Security Directory

A

add enterprise

addenterprise.com

0

add enterprise is a Saudi Arabia-based event planning and management company specializing in creating immersive and memorable experiences. Established in 2014, the company serves a broad audience including public and private entities across 18 countries and 4 continents. Their services encompass creative planning, production, design, operations, digital innovation, and integrated event management. The website demonstrates a professional digital presence with a modern tech stack based on Next.js and React, offering good mobile optimization and user experience. Security posture is moderate with HTTPS enabled and domain protection statuses, but lacks DNSSEC and explicit security policies. Privacy compliance is basic with privacy and cookie policies present but no active consent mechanisms. Overall, the site is trustworthy and well-positioned in its market segment.

ش

شركة رابط التواصل للخدمات التسويقية

bind.sa

0

Bind is a Saudi Arabia-based marketing communications company specializing in strategic communication, media, public relations, digital marketing, creative services, and production. The company targets brands and businesses seeking integrated marketing solutions to connect with their audiences effectively. The website presents a professional image with clear branding and showcases notable clients, indicating a solid market position in the regional media sector. Technically, the site uses modern JavaScript frameworks including Vue.js with inertia.js, and Laravel Nova for backend administration, supported by Google Tag Manager for analytics. Performance and mobile optimization are good, though accessibility features are basic. Security posture is strong with HTTPS enforced and no exposed sensitive data, but lacks some security headers and explicit incident response information. Privacy compliance is partial with privacy and cookie policies present but no active consent mechanism. Overall, the domain registration aligns with the business, though WHOIS data is incomplete, slightly reducing trust confidence.

ش

شركة ذرى للتمويل الجماعي بالدين

tharaco.sa

0

شركة ذرى للتمويل الجماعي بالدين operates a Sharia-compliant crowdfunding platform specializing in real estate financing within Saudi Arabia. The company is licensed and regulated by the Saudi Central Bank (SAMA), positioning it as a trustworthy player in the Saudi financial and real estate markets. Their platform connects individual and institutional investors with real estate development projects, offering investment opportunities with competitive returns. The website is professionally designed, content-rich, and targets investors and developers seeking compliant financing solutions.

E

EZEXPO

ezexpo.com

0

EZEXPO is a Saudi Arabia-based company specializing in event furniture rental and expo setup solutions. The website presents a professional e-commerce platform offering various furniture rental packages tailored for exhibitions and events. The company targets event organizers and businesses requiring comprehensive expo setups. Technically, the site is built on modern frameworks such as Next.js and React, integrating popular analytics and marketing tools like Google Analytics, Facebook Pixel, Hotjar, and Weglot for multilingual support. Security posture is generally good with HTTPS enforced, but lacks some security headers and formal vulnerability disclosure mechanisms. Privacy compliance is basic with a privacy policy and terms of service present but no explicit cookie consent mechanism. Overall, the site is well-designed, mobile-optimized, and trustworthy, though the absence of WHOIS registration data raises some concerns about domain legitimacy. Strategic recommendations include enhancing security headers, implementing cookie consent, and establishing a vulnerability disclosure policy.

A

Art Jameel

hayyjameel.org

0

Hayy Jameel is a prominent arts complex and creative hub located in Jeddah, Saudi Arabia, developed and managed by Art Jameel. The organization focuses on fostering culture-oriented communities by hosting exhibitions, cinema events, learning programs, residencies, and cultural festivals. The website reflects a well-established non-profit entity with a clear mission to promote arts and culture in the region. Technically, the site is built on WordPress with modern frameworks and libraries, ensuring good performance, mobile optimization, and SEO compliance. Security posture is solid with HTTPS enforcement and domain locking, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is basic, with cookie and terms of use policies present but lacking consent mechanisms. Overall, the site is professional, trustworthy, and serves its target audience effectively.

