Security Directory

C

CatalystOne Solutions AS

catalystone.com

0

CatalystOne Solutions AS is a Nordic leader in Human Capital Management (HCM) software, offering a comprehensive cloud-based HR software suite tailored for medium and large organizations. Their platform supports core HR functions including talent management, performance management, and learning management, serving a broad audience from HR managers to senior and IT management. The company emphasizes Scandinavian values and aims to empower organizations through data-driven insights and streamlined HR processes. Technically, the website is built on the HubSpot CMS platform, integrating modern marketing and analytics tools such as Google Analytics 4, HubSpot tracking, and Cookiebot for privacy compliance. The site demonstrates good mobile optimization, accessibility, and SEO practices, reflecting a mature digital presence. Security-wise, the site enforces HTTPS, employs security headers, and uses a robust cookie consent mechanism, although explicit incident response contacts and vulnerability disclosure mechanisms are not publicly evident. Overall, the domain registration data aligns well with the business claims, reinforcing the site's legitimacy and trustworthiness.

F

Fire Fighting Systems

fifisystems.com

0

Fire Fighting Systems (FFS) is a Norway-based company specializing in the design, engineering, and manufacturing of large firefighting systems for marine and land applications. The company holds a strong global market position with a 70% share in marine firefighting systems and offers comprehensive services including production and after-sales support. Their target audience includes marine vessels, offshore vessels, industrial plants, and refineries. The website reflects a professional and consistent brand image with clear contact information and social media presence. Technically, the website is built on the Webflow platform, utilizing modern web technologies such as Google Tag Manager, Google Analytics, Facebook Pixel, and LinkedIn Insight Tag for analytics and marketing. The site is well-optimized for performance, mobile responsiveness, and SEO, with structured data implemented for local business identification. Privacy compliance is addressed through a cookie consent banner with granular controls and Google Consent Mode integration. From a security perspective, the site enforces HTTPS with excellent SSL configuration and employs best practices in privacy and consent management. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced trust and compliance. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a solid digital presence with good security posture and privacy compliance, supporting the company's credibility and market leadership. Strategic improvements in security transparency and incident response readiness would further strengthen their position.

P

PearlConvert

convert.no

0

PearlConvert is a Norwegian digital commerce expert company specializing in developing and operating digital commerce solutions using leading platforms such as Omnium, Commercetools, Adobe Commerce, and SAP Commerce. The company positions itself as a medium-sized enterprise with over 100 specialists including UX designers, PIM experts, developers, SEO specialists, solution architects, and marketers. Their market position is strong within Norway, serving reputable clients and leveraging partnerships with global technology leaders. The website is professionally designed, mobile-optimized, and rich in relevant content targeting B2B e-commerce businesses and digital commerce stakeholders. Technically, the site uses modern frameworks and integrates marketing and analytics tools such as HubSpot, Google Analytics, Cookiebot, and social media pixels, ensuring good digital maturity and compliance with GDPR through cookie consent and privacy policies. Security posture is good with HTTPS enforced and standard security practices, though some security headers and public security policies could be improved. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

D

DNB Bank ASA

dnb.no

0

DNB Bank ASA is Norway's largest financial institution, offering a comprehensive range of banking and financial services to both private individuals and businesses. The website reflects a strong market position with clear navigation and extensive service offerings including loans, savings, insurance, pensions, and investment solutions. The company maintains a consistent and professional brand image across its digital presence. Technically, the site is built on modern frameworks such as React and Gatsby, with performance optimizations and mobile responsiveness. Security measures include HTTPS, use of security headers, and secure form handling, with no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, featuring comprehensive privacy and cookie policies with active consent mechanisms. Overall, the site demonstrates a high level of professionalism, trustworthiness, and digital maturity.

Onitio Norge AS is a medium-sized IT services company operating across the Nordics, specializing in sustainable IT solutions, consulting, and technology services for sectors including retail, pharmacy, transport, and logistics. The company positions itself as a trusted partner enabling customers to focus on their core business by managing IT needs comprehensively. The website reflects a mature digital presence with modern technologies such as React, Next.js, and integrations with HubSpot and Google Tag Manager, indicating a well-developed technical infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not publicly available. Overall, the site is professional, GDPR compliant, and trustworthy, with room for improvement in transparency around security and vulnerability disclosures.

T

Telenor Group

telenor.com

0

Telenor Group is a leading multinational telecommunications company connecting customers across the Nordics and Asia. The company offers a broad range of telecom services including mobile and fixed networks, with a strong emphasis on innovation such as sovereign AI infrastructure. Their website reflects a mature digital presence with comprehensive investor relations, ESG initiatives, and corporate governance information. Technically, the site uses modern frameworks like Vue.js and Nuxt.js, supported by tag management tools such as Tealium and Google Tag Manager, ensuring a performant and responsive user experience. Security posture is strong with HTTPS enforcement, security headers, and a clear cookie consent mechanism, though explicit security policies and incident response contacts are not publicly detailed. Overall, Telenor demonstrates high business credibility and digital maturity, positioning itself as a trustworthy and professional entity in the telecommunications sector.

