Security Directory

F

Formalize ApS

formalize.com

0

Formalize ApS is a Denmark-based technology company specializing in compliance software solutions designed to streamline governance, risk, and compliance operations for organizations. Their platform supports compliance with major regulatory frameworks such as NIS2, DORA, ISO 27001, and GDPR, offering customizable dashboards, automation, and a Trust Center for sharing compliance documentation. The company is positioned as a trusted provider with over 8,000 customers and strong partnerships with leading law and accounting firms. Technically, Formalize leverages modern web technologies including Alpine.js, AWS hosting, and integrates marketing and analytics tools such as Hubspot, Google Tag Manager, and Cookiebot for consent management. However, the website currently suffers from an invalid SSL certificate and lacks modern TLS protocol support, which poses a significant security risk. Despite this, the company demonstrates strong security practices with SPF, DMARC, and HSTS configurations, alongside certifications like ISO 27001 and ISAE 3000. Overall, Formalize presents a mature compliance platform with excellent user experience and comprehensive content, but should urgently address SSL and TLS issues to maintain trust and security.

M

Mofibo

mofibo.com

0

Mofibo is a prominent Danish digital media platform specializing in subscription-based access to a vast library of over 600,000 audiobooks, e-books, and podcasts. As part of the Storytel group, it holds a strong market position in Denmark, offering tailored subscription plans including individual, family, and student options. The platform emphasizes user experience with features like offline downloads and exclusive content under the Mofibo Originals brand. Technically, Mofibo leverages modern web technologies such as Next.js, Cloudflare, and integrates multiple third-party services for analytics, marketing, and payment processing. The website demonstrates good digital maturity with a comprehensive cookie consent mechanism and GDPR compliance. Security-wise, Mofibo maintains a valid SSL certificate and implements SPF and DMARC policies, though improvements like enabling HSTS and DNSSEC are recommended. Overall, Mofibo presents a professional, trustworthy, and user-centric digital service with extensive tracking and marketing integrations.

Bang & Olufsen A/S is a renowned Danish company specializing in high-end audio and visual products, including headphones, speakers, and televisions. Established in 1925, the company holds a strong market position as a luxury brand with a focus on superior craftsmanship and innovative design. Their business model integrates e-commerce with rich brand storytelling and digital customization tools, targeting discerning consumers seeking premium sound and design experiences. The website demonstrates a mature digital infrastructure leveraging modern technologies such as React, Next.js, and Azure hosting, ensuring fast performance and excellent mobile optimization. Security measures include robust HTTP headers and a valid SSL certificate, though the absence of modern TLS protocols suggests room for improvement. Privacy and cookie policies are comprehensive and GDPR-compliant, supported by a consent management mechanism. Overall, the company maintains a high level of professionalism and trustworthiness in its online presence.

K

Kamstrup

kamstrup.com

0

Kamstrup is a well-established company specializing in smart metering solutions for utilities across water, heat, cooling, electricity, and submetering sectors. With nearly 80 years of experience, Kamstrup holds a strong market position as a leader in smart metering technology, offering advanced products and analytics to optimize resource management and energy efficiency. Their digital presence is supported by modern technologies including Next.js and Sitecore CMS, hosted on Vercel and Azure platforms, ensuring fast performance and good mobile optimization. Security posture is robust with strong SSL configuration, HSTS enforcement, and no detected major vulnerabilities. However, there is room for improvement in DNS security and explicit security policy publication. Overall, Kamstrup demonstrates a mature digital infrastructure and a professional, trustworthy online presence.

C

Cludo ApS

cludo.com

0

Cludo ApS is a medium-sized technology company based in Denmark specializing in AI-powered site search solutions. Their platform enhances website search experiences by leveraging AI technologies such as AI Chat and AI Summary, targeting website owners and marketing teams globally. The company positions itself as a trusted partner with over 1000+ websites using their services, supported by strong customer testimonials and partner endorsements. Technically, Cludo utilizes a modern tech stack including HubSpot CMS, Cloudflare hosting, and integrates multiple marketing and analytics tools such as Google Analytics 4 and Microsoft Clarity. Security posture is solid with HSTS and content security policies in place, though the absence of modern TLS protocols and DNSSEC indicates room for improvement. Overall, Cludo demonstrates a mature digital presence with good privacy compliance and user experience, but could enhance security transparency and incident response readiness.

A

Advania

advania.dk

0

The website's overall security posture is concerning, with critical and high-severity issues predominantly in GDPR compliance, security headers, and information security governance. The absence of basic privacy policies and consent mechanisms exposes the business to regulatory and reputational risks, especially within the EU. Security headers are inadequately configured, increasing the risk of common web-based attacks such as clickjacking and content spoofing. Furthermore, missing security framework documentation, incident response plans, and vulnerability disclosure policies indicate a lack of mature cybersecurity governance, elevating operational risks. SSL/TLS weaknesses and expiring certificates further threaten secure communications and user trust. While email security and network security show strong scores, critical gaps in legal compliance and technical controls must be addressed urgently. Immediate remediation will reduce legal liabilities, protect customer data, and strengthen overall resilience against cyber threats.

D

Dan-Bunkering

dan-bunkering.com

0

The website's overall security posture is currently poor, with critical deficiencies in fundamental protections such as HTTPS encryption and essential security headers. The absence of HTTPS puts all data transmissions at risk of interception, undermining user trust and regulatory compliance. Additionally, the site lacks key GDPR compliance elements, including a cookie policy and consent mechanisms, exposing the business to legal and financial penalties. The NIS2-related controls are notably weak, with missing security policies, incident response plans, and vulnerability disclosure procedures, increasing operational risk. While email security and network security are strong, these are overshadowed by critical gaps in web and data protection layers. DNS health is moderate, but enabling DNSSEC would enhance DNS integrity. Immediate attention to these critical vulnerabilities is essential to safeguard customer data, maintain regulatory compliance, and protect brand reputation.

I

Inside Systems A/S

insidesystems.com

0

The website's overall security posture is critically weak, primarily due to the absence of HTTPS encryption, which exposes all data in transit to interception and manipulation. Key security headers are missing, increasing the risk of cross-site scripting, clickjacking, and other web-based attacks. GDPR compliance is severely lacking, with no cookie policy or consent banner, potentially leading to regulatory penalties and loss of customer trust. The absence of an information security framework, incident response procedures, and security policy documentation further exacerbates the organization's vulnerability to cyber threats and operational disruptions. While email and network security are strong, these isolated strengths do not mitigate the critical risks posed by the core deficiencies. The low scores in NIS2 compliance indicate the organization is unprepared to meet mandatory cybersecurity standards, risking legal and financial consequences. Immediate remediation is necessary to protect sensitive data, maintain regulatory compliance, and uphold the company's reputation. Failure to address these issues may result in data breaches, regulatory fines, and significant business disruption.

This website has 1 critical security issue(s) requiring immediate attention. Overall security score: 50/100 (unknown risk level). A comprehensive security review is recommended.

The website https://it-kanalen.dk currently exhibits a poor security posture with critical deficiencies in GDPR compliance and core security controls, exposing the business to regulatory penalties and cyber threats. Key gaps in security headers, incident response readiness, and data privacy measures significantly increase the risk of data breaches and reputational damage. Immediate remediation is essential to safeguard customer data, ensure regulatory compliance, and maintain business continuity.

The safeticket.dk website exhibits significant security and compliance deficiencies, especially concerning GDPR adherence and foundational security controls. Critical gaps such as missing privacy policies, inadequate security headers, and absent incident response measures expose the business to regulatory penalties, reputational damage, and heightened cyber risk. Immediate remediation is essential to protect customer data, maintain trust, and ensure legal compliance within the EU.

The website politikenplus.dk exhibits significant security and compliance gaps, especially in privacy and regulatory adherence, resulting in a critical risk rating. While network and SSL/TLS configurations are relatively strong, the lack of GDPR compliance and an information security framework exposes the business to legal, reputational, and operational risks. Immediate remediation is required to address critical privacy issues and establish robust security governance.

The website ekstrabladet.dk exhibits significant security and compliance gaps, particularly in privacy governance and regulatory adherence, posing substantial risks to business reputation and legal standing. While network and email security are relatively strong, critical deficiencies in GDPR compliance, security policies, and HTTP security headers undermine overall security posture and expose the organization to data breaches and regulatory penalties.

The website jyllands-posten.dk exhibits significant security and compliance deficiencies, particularly in foundational web security headers and GDPR compliance, exposing the business to legal risks and potential cyber threats. While network and email security postures are relatively strong, the absence of critical privacy policies and security frameworks undermines trust and regulatory adherence.

The website https://watchmedier.dk currently exhibits significant security gaps, particularly in foundational security headers, GDPR compliance, and NIS2 regulatory readiness. Although network and email security are relatively strong, the absence of critical policies and protective headers exposes the business to data breaches, regulatory fines, and reputational damage. Immediate remediation is essential to strengthen the security posture and ensure compliance with data protection regulations.

The website velliv.dk exhibits significant security and compliance gaps, particularly in privacy governance and security policy frameworks, resulting in a high-risk posture for regulatory non-compliance and data protection. While network and email security are relatively strong, critical headers and GDPR compliance measures are missing, exposing the business to legal, reputational, and operational risks.

The website https://trygpension.dk exhibits significant compliance and security gaps, particularly in privacy regulations and information security management, resulting in a critical risk rating. While foundational network and email security are relatively strong, the absence of GDPR adherence and NIS2 controls exposes the business to regulatory penalties and reputational damage.

The website https://payex.dk exhibits a concerning security posture with multiple critical and high-risk vulnerabilities, especially in network exposure and compliance areas. Key deficiencies in security headers, GDPR compliance, and network service exposures significantly increase the risk of data breaches and regulatory penalties. Immediate remediation is essential to protect business reputation, customer trust, and ensure regulatory compliance.

The website https://tryg.dk demonstrates a generally solid technical security foundation but exhibits significant compliance and governance gaps, particularly regarding GDPR and NIS2 requirements. Critical privacy and regulatory issues place the business at risk of legal penalties and reputational damage despite decent network and infrastructure security.

The website https://swedbankpay.dk exhibits significant security and compliance gaps, particularly in privacy policies and essential security headers, resulting in a very low overall risk score. Critical deficiencies around GDPR compliance and lack of documented information security frameworks expose the business to regulatory penalties and increased cyber risk. Immediate remediation is required to strengthen data protection, regulatory compliance, and foundational security controls.

The website https://tryg.com exhibits a generally strong network and email security posture but faces significant compliance and governance risks, particularly related to GDPR and NIS2 requirements. The absence of critical privacy policies, cookie consent mechanisms, and documented security frameworks exposes the business to regulatory penalties and reputational damage. Addressing these compliance gaps alongside improving security headers and SSL configurations will materially enhance the overall security posture.

The website https://nets.eu currently exhibits a weak overall security posture, with critical deficiencies in GDPR compliance and key security headers, exposing the business to regulatory penalties and increased cyber risks. While email and network security appear robust, significant gaps in privacy policies, incident response, and security frameworks must be urgently addressed to safeguard customer trust and meet EU regulatory requirements.