Security Directory

A

adesso SE

dws-webshop.com

0

The website dws-webshop.com currently serves a 404 error page indicating the requested content is not found. The page is branded with contact information for adesso SE, a technology company based in Dortmund, Germany, suggesting a possible relationship or misconfiguration. The business appears to be a B2B technology services provider, but no direct business content or services are presented on this page. Technically, the site supports HTTPS with modern TLS protocols but lacks important security headers and HSTS enforcement. DNS records show a strict SPF and DMARC policy, enhancing email security, though CAA records are invalid. The absence of privacy, cookie, or terms policies and lack of analytics or advertising scripts indicate minimal digital maturity or an incomplete deployment. Overall, the site is not currently functional for end users and requires remediation to restore content and improve security and compliance.

D

DWS International GmbH

dbxus.com

0

DWS International GmbH operates a comprehensive and professional website focused on asset management and investment solutions, targeting financial professionals, individual, and institutional investors. The company is positioned as a leading global asset manager with a strong European presence, offering active, passive, and alternative investment products with a focus on ESG and sustainability. The technical infrastructure leverages modern JavaScript frameworks such as Vue.js and PrimeVue, along with Brightcove for video content delivery, ensuring a rich user experience. Security posture is strong with HTTPS, SPF, DMARC, and CAA records properly configured, though improvements in HSTS and OCSP stapling are recommended. Privacy compliance is robust with clear cookie consent mechanisms and comprehensive privacy policies. Overall, the website demonstrates high professionalism, trustworthiness, and business credibility.

D

Diese Domain ist bereits registriert.

ihk-saarland.de

0

The website ihk-saarland.de currently serves as a placeholder domain with minimal content, simply stating that the domain is already registered. There is no active business content, no contact information, and no policies related to privacy, cookies, or terms of service. The site does not utilize any advanced web technologies or frameworks and lacks SEO and accessibility features. Technically, the site is served over HTTPS with support for modern TLS protocols, but lacks important security enhancements such as HSTS, OCSP stapling, DNSSEC, and DMARC records. The absence of security headers and policies indicates a low security posture. Overall, the site appears to be inactive or parked, providing no business or user engagement value. The risk level is low from a security threat perspective but the lack of content and policies means it offers no trust or credibility to visitors.

V

VisiConsult

visiconsult.de

0

VisiConsult is a family-owned German company recognized as a global market leader in customized and standardized X-ray inspection solutions for non-destructive testing (NDT), quality assurance, and process optimization. The company operates multiple business divisions and subsidiaries, including VCxray, VCbattery, VCcount, and VC Inspection Services, as well as diondo X-ray Systems and Services. Their solutions serve diverse industries such as aerospace, automotive, defense, energy, and manufacturing. Technically, the website is built on WordPress with the Avada theme and uses modern web technologies including TLS 1.3 for secure communications. The site is well-optimized for SEO and mobile devices, with good accessibility features. Security posture is solid with no critical vulnerabilities detected, although improvements like enabling HSTS and OCSP stapling are recommended. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the website reflects a professional, trustworthy, and technically mature organization.

R

Rohmann GmbH

rohmann.de

0

Rohmann GmbH is a leading German manufacturer specializing in eddy current testing devices and systems for non-destructive testing (NDT). The company serves key industrial sectors including automotive, aerospace, energy, and steel manufacturing, offering a broad product portfolio ranging from handheld devices to inline systems and software solutions. Their market position is reinforced by strong partnerships and customer testimonials from globally recognized companies such as Siemens and Lufthansa Technik. Technically, the website is built on WordPress with WooCommerce and Gravity Forms, leveraging modern JavaScript libraries and frameworks. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts its security posture. Privacy compliance is well addressed with comprehensive policies and a consent mechanism. Overall, the site demonstrates good content quality and business credibility but requires urgent security improvements to protect user data and enhance trust.

K

KARL DEUTSCH Prüf- und Messgerätebau GmbH + Co KG

karldeutsch.de

0

KARL DEUTSCH Prüf- und Messgerätebau GmbH + Co KG is a medium-sized German manufacturing company specializing in nondestructive testing equipment, including ultrasonic, magnetic particle, and penetrant testing devices. Founded in 1949, the company has established a strong international market presence with a broad product portfolio and recognized brands. The website is built on WordPress with a professional design and clear navigation, supporting multilingual content in German and English. However, the site currently lacks a valid SSL certificate, exposing it to security risks and impacting trustworthiness. While cookie consent mechanisms and privacy policies are well implemented, the absence of HTTPS and security headers are critical vulnerabilities that need urgent attention. Contact information and social media presence are comprehensive, supporting business credibility.

C

CERTQUA GmbH

certqua.de

0

CERTQUA GmbH is a medium-sized German certification body specializing in certifications and accreditations for education and labor market organizations, including ISO 9001, ISO 21001, and AZAV. Founded in 1994, it holds accreditations under ISO 17021 and ISO 17065 and offers a comprehensive range of services including certification, training seminars, and a digital service center platform. The website is professionally designed, content-rich, and well-structured, targeting education providers and related stakeholders. Technically, the site uses modern web technologies and is hosted on Hetzner, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and valid certificates but lacks some best practices such as HSTS, OCSP stapling, DMARC, and DNSSEC. Privacy compliance is well addressed with clear cookie consent and privacy policies. Contact information and social media presence enhance business credibility. Overall, the site reflects a mature digital presence with room for security improvements.