P

Prosafe

prosafe.com

0

Prosafe is a leading owner and operator of semi-submersible offshore accommodation vessels, holding the largest and most versatile fleet globally. Their vessels provide accommodation for 159 to 500 people and are equipped with high-quality welfare, catering, and safety facilities. The company targets offshore energy operators and investors, positioning itself as a market leader in offshore accommodation services. The website reflects a professional corporate presence with comprehensive investor relations and sustainability information. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and ExactMetrics for analytics. It uses Google Tag Manager and Google Analytics for tracking, with cookie consent mechanisms in place. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Performance is moderate, with room for improvement in technical optimization. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks explicit security policy pages and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business identity, supporting legitimacy. Overall, the security posture is solid but could be enhanced by adding security headers and formal policies. The overall risk is low, with recommendations focusing on improving security transparency and technical hardening to maintain trust and compliance in a regulated industry.

T

The Storebrand Group

storebrand.com

0

The Storebrand Group is a well-established financial services company operating primarily in the Nordic region, specializing in long-term savings, insurance, asset management, and occupational pensions. With a domain age of over 28 years and a strong market position as Norway's largest asset manager, the company demonstrates maturity and trustworthiness. The website content is professionally presented, targeting both private and corporate customers with clear navigation and relevant business information. Technically, the site uses modern web technologies including Apache, jQuery, and Google Tag Manager, hosted on Google Cloud infrastructure, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced, appropriate security headers, and a valid SSL certificate covering multiple related domains. Privacy compliance is evident with a comprehensive privacy and cookie policy and consent mechanisms in place. Overall, the site reflects a high level of digital maturity and business credibility.

S

Storebrand

storebrand.se

0

Storebrand is a well-established Nordic financial services group specializing in pensions, insurance, and asset management. With a history dating back to 1767 and assets under management exceeding 1,400 billion NOK, it holds a leading market position in Norway and the broader Nordic region. The website reflects a mature business with clear branding, comprehensive service offerings, and a focus on sustainability. Technically, the site uses modern frameworks such as Blazor and integrates with Salesforce and various analytics and marketing tools, indicating a high level of digital maturity. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy compliance is strong, with clear cookie and privacy policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

W

World Data Lab

worlddata.io

0

World Data Lab is a mature data analytics company specializing in global consumer and demographic insights, offering detailed forecasting across numerous categories and geographies. Their platform, World Data Pro, leverages advanced data science and peer-reviewed methodologies to provide credible and consistent intelligence to businesses and policymakers. The company maintains a professional digital presence with clear navigation, consistent branding, and integration of modern marketing and analytics tools, hosted on HubSpot and protected by Cloudflare. However, a critical security gap exists due to the absence of a valid SSL certificate and proper HTTPS configuration, which undermines user trust and data security. Privacy compliance is partial, with a privacy policy present but no detected cookie consent mechanism. Contact information is primarily via web forms, with no direct emails or phone numbers published. Social media presence is active on major platforms. Overall, the website is functional and credible but requires urgent security improvements to meet modern standards.

K

KIWI Norge AS

kiwi.no

0

KIWI Norge AS operates a large grocery retail chain in Norway with nearly 700 stores, targeting Norwegian consumers seeking affordable and convenient grocery shopping. The website provides rich content including store locators, customer magazines, and loyalty program information (KIWI PLUSS). Technically, the site is built on ASP.NET MVC with AngularJS and integrates multiple third-party services such as Google Analytics and Piwik Pro for analytics and marketing. The site is hosted on Microsoft Azure and uses modern web technologies but lacks a valid SSL certificate, resulting in insecure HTTP connections. Security headers like Content-Security-Policy are present but could be hardened further. Privacy and cookie policies are comprehensive and GDPR compliant, linked to the trusted trumf.no domain. Contact information is clearly provided with phone numbers and physical address, and social media presence is active. Overall, the site is professional and trustworthy but has a critical security gap due to missing HTTPS.

Dynea AS is a Norwegian-based manufacturer specializing in wood adhesives and related chemical solutions, serving primarily the European market with additional sales in Asia, Africa, and the Americas. The company offers a broad portfolio of products including amino-based resins, polyurethanes, emulsion polymers, and hot melt adhesives, complemented by services such as consulting, tank cleaning, and toll production. Established in 1947, Dynea maintains a strong market position as a leader in the European wood adhesives sector with multiple production sites and subsidiaries. Technically, the website employs modern front-end technologies such as Bootstrap, AOS, and Swiper, providing a good user experience with responsive design and clear navigation. However, the site lacks HTTPS support and a valid SSL certificate, which critically undermines its security posture. The absence of cookie consent mechanisms and limited privacy compliance features further highlight areas for improvement. From a security perspective, the site shows no evidence of common vulnerabilities like Heartbleed or POODLE but suffers from the lack of encryption and security headers. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims, supporting trustworthiness despite technical security shortcomings. Overall, Dynea's website reflects a professional and established business with solid content and branding but requires urgent security enhancements to protect user data and comply with modern web security standards.