Community Jameel is a well-established global non-profit organization focused on advancing science, education, and community development. Founded in 2003, it continues the philanthropic legacy of the Jameel family of Saudi Arabia. The organization operates various programs in partnership with academic institutions such as MIT and J-PAL, targeting social impact through scholarships, research, arts, health, and climate initiatives. The website reflects a professional and comprehensive digital presence with clear navigation and rich content tailored to a global audience interested in philanthropy and social development. Technically, the website is built on modern frameworks like Next.js and React, ensuring fast performance and excellent mobile optimization. It employs best practices in web development, including the use of security headers and HTTPS, contributing to a strong security posture. Privacy and cookie policies are clearly stated with consent mechanisms, indicating good compliance with GDPR and related regulations. Security-wise, the site demonstrates a mature posture with no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policy pages and incident response contacts, which could enhance trust and preparedness. The absence of WHOIS data due to privacy protection is typical for non-profits and does not detract from the site's legitimacy given its affiliations and professional presentation. Overall, Community Jameel's website is a trustworthy, well-maintained platform that effectively communicates its mission and programs while adhering to modern technical and privacy standards. Strategic improvements in security transparency and contact information could further strengthen its credibility and user trust.

ه

هيئة الإذاعة والتلفزيون

sba.sa

0

The website https://sba.sa/ar represents the official Saudi Broadcasting Authority (هيئة الإذاعة والتلفزيون), a leading government media entity in Saudi Arabia. It provides a comprehensive media platform including television, radio, and digital content services, targeting a broad general audience within Saudi Arabia. The site is professionally designed using Drupal CMS and modern web technologies, offering good mobile optimization and user experience. Social media integration is strong with official accounts on major platforms. Technically, the site employs HTTPS with DNSSEC enabled, indicating a secure DNS setup, though explicit security headers are missing. Privacy and cookie policies are not visibly present, which is a compliance gap. Contact information is not explicitly provided on the site, limiting direct user engagement channels. Overall, the domain registration aligns with the official entity, supporting legitimacy. The site is safe for general audiences with no adult or questionable content detected.

K

King Abdulaziz Center for World Culture (Ithra)

ithra.com

0

The King Abdulaziz Center for World Culture (Ithra) is a prominent cultural and educational institution in Saudi Arabia dedicated to fostering creativity, inspiration, and talent development. The website serves as a comprehensive portal for visitors, members, and the general public, offering information on programs, events, and cultural attractions. The organization holds a strong market position as a leading cultural center with government backing and a large audience reach. Technically, the website employs a modern technology stack including Concrete5 CMS, jQuery, Select2, and various analytics and tracking tools such as Google Tag Manager, TikTok Pixel, and Microsoft Clarity. The site is mobile-optimized and integrates app presence on major platforms, indicating digital maturity. Performance is moderate with good SEO and accessibility features. From a security perspective, the site uses HTTPS and implements several best practices, though explicit security headers and policies are not fully documented. No critical vulnerabilities were detected in the content analysis, but the absence of a security policy, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement. Overall, the website is professional, trustworthy, and content-rich, but the lack of WHOIS transparency and some security documentation lowers the trust score. Strategic recommendations include enhancing domain registration transparency, publishing security policies, and improving accessibility compliance.

C

Cultural Investment Conference

culturalinvestmentconference.com

0

The Cultural Investment Conference website represents a professional event platform focused on unlocking investment opportunities in the cultural sector, with a strong emphasis on Saudi Arabia's cultural initiatives. The site features detailed information about the conference, including dates, location, speakers, partners, themes, and FAQs, targeting institutional investors, government leaders, cultural entrepreneurs, and NGOs. The business model centers on facilitating networking, knowledge sharing, and partnership building within the cultural investment ecosystem. Technically, the website employs modern web technologies such as Bootstrap, jQuery, Slick Carousel, and analytics tools like Microsoft Clarity and Google Tag Manager. The site is mobile-optimized with good design quality and clear navigation, although accessibility features could be improved. Hosting is via GoDaddy, and the site uses HTTPS with secure forms. From a security perspective, the site demonstrates good practices with HTTPS and CSRF protection on forms but lacks published security policies, incident response information, and security headers. The WHOIS data shows an anomalous future domain creation date, which reduces trustworthiness despite the professional content. No WAF or blocking mechanisms were detected, and no adult or questionable content is present. Overall, the site is credible and professional but should address privacy compliance gaps and WHOIS data inconsistencies to improve trust and security posture.