O

on-geo GmbH

lora.de

0

on-geo GmbH operates a suite of geospatial data service portals including LORA and Geoport, targeting professional users in real estate and related sectors primarily in Germany. The website serves as a secure login gateway for multiple branded services, providing access to geospatial data, consulting, and training. The technical infrastructure is based on Microsoft technologies with ADFS for authentication, delivering a fast and functional user experience with basic mobile optimization. Security posture is strong with HTTPS, modern TLS protocols, and multiple security headers, though improvements are recommended in HSTS configuration and email domain security. Privacy compliance is partial with a privacy policy present but lacking cookie consent mechanisms. Overall, the site demonstrates good business credibility and technical maturity with room for enhancements in privacy and security best practices.

1

11FREUNDE

11freunde.de

0

11FREUNDE is a well-established German digital magazine focused on football culture, providing comprehensive news, live tickers, video content, and subscription services. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, responsive design, and extensive content catering to football enthusiasts. However, the absence of a valid SSL/TLS certificate significantly impacts the site's security posture, exposing users to potential risks. While privacy and cookie policies are comprehensive and GDPR compliant, the lack of HTTPS and related security best practices are critical vulnerabilities. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

G

GO-2B AG

go-2b.de

0

GO-2B AG is a German-based technology company specializing in product data management solutions tailored for industries such as furniture and retail. As a brand under Compusoft Deutschland AG, it offers a suite of services including software applications, configurators, and data management platforms to support complex product marketing and sales processes. The website reflects a professional and consistent brand image with clear business information and client references, targeting B2B customers in industrial and retail sectors. Technically, the site is built on WordPress with popular plugins and frameworks, but suffers from slow load times and lacks some modern security configurations. Security posture is moderate with valid SSL and SPF records but missing critical headers and HSTS. Privacy compliance is strong with comprehensive policies and consent mechanisms. Overall, the site is functional and trustworthy but would benefit from technical and security enhancements.

S

Secure Mailgate

secure-mailgate.com

0

Secure Mailgate operates as a specialized provider of secure email gateway services, focusing on secure login and email domain management primarily targeting business users requiring secure email access. The website is functional and accessible, featuring a login form and multilingual support but lacks comprehensive public-facing content such as privacy policies, terms of service, or contact information. Technically, the site uses standard web technologies including JavaScript and CSS, hosted on infrastructure associated with Cloudpit. Performance is moderate with a relatively small page size and acceptable load times. From a security perspective, the site enforces HTTPS with modern TLS protocols (1.3 and 1.2) and a valid wildcard SSL certificate, but lacks advanced security features such as HSTS, OCSP stapling, DNSSEC, and DMARC records. No security headers are detected, and no vulnerability disclosures or incident response contacts are publicly available. This indicates a basic security posture with room for significant improvement to enhance email domain protection and overall site security. Overall, the website presents a basic but functional digital presence with limited transparency on privacy and security policies. The lack of contact information and policy documents may impact user trust and compliance with data protection regulations. Strategic improvements in security configuration, policy publication, and user communication are recommended to strengthen the company's market position and compliance posture.

S

SoSafe

humanfirewallconference.com

0

SoSafe operates the Human Firewall Conference, a leading European cybersecurity event focused on the human factor in security. The company provides cybersecurity awareness training and human risk management services, positioning itself as a key player in the cybersecurity education and event space. The website is professionally designed, content-rich, and targets security professionals and CISOs. Technically, the site uses WordPress CMS, integrates with HubSpot for forms, Matomo and Google Analytics for tracking, and Cookiebot for GDPR-compliant cookie management. However, the site suffers from an invalid SSL certificate and lacks important security headers and DNS security features, which lowers its security posture. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Business credibility is strong with clear contact information, social media presence, and trust signals such as testimonials and speaker highlights. Overall, the site is functional and professional but requires improvements in security infrastructure to enhance trust and compliance.

S

SoSafe

sosafe.de

0

SoSafe is a leading European provider of security awareness training and human risk management solutions, serving over 4.5 million users. Their platform leverages behavioral psychology, gamification, and AI to empower employees to recognize and mitigate cyber threats effectively. The company offers a suite of products including personalized e-learning, phishing simulation tools, an AI chatbot named Sofie, and a comprehensive human risk management dashboard. Technically, the website is built on WordPress, uses Cloudflare for hosting and CDN, and integrates marketing and analytics tools such as Google Tag Manager and Visual Website Optimizer. While the site is content-rich, well-designed, and privacy compliant with GDPR and cookie consent mechanisms, it suffers from a critical security issue: an invalid SSL certificate and disabled TLS protocols, which significantly lowers its security posture. The company demonstrates strong trust signals through ISO 27001, TISAX certifications, customer testimonials, and industry awards. Overall, SoSafe presents a professional and credible online presence but must urgently address its SSL/TLS configuration to ensure secure communications and maintain trust.

1

1-2-3-Plakat.de GmbH

123plakat.de

0

1-2-3-Plakat.de GmbH operates a specialized online platform focused on poster advertising across Germany, providing a comprehensive service that includes location selection, printing, and campaign management. The company targets businesses and freelancers seeking effective outdoor advertising solutions, leveraging a large inventory of over 160,000 poster locations. The website is built on TYPO3 CMS and integrates modern marketing and analytics tools such as Google Tag Manager and Google Analytics. Despite a well-structured and content-rich site with good user experience and clear contact information, the absence of a valid SSL certificate and HTTPS significantly undermines the security posture. The site employs cookie consent mechanisms and maintains GDPR-compliant privacy policies, reflecting good privacy compliance. Overall, the business demonstrates solid credibility and market positioning but requires urgent security improvements to protect user data and enhance trust.