Y

Yara International ASA

yara.com

0

Yara International ASA is a global leader in crop nutrition, ammonia, and industrial nitrogen solutions, with a strong focus on sustainability and decarbonization of food and energy-intensive industries. The website presents comprehensive business information, targeting farmers, industrial clients, investors, and job seekers, reflecting a mature and enterprise-level business model. Technically, the site uses modern JavaScript libraries, Google Tag Manager, Azure Application Insights, and Cloudflare CDN, indicating a robust digital infrastructure. However, a critical security weakness is the invalid SSL certificate and lack of TLS protocol support, which severely impacts the security posture. The site implements good security headers and GDPR-compliant cookie consent mechanisms, showing awareness of privacy and security best practices. Overall, the website is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

D

DeepOcean

deepoceangroup.com

0

DeepOcean is a leading ocean services provider specializing in accelerating sustainable use of ocean resources. The company operates across multiple sectors including renewables, oil and gas, and ocean minerals, offering full lifecycle services such as survey, project management, engineering, maintenance, and recycling. With a strong emphasis on digitalization and remote operations, DeepOcean positions itself as a technology-driven leader in the energy transition space. The website reflects a professional and consistent brand image targeting industry stakeholders, investors, and potential employees. Technically, the website is built on the Webflow platform, leveraging modern web technologies including jQuery, Google Tag Manager, and Cookiebot for consent management. Hosting and CDN services are provided via Cloudflare and Webflow. While the site demonstrates good design quality, mobile optimization, and SEO practices, performance metrics are unavailable. Accessibility is basic but present. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. Although some security headers are present, the absence of TLS protocols and cipher suites severely undermines the security posture. Cookie consent mechanisms are implemented, and privacy policies are comprehensive and GDPR compliant. However, incident response and vulnerability disclosure information are missing. Overall, the website is credible and professionally maintained but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include immediate SSL deployment, enhanced security header configurations, and the addition of incident response contacts to strengthen the security culture and compliance posture.

G

Grand Hotel Oslo

grand.no

0

Grand Hotel Oslo is a historic and iconic hospitality business located in the heart of Oslo, Norway. It offers premium hotel accommodations, multiple restaurants and bars, event hosting facilities, and spa services. The hotel targets tourists, business travelers, and event organizers, positioning itself as a luxury and culturally significant venue. The website reflects a professional and consistent brand image with clear business information and trust indicators such as environmental certification and social media presence. Technically, the site uses modern JavaScript libraries and integrates Google Analytics and Tag Manager for tracking, hosted likely on Microsoft Azure infrastructure. However, a critical security gap exists as the website lacks HTTPS/SSL encryption, exposing visitors to potential risks. Privacy and cookie policies are present and GDPR compliant, but no explicit security or incident response policies are found. Overall, the website is functional and content-rich but requires urgent security improvements to protect user data and enhance trust.

N

Norske Skog ASA

norskeskog.com

0

Norske Skog ASA is a well-established Norwegian manufacturing company specializing in publication and packaging paper products, with a strong emphasis on sustainability and innovation. The company holds a significant market position as one of the largest suppliers of newsprint and recycled containerboard in Europe. Their website reflects a professional business with clear investor relations, product information, and sustainability commitments. Technically, the site uses a traditional tech stack including jQuery, Bootstrap, and Dynamicweb CMS, with Google Tag Manager for analytics. However, the absence of HTTPS and modern security protocols is a critical vulnerability that undermines user trust and data security. Privacy compliance is minimal, with a basic privacy policy but no cookie consent mechanism. Overall, the website is content-rich and professionally presented but requires urgent security improvements.

E

efficy

tribecrm.no

0

Tribe CRM, operated by efficy, is a modern, no-code CRM platform designed to help businesses grow by providing customizable tools for sales, marketing, and customer service. The platform integrates AI features and workflow automation to enhance productivity and customer engagement. Positioned as a flexible and scalable solution, Tribe CRM serves over 10,000 customers and offers tiered subscription plans with a free trial option. Technically, the website is built on WordPress with a suite of modern plugins and analytics tools, including Piwik PRO and Cookiebot for privacy compliance. However, a critical security gap exists as the site lacks a valid SSL certificate and does not serve content over HTTPS, exposing users to potential risks. The site is well-designed, mobile-optimized, and provides comprehensive privacy and cookie policies, reflecting a strong commitment to GDPR compliance. Overall, while the business and technical maturity are solid, urgent improvements in security infrastructure are necessary to protect user data and enhance trust.