A

adidas Saudi Arabia

adidas.sa

0

The adidas Saudi Arabia website serves as the official regional online store for adidas, offering a wide range of sportswear, shoes, and accessories tailored to the Saudi Arabian market. The site is well-branded, professionally designed, and provides localized services such as next-day delivery in Riyadh and a welcome discount offer. Technically, the site leverages Salesforce Commerce Cloud, Global-e for international e-commerce, and advanced monitoring and security tools including Google reCAPTCHA Enterprise and Instana. Security posture is strong with HTTPS, security headers, and bot protection in place. Privacy and cookie policies are present and indicate GDPR compliance, although explicit data protection officer contacts and incident response policies are not found. The absence of WHOIS data for the domain is noted but likely due to SaudiNIC domain registration policies rather than a legitimacy concern. Overall, the site demonstrates a mature e-commerce platform with good security and privacy practices, suitable for a large retail brand.

R

Royal Commission for AlUla

experiencealula.com

0

ExperienceAlUla.com is the official travel guide website for AlUla, Saudi Arabia, managed by the Royal Commission for AlUla. The site provides comprehensive information about the region's ancient heritage, cultural events, adventure activities, and wellness offerings, targeting tourists and cultural enthusiasts globally. It serves as a government-backed platform to promote tourism and facilitate bookings for various experiences in AlUla. Technically, the website is built on Adobe Experience Manager, leveraging modern web technologies including Google Tag Manager, Branch.io, and Cloudflare for bot management. It is well-optimized for mobile devices and incorporates extensive analytics and marketing tools to enhance user engagement and track performance. Security-wise, the site enforces HTTPS, uses Content Security Policy headers, and implements cookie consent mechanisms, reflecting a mature security posture. However, it lacks some additional security headers and publicly available security policies or incident response information. The absence of WHOIS registration data for the domain is a notable anomaly, potentially due to privacy protection or data unavailability, which slightly impacts trustworthiness. Overall, the website is professional, secure, and compliant with privacy regulations, making it a reliable source for travelers interested in AlUla.

P

Panattoni Development Europe sp .z o.o.

panattoni.sa

0

Panattoni Development Europe sp .z o.o. is a leading global industrial real estate developer, recognized as the largest logistics developer in Europe since 2017. The company has expanded its operations to the Middle East, establishing a presence in Riyadh, Saudi Arabia. Their business model focuses on development, capital deployment, and providing comprehensive real estate services with a strong emphasis on sustainability and green-certified industrial spaces. The website reflects a professional and well-structured digital presence, targeting investors and industrial real estate clients with clear navigation and rich content.

T

Tamara Finance Company

tamara.co

0

Tamara Finance Company operates a leading Buy Now Pay Later (BNPL) platform in the GCC region, primarily serving Saudi Arabia, UAE, Kuwait, and Bahrain. The company offers flexible payment solutions allowing consumers to split purchases into up to 24 months with no late fees, emphasizing Shariah compliance to align with regional financial ethics. Their business model targets both personal consumers and merchants, providing payment solutions that enhance sales conversion and customer loyalty. The website reflects a mature digital presence with multi-language support and extensive merchant partnerships.

T

Tahaluf

tahaluf.com

0

Tahaluf is a strategic joint venture focused on bringing world-class events to Saudi Arabia, supporting the Kingdom's Vision 2030 goals of economic diversification and global positioning as an events hub. The company is backed by Informa PLC, the Saudi Federation for Cyber Security, Programming and Drones, and the Events Investment Fund. Their portfolio spans technology, real estate, food, and more, targeting global industries and investors. The website reflects a mature digital presence built on Drupal 10 with modern UI libraries and integrated consent management, indicating a commitment to privacy and user experience. Security posture is solid with HTTPS and domain locking, though DNSSEC is not enabled and no explicit security policies are published. Overall, the site is professional, trustworthy, and well-branded, with room for improvement in contact transparency and SEO.

