking. However, the site lacks a valid SSL certificate and modern TLS protocols, which poses significant security risks. Email security is well managed with SPF and DMARC policies, and multiple domain verifications indicate active ownership and SEO efforts. Overall, the security posture is weak due to missing HTTPS and security headers, but the business shows maturity in data and marketing technology.

T

Tiki

tiki.com.br

0

Tiki is a Brazilian digital marketing agency specializing in comprehensive marketing services including digital campaigns, social media management, content marketing, web design, and custom systems development. With over 15 years of experience and a portfolio of more than 150 brands, Tiki positions itself as a reliable partner for businesses seeking to enhance their digital presence. The website reflects a mature digital infrastructure utilizing modern frameworks such as Next.js and React, integrated with advanced marketing and consent management tools like RD Station and AdOpt. However, the absence of a valid SSL certificate and lack of advanced security headers indicate significant security gaps that could expose users to risks. The company demonstrates good privacy compliance with clear policies and consent mechanisms, but should prioritize securing its web infrastructure. Overall, Tiki presents a professional and trustworthy image with a strong focus on client growth and digital innovation.

O

Ouvidor Digital

ouvidordigital.com.br

0

Ouvidor Digital is a Brazilian technology company specializing in digital compliance solutions, primarily offering a whistleblower channel platform designed to reduce fraud and workplace harassment. Positioned as an innovative market player, it leverages AI and official WhatsApp Business API to provide accessible, secure, and anonymous reporting channels. The company targets medium to large enterprises, focusing on compliance, HR, legal, and financial managers. Technically, the website is built on WordPress with the Divi theme, hosted on AWS infrastructure, and integrates multiple analytics and marketing tools. However, the site lacks a valid SSL certificate, which poses a significant security risk. Security policies are robust in terms of compliance frameworks and certifications, but technical security configurations need improvement. Overall, the company demonstrates strong market positioning with comprehensive content and trust signals but should address critical security vulnerabilities to enhance trust and compliance.

T

TI Inside Play

tiinsideplay.com.br

0

TI Inside Play is a digital event platform focused on delivering technology-related event content to its users, primarily targeting technology professionals and enthusiasts in Brazil. The platform operates as a WordPress-based website with user login and registration capabilities, offering access to recorded and live digital events. The business appears to be a small-sized entity with a niche market position within the technology event sector. Technically, the website leverages popular WordPress plugins such as Ultimate Member and Contact Form 7, and integrates Google Analytics for user tracking. However, the site suffers from significant security shortcomings, including an invalid SSL certificate, lack of modern TLS protocols, and absence of critical security headers and DNS security features. These issues expose the platform to potential risks and undermine user trust. Performance is also a concern, with slow load times and a large page size impacting user experience. Overall, while the platform provides relevant services to its audience, it requires urgent improvements in security and performance to enhance its digital maturity and trustworthiness.

T

TI Inside Comunicações Ltda

esginside.com.br

0

ESG Inside is a Brazilian media publication focused on Environmental, Social, and Governance (ESG) topics, providing news, articles, podcasts, and event information to a professional audience interested in sustainability and governance. The website is built on WordPress with a variety of plugins supporting content management, GDPR compliance, and user engagement. Despite a good content quality and consistent branding, the site suffers from critical security issues including the absence of a valid SSL certificate and lack of modern TLS protocols, which exposes users to potential risks. The presence of cookie consent mechanisms and privacy policies indicates a commitment to regulatory compliance, but the lack of explicit terms of service and security policies suggests areas for improvement. Overall, the site demonstrates moderate trustworthiness and a solid market position within the ESG media niche in Brazil.

S

Saúde Digital News

saudedigitalnews.com.br

0

Saúde Digital News is a specialized online media portal focused on delivering news, insights, and trends related to healthcare technology and digital health innovation in Brazil. The website targets professionals and stakeholders interested in the intersection of healthcare and technology, providing news articles, podcasts, and industry updates. The business operates as a niche media outlet with a small size and a consistent brand presence. Technically, the site is built on WordPress using Elementor and PenciDesign themes and plugins, hosted on servers associated with tiinside.com.br. The site integrates Google Analytics and Google Tag Manager for analytics and uses Google Adsense for advertising. While the site implements several security headers and a GDPR-compliant cookie consent mechanism, it currently lacks a valid SSL certificate and modern TLS protocol support, which poses significant security risks. Overall, the website offers good content quality and user experience but requires urgent improvements in SSL/TLS configuration to enhance security and trustworthiness.