A

APSIS

apsis.no

0

APSIS operates a modern marketing platform, Apsis One, focused on AI-driven email marketing and automation to help businesses grow through personalized customer experiences. The platform integrates multiple marketing tools including email, SMS, surveys, and event management, targeting marketers and enterprises seeking an all-in-one solution. The website is professionally designed using Drupal 10 and integrates popular marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag, demonstrating a mature digital marketing infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing the site to potential risks and undermining user trust. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security policy or incident response information is provided. Overall, the site is content-rich and credible but requires urgent security improvements to protect user data and maintain trust.

B

Banqsoft AS

banqsoft.com

0

Banqsoft AS is a medium-sized Norwegian company specializing in financial software solutions for the Nordic market, focusing on asset finance, digital banking, and credit management. The company offers comprehensive software suites and add-on services designed to digitize and optimize financial operations for its clients. Banqsoft holds recognized certifications such as ISO 14001 and ISO 27001, underscoring its commitment to sustainability and information security. The website reflects a professional and consistent brand presence with good content quality and user experience.

S

Sikt

sikt.no

0

Sikt is a Norwegian public agency providing shared digital services and infrastructure to the education and research sectors. The organization offers a broad portfolio of services including network solutions, data sharing, cybersecurity, and research data archiving, positioning itself as a key national service provider. The website reflects a mature digital presence with excellent content quality, clear navigation, and professional design tailored to its target audience of students, researchers, and educational institutions. Technically, the site uses modern frameworks such as Next.js and Drupal CMS, and integrates privacy-conscious analytics tools like Matomo and Siteimprove. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which are critical issues that must be addressed to ensure secure communications and trust. Privacy compliance is well handled with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of its SSL/TLS configuration to meet security best practices.

S

Sikt

uninett.no

0

Sikt is a Norwegian public agency providing shared digital infrastructure and services to the education and research sectors. The website clearly communicates its role as a key service provider supporting digitalization, data sharing, and open research for knowledge institutions in Norway. The target audience includes students, researchers, and educational organizations. The business model is that of a government agency offering essential infrastructure and services nationally. Technically, the website is built on modern frameworks such as Next.js and Drupal, with good mobile optimization and accessibility. However, performance is moderate and could be improved. Security posture shows critical weaknesses, notably an invalid SSL certificate and lack of modern TLS protocols, which significantly reduce the security score. Privacy compliance is good with clear privacy and cookie policies, though no explicit consent mechanism is observed. Business credibility is high due to consistent branding, professional content, and clear contact channels via forms. Overall, the site is trustworthy but requires urgent SSL and security improvements to protect users and data.

A

Agilera Pharma AS

agilera.no

0

Agilera Pharma AS is a Norwegian-based contract development and manufacturing organization (CDMO) specializing in radio-pharmaceuticals, providing comprehensive services from preclinical development to commercial production and global distribution. The company holds regulatory approvals across major global markets including the USA, Japan, Europe, Latin America, and China, positioning itself as a key player in the healthcare sector focused on cancer medicine. Their website reflects a professional and consistent brand image targeting pharmaceutical companies and researchers worldwide. Technically, the website is built on WordPress and utilizes common web technologies such as jQuery and Swiper.js. However, performance is suboptimal with slow load times and a large page size. Mobile optimization is good, but accessibility features are basic. SEO practices are adequately implemented with proper meta tags and language alternates. From a security perspective, the site lacks a valid SSL certificate and does not support any TLS protocols, which is a critical vulnerability impacting user trust and data security. While SPF and DMARC email security measures are in place, other security headers and best practices are missing. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism, aligning with GDPR requirements. Overall, the website presents moderate business credibility and good content quality but suffers from critical security shortcomings. Immediate remediation of SSL/TLS issues is essential to improve security posture and user trust. Strategic enhancements in performance and security headers would further strengthen the site’s resilience and professionalism.

O

OsloMet

oslomet.no

0

OsloMet is a Norwegian state university specializing in education and research across health, society, technology, and pedagogy. It holds a significant position as a major urban university in Norway, offering a broad range of higher education programs and engaging in active research collaborations. The website targets students, researchers, and the academic community, providing comprehensive information about studies, research news, and collaboration opportunities. Technically, the site employs modern JavaScript libraries such as jQuery and LoadJS and integrates Siteimprove Analytics for performance and accessibility monitoring. However, the website suffers from a critical security deficiency due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. The security posture is further weakened by missing security headers and lack of HSTS, although email authentication via DMARC is properly configured. Overall, the site demonstrates good content quality, accessibility, and business credibility but requires urgent security improvements to protect user data and maintain trust.