P

ProSiebenSat.1 Welt

prosiebensat1welt.de

0

ProSiebenSat.1 Welt was a German Pay TV channel operated under the ProSiebenSat.1 media group, offering entertainment content including TV programs, films, and series. The channel ceased operations at the end of 2023 after nearly two decades. The website serves primarily as an informational and redirect portal to partner channels and provides compliance and legal information. Technically, the site is built using modern web technologies including Next.js and React, hosted likely on AWS infrastructure, and uses Contentful as a CMS. However, the site suffers from a critical security issue: the SSL certificate is invalid or missing, resulting in no HTTPS support, which severely impacts security posture and user trust. No advanced security headers or TLS protocols are enabled, and DNSSEC is not configured. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, but no direct contact information or incident response details are provided. Overall, the site is functional and professionally designed but requires urgent security improvements to protect users and maintain credibility.

G

Grover Deutschland GmbH

grover.com

0

Grover Deutschland GmbH operates a leading European tech rental platform offering flexible monthly rentals of a wide range of consumer electronics including smartphones, laptops, cameras, gaming consoles, and smart home devices. The company emphasizes sustainability by promoting product reuse and reducing electronic waste. Their business model includes optional insurance coverage (Grover Care) and a referral program (Grover Cash) to enhance customer engagement. Technically, the website is built on modern frameworks such as Next.js and React, hosted on Cloudflare, and integrates various analytics and marketing tools like Datadog, Segment, and Braze. Security measures are robust with HTTPS, HSTS, CSP, and secure cookie settings, although DNSSEC and CAA records are not implemented. The site is well-optimized for performance, mobile responsiveness, and accessibility, providing a professional and trustworthy user experience.

F

FRIDAY Versicherungen

friday.de

0

FRIDAY Versicherungen is a German digital insurance provider offering flexible and simple online insurance services, including a customer portal (MyFRIDAY) and claims reporting. The company is majority owned by Baloise and has recently ceased offering new insurance products, focusing on servicing existing contracts. The website is built on modern web technologies such as Next.js and Prismic CMS, hosted on AWS infrastructure. While the site provides good content quality, clear navigation, and GDPR-compliant privacy policies, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Email authentication is well configured with SPF and DMARC policies. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to ensure secure communications.

S

Sanity Group GmbH

sanitygroup.com

0

Sanity Group GmbH is a Berlin-based cannabis company positioned as one of Europe's leading players in the cannabis healthcare sector. The company focuses on unlocking the health benefits of cannabinoids through medical advisory, political advisory, and scientific pilot projects, including cannabis dispensaries in Germany and Switzerland. Their business model integrates medical expertise and regulatory engagement to support cannabis legalization and harm reduction. The website reflects a medium-sized enterprise with a professional online presence, targeting European consumers, healthcare professionals, and policymakers. Technically, the site is built on WordPress with Elementor and Yoast SEO, leveraging modern marketing and tracking tools such as Klaviyo and Google Tag Manager. However, the absence of a valid SSL certificate severely impacts the security posture, despite the presence of several security headers and a privacy-compliant cookie consent mechanism. Overall, the site is content-rich and professionally designed but requires urgent improvements in SSL/TLS configuration to ensure secure communications and trust.

O

ottonova Krankenversicherung AG

ottonova.de

0

Ottonova Krankenversicherung AG is a digitally advanced private health insurance provider based in Germany, founded in 2015. The company offers a range of private health insurance products including full coverage, supplementary dental and hospital insurance, and corporate health insurance, all delivered through a modern app-based platform. Ottonova positions itself as an innovative market player with high customer satisfaction and multiple industry awards. Technically, the website is built on Craft CMS and hosted on AWS infrastructure, employing modern JavaScript frameworks and consent management tools. However, a critical security issue is the lack of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant. Overall, the website demonstrates strong business credibility and user experience but requires urgent security improvements to protect user data and maintain trust.

V

vedisys AG

vedisys.de

0

vedisys AG is a German software company specializing in providing modular, scalable software solutions for public transport companies (ÖPNV). Their flagship product, AMIS®7, supports multichannel sales, subscription management, ticketing, and customer dialogue platforms. The company has a strong market presence since 1996 and integrates with partner platforms such as mobilityportal® and payment services like Payone. The website reflects a professional and comprehensive digital presence with detailed product information, customer testimonials, and news updates. Technically, the site is built on WordPress with modern plugins and SEO optimizations, but lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security gap. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the security posture is basic and requires urgent improvements to SSL/TLS and security headers to protect user data and enhance trust.

U

Unit M GmbH

unit-m.de

0

Unit M GmbH is a German-based specialist company focused on automating routine tasks in B2B sales and customer service, leveraging over 30 years of industry experience. The company offers a comprehensive suite of services including B2B eCommerce webshops, spare parts shops for mechanical engineering, customer portals, configurators, and IT consulting services. Their market position is strengthened by a solid client portfolio featuring well-known brands and recognized innovation funding. Technically, the website is built on WordPress with the Divi theme, integrating modern tools like Cookiebot for privacy compliance and Matomo for analytics. However, the site suffers from a critical security issue due to an invalid SSL certificate and lack of modern TLS protocol support, which undermines its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is professional, content-rich, and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

L

Landitec GmbH

landitec.de

0

Landitec GmbH is a medium-sized German company specializing in high-quality, flexible, and high-performance appliance solutions and services for the B2B sector. They focus on tailored IT security and network solutions, including hardware appliances, virtualization, SD-WAN, and industrial applications. The company holds a strong market position as an OPNsense Platinum Partner and collaborates with several notable technology providers such as Barracuda, 6WIND, and SECUDOS. Their offerings include customized appliances, pre-installed systems, and comprehensive customer support through an online portal. Technically, the website is built on Joomla CMS with Helix Ultimate framework and utilizes modern web technologies including Bootstrap 5 and jQuery. They employ Google Tag Manager and Google reCAPTCHA for analytics and security. However, a critical security gap is the absence of HTTPS/SSL, which significantly impacts their security posture. The site is mobile-optimized with good content quality and SEO practices. From a security perspective, while some security headers are present, the lack of SSL/TLS encryption, HSTS, and modern TLS protocols exposes the site to potential risks. No explicit security or incident response policies were found. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism. Overall, the site is professional and trustworthy in content and business representation but requires urgent security improvements to protect data and enhance user trust.