M

Money20/20 Middle East

money2020middleeast.com

0

Money20/20 Middle East is a premier fintech conference and exhibition platform focused on the Middle East financial technology ecosystem. It connects a broad audience including banks, fintech startups, investors, regulators, and Big Tech to foster innovation, networking, and deal-making. The event is positioned as the region's leading fintech gathering with a large scale and professional organization backed by Informa Markets. The website is built on Drupal 10, leveraging modern web technologies and analytics tools, and is optimized for mobile and accessibility. Privacy and cookie policies are present with consent management, reflecting good compliance practices. Security posture is solid with HTTPS and domain protections, though DNSSEC and security headers could be improved. Overall, the domain registration and website content are consistent and trustworthy, supporting a high legitimacy score.

S

Schindler Olayan Elevator Co.Ltd

schindler.sa

0

Schindler Olayan Elevator Co.Ltd operates a professional and comprehensive website dedicated to the manufacturing, installation, maintenance, and modernization of elevators, escalators, and moving walks in Saudi Arabia. The company leverages the global Schindler Group brand and provides detailed product information, services, and career opportunities tailored to the Saudi market. The website demonstrates a mature digital presence with modern technologies such as Adobe Experience Manager and HubSpot integrations, ensuring a seamless user experience and effective marketing analytics. Security posture is strong with a strict Content Security Policy and HTTPS enforcement, though some minor improvements in security headers could be made. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the website reflects a trustworthy and established business entity with a high level of professionalism and technical sophistication.

D

DUXIANA

duxiana.sa

0

DUXIANA is a premium retail company specializing in luxury beds and furniture, with a heritage dating back to 1926. The website targets a general audience in Saudi Arabia and offers a multilingual experience primarily in Arabic with English support. The business model focuses on retail sales of high-quality beds, bedding accessories, and furniture, positioning itself as a leader in comfort and innovation in the bedding industry. The website content is professionally designed, well-structured, and includes rich media and product information to engage visitors. Technically, the website employs modern web technologies including Google Tag Manager, Azure Application Insights for monitoring, and Cookietractor for cookie consent management. It uses HTTPS with secure cookie flags and demonstrates good mobile optimization and accessibility features. The CMS appears to be Episerver, indicating a robust content management infrastructure. SEO is enhanced by structured data and proper meta tags. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks visible security headers and explicit privacy or terms of service pages. No WHOIS data is available for the domain, which raises some concerns about domain registration transparency. No vulnerability disclosure or incident response policies are published, which could be improved to enhance trust. Overall, the website presents a professional and trustworthy front for a luxury retail business but would benefit from improved transparency in privacy policies, terms of service, and domain registration information to strengthen compliance and trustworthiness.

ج

جاكوار السعودية

jaguar-saudi.com

0

The website www.jaguar-saudi.com/ar/ represents the Jaguar brand localized for the Saudi Arabian market, providing Arabic language content focused on luxury automotive sales and brand engagement. The site emphasizes Jaguar's heritage since 1935 and positions itself as a premium automotive retailer with a progressive innovation mindset. The technical infrastructure leverages modern JavaScript frameworks such as Nuxt.js and integrates multiple marketing and analytics tools including Google Tag Manager, Microsoft Clarity, Facebook Pixel, and Twitter tracking. Performance and mobile optimization are good, though accessibility features are basic. Security posture is solid with HTTPS enabled and no exposed sensitive data, but lacks comprehensive security headers and visible privacy or cookie policies. The absence of WHOIS data reduces domain trustworthiness, though the website content and branding align with Jaguar's global presence. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

ل

لاند روڤر السعودية

landrover-saudi.com

0

The website www.landrover-saudi.com is a professionally designed, Arabic-language portal representing the Land Rover brand in Saudi Arabia. It focuses on showcasing luxury SUVs such as Range Rover, Discovery, and Defender, targeting general consumers interested in premium automotive products. The site leverages modern web technologies including Nuxt.js and Vue.js, ensuring good mobile optimization and user experience. While SSL is properly configured, the site lacks explicit privacy, cookie, and terms of service policies, which are critical for compliance and user trust. Contact mechanisms are primarily via forms, with no direct emails or phone numbers visible. The brand presence is consistent and trustworthy, supported by structured data and official logos.