I

IFE, Institute for Energy Technology

ife.no

0

IFE, Institute for Energy Technology, is a Norwegian research institute specializing in energy and nuclear technology. The organization focuses on research and development, innovation, and managing technology properties, serving researchers, industry partners, and students. The website reflects a medium-sized, established entity with ISO certifications and a clear presence in the energy sector. Technically, the site is built on WordPress with modern SEO and cookie consent implementations but suffers from slow performance and lacks a valid SSL certificate, which impacts security. The security posture is basic with HSTS enabled but missing critical SSL configurations and OCSP stapling. Privacy compliance is strong with GDPR-aligned cookie consent and a comprehensive privacy policy. Contact information and social media presence enhance business credibility. Overall, the site is professional but requires improvements in security and performance to enhance trust and user experience.

W

WEBCRUITER AS

talentech.io

0

Talentech.io is a technology-focused B2B SaaS platform operated by WEBCRUITER AS, a Norwegian company founded in 2019. The platform aims to build a powerful talent ecosystem and streamline HR processes through automation, targeting HR professionals and organizations. The website demonstrates a professional design with consistent branding and uses modern frontend technologies such as Bootstrap and Font Awesome Pro. It is hosted on Microsoft Azure infrastructure and integrates Microsoft Application Insights for monitoring. However, the website lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Additionally, no privacy, cookie, or terms of service policies are present, indicating gaps in compliance and user trust. Contact information is limited to a login form without direct emails or phone numbers. Overall, the site shows moderate digital maturity but requires significant improvements in security and privacy compliance to enhance trust and protect user data.

S

Smelt by Polaria

smeltbypolaria.no

0

Smelt by Polaria is a Norwegian e-commerce retailer specializing in sustainable, locally sourced interior and lifestyle products. The company targets environmentally conscious consumers in Norway, offering a broad product range from Nordic and European suppliers. Their business model focuses on online sales with additional services like click-and-collect and flexible payment options. The website demonstrates good content quality, clear navigation, and consistent branding, supported by trust signals such as certifications and customer reviews. Technically, the site uses modern JavaScript libraries and frameworks but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which severely impacts security posture. Privacy compliance is well addressed with a comprehensive cookie consent mechanism. Overall, the site is functional and professional but requires urgent security improvements to protect user data and build trust.

N

NILU

nilu.com

0

NILU is a well-established independent non-profit research institute based in Norway, specializing in climate and environmental research. Founded in 1969, it holds a strong market position as an internationally leading research organization offering services such as laboratory analysis, environmental solutions, and scientific publications. The website reflects a professional and consistent brand image targeting researchers, industry stakeholders, and policymakers. Technically, the site is built on WordPress with a modern tech stack including Bootstrap and jQuery, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Security posture is weak due to missing HTTPS and modern TLS protocols, although HSTS is enabled. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information and certifications are clearly presented, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements.

C

CIENS

ciens.no

0

CIENS is a prominent Norwegian research community specializing in environment, climate, and societal studies, composed of several reputable research institutes. The website serves as an information hub for their collaborative projects, events, and partner institutions. Technically, the site is built on WordPress with SEO optimizations via Yoast and uses Google Analytics for visitor tracking. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. The absence of security headers and cookie consent mechanisms further weakens its security and privacy posture. Business information is clear but limited to physical address and partner mentions, with no direct contact emails or phone numbers provided. Overall, the site is functional but requires significant security and privacy improvements to meet modern standards.

N

NORIN

norin.no

0

NORIN is a Norwegian research alliance comprising three prominent institutes: IFE, NIVA, and NILU. The alliance focuses on advancing research in energy, environment, climate, digitalization, and societal security. The website presents a professional and consistent brand image, targeting stakeholders in research, policy, and environmental sectors. Technically, the site is built on WordPress with Elementor and several plugins, hosted likely by ProISP. However, the site lacks a valid SSL certificate, resulting in HTTP-only access, which is a significant security concern. The cookie consent mechanism is implemented and appears GDPR compliant, but no privacy policy or terms of service are found, which may affect compliance and user trust. Security headers are missing, and performance is slow with a high load time and large page size. Overall, the site is functional and informative but requires urgent improvements in security and privacy compliance to enhance trust and protect users.

N

Nofim AS

nofima.com

0

Nofima is a Norwegian government-affiliated research institute specializing in applied research within fisheries, aquaculture, and food systems. It serves a broad audience including industry actors, research partners, and public sector entities. The organization is large with over 380 employees and is positioned as a leading institute in its sector in Norway. The website reflects a professional and comprehensive digital presence with rich content, structured navigation, and multilingual support. Technically, the site is built on WordPress with modern libraries and plugins, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Security posture is weak due to missing HTTPS, lack of security headers, and absence of DMARC and DNSSEC configurations. Privacy compliance is partial, with privacy and cookie policies present but no active consent mechanism. Overall, the site is trustworthy and credible but requires urgent security improvements to protect user data and enhance trust.