E

E-MEDIAD GmbH

e-mediad.de

0

E-MEDIAD GmbH is a small, established creative agency based in Cologne, Germany, specializing in digital design, web development, and branding services since 2002. The company targets businesses and startups seeking professional digital and design solutions. Their website showcases a professional design with a rich portfolio and clear navigation, indicating a strong market position in the regional creative services sector. Technically, the website is built on WordPress using Elementor and LayerSlider, with additional plugins for SEO and cookie consent management. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Security headers are well implemented, but the absence of modern TLS protocols and strong cipher suites reduces overall security. Privacy compliance is good, with clear privacy and cookie policies and consent mechanisms in place. Contact information and social media presence are clearly provided, enhancing business credibility. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to meet modern security standards.

E

eCube GmbH

ecube.de

0

eCube GmbH is a German-based software development and consulting company specializing in sustainable software ecosystems and e-commerce architecture. They serve businesses seeking innovative, scalable digital solutions with a focus on technical excellence and long-term planning. Their market position is that of a trusted specialist with strong partnerships and a portfolio of successful case studies. Technically, the website is built on WordPress with modern SEO and multilingual support, though performance optimization is needed due to slow load times. Security posture is strong with HTTPS, valid SPF and DMARC policies, and no critical vulnerabilities detected, but improvements like HSTS and DNSSEC are recommended. Privacy compliance is well addressed with comprehensive cookie consent and GDPR-aligned privacy policies. Overall, eCube demonstrates a professional and trustworthy online presence with clear business and technical maturity.

V

VersicherungsCheck24

versicherungscheck24.de

0

VersicherungsCheck24 is a German-based online insurance comparison portal offering a wide range of insurance products for both private and business customers. The platform provides professional and independent comparisons, helping users find the best insurance tariffs tailored to their needs. The website is built on WordPress using Elementor and integrates modern web technologies such as Alpine.js and Google Tag Manager for analytics and marketing. While the site offers comprehensive content and good user experience, its performance is somewhat slow due to a large page size and many resources. Security posture is adequate with HTTPS and SPF/DMARC configured, but lacks advanced security headers like HSTS and OCSP stapling. Privacy compliance is present with a detailed privacy policy, though no explicit cookie consent mechanism was detected. Overall, VersicherungsCheck24 demonstrates a solid market position in the German insurance comparison sector with a trustworthy and professional online presence.

T

TelemaxX Telekommunikation GmbH

telemaxx.de

0

TelemaxX Telekommunikation GmbH is a well-established provider of high-security data center services, managed IT services, colocation, and telecommunications based in Karlsruhe, Germany. Founded in 1999, the company operates multiple certified data centers and owns a substantial fiber optic network, positioning itself as a regional leader with a strong shareholder base. Their service portfolio includes cloud services, secure telecommunications, and comprehensive managed services tailored to business customers. Technically, the website is built on TYPO3 CMS with modern frameworks and integrates analytics and marketing tools such as Matomo and Google Tag Manager. However, the security posture is impacted by an invalid SSL certificate and lack of advanced security headers, which should be addressed to enhance trust and compliance. Overall, the site demonstrates excellent content quality, professional design, and strong business credibility, though improvements in security and privacy mechanisms are recommended.

C

CyberForum e.V.

cyberlab-karlsruhe.de

0

CyberLab Karlsruhe is a well-established startup accelerator and community hub operating under CyberForum e.V. It offers comprehensive services including founding consulting, accelerator programs, coworking spaces, mentoring, coaching, and investment facilitation. The website targets startups and entrepreneurs primarily in Germany, positioning itself as a key regional player with over 28 years of experience and a large active network. Technically, the site is built on TYPO3 CMS, uses modern TLS protocols, and integrates various frontend libraries and APIs, though performance is hindered by a high number of resources and slow load times. Security posture is adequate with HTTPS and SPF records but lacks advanced features such as HSTS, OCSP stapling, DMARC, DNSSEC, and certificate transparency compliance. Privacy compliance is good with a clear privacy policy and cookie consent mechanism. Overall, the site is professional, trustworthy, and content-rich, but could improve technical and security aspects to enhance user experience and protection.