الأول للاستثمار (SAB Invest) is a prominent Saudi financial services company specializing in brokerage, asset management, global investment solutions, and wealth management. The company targets individual and institutional investors primarily within Saudi Arabia and the Gulf region, offering a comprehensive suite of investment products and services. The website reflects a mature digital presence with a professional design and clear navigation tailored for Arabic-speaking users. The business is positioned as a leading player in the Saudi financial market with strong brand consistency and trust indicators such as awards and long domain registration.

S

SAB

sab.com

0

SAB is a major Saudi Arabian bank providing a comprehensive range of personal, SME, and corporate banking services including accounts, loans, credit cards, and wealth management. The website is professionally designed and targets personal banking customers primarily in Saudi Arabia. The digital infrastructure leverages Adobe Experience Manager CMS and integrates modern analytics and tracking tools such as Google Analytics, Hotjar, and ContentSquare, indicating a mature digital presence. Security posture is strong with HTTPS enforced and secure login portals, though explicit security headers and incident response policies are not visible. The absence of WHOIS data reduces domain trustworthiness but the website content and branding strongly support legitimacy. Privacy and cookie policies are not explicitly found in the provided content, suggesting room for improvement in compliance transparency.

A

almosafer

almosafer.com

0

Almosafer is a leading online travel agency primarily serving Saudi Arabia, offering a comprehensive platform for booking flights, hotels, activities, and airline tickets. The company positions itself as Saudi's number one travel company with a vast inventory of over 500,000 hotels worldwide and partnerships with more than 450 airlines. The website is designed to cater to travelers seeking convenient and reliable travel booking services, featuring user reviews and 24/7 customer support with flexible payment options such as 'Book Now, Pay Later'. Technically, the website leverages modern web technologies including React and Next.js frameworks, along with Material-UI for UI components. It integrates multiple analytics and marketing tools such as Amplitude, TikTok Pixel, Google Tag Manager, Facebook Pixel, Bing Ads, AppsFlyer, and MoEngage, indicating a mature digital marketing and analytics infrastructure. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. From a security perspective, the site uses HTTPS with strong SSL configuration and employs modern JavaScript libraries. However, explicit security headers are not evident in the provided data, and there is no visible privacy or cookie policy, which are important for compliance and user trust. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data for the subdomain is unavailable, which is typical and not suspicious for subdomains. Overall, Almosafer presents a professional and trustworthy online travel service with a strong market presence in Saudi Arabia. To enhance security posture and compliance, it is recommended to implement comprehensive privacy and cookie policies, publish security incident response and vulnerability disclosure information, and provide clear contact details for users and security concerns.

Hilti Saudi Arabia operates as a regional branch of the global Hilti brand, specializing in manufacturing and supplying power tools, fasteners, and construction-related software and services. The website targets construction professionals and businesses, offering a comprehensive portfolio of products and services tailored to the construction industry. The digital infrastructure is built on Adobe Experience Manager with Angular framework, integrating modern analytics and consent management tools to ensure compliance and user experience. Security posture is solid with HTTPS and consent mechanisms, though some security best practices like explicit security headers and incident response contacts could be improved. The absence of WHOIS data slightly impacts trust but the overall brand presence and content quality indicate a legitimate and professional operation.

O

orangc

orangc.net

0

The website orangc.net is a personal portfolio and project showcase for an individual developer named orangc, based in Riyadh, Saudi Arabia. The site highlights open source projects, personal notes, and social media presence, targeting a general audience interested in technology and open source software. The business model is that of a personal brand and developer portfolio with a small scale and focused content. Technically, the site is well implemented using modern web technologies, hosted on Cloudflare Pages, and optimized for performance and mobile devices. Security posture is good with HTTPS enforced and domain transfer protection enabled, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional but could improve compliance and security practices. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, and implementing security headers to enhance security and compliance.