F

Forskning.no

forskning.no

0

Forskning.no is a leading Norwegian online news portal specializing in research and science news, serving a broad audience including the general public, youth, and academic communities. The site offers diverse content across multiple scientific disciplines and operates several sister sites targeting specific audiences. Technically, the site is built on the Labrador CMS and uses modern web technologies and third-party services for analytics and advertising. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Contact information is transparent and accessible, enhancing business credibility. Overall, while the content and user experience are excellent, the lack of HTTPS is a major risk that should be addressed promptly.

Polaria is a well-established Arctic experience center located in Tromsø, Norway, with a strong focus on education, sustainability, and family-friendly tourism. The organization operates a physical center featuring aquariums, seal exhibits, guided tours, and a panoramic cinema, supported by ticket sales and an online store. The website is built on WordPress, hosted on WP Engine with Google Cloud infrastructure, and uses modern web technologies including multilingual support via Weglot. While the site content and business information are comprehensive and professionally presented, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing visitors to potential risks. Privacy policies are present but cookie consent mechanisms are lacking, indicating partial compliance with GDPR requirements. The domain is mature and legitimate, with consistent WHOIS data and multiple certifications that reinforce trust. Strategic improvements in security and privacy compliance are recommended to enhance overall risk posture and user trust.

N

Norwegian Geotechnical Institute (NGI)

ngi.no

0

The Norwegian Geotechnical Institute (NGI) operates a professional and content-rich website focused on geotechnical research, consulting, and education primarily serving Norwegian and international engineering and environmental sectors. The site offers detailed information on their research areas, projects, and career opportunities, targeting professionals, researchers, and students in geotechnical and environmental fields. Technically, the website uses modern JavaScript frameworks, Azure Application Insights, Matomo analytics, and is hosted behind Cloudflare, with Episerver CMS indications. However, a critical security weakness is the absence of a valid SSL certificate and disabled TLS protocols, severely impacting secure communications and trust. Privacy and cookie policies are implemented with consent mechanisms, but no explicit terms of service or security policy pages were found. Contact information includes a verified company email but lacks explicit phone numbers or physical addresses in the HTML content. Social media presence is active across major platforms. Overall, the website is professionally designed and functional but requires urgent security improvements to meet modern standards.

N

Nofima AS

nofima.no

0

Nofima AS is a leading Norwegian food research institute specializing in research and development for the aquaculture, fisheries, and food industries. The organization serves a broad audience including food producers, government agencies, and scientific communities. Their business model focuses on providing research services, knowledge dissemination, and training to support sustainable food production. The website is professionally designed, content-rich, and well-branded, reflecting a strong market position in the government sector. Technically, the site is built on WordPress with modern plugins and libraries, hosted behind Cloudflare, and uses Matomo for privacy-conscious analytics. However, the security posture is weakened by an invalid SSL certificate and lack of TLS support, which is a critical risk. Privacy compliance is good with clear privacy and cookie policies, though no explicit terms of service or security policies are published. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility.

N

Norsk institutt for naturforskning

nina.no

0

Norsk institutt for naturforskning (NINA) is a well-established independent research foundation in Norway focused on nature and the interaction between nature and society. The organization provides research, environmental monitoring, consulting, and evaluation services with a multidisciplinary team of natural and social scientists. Their website reflects a mature digital presence with rich content including news, blogs, and service information targeting researchers, policymakers, and the public interested in biodiversity and sustainability. Technically, the site is built on the DNN CMS platform using ASP.NET and integrates several third-party modules and services. However, the website suffers from a critical security shortfall due to the lack of a valid SSL certificate and proper HTTPS configuration, exposing users to potential risks. Privacy compliance is basic with no visible cookie consent mechanisms, and no explicit security or incident response policies are published. Overall, the site is credible and professional but requires urgent improvements in security and privacy compliance to meet modern standards.

N

Norsk institutt for luftforskning

nilu.no

0

NILU (Norsk institutt for luftforskning) is a well-established Norwegian non-profit research institute specializing in climate and environmental research. Founded in 1969, it holds a strong market position as an internationally leading institute in its field. The website reflects a professional and content-rich platform targeting researchers, policymakers, and environmental stakeholders. NILU offers a range of services including atmospheric research, urban air quality studies, environmental toxin analysis, and laboratory services. The organization is ISO 9001 and ISO 14001 certified, reinforcing its credibility and commitment to quality and environmental management. Technically, the website is built on WordPress with modern libraries such as jQuery, Bootstrap, and Select2, hosted behind Cloudflare. The site demonstrates good mobile optimization, accessibility, and SEO practices. However, performance metrics are unavailable, and some technical debt exists in the form of missing or invalid SSL/TLS configuration, which is a critical security concern. Security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, exposing users to potential risks. While security headers are present, the lack of HTTPS and HSTS reduces overall security. Privacy compliance is good with a comprehensive GDPR-compliant privacy policy, but the absence of a cookie consent mechanism is a gap. Contact information is complete and transparent, including email, phone, and physical addresses, alongside active social media channels. Overall, NILU's website is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust. Strategic recommendations include implementing a valid SSL certificate, enabling modern TLS protocols, and adding cookie consent mechanisms to enhance privacy compliance.

N

Norsk institutt for kulturminneforskning (NIKU)

niku.no

0

Norsk institutt for kulturminneforskning (NIKU) is a Norwegian research institute specializing in cultural heritage research and consultancy services for both public and private sectors. The website presents a professional and content-rich platform showcasing their projects, news, and services, targeting stakeholders interested in archaeology, conservation, and cultural heritage. The organization maintains a consistent brand presence with active social media channels and a newsletter subscription option. Technically, the site is built on WordPress hosted on WP Engine with integrations such as Algolia Search, Google Tag Manager, and Hotjar, indicating a moderate level of digital maturity. However, the website suffers from a critical security issue with an invalid SSL certificate and lacks modern TLS protocol support, which undermines user trust and security. Privacy compliance is partial, with a clear privacy policy but no cookie consent mechanism detected. Overall, the site is credible and professional but requires urgent security improvements.

N

Norsk institutt for bioøkonomi

nibio.no

0

NIBIO (Norsk institutt for bioøkonomi) is a large Norwegian government research institute specializing in bioeconomy, agriculture, environment, and resource management. With approximately 750 employees, it holds a strong market position as a key knowledge provider in sustainable food production, plant health, forestry, and agricultural economics. The website reflects a mature and professional organization with comprehensive content targeting researchers, policymakers, and agricultural stakeholders. Technically, the site employs modern analytics (Matomo), consent management (Cookiebot), and uses frameworks like Bootstrap and Handlebars, hosted likely on Uninett infrastructure. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS, which is a critical vulnerability. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and professionally maintained but urgently needs to address its SSL/TLS configuration to improve security and user trust.

N

Norges geologiske undersøkelse (NGU)

ngu.no

0

Norges geologiske undersøkelse (NGU) is a Norwegian government agency specializing in geological surveying and dissemination of geological knowledge. The website serves as a portal for geologic maps, scientific publications, and news relevant to geology in Norway, targeting researchers, government bodies, and the public. The organization holds a strong national position as the authoritative source for geological data and services. Technically, the website is built on Drupal 10 with Matomo analytics integration, demonstrating a modern but self-hosted infrastructure. However, the site suffers from slow load times and lacks a valid SSL certificate, which critically impacts its security posture. While privacy and cookie policies are present, there is no explicit cookie consent mechanism, and no visible terms of service or security policies are published. Contact information is comprehensive and clearly presented, enhancing business credibility. Overall, the site is professional and trustworthy but requires urgent improvements in security and performance to meet modern standards.

K

Kystverket

kystverket.no

0

Kystverket is a Norwegian government agency responsible for maritime safety, navigation, and environmental protection along the Norwegian coast. The website serves as a portal for digital maritime services, including navigation aids, real-time ship tracking, and environmental alerts. It targets maritime professionals, coastal communities, and the general public interested in maritime affairs. The agency holds a strong national position as the authoritative maritime body in Norway. Technically, the website leverages Microsoft Azure infrastructure, ASP.NET Core framework, and integrates advanced analytics and consent management tools such as Microsoft Application Insights, Google Tag Manager, and Cookie Information. The site uses Episerver CMS and Cloudflare for CDN services. Despite a rich technical stack, the site suffers from critical SSL/TLS misconfigurations, lacking a valid certificate and disabling all TLS protocols, which severely impacts security posture. Security-wise, while the site implements HSTS with preload and includes no known major vulnerabilities like Heartbleed or POODLE, the absence of a valid SSL certificate and TLS support is a critical flaw. Cookie consent and privacy policies are comprehensive and GDPR compliant, reflecting good privacy practices. Contact information and social media presence enhance trust and transparency. Overall, the site is professionally designed with good content quality and user experience but requires urgent remediation of SSL/TLS issues to ensure secure communications. Strategic recommendations include fixing the SSL certificate, enabling modern TLS protocols, and improving OCSP stapling and session resumption. These steps will significantly enhance the security posture and user trust.

K

Kartverket

kartverket.no

0

Kartverket is the Norwegian government agency responsible for geographic information, managing the national property register, and registering property ownership and shares in housing cooperatives. The website serves a broad audience including Norwegian citizens, public agencies, and businesses requiring geographic and property data. It holds a strong market position as the authoritative source for mapping and property registration in Norway. Technically, the site uses modern JavaScript frameworks and Google Tag Manager for analytics but suffers from slow load times and lacks a valid SSL certificate, which is a critical security flaw. The security posture is weak due to missing HTTPS, TLS protocols, and security headers, exposing users to potential risks. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

D

Direktoratet for strålevern og atomsikkerhet

dsa.no

0

Direktoratet for strålevern og atomsikkerhet (DSA) is a Norwegian government directorate responsible for radiation protection and nuclear safety. The organization operates as a national authority providing regulatory oversight, monitoring radioactive emissions, and disseminating information to the public and relevant sectors such as veterinary and medical fields. The website serves as an official communication channel offering news, regulatory information, publications, and contact resources. It targets Norwegian citizens, government agencies, and professional sectors involved with radiation safety. Technically, the website is built on the Enonic CMS platform, hosted on Fastly CDN, and employs modern web technologies including jQuery and Google Tag Manager. The site supports TLS 1.3 and 1.2 with strong cipher suites, ensuring secure communications. However, performance is suboptimal with a slow load time and a large page size. Accessibility and SEO optimizations are well implemented, and the site is mobile responsive. From a security perspective, the site enforces HTTPS with valid certificates and implements SPF and DMARC email authentication policies with strict reject rules, reducing email spoofing risks. The absence of HSTS and DNSSEC are notable gaps. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. Overall, the website demonstrates a strong security posture and credible business presence consistent with a government agency. Recommendations include enabling HSTS, DNSSEC, and OCSP stapling to further harden security. Performance improvements would enhance user experience. The domain registration data aligns well with the organization's identity, supporting high trustworthiness.

iFram is a specialized website operated by Framsenteret Drift a/s, serving as an information hub for researchers and users involved in the Fram Centre research cooperation in Norway. The site provides comprehensive details about research programs, projects, meetings, and funding opportunities, targeting a niche audience of research professionals and stakeholders. The business operates within the government and non-profit sectors, focusing on research support and knowledge dissemination. Technically, the website is built on WordPress with common libraries such as jQuery and Bootstrap, but suffers from slow performance and lacks modern security implementations such as HTTPS and security headers. The absence of a valid SSL certificate and security best practices significantly impacts the site's security posture, exposing it to potential risks. Privacy compliance is minimal, with no active consent mechanisms despite the presence of a cookie policy. Overall, the site demonstrates moderate business credibility but requires urgent security and privacy improvements to enhance trust and compliance.

F

Framsenteret Drift AS

framforum.com

0

Framforum is a specialized online publication operated by Framsenteret Drift AS, focusing on climate, environment, and people in the High North, particularly the Arctic region. The website serves as a communication platform for research notes, profiles, retrospectives, and editorials related to Arctic environmental research, targeting researchers, journalists, and interested public. The business operates as a non-profit entity with a clear affiliation to the Fram Centre, a recognized research center in Norway. Technically, the website is built on WordPress, utilizing common web technologies such as jQuery, Font Awesome, and Google Fonts, with Matomo and Google Tag Manager for analytics. However, the site suffers from a critical security shortfall: it lacks a valid SSL certificate and does not serve content over HTTPS, which undermines user trust and data security. While HSTS is enabled, it is ineffective without proper SSL/TLS configuration. Privacy compliance is minimal, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Contact information is clearly provided, enhancing business credibility. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect users and enhance trust.

N

Nansensenteret

nersc.no

0

Nansensenteret (NERSC) is a Norwegian government-affiliated research center specializing in climate, ocean, sea ice, and atmospheric studies in the North Atlantic and Arctic regions. The website presents comprehensive information about ongoing research projects, publications, and organizational structure, targeting researchers, students, and stakeholders interested in climate and environmental sciences. The business model focuses on scientific research, data provision, and collaboration within the climate science community. Technically, the website is built on WordPress with modern plugins for SEO and multilingual support, delivering a moderate performance and good mobile optimization. However, the site lacks a valid SSL certificate, which critically impacts its security posture. The absence of HTTPS and security headers exposes the site to potential risks. Privacy compliance is weak due to missing privacy and cookie policies. Security evaluation reveals significant vulnerabilities, including invalid SSL, disabled TLS protocols, and missing security headers. These issues reduce trust and expose users to risks. The domain is mature and consistent with the organization's profile, enhancing business credibility despite technical shortcomings. Overall, the site is professionally designed with good content quality but requires urgent security improvements to protect users and comply with privacy regulations. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, implementing security headers, and publishing privacy and cookie policies.

N

Norsk Polarinstitutt

npolar.no

0

Norsk Polarinstitutt is a Norwegian government research institute specializing in scientific knowledge and advisory services related to the Arctic and Antarctic regions. The organization operates research programs, logistics, and manages research stations and vessels. The website reflects a mature and established institution with a clear focus on polar science and environmental monitoring. The target audience includes Norwegian authorities, researchers, and the public interested in polar topics. Technically, the site is built on WordPress using the Enfold theme, with a moderate level of digital maturity but suffers from slow performance and an invalid SSL certificate, which impacts security and user trust. Security posture is weak due to the lack of a valid SSL certificate and disabled TLS protocols, although cookie consent and privacy policies are properly implemented, indicating good privacy compliance. Overall, the site is professional and trustworthy but requires urgent security improvements to meet modern standards.