A

absence.io GmbH

absence.io

0

absence.io GmbH is a medium-sized technology company based in Germany specializing in SaaS solutions for absence management, time tracking, digital personnel files, and expense management. The company serves over 2,500 companies and 100,000 users, positioning itself as a reliable and trusted provider in the HR software market. Their platform supports multiple languages and integrates with major services like Google Workspace, Microsoft 365, and Slack, enhancing usability and enterprise adoption. The website demonstrates a strong brand presence with multiple trust signals including ISO certification and positive customer testimonials. Technically, absence.io uses TYPO3 CMS with a modern JavaScript stack including jQuery, Bootstrap, and Swiper for UI components. Hosting is on DigitalOcean with DNS managed via AWS Route53. The site supports TLS 1.3 and 1.2 but lacks advanced SSL features like HSTS and OCSP stapling. Cookie consent is managed via Usercentrics CMP, and analytics are extensive using HubSpot, Google Analytics, and Crazy Egg. Performance is moderate to slow, likely due to large page size and resource count. Security posture is solid with ISO-certified servers, daily backups, SPF and DMARC email protections, and SSL encryption. However, DNSSEC is not enabled, and CAA records are malformed. No public vulnerability disclosure or security.txt file was found. Privacy policies and terms of service are present and GDPR compliant. Overall, the company demonstrates a mature security and compliance stance but could improve SSL and DNS security features. Strategically, absence.io is well positioned in the HR SaaS market with a comprehensive product suite and strong customer trust. Continued investment in security hardening and performance optimization will enhance their competitive edge and customer confidence.

D

DWS Asset Management

dws.com

0

DWS Asset Management is a leading global asset manager headquartered in Germany, offering a broad range of investment solutions including active, passive, and alternative investments. The company is well-positioned in the finance sector with a strong reputation for stability, innovation, and ESG integration. Technically, the website leverages modern frontend frameworks such as Vue.js and PrimeVue, with integrated video content via Brightcove, and uses Tealium for tag management and analytics. The security posture is solid with valid SSL certificates, SPF and DMARC email protections, and no known SSL vulnerabilities, though improvements such as enabling HSTS, DNSSEC, and security headers are recommended. Overall, the website demonstrates high professionalism, good privacy compliance, and a strong trust profile, serving a global financial professional and investor audience.

D

DWS Asset Management

deutscheawm.com

0

DWS Asset Management is a leading global asset manager headquartered in Germany, offering a broad range of investment solutions including active, passive, and alternative investments. The company is recognized for its expertise in ESG and sustainability investing, serving financial professionals, individual, and institutional investors. The website reflects a mature digital presence with modern frontend technologies and comprehensive content tailored to its target audience. Technically, the site employs Vue.js, PrimeVue, and Brightcove for video delivery, with robust analytics and tag management via Tealium and Webtrekk. Security posture is strong with enforced DMARC policies, SPF, and TLS 1.3 support, though improvements such as enabling HSTS and OCSP stapling are recommended. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR, supported by clear privacy and cookie policies.

B

Berenberg

berenberg-us.com

0

Berenberg is a historic and well-established financial institution founded in 1590 in Hamburg, Germany. It operates globally with a strong presence in Europe and the USA, offering a broad range of financial services including investment banking, corporate banking, asset management, and fund management. The company is positioned as a leading advisor in Europe with a large equity research team covering over 800 European companies. Technically, the website employs modern web technologies and structured data to enhance SEO and user experience. However, the berenberg-us.com domain currently lacks a valid SSL certificate and modern TLS support, which poses a significant security risk. The company demonstrates good compliance with GDPR and cookie consent regulations, and maintains a comprehensive privacy and security policy. Overall, Berenberg shows a mature digital presence but should urgently address its SSL/TLS configuration to improve security posture and trust.

B

BHW Bausparkasse AG

bhw-partner.de

0

BHW Bausparkasse AG operates the BHW Partner portal, a dedicated platform for partners and financial advisors offering building savings and financing products in Germany. The website provides product information, tools, forms, and partner support services, positioning itself as a key player in the German finance sector specializing in Bausparen and Baufinanzierung. The site is professionally designed with consistent branding and good content quality, targeting financial partners and advisors. Technically, the website is built on Adobe Experience Manager CMS and integrates Webtrekk analytics for user tracking. However, the site currently lacks a valid SSL certificate and modern TLS configurations, which is a significant security concern. The presence of strong SPF and DMARC policies indicates good email security practices. Overall, the security posture is basic with room for improvement in SSL/TLS deployment and security headers. The website complies with GDPR and provides clear privacy and cookie policies with consent mechanisms. Strategic recommendations include upgrading SSL/TLS, enabling HSTS, and enhancing DNS security to improve trust and compliance.

S

Solvians IT-Solutions GmbH

ivestor.de

0

Ivestor.de is a German financial portal operated by Solvians IT-Solutions GmbH, providing stock prices, currency and commodity rates, and intelligent search tools for investment certificates and leveraged products. The website targets investors and financial market participants in Germany, offering relevant financial news and market data. Technically, the site is built on Angular 14.2.6, uses Matomo for analytics, and employs Microsoft Outlook services for email. The SSL configuration supports TLS 1.2 and 1.3 but lacks advanced security features like HSTS and OCSP stapling. DNS records are properly configured with SPF but lack DNSSEC and DMARC, indicating room for email security improvements. The website's performance is slow, with a load time exceeding 16 seconds, but it is mobile-optimized and SEO-friendly. Security posture is moderate with no critical vulnerabilities detected but could benefit from enhanced security headers and email authentication. Overall, ivestor.de presents a professional and trustworthy financial information service with a solid technical foundation but requires improvements in security and performance to enhance user trust and compliance.

M

M-Wert GmbH

m-wert.de

0

M-Wert GmbH is an independent real estate valuation company operating nationwide in Germany, affiliated with the parent company MünchenerHyp. The company specializes in providing market and mortgage value appraisals, value analyses, and economic feasibility calculations primarily for banks and financial institutions. Their services include property inspections and they maintain multiple regional offices to ensure local presence. The website reflects a professional and consistent brand image with certifications from recognized industry bodies such as HypZert and RICS, enhancing their market credibility. Technically, the website is built on WordPress with common libraries like jQuery and GSAP, optimized for mobile but suffers from slow load times and lacks modern SSL/TLS security configurations. Security posture is weak due to absence of valid SSL certificates and missing security headers, exposing the site to potential risks. Overall, the company maintains a moderate trust level with room for improvement in digital security and privacy compliance.

C

commercetools GmbH

commercetools.com

0

commercetools GmbH is a leading enterprise-grade commerce platform provider specializing in versatile solutions for B2B, B2C, and omnichannel commerce. The company offers a comprehensive suite of services including commerce platform capabilities, solution hubs, payment and AI hubs, premium support, and expert services. Recognized by top analyst firms such as Gartner and IDC, commercetools holds a strong market position with a global enterprise customer base and a robust partner ecosystem. Their platform is designed to empower enterprises with flexibility, scalability, and innovation acceleration. Technically, commercetools leverages modern JavaScript frameworks, cloud hosting on Amazon AWS, and integrates advanced marketing and analytics tools such as Google Tag Manager, VWO, and OneTrust for cookie consent management. The website demonstrates good performance and mobile optimization, with a consistent and professional design that supports a seamless user experience. The technical infrastructure supports extensive tracking and analytics while maintaining compliance with privacy regulations. From a security perspective, commercetools employs a valid SSL certificate, SPF and DMARC email authentication policies, and uses OneTrust for managing cookie consent, indicating a mature approach to data privacy and security. However, there is room for improvement in enabling HSTS, DNSSEC, and additional security headers to enhance protection against common web threats. No critical vulnerabilities or subdomain takeover risks were detected. Overall, commercetools presents a strong digital presence with a secure and compliant infrastructure, well-aligned with enterprise needs. Strategic recommendations include enhancing transport security with HSTS, implementing DNSSEC, and publishing a vulnerability disclosure policy to further strengthen trust and security posture.

A

Alfahosting GmbH

alfahosting.de

0

Alfahosting GmbH is a well-established German web hosting provider founded in 1999, offering a broad range of hosting services including webhosting, domains, servers, reseller hosting, and office products such as Microsoft 365. Positioned as a market leader with multiple awards and a strong customer satisfaction rating, Alfahosting targets both beginners and professional users in Germany. Their infrastructure is hosted in Germany, emphasizing security, availability, and green IT initiatives. Technically, the website uses modern JavaScript libraries and tracking tools, with a custom CMS and a moderate performance profile. Security posture is good with strong TLS configuration and SPF/DMARC email protections, but lacks DNSSEC, HSTS, and OCSP stapling, which are recommended for improvement. The company demonstrates GDPR compliance with a comprehensive privacy policy and cookie consent mechanism. Overall, Alfahosting presents a professional, trustworthy, and customer-focused digital presence with room for security enhancements.

D

dogado.partners

dogado.partners

0

dogado.partners is a specialized cloud and hosting service provider targeting system houses, web agencies, and ITK companies primarily in Germany. As part of the dogado.group, it leverages over 20 years of experience to offer tailored cloud infrastructure, cybersecurity, backup, and collaboration services through various partner programs. The company positions itself as a reliable partner enabling businesses to build and expand their own cloud and hosting offerings with expert support and flexible solutions. Technically, the website employs modern web standards including TLS 1.3, Google Tag Manager for analytics, and a comprehensive cookie consent mechanism ensuring GDPR compliance. Security posture is solid with ISO 27001 certification and no known SSL vulnerabilities, though improvements such as enabling HSTS, DNSSEC, and DMARC could enhance protection. The site demonstrates high professionalism, excellent content quality, and strong trust signals including a high Trustpilot rating. Overall, dogado.partners presents a mature digital presence aligned with its business goals and compliance requirements.

D

dogado GmbH

dogado.de

0

dogado GmbH is a German cloud service provider founded in 2006, specializing in domains, web hosting, virtual servers, digital office tools, and managed cloud services. The company targets small and medium-sized enterprises, offering a comprehensive portfolio that includes WordPress hosting, Microsoft 365, SSL certificates, and spam protection. With ISO 27001 certification and NIS2 compliance, dogado positions itself as a trusted and secure partner in the German market. The website reflects a mature digital presence with excellent content quality, strong branding consistency, and high customer trust as evidenced by a 4.8 Trustpilot rating from over 2600 reviews. Technically, the website employs modern TLS protocols (1.3 and 1.2), uses Google Tag Manager for analytics, and integrates a GDPR-compliant cookie consent mechanism. The infrastructure includes partner platforms such as CloudPit and secure-mailgate for DNS and mail services. However, performance is somewhat slow with a load time exceeding 11 seconds, indicating room for optimization. The site is well optimized for mobile and accessibility, with good SEO practices. From a security perspective, dogado has implemented SPF and DMARC records, though the DMARC policy is set to 'none', which could be strengthened. The SSL configuration is good but lacks HSTS, OCSP stapling, and DNSSEC, which are recommended for enhanced security. The company demonstrates a strong security posture with ISO certification and compliance efforts but could improve technical security headers and policies. Overall, dogado maintains a solid security and compliance foundation suitable for its business model. Strategically, dogado should focus on improving website performance and enhancing security configurations such as enabling HSTS and DNSSEC. Strengthening DMARC policy and achieving certificate transparency compliance would further reduce phishing risks and improve trust. Continued emphasis on customer service and transparent privacy practices will sustain its market position and customer loyalty.

R

Retarus GmbH

retarus.com

0

Retarus GmbH is a leading enterprise cloud services provider specializing in secure and efficient digital communication solutions including email, fax, SMS, and EDI. Positioned as a top player in the secure email market and certified under ISO 27001 and HITRUST, Retarus serves a global enterprise clientele with a comprehensive portfolio of cloud-based messaging platforms. Their services emphasize compliance, reliability, and integration with major business ecosystems such as SAP and Microsoft 365. Technically, the website is built on WordPress with modern frameworks and libraries, hosted on Amazon AWS infrastructure, and employs strong security practices including TLS 1.3, OCSP stapling, and SPF/DMARC email authentication. However, there is room for improvement in DNS security and HTTP security headers. The company demonstrates a mature security posture with certifications and a GDPR-compliant cookie consent mechanism, though incident response contact details are not publicly disclosed. Overall, Retarus presents a professional, trustworthy, and technically sound digital presence aligned with enterprise-grade security and compliance standards.

D

Deutsches Stiftungszentrum

deutsches-stiftungszentrum.de

0

Deutsches Stiftungszentrum is a well-established non-profit organization specializing in foundation consulting and management services in Germany. With over 60 years of expertise and a comprehensive network, it offers a broad range of services including foundation establishment, management, asset management, legal advice, and public relations. The website reflects a professional and consistent brand presence targeting foundation founders and managers. Technically, the site is built on Drupal 10 with modern frontend technologies and uses Usercentrics for cookie consent management, ensuring GDPR compliance. Security posture is basic with valid SPF but lacks DMARC, DNSSEC, and HSTS, which are recommended for enhanced protection. Overall, the site demonstrates good digital maturity and trustworthiness but could improve in security hardening and incident response transparency.

I

Institute for Digital Out of Home Media GmbH

idooh.media

0

The Institute for Digital Out of Home Media GmbH (IDOOH) is a German-based industry association dedicated to advancing the digital out-of-home advertising sector. It serves as a central hub for knowledge exchange, standard development, and market research within the DOOH industry. The website reflects a professional and content-rich platform targeting industry professionals and stakeholders, offering insights, events, and educational resources. Technically, the site is built on WordPress with Elementor and several plugins, but suffers from slow performance and lacks a valid SSL certificate, which poses security risks. The security posture is basic with some good practices like SPF and DMARC records, but critical improvements are needed in SSL configuration and security headers. Overall, the site demonstrates moderate trustworthiness and good compliance with GDPR through cookie consent mechanisms.

O

Outsite Media GmbH

outsite-media.de

0

Outsite Media GmbH is a medium-sized German company specializing in out-of-home (OOH) media advertising, offering services such as Riesenposter, Beamboards, Media walls, and Citybanner. Founded in 2007, the company positions itself strongly in the market with a focus on sustainability and green marketing solutions, catering to advertisers and property owners seeking impactful and environmentally conscious advertising options. The website reflects a professional and consistent brand image with good content quality and active social media engagement. Technically, the website is built on WordPress using the Divi theme and several plugins including Revolution Slider, Contact Form 7, and Usercentrics for cookie consent management. SEO is well addressed with Yoast SEO and structured data implementation. However, the site currently lacks a valid SSL certificate and does not support modern TLS protocols, which is a significant security concern. Performance is moderate with a page load time of about 5.5 seconds, and mobile optimization is good. From a security perspective, the absence of HTTPS and security headers, along with missing DMARC and CAA records, exposes the site to potential risks. The presence of a valid SPF record is a positive aspect for email security. Cookie consent is properly managed via Usercentrics, indicating GDPR compliance. No explicit security policies or incident response information are found on the site. Overall, while the business and technical infrastructure are solid for its market niche, urgent improvements in SSL/TLS configuration and security best practices are recommended to enhance trust and protect user data.

A

Ambient-TV Sales & Services GmbH

ambient-tv.de

0

Ambient-TV Sales & Services GmbH operates a large Digital Out Of Home (DOOH) advertising network in Germany, offering advertisers access to over 50,000 screens across more than 10,000 locations nationwide. The company provides campaign customization and a creative simulator tool to help clients visualize their logos on various screens. Their market position is strong within the German outdoor advertising sector, supported by partnerships with major brands and media groups. Technically, the website is built on modern frameworks such as Next.js and React, hosted on AWS infrastructure, and employs security best practices like TLS 1.3 and OCSP stapling. However, there are areas for improvement in DNS security and HTTP security headers. The security posture is solid but could be enhanced by implementing DNSSEC, DMARC, and HSTS. Overall, the company demonstrates a professional online presence with good user experience and trust indicators, though explicit security and incident response policies are not publicly disclosed.

E

Edgar Ambient Media Group

edgarartscreen.de

0

Edgar Ambient Media Group operates the Edgar Art Screen, a digital communication channel targeting the gastronomy sector in Germany. The service provides free 42" LED screens to bars, bistros, cafes, and restaurants, allowing them to display their own content such as menus and events. The business model is supported by advertising and cultural content, positioning the company as a media provider within the hospitality industry. The website is professionally designed with consistent branding and good content quality, targeting primarily German-speaking users. Technically, the site uses modern web technologies including Webflow CMS, Google Tag Manager, and cloud hosting on AWS. However, the site performance is somewhat slow due to large page size and resource count. Security posture is basic with TLS 1.3 support and no critical vulnerabilities detected, but lacks advanced features like HSTS, DNSSEC, DMARC, and OCSP stapling. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the company demonstrates a solid digital presence with room for security and performance improvements.

E

Edgar Ambient Media Group GmbH

edgarfreecards.de

0

Edgar Ambient Media Group GmbH operates the Edgar Freecards platform, specializing in distributing free postcards as an innovative advertising medium targeting urban audiences, particularly generations Y and Z in Germany. With over 30 years of experience and a presence in more than 4000 locations, the company has established a strong market position in the media sector, leveraging creative and sustainable advertising solutions. The website reflects a mature digital presence with comprehensive content, structured data, and multiple analytics tools integrated for performance and user behavior insights. However, the absence of a valid SSL certificate and modern TLS protocols represents a significant security gap that undermines user trust and data protection. The company demonstrates compliance awareness through a dedicated privacy policy, cookie consent mechanisms, and a compliance hotline linked to its parent group, Ströer OOH. Strategic improvements in security infrastructure and performance optimization are recommended to enhance overall risk posture and user confidence.

S

Ströer

plakate-buchen.de

0

Plakate-Buchen.de is an online advertising booking platform operated by Ströer, focusing on poster and campaign advertising across Germany. The platform offers access to over 300,000 advertising locations with daily updated availability and convenient online payment options, targeting businesses seeking to promote their stores or campaigns locally. The website is primarily in German and provides a phone contact for customer inquiries but lacks visible email contacts or terms of service. Technically, the site runs on an Apache server with modern TLS protocols (TLS 1.3 and 1.2) and uses Google Tag Manager for analytics and tracking. Security headers such as Strict-Transport-Security and X-Content-Type-Options are present, but improvements are needed in HSTS configuration, OCSP stapling, DMARC, DNSSEC, and certificate transparency compliance. The site implements cookie consent with express consent type, aligning with basic GDPR requirements but lacks comprehensive privacy and security policies. Overall, the platform demonstrates a moderate security posture with room for enhancement in email security and transport layer protections.

P

Payconomy GmbH

payconomy.de

0

Payconomy GmbH is a small German technology company specializing in payment automation, order to cash consulting, and enterprise software engineering. The company positions itself as a neutral expert across industries, offering consulting and SaaS solutions primarily focused on billing, finance, and payment automation. Their SAP Silver Partner status enhances their market credibility and indicates a strong partnership with SAP, targeting businesses seeking to digitize and automate payment processes. The website content is professional and well-structured, targeting B2B clients in need of scalable and automated payment solutions. Technically, the website employs Bootstrap and jQuery for frontend development and is hosted on Hetzner infrastructure. Performance is moderate with basic mobile optimization and SEO practices. Security-wise, the site supports modern TLS protocols (TLS 1.3 and 1.2) and has a valid SPF record, but lacks advanced security features such as HSTS, DMARC, DNSSEC, and OCSP stapling. The SSL certificate is valid but not compliant with Certificate Transparency standards, indicating room for improvement in trust and security posture. Overall, the security posture is moderate with no critical vulnerabilities detected but missing several best practices that could enhance protection against phishing and DNS attacks. The absence of cookie consent and limited privacy policy details suggest partial GDPR compliance. The company provides physical contact information but no direct email or phone contacts on the main page, which may affect user engagement and trust. Strategic improvements in security headers, privacy compliance, and contact transparency would strengthen their digital maturity and customer confidence.

S

SoSafe

sosafe-awareness.com

0

SoSafe is a leading European provider specializing in security awareness training and human risk management solutions. The company offers a behavioral science-based platform that empowers organizations to enhance their cybersecurity posture by educating employees and managing human-related risks. Positioned as Europe's largest provider in this niche, SoSafe delivers personalized, gamified training, phishing simulations, an AI-powered chatbot, and a comprehensive human risk management platform. Their market presence is reinforced by multiple certifications including ISO 27001, TISAX, and GDPR compliance, alongside strong customer testimonials and industry recognitions. Technically, SoSafe's website is built on WordPress and integrates a robust set of analytics and marketing tools such as Google Analytics, Matomo, Cookiebot for consent management, HubSpot forms, and Visual Website Optimizer for A/B testing. The infrastructure is hosted on Amazon AWS with DNS managed via Route53. While the site supports modern TLS protocols and has valid SPF and DMARC records, it lacks DNSSEC, CAA records, and HSTS, which are recommended for enhanced security. The website performance is moderate to slow, with room for optimization. From a security perspective, SoSafe demonstrates good practices including strong SSL configuration, OCSP stapling, and comprehensive cookie consent mechanisms. However, there is no public vulnerability disclosure or security.txt file, and incident response contact details are not explicitly provided. The company maintains a strong security posture with certifications and compliance but could improve transparency and DNS security. Overall, SoSafe presents a mature digital presence with a focus on privacy and compliance, extensive integration with enterprise platforms, and a clear commitment to security awareness. Strategic improvements in DNS security and incident response transparency would further strengthen their security posture and trustworthiness.

R

RTL+

rtlplus.de

0

RTL+ is a major German media streaming platform offering a wide range of entertainment content including live TV, movies, series, podcasts, music, and audiobooks. It operates under RTL interactive GmbH and provides tiered subscription packages to cater to diverse customer needs. The platform is well-positioned in the German media market with a strong brand presence and extensive content library. Technically, RTL+ utilizes modern web technologies such as Angular, Google Tag Manager, and Sourcepoint for consent management, hosted on EuroDNS infrastructure. The website demonstrates good SEO, mobile optimization, and accessibility standards, though performance is moderate due to resource load. Security-wise, the site employs TLS 1.2 with strong cipher suites and has valid SPF and DMARC records, but lacks TLS 1.3, HSTS, and OCSP stapling, which are recommended for enhanced security. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, RTL+ presents a professional, trustworthy, and user-friendly streaming service with room for security enhancements.