Nintendo Saudi Arabia operates an official localized website serving as the regional distributor and retailer for Nintendo products including consoles, accessories, and games. The website targets Nintendo players and consumers within Saudi Arabia, offering support services such as manuals, repair centers, and return policies. The business model focuses on retail and customer support, positioning Nintendo Saudi as the official regional presence for the brand. Technically, the website is built on the Odoo CMS platform with modern frameworks like Bootstrap and integrates Google Analytics and Tag Manager for tracking. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is generally good with HTTPS enforced and CSRF tokens implemented; however, the absence of security headers and cookie consent mechanisms indicates room for improvement. The lack of WHOIS data for the domain reduces trustworthiness from a domain registration perspective, though the website content and branding strongly suggest legitimacy. Overall, the website is functional, professional, and safe for general audiences, but should enhance privacy compliance and security best practices to strengthen trust and regulatory adherence.

ج

جيه إل إل

jll-ksa.com

0

The website www.jll-ksa.com represents the Saudi Arabian regional presence of JLL, a global real estate consulting firm. The site offers a comprehensive range of real estate services including property search, investment, portfolio management, technology-driven transformation, and project delivery. The content is professionally presented in Arabic, targeting corporate clients and investors in Saudi Arabia. Technically, the site is built on Adobe Experience Manager, integrates Brightcove for video content, and uses OneTrust for cookie consent, reflecting a mature digital infrastructure. Security posture is generally good with HTTPS and domain verifications, but lacks explicit security headers and published privacy or terms policies. WHOIS data is missing or not publicly available, which raises concerns about domain registration transparency. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security disclosures.

T

The Boeing Company

boeing.sa

0

The Boeing Saudi Arabia website represents the regional presence of The Boeing Company, a global aerospace leader. The site highlights Boeing's historic and ongoing partnership with Saudi Arabia, emphasizing aerospace sector involvement and joint ventures. The content is professionally presented with consistent branding and multimedia elements, targeting business partners and aerospace stakeholders. Technically, the site is built on Adobe Experience Manager with integrated Brightcove video and Google Tag Manager for analytics. Security posture is moderate with HTTPS implied but lacking visible security headers and explicit privacy or cookie policies. WHOIS data for the domain is missing, which raises minor trust concerns despite the site's professional appearance. Overall, the site is a credible corporate regional site but would benefit from enhanced transparency in privacy and security disclosures.

G

Gerflor Middle East

gerflorme.com

0

Gerflor Middle East is a well-established joint venture specializing in manufacturing and supplying high-quality vinyl and other flooring solutions across multiple sectors including healthcare, education, sports, and hospitality. The company leverages a professional Drupal-based website with modern technologies and strong branding to serve a B2B audience in the Middle East. The website demonstrates good technical maturity with HTTPS, security headers, and privacy compliance, including cookie consent mechanisms. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which should be further investigated. No explicit security or incident response policies are published, representing an area for improvement. Overall, the digital presence is professional and trustworthy, supporting the company’s market position as a leading flooring solutions provider in the region.

A

Amazon

amazon.sa

0

Amazon.sa is the localized e-commerce platform of Amazon serving the Saudi Arabian market. It offers a wide range of products including electronics, fashion, groceries, and more, with services such as fast shipping, cash on delivery, and Amazon Prime membership. The website reflects Amazon's global brand identity and market leadership in online retail. Technically, the site uses Amazon's proprietary UI framework along with modern web technologies to deliver a fast, responsive, and accessible user experience. Security is robust with HTTPS enforced and multiple security headers present, although explicit privacy and cookie policies were not found in the provided content. Overall, the site is a professional, enterprise-grade e-commerce platform with strong trust signals and a mature technical infrastructure.

D

Daikin

daikin-ksa.com

0

Daikin KSA website represents a leading HVAC and air purification brand targeting the Middle East and Africa region, specifically Saudi Arabia. The site offers comprehensive product information, virtual showroom experiences, and emphasizes energy efficiency and comfort. The technical infrastructure is modern, leveraging Adobe Experience Manager CMS, Matomo analytics, and Google Tag Manager, ensuring a responsive and accessible user experience. Security posture is solid with HTTPS and no exposed sensitive data, though security headers and incident response information are not explicitly published. Privacy and cookie policies are present with consent mechanisms, indicating good compliance practices. However, WHOIS data is unavailable, which is unusual but the website content and branding strongly support legitimacy. Overall, the site is professional, trustworthy, and well-optimized for its audience.