T

TI Inside

forumderelacionamento.com.br

0

TI Inside operates a technology-focused event platform, organizing the TI Inside Innovation Forum, a key annual event in São Paulo, Brazil, targeting C-Level executives and technology leaders. The website serves as a promotional and ticketing landing page, leveraging WordPress and the Divi theme for content management. The event emphasizes emerging technologies such as AI and digital transformation, positioning itself as a significant forum in the Brazilian tech ecosystem. Technically, the website uses standard web technologies but suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS support, exposing users to potential data interception risks. The cookie consent mechanism is implemented, reflecting some compliance with privacy regulations, but no explicit privacy policy or terms of service are found on the site. Overall, the security posture is weak, performance is slow, and there is room for improvement in technical and security maturity.

L

Lyncas

lyncas.net

0

Lyncas is a Brazilian technology company specializing in IT outsourcing, software factory services, system maintenance, and squad as a service offerings. Positioned as a medium-sized enterprise with over 180 employees, Lyncas serves a diverse client base across multiple sectors, emphasizing digital transformation and innovation. The company maintains a professional online presence with detailed service descriptions, client testimonials, and active social media engagement. Technically, the website is built on WordPress with modern JavaScript libraries and includes integrations for analytics and marketing tools such as Google Tag Manager, Hotjar, and LinkedIn Insight. However, the website suffers from critical security shortcomings, including an invalid SSL certificate, lack of TLS protocol support, missing security headers, and incomplete DNS security configurations. These issues expose the site to potential risks and undermine user trust. The company has implemented basic privacy and cookie policies but lacks visible terms of service, security policies, or incident response information. Strategic improvements in security posture and compliance are recommended to enhance trust and protect business operations.

T

TI Inside

cybersecurityforum.com.br

0

Cybersecurity Forum is a specialized event organized by TI Inside, focused on digital security topics including advanced technologies like Generative AI, ransomware, identity management, and compliance. The event targets technology professionals and decision makers in Brazil, positioning itself as a key platform for knowledge exchange and networking in the cybersecurity sector. Technically, the website is built on WordPress using the Divi theme and several plugins, but suffers from a lack of SSL/TLS security and slow performance. Security posture is weak due to missing HTTPS and modern TLS protocols, exposing visitors to risks. The site implements a GDPR-compliant cookie consent mechanism and uses Google Analytics and LinkedIn tracking for marketing and analytics. Overall, the business shows a moderate level of digital maturity but requires urgent improvements in security infrastructure to protect user data and enhance trust.

M

Movelsul Brasil

movelsul.com.br

0

Movelsul Brasil operates the largest furniture fair in Latin America, targeting retailers, importers, and industry professionals. The company organizes a major event that attracts hundreds of exhibitors and thousands of visitors, positioning itself as a key marketplace in the furniture manufacturing and retail sectors. The website is built on WordPress and integrates multiple marketing and analytics tools, including Google Tag Manager, Facebook Pixel, and RD Station, indicating a moderate level of digital maturity. However, the site lacks a valid SSL certificate, which undermines secure communications and user trust. The absence of explicit privacy and terms of service policies, combined with limited security headers and no DNSSEC, suggests gaps in compliance and security posture. Overall, Movelsul Brasil demonstrates a solid business presence with room for improvement in technical and security domains.

M

Mercomóveis

mercomoveis.com.br

0

Mercomóveis is a prominent trade fair event dedicated to the furniture market in Brazil, providing a platform for exhibitors and retailers to showcase products, network, and conduct business. The website serves as an informational and registration portal for the event, targeting industry professionals and qualified visitors nationwide. The company positions itself as a key player in the furniture retail sector with a medium-sized operational scale and a focus on event organization and hospitality services. Technically, the website is built on WordPress with popular plugins like Elementor and Revolution Slider, hosted by Hostinger. Despite a rich content offering and good design quality, the site suffers from critical security shortcomings, notably an invalid SSL certificate and lack of modern security headers, which could undermine user trust and data protection. Performance is slow due to a large number of resources and page size, though mobile optimization and user experience are generally good. Overall, the digital maturity is moderate but requires urgent security improvements to align with best practices and compliance standards.

M

Movelpar Home Show

movelpar.com.br

0

Movelpar Home Show is a prominent furniture and home appliance trade event based in Brazil, targeting retailers and industry suppliers. The website presents the event as a leading platform for business, networking, and product launches in the Brazilian furniture retail sector. Technically, the site is built on WordPress using the Gutenify Architech theme and integrates common marketing and analytics tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and Google Adsense. However, the site lacks a valid SSL certificate and modern TLS support, which poses security risks and undermines user trust. The cookie consent mechanism is implemented, but no privacy policy or terms of service pages were found, indicating compliance gaps. Overall, the website offers good content and user experience but requires significant security and compliance improvements to enhance trust and protect user data.

C

Comunidade YES

yesmovelshow.com.br

0

Comunidade YES operates a Portuguese-language online portal focused on the Brazilian retail and furniture sectors, providing industry news, event promotion, and community engagement. The website serves as a hub for professionals and stakeholders in furniture, electronics, and mattress retail, offering content such as articles, event details, and social projects. Their market position is niche but established within this sector, supported by multiple event brands like Yes Móvel Show and Yes Varejo Summit. Technically, the site uses a standard LAMP stack with popular frontend libraries such as Bootstrap, jQuery, and Owl Carousel, but lacks a recognized CMS. Performance is moderate with good mobile optimization and basic SEO. Security posture is weak due to an invalid SSL certificate, lack of modern TLS protocols, and missing security headers, exposing the site to potential risks. Privacy compliance is minimal with a basic privacy policy but no cookie consent mechanism or terms of service. Overall, the site is professionally designed and functional but requires significant security and compliance improvements.

S

S B SERVICOS DIGITAIS LTDA

2i9.com.br

0

2i9 negócios digitais is a Brazilian digital agency specializing in the development and maintenance of news portals, websites, hotsites, and digital branding services. With over 12 years of market presence, the company positions itself as an innovative and multidisciplinary agency focused on delivering tailored digital solutions to its clients. Their key services include web development, digital media planning, email marketing, and server infrastructure, targeting businesses seeking to enhance their digital footprint. The company maintains a moderate market position supported by client testimonials, awards, and certifications such as D4Sign. Technically, the website leverages a mix of established web technologies including jQuery, Bootstrap, Google Fonts, and integrates Google reCAPTCHA v3 for spam protection. Hosting and DNS services are provided via Cloudflare, enhancing performance and security at the network level. However, the website suffers from a critical security flaw due to an invalid SSL certificate and lack of modern TLS protocol support, which undermines secure communications. Performance is suboptimal with a slow page load time and a large page size, indicating potential for optimization. From a security perspective, while some best practices like reCAPTCHA and Cloudflare usage are in place, the absence of valid SSL, security headers, DNSSEC, and HSTS significantly lowers the security posture. There is no visible security policy or incident response information, and no data protection officer contact is provided, which may impact compliance with data protection regulations. Privacy and terms of service documents exist but appear basic in scope. Overall, 2i9 negócios digitais demonstrates a solid business foundation and digital maturity but requires urgent improvements in security infrastructure and compliance transparency to reduce risk and enhance trustworthiness. Strategic investments in SSL certification, security headers, and performance optimization are recommended to align with industry best practices and regulatory expectations.

C

Central do Varejo

goakiraomnibiz.com.br

0

Central do Varejo is a Brazilian retail-focused media and content platform providing news, analysis, and event coverage for the retail industry. The website leverages WordPress with Elementor and various plugins to deliver rich content including articles, videos, and podcasts targeting retail professionals and franchising investors in Brazil. The platform holds a moderate market position as a leading source of retail information in the country. Technically, the site uses modern web technologies but suffers from significant security weaknesses including an invalid SSL certificate and misconfigured SPF records, which pose risks to user trust and email deliverability. Advertising and tracking tools are integrated without visible consent mechanisms, indicating potential privacy compliance gaps. Overall, the site offers excellent content quality and good user experience but requires urgent security and compliance improvements to enhance trust and protect user data.

C

Central do Varejo

centraldovarejo.com.br

0

Central do Varejo is a Brazilian online media platform specializing in retail industry news, events, and analysis. It serves as a key content provider for retail professionals, franchising investors, and marketing and innovation enthusiasts in Brazil. The website is built on WordPress with Elementor and integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, and Microsoft Clarity. Despite good SEO practices and structured data implementation, the site suffers from an invalid SSL certificate and slow performance, which could impact user trust and search rankings. No explicit privacy or cookie policies were found, indicating potential compliance gaps. The platform uses Cloudflare for DNS but lacks advanced DNS security features like DNSSEC.

V

Varejo Brasil

revistavarejobrasil.com.br

0

Varejo Brasil is a Brazilian digital media portal specializing in retail business news, events, and market insights. It serves retail professionals and business stakeholders with news articles, event calendars, and business information primarily focused on the Brazilian retail sector. The website is powered by WordPress and uses various plugins to manage events and user login functionalities. It is hosted behind Cloudflare, providing DNS and CDN services, and employs Google Tag Manager for analytics and tracking. The site has a valid SSL certificate but lacks advanced security headers and DNS email authentication records. No explicit privacy, cookie, or terms of service policies were found, indicating potential compliance gaps. Contact information is limited to a login form with no public emails or phone numbers. The website's performance is slow due to a large page size and many resources, but it offers good mobile optimization and SEO practices. Structured data for events and website search is implemented, enhancing search engine visibility.

P

Portal AL1

al1.com.br

0

Portal AL1 is a regional news media website focused on delivering news, videos, and opinion content primarily for the Maceió and Alagoas region in Brazil. It serves a general audience interested in local, national, and international news with a business model based on advertising revenue. The website demonstrates a consistent brand presence and good content quality with active social media engagement. Technically, the site relies on common web technologies such as jQuery, Bootstrap, and Cloudflare for DNS and partial security. However, the absence of a valid SSL certificate and modern TLS protocols significantly undermines the site's security posture. The site also exhibits slow performance and basic mobile optimization. Security best practices are not fully implemented, with missing security headers, no HSTS, and no DNSSEC. Privacy and compliance policies are absent, which may expose the business to regulatory risks. Overall, the site is functional but requires urgent improvements in security and compliance to protect user data and enhance trust.

T

TI INSIDE Online

tiinside.com.br

0

TI INSIDE Online is a well-established Brazilian media portal specializing in technology, business, and innovation news and analysis. With over 15 years of continuous publication, it serves a qualified audience of executives including CEOs, CIOs, and other C-level professionals across various business departments. The portal offers a broad range of content including news, research, white papers, podcasts, and events, positioning itself as a principal source for digital business trends in Brazil. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, and performance optimization plugins. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which undermines user trust and data security. The site implements GDPR-compliant cookie consent mechanisms and integrates analytics and marketing tools such as Google Analytics and LinkedIn Insight Tag. Overall, the portal demonstrates good content quality and user experience but requires urgent security enhancements to protect its audience and maintain its market position.

S

Sympla Internet Soluções S.A.

sympla.com.br

0

Sympla Internet Soluções S.A. operates the largest event ticketing and management platform in Brazil, offering services for event creation, promotion, and ticket sales. The company holds a strong market position as a leader in the Brazilian event e-commerce sector, targeting both event organizers and attendees. Their platform supports a wide range of event types including shows, courses, and cultural events, with a comprehensive digital presence and strong brand recognition. Technically, Sympla leverages modern web technologies such as React with Next.js, hosted on AWS infrastructure, and integrates multiple marketing and analytics tools to optimize user engagement and business intelligence. Security-wise, the platform employs robust TLS configurations, SPF and DMARC email protections, and uses a consent management system for cookies, though there is room for improvement in HTTPS hardening and DNS security. Overall, Sympla demonstrates a mature digital infrastructure and a high level of professionalism, with a good balance of user experience, content quality, and trust indicators.

P

Pagali

pagali.com.br

0

Pagali is a Brazilian payment processing solution focused on serving online stores, particularly those using the Loja Integrada and VTEX e-commerce platforms. It offers integrated payment methods including credit card, Pix, and boleto, with a seamless checkout experience designed to increase conversion rates. The company positions itself as a practical and secure payment partner for small to large e-commerce businesses in Brazil. Technically, the website is built on modern web technologies such as Next.js and React, hosted on AWS infrastructure, but suffers from critical SSL/TLS misconfigurations that undermine secure communications. Security posture is weak due to lack of valid certificates, missing security headers, and minimal email protection policies. Business trust is supported by PCI DSS certification and customer testimonials, but the absence of cookie consent and incomplete security policies indicate room for improvement.

M

Mercado Pago Instituição de Pagamento Ltda.

mercadopago.com.br

0

Mercado Pago is a leading digital bank and payment platform in Brazil, operating as a subsidiary of Mercado Libre, the largest e-commerce company in Latin America. The platform offers a comprehensive suite of financial services including digital accounts, credit cards, loans, and payment processing solutions tailored for both individuals and businesses. The website demonstrates a strong market position with a focus on user experience, accessibility, and comprehensive service offerings. Technically, the site employs modern web technologies such as React-based frameworks, New Relic for monitoring, and integrates multiple analytics and advertising tools. Security headers are well implemented, though the SSL certificate is currently invalid, which poses a risk to secure communications. Privacy and cookie policies are present and indicate compliance with GDPR standards. Overall, the platform exhibits a mature digital infrastructure with extensive tracking and marketing integrations, balanced with clear privacy disclosures.

L

Locaweb Serviços de Internet S/A

deliverydireto.com.br

0

Delivery Direto is a Brazilian technology company providing a comprehensive delivery platform tailored for restaurants and food delivery businesses. Positioned as a market leader with over 5000 clients, it offers services including virtual attendants, digital menus, order management, and marketing automation tools. The company operates under the umbrella of Locaweb Serviços de Internet S/A, a major Brazilian hosting provider, enhancing its market credibility and infrastructure support. The website demonstrates strong marketing integration with major platforms such as Google, Facebook, and TikTok, supporting extensive user tracking and advertising capabilities. However, the site lacks a valid SSL certificate and modern security configurations, which poses risks to data security and user trust. Privacy policies are present but basic, and no explicit cookie consent mechanism or incident response policies are found, indicating room for compliance improvements.

I

Ideris

ideris.com.br

0

Ideris is a leading Brazilian e-commerce technology company specializing in marketplace integration and multichannel sales optimization. The company offers a comprehensive hub platform that consolidates product management, pricing automation, invoice issuance, and logistics management, targeting medium to large e-commerce operators. Recognized as a top technology partner by Mercado Livre for two consecutive years, Ideris holds important certifications such as AWS Partner Qualified Software and SOC 2 Audit, reinforcing its market leadership and trustworthiness. The website reflects a mature digital presence with advanced search capabilities, rich content, and multi-channel marketing tools. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent significant security risks that could impact user trust and data protection.

C

ConnectPlug

connectplug.com.br

0

ConnectPlug is a Brazilian company providing integrated management solutions primarily for the food service and retail sectors. Their offerings include a comprehensive system combining PDV (Point of Sale), ERP, autoatendimento (self-service kiosks), and financial and stock control, targeting restaurants, bars, supermarkets, and various retail businesses. The company positions itself as a market reference with over 100,000 entrepreneurs using their solutions. Technically, the website is built on Webflow CMS, hosted on AWS infrastructure with Cloudflare CDN, and uses modern frontend libraries such as Swiper.js and jQuery. However, the site currently lacks a valid SSL certificate and proper TLS configuration, which is a critical security concern. Security headers are partially implemented, but important features like OCSP stapling, session resumption, and DNSSEC are missing. Privacy and cookie policies are present but basic, with cookie consent implemented via a popup. Contact information is clearly provided, including emails, phone numbers, and social media links. Overall, the company demonstrates a solid business model and digital presence but needs to urgently address security vulnerabilities to protect user data and maintain trust.

N

Nextios

nextios.com.br

0

Nextios is a Brazilian technology company specializing in cloud solutions and digital transformation services. Positioned as a strategic partner for businesses seeking to evolve digitally, Nextios offers a broad portfolio including cloud computing, cybersecurity, FinOps, artificial intelligence, ERP, and managed services. Their market presence is supported by a medium-sized operation with a focus on delivering tailored solutions to enhance business efficiency and innovation. The website reflects a professional and consistent brand image with good content quality and SEO optimization. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Contact Form 7, and integrates Google Tag Manager for analytics and marketing. Hosting appears to be provided by Locaweb, with DNS records also showing AWS involvement. However, the site suffers from critical SSL misconfigurations, lacking a valid certificate and modern TLS protocols, which poses significant security risks. From a security perspective, while some best practices like security headers and cookie flags are implemented, the absence of valid SSL/TLS and DNS security features like DNSSEC and CAA records lowers the overall security posture. No explicit security policies or incident response information is published, indicating gaps in transparency and readiness. Cookie consent is implemented, but privacy policy details are basic and may not fully comply with GDPR. Overall, Nextios demonstrates a solid business and technical foundation but requires urgent improvements in security infrastructure and compliance documentation to enhance trust and protect client data effectively.

W

Wake

wake.tech

0

Wake is a Brazilian technology company offering an integrated ecosystem of digital solutions focused on retail and industry sectors. Their core offerings include Wake Commerce, a high-performance e-commerce platform; Wake Experience, a digital experience platform with behavioral intelligence; and Wake Creators, a leading influencer marketing platform in Latin America. The company targets medium to large enterprises seeking scalable, omnichannel digital solutions to enhance customer journeys and business growth. Their market position is strengthened by partnerships, client testimonials, and certifications such as AWS Partner and SOC 2 compliance badges. Technically, the website is built on WordPress with modern frameworks and tools but lacks a valid SSL certificate and modern TLS support, which poses significant security risks. Security headers are minimal, and no formal security or incident response policies are published on the site. The company uses Google Tag Manager and Visual Website Optimizer for analytics and marketing, with moderate user tracking and basic privacy compliance. Overall, Wake demonstrates strong business maturity and branding but requires urgent improvements in security posture and compliance transparency.

M

Melhor Envio

melhorenvio.com.br

0

Melhor Envio is a leading Brazilian platform specializing in freight intermediation, offering users the ability to simultaneously compare shipping costs across multiple carriers and generate shipping labels with automatic tracking. The company targets both individuals and businesses seeking efficient freight management solutions. Their market position is strong within the transportation sector, supported by a comprehensive digital platform and active social media presence. Technically, the website employs a modern JavaScript-based stack with integrations including Google Tag Manager, ActiveCampaign, Datadog, and various marketing and analytics tools. Hosting is inferred to be on Amazon AWS infrastructure, with DNS managed via AWS Route53. The site shows good mobile optimization and SEO practices, although accessibility is basic. From a security perspective, the site implements several best practices such as Content Security Policy, HSTS with subdomain inclusion, CSRF tokens, and secure cookie flags. However, a critical issue is the invalid or missing SSL certificate and lack of TLS protocol support, which severely impacts secure communications. No explicit privacy policy, terms of service, or vulnerability disclosure documents were found, indicating gaps in compliance and transparency. Overall, Melhor Envio demonstrates a mature business and technical presence but requires urgent improvements in SSL/TLS configuration and formalization of privacy and security policies to enhance trust and compliance.

InHire is a Brazilian technology company specializing in recruitment and selection software, offering an ATS platform designed by recruiters for recruiters. The company positions itself strongly in the recruitment software market with over 1500 recruiters using its platform, emphasizing features such as AI-driven candidate screening, LinkedIn hunting extensions, personalized career pages, and comprehensive data analytics. The website reflects a mature digital marketing and analytics infrastructure, leveraging tools like HubSpot, Google Analytics, Hotjar, and multiple ad networks to optimize user engagement and lead generation. Technically, the site is hosted on Cloudflare and built using Webflow CMS, with a valid SSL certificate and HSTS enabled, though TLS protocols are outdated and DNS security features like DNSSEC and CAA are not implemented. Security posture is solid with no detected vulnerabilities, but there is room for improvement in modernizing SSL/TLS configurations and publishing formal security policies. Overall, the website demonstrates high professionalism, excellent content quality, and strong trust indicators, though it lacks explicit phone or email contact details and a terms of service page.

O

Olist

olist.com

0

Olist is a leading Brazilian e-commerce solutions provider offering a comprehensive ecosystem including ERP, POS, digital accounts, integration hubs, and marketplace services. The company targets entrepreneurs, retailers, distributors, and service providers aiming to centralize and optimize their sales operations across multiple channels. Their market position is strong within Brazil's e-commerce sector, supported by a broad portfolio of integrated products and services. Technically, the website is built on modern frameworks such as Next.js and React, hosted on AWS CloudFront and protected by Cloudflare, with additional marketing tools like Visual Website Optimizer for user experience optimization. However, the SSL certificate is currently invalid, which poses a significant security risk. The site implements strong email authentication policies (DMARC with reject) and uses secure cookie flags, but lacks HSTS and OCSP stapling, which are recommended for enhanced security. Overall, the website demonstrates high professionalism and trustworthiness but requires urgent SSL remediation to ensure secure user interactions.

G

Getdemo

getdemo.com.br

0

Getdemo is a Brazilian technology company offering a SaaS platform for interactive product demonstrations, targeting B2B software buyers and sales teams. Positioned as the first interactive product demo platform in Brazil, it aims to enhance sales processes through personalized and scalable demos. The website is built on the Wix platform, leveraging modern web technologies including React 18 and various marketing and analytics tools such as Google Tag Manager, HubSpot, and LinkedIn Insight. While the site employs a valid SSL certificate and integrates multiple tracking and marketing services, it lacks advanced security configurations like DNSSEC, CAA records, and HSTS, which could be improved to enhance security posture. The performance is relatively slow with a large page size, and mobile optimization is basic. Privacy policies are present but basic, with no explicit terms of service or incident response policies found. Overall, the site demonstrates a good level of professionalism and trustworthiness but would benefit from enhanced security and compliance measures.