Security Directory

B

BCS itera

crmlahendused.ee

0

BCS itera is an Estonian technology company specializing in providing modern CRM and ERP solutions, including Microsoft Business Central and customer insights services. The company targets businesses seeking to manage customer journeys and sales processes effectively. The website reflects a professional B2B service provider with a clear focus on CRM-related offerings and digital transformation. The presence of a Finnish language partner site indicates regional market expansion. Technically, the website is built on WordPress with Elementor, integrating multiple analytics and marketing tools such as Google Analytics, Microsoft Clarity, and MonsterInsights. The site is served over HTTPS with a good SSL configuration, but lacks some security headers and explicit privacy or cookie policies, which are critical for GDPR compliance. No contact emails or phone numbers were found in the provided content, limiting direct communication channels. Overall, the website demonstrates moderate digital maturity with room for improvement in privacy compliance and security best practices.

H

HRM4Baltics

hrm4baltics.com

0

HRM4Baltics is a technology company offering a modern HRM and payroll management solution targeted at medium to large enterprises primarily in the Baltic region. The company provides a comprehensive software platform that automates personnel and payroll processes across Estonia, Latvia, and Lithuania, emphasizing integration, automation, and user experience. The website demonstrates a strong market position with over 100 trusted clients and multilingual support, reflecting regional focus and business maturity. Technically, the website is built on WordPress with modern performance optimizations such as WP Rocket, Google Fonts, and integration with analytics tools like Google Analytics and Microsoft Clarity. The site is mobile-optimized and SEO-friendly, with structured data and Open Graph metadata enhancing discoverability. However, some security best practices like DNSSEC and security headers are missing, and privacy compliance elements such as privacy and cookie policies are not present. From a security perspective, the site uses HTTPS with anonymized IP tracking in analytics, but lacks explicit security headers and incident response information. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is recent but consistent with the business age and shows no suspicious patterns. Overall, the security posture is moderate but could be improved with additional policies and technical controls. The overall risk assessment indicates a professionally managed website with good technical and business credibility but with gaps in privacy compliance and security policy transparency. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, enabling DNSSEC, adding security headers, and publishing incident response and vulnerability disclosure information to enhance trust and compliance.

B

Business Central

businesscentral.ee

0

Business Central is a technology company specializing in Microsoft Dynamics 365 Business Central ERP solutions, targeting medium and large enterprises primarily in Estonia. The company positions itself as a market leader with a comprehensive ERP offering recognized by Forbes as the best ERP in 2024. Their services include ERP implementation, support processes, and consulting, supported by a professional and content-rich website. The website demonstrates a mature digital presence with modern technologies such as WordPress CMS, Google Fonts, Microsoft Clarity, and Google Tag Manager for analytics. Hosting is provided by Zone Media OÜ, a reputable Estonian hosting provider. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers and explicit security policies are absent. Privacy compliance is weak due to missing privacy and cookie policies and lack of consent mechanisms. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

R

Rahva Raamat

rahvaraamat.ee

0

Rahvaraamat.ee is the leading Estonian bookstore chain offering a comprehensive selection of books and media products through both online and physical retail channels. The company is well-established with a domain age since 2010 and operates under Zone Media OÜ. Their website is built on modern technologies such as Next.js and React, providing a responsive and user-friendly experience. The integration of Cookiebot ensures GDPR compliance with a detailed cookie consent mechanism. Security posture is strong with HTTPS enforced and appropriate security headers in place, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the website demonstrates a mature digital presence with extensive analytics and advertising integrations, supporting a robust e-commerce business model.

C

Coolbet

coolbet.ca

0

Coolbet operates as an online gambling platform offering sports betting, casino games, and poker services across multiple regulated markets including Canada, Estonia, Malta, and Sweden. The website demonstrates a modern technical infrastructure leveraging React, third-party integrations such as GeoComply for geolocation compliance, Playtech for poker, and BetRadar for sports data. The platform is designed with a professional and consistent branding approach, targeting online gamblers in regulated jurisdictions. Security posture is generally good with HTTPS enforced and error tracking via Sentry, though explicit security headers and privacy policies are not evident in the provided content. The absence of WHOIS data for the domain www.coolbet.com is a notable gap, reducing transparency and trustworthiness. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and clearer contact information.

The website startupestonia.ee is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks access to the actual content. This prevents extraction of meaningful business, contact, or policy information. The domain is registered since 2011 with an Estonian registrar, indicating a legitimate and stable presence. The site uses Cloudflare services for security and analytics, but no direct security headers or policies are visible due to the blocking. Overall, the website's digital maturity and content quality cannot be assessed accurately under these conditions.

E

Estonian Maritime Cluster

maritimecluster.ee

0

Estonian Maritime Cluster is a newly established (2024) non-profit organization focused on fostering collaboration, innovation, and growth within Estonia's maritime sector. It serves as a network for maritime professionals, companies, and organizations, aiming to position Estonia as a leading maritime hub in the Baltic Sea region. The website presents a professional and well-structured digital presence built on WordPress, featuring comprehensive contact information and a broad membership base. Technically, the site uses modern web technologies and includes security measures such as HTTPS and Cloudflare Turnstile captcha on forms. However, it lacks critical compliance documents like privacy and cookie policies, and security headers are not implemented, which are areas for improvement. Overall, the domain registration is consistent with the business claims, indicating legitimacy.

E

Estonian Defence and Aerospace Industry Association

defence.ee

0

The Estonian Defence and Aerospace Industry Association is a medium-sized, essential government-related entity representing over 130 companies in Estonia's defence, aerospace, and security sectors. The association focuses on creating market opportunities, advocacy, and fostering cooperation among its members. The website is built on WordPress and uses standard analytics and marketing tools such as Google Analytics and Mailchimp. The technical infrastructure is modern but shows some server-side PHP warnings that could impact stability and security. Security posture is moderate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Contact information is available but limited to email and physical address, with no phone numbers or incident response contacts published. The website is professionally designed with good navigation and mobile optimization, supporting the association's credibility and trustworthiness.

E

Eesti Infotehnoloogia ja Telekommunikatsiooni Liit

itl.ee

0

Eesti Infotehnoloogia ja Telekommunikatsiooni Liit (ITL) is a well-established Estonian industry association representing companies in the digital technology and telecommunications sectors. Founded in 2010, ITL serves as a key advocate and facilitator for its members, which collectively represent over 70% of the sector's turnover. The website reflects a professional and consistent brand presence, offering comprehensive information about the association's activities, events, and member services. The target audience includes Estonian technology companies, policymakers, and stakeholders in the digital economy. Technically, the site is built on WordPress with common plugins for forms, GDPR compliance, and image lightbox functionality. The site is mobile-optimized and SEO-friendly, with moderate performance and basic accessibility features.

I

Intuit

intuitoffice.ee

0

Intuit is an Estonian company specializing in the design, manufacturing, and retail of sustainable and functional office furniture. Their product range includes sofas, chairs, workstations, acoustic booths, and other office-related furniture solutions. The company emphasizes eco-friendly practices, evidenced by their EU Ecolabel certification, and offers flexible rental services for office furniture. The website is built on WordPress, leveraging modern technologies such as Google Tag Manager, reCAPTCHA, and a CDN for optimized image delivery. The site is well-designed, mobile-optimized, and provides a good user experience with clear navigation and professional content presentation. However, there are gaps in privacy compliance, as no explicit privacy or cookie policies were found, and no consent mechanisms are implemented. Security posture is generally good with HTTPS enabled and secure form handling, but could be improved by enabling DNSSEC and adding security headers. Overall, the website and business appear legitimate and professional, with room for improvement in privacy and security best practices.

T

Tallinna Kontserdimaja AS

kontserdimaja.ee

0

Alexela Kontserdimaja is a prominent concert hall located in Tallinn, Estonia, recognized as the largest in the Baltic region with seating for up to 1829 visitors. The venue offers a variety of services including event hosting, ticket sales, and catering options such as pre-ordered coffee tables and private champagne salon rentals. The website reflects a well-established business with a domain registered since 2010, consistent with its market presence. The target audience includes cultural event attendees and event organizers in the region. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Fonts, and multilingual support via WPML. SEO is well-implemented using Yoast SEO, and analytics are managed through Google Analytics and Facebook Pixel. The site is mobile-optimized and provides a good user experience with clear navigation and event information. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect forms, indicating a baseline security posture. However, there is a lack of explicit security headers and no visible incident response or security policy pages, which could be improved. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected, which may pose GDPR compliance risks. Overall, the website is professional, trustworthy, and functional, serving its business purpose effectively. Strategic improvements in privacy compliance and security transparency would enhance its security posture and regulatory adherence.

K

Kino Artis

kino.ee

0

Kino Artis is a local Estonian cinema offering a variety of film screenings, special film programs, and private event hosting services. The website targets cinema-goers and event organizers, providing schedules, movie details, and booking options. The business operates primarily in the media sector with a focus on cultural and entertainment services. Technically, the website uses modern JavaScript and SVG graphics, with Facebook Pixel integrated for marketing and tracking. The site is mobile optimized with good navigation and design quality, though accessibility features are basic. Security posture shows HTTPS enforcement but lacks visible security headers and explicit privacy or cookie policies, indicating room for improvement in compliance and security transparency. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security best practices.

21CC Triatloniklubi is a local Estonian triathlon club offering training and competition services primarily targeting adults and youth interested in triathlon sports. The website serves as an informational portal with basic navigation and content focused on club activities, training schedules, and competitions. The technical infrastructure is based on older JavaScript libraries such as MooTools and Slimbox, with a custom CMS platform inferred from URL structures. Google Analytics is used for visitor tracking, but no privacy or cookie policies are present, indicating limited privacy compliance. Security posture is basic with HTTPS enabled but lacking important security headers and policies. Overall, the site is functional but lacks modern security and privacy best practices.

L

Leanest OÜ

leanest.ee

0

Leanest OÜ is an Estonian technology company specializing in digital transformation solutions for manufacturing and industrial sectors. Their offerings include production optimization software, AI-driven quality control, and workforce planning tools. The company positions itself as a leader in AI applications for industrial quality assurance and production efficiency within the Baltic region. The website reflects a professional and consistent brand image with detailed product descriptions and a clear target audience of manufacturing and service sector businesses. Technically, the website is built on WordPress with modern JavaScript and uses common marketing and analytics tools such as Google Tag Manager and LinkedIn Insight. The site is mobile-optimized and presents good SEO practices, although accessibility features are basic. Performance is moderate, with no major technical issues detected. From a security perspective, the site uses HTTPS and secure form handling but lacks explicit security headers and privacy compliance documentation such as privacy and cookie policies. No incident response or vulnerability disclosure information is provided, which could be improved to enhance trust and compliance. Overall, Leanest demonstrates a solid business and technical foundation with room for improvement in privacy compliance and security hardening. The domain registration data supports the legitimacy of the business, and the company maintains active social media profiles and partner relationships that reinforce its market position.

AS Farmi Piimatööstus operates as an Estonian dairy product manufacturer with a well-established online presence since at least 2010. The website serves as a platform to showcase their products, recipes, and company information, targeting consumers interested in dairy goods. The company maintains active engagement through social media channels and provides clear contact details, reinforcing its market position as a reputable local manufacturer. Technically, the website is built on the Voog CMS platform, utilizing modern web technologies including jQuery, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site is mobile-optimized with good navigation and SEO practices, although accessibility features are basic. Performance is moderate, with asynchronous loading of scripts enhancing user experience. From a security perspective, the site employs HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and formal security policies, which could be improved. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy or terms of service pages. No vulnerability disclosure or incident response information is provided, indicating room for maturity in security governance. Overall, the website is professional and trustworthy with a solid business foundation. Strategic improvements in security policies, privacy transparency, and accessibility would enhance compliance and user trust, supporting long-term digital resilience.

BIND is a small Estonian digital product development agency specializing in designing, building, and launching custom multimedia and digital products including mobile-optimized websites, e-commerce solutions, browser extensions, embedded systems, and mobile apps. The company has an established market presence since 2011 with a credible client base and positive testimonials. Technically, the website is built on WordPress with modern frontend technologies and SEO optimization, delivering a good user experience with mobile responsiveness and moderate performance. Security posture is solid with HTTPS and secure form handling, though it lacks some advanced security headers and explicit security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is professional and trustworthy but could improve in privacy and security transparency.

Avatud Lahendused OÜ is a medium-sized Estonian company founded in 2015, specializing in Odoo ERP implementations primarily for manufacturing companies. They hold a strong market position as one of the largest Odoo partners in the Baltic region, employing about 20 specialists and serving a diverse client base. Their website reflects a professional and consistent brand image with clear service offerings including ERP implementation, training, and consulting. Technically, the website is built on the Odoo CMS platform, leveraging modern web technologies such as Bootstrap and FontAwesome, and integrates Google Analytics for user tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS with CSRF protections and secure forms but lacks some security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible consent mechanism. Overall, the website is trustworthy and credible but would benefit from enhanced privacy and security disclosures.

Sporditurg.ee operates as a localized Estonian online marketplace specializing in sports equipment and related goods. It provides a platform for both private individuals and legal entities to post free classified ads, targeting sports enthusiasts across Estonia. The website offers categorized listings by sport type, size, condition, and location, facilitating easy navigation for users. The business model is focused on community-driven listings with monetization likely through featured ads and advertising partnerships. The market position is niche and local, serving a specific segment within the retail industry.

The website alamo.ee currently presents only a security verification page employing Google reCAPTCHA v3, indicating the presence of a Web Application Firewall or bot mitigation system that restricts access to the actual content. The domain is registered since 2010 with Zone Media OÜ, an Estonian registrar, suggesting a mature domain age. However, the lack of accessible content, absence of privacy, cookie, or terms of service policies, and no visible contact or business information severely limit the ability to assess the company's business operations or credibility. Technically, the site uses modern frontend technologies such as Bootstrap 5.3.3 and Google reCAPTCHA, but lacks visible security headers and SEO optimizations. The security posture is moderate due to the use of reCAPTCHA but is weakened by missing security headers and policies. Overall, the site scores low on content quality, privacy compliance, and business credibility due to the blocked content and minimal information available.