W

Whirlpool

whirlpool.sa

0

Whirlpool Saudi Arabia operates as the regional presence of the global Whirlpool Corporation, offering a comprehensive range of home appliances tailored to the Saudi market. The website serves as a product catalog, customer support portal, and brand engagement platform targeting consumers in Saudi Arabia. The business model focuses on retail and customer service, leveraging digital channels to enhance user experience and brand loyalty. Whirlpool holds a strong market position as a leading appliance manufacturer with localized offerings and support. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager for marketing and analytics, and OneTrust for privacy compliance. The site is built on a responsive design framework (Foundation CSS) ensuring good mobile optimization and moderate performance. Integration with New Relic indicates active performance monitoring. The technical infrastructure reflects a mature digital presence with room for improvements in accessibility and CMS transparency. From a security perspective, the site enforces HTTPS and includes standard security headers, indicating a good baseline security posture. Cookie consent and privacy policies are implemented comprehensively, reflecting GDPR compliance efforts. However, the absence of a public security policy, incident response contacts, and vulnerability disclosure mechanisms suggests areas for enhancement. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, Whirlpool Saudi Arabia's website demonstrates a professional, secure, and privacy-conscious digital presence aligned with its brand stature. Strategic improvements in security transparency and accessibility could further strengthen trust and compliance. The domain's privacy-protected WHOIS data is consistent with corporate privacy practices and does not raise legitimacy concerns.

Aramco is a globally recognized leader in the energy sector, specializing in integrated oil, gas, and chemicals production and supply. The company operates at an enterprise scale with a strong market position and a comprehensive portfolio of services that support global energy demands. Their website reflects a mature digital presence with professional branding, extensive content, and a focus on corporate values and sustainability. Technically, the site employs modern web technologies including React, Google Tag Manager, and multiple analytics and tracking tools, hosted likely on Akamai's infrastructure, ensuring fast performance and mobile optimization. Security-wise, Aramco demonstrates a strong posture with HTTPS enforcement, comprehensive security headers, and adherence to best practices, although the absence of a security.txt file suggests room for improvement in vulnerability disclosure transparency. Overall, the site is trustworthy, well-maintained, and compliant with privacy regulations, supporting a positive risk profile for users and partners.

Biogen is a globally recognized biotechnology company specializing in innovative therapies for complex neurological and rare diseases. The Saudi Arabia localized website reflects the company's commitment to serving regional audiences with tailored content and resources. The site highlights Biogen's leadership in treatments for multiple sclerosis, spinal muscular atrophy, and Alzheimer's disease, positioning it as a key player in the healthcare sector. Technically, the website leverages Adobe Experience Manager CMS, integrates modern analytics and consent management tools, and demonstrates good mobile optimization and user experience. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though lacks published security policies and incident response contacts. The absence of WHOIS registration data is a notable concern, suggesting the need for further domain legitimacy verification. Overall, the website is professional, content-rich, and trustworthy, serving its target audience effectively while maintaining compliance with privacy regulations.

ج

جيديا للتقنية

geidea.net

0

جيديا للتقنية هي شركة رائدة في مجال حلول الدفع الإلكتروني ونقاط البيع في المملكة العربية السعودية، تقدم خدمات متكاملة تشمل أجهزة نقاط البيع، المدفوعات عبر الإنترنت، وحلول نقاط البيع للمطاعم. تتمتع الشركة بحصة سوقية كبيرة في السعودية وتقدم خدماتها لأكثر من 150,000 تاجر مع أكثر من 5 ملايين عملية مالية يومياً. الموقع الإلكتروني يعكس تركيز الشركة على السوق السعودي ويقدم محتوى غني ومتنوع باللغة العربية مع دعم للغة الإنجليزية. من الناحية التقنية، يستخدم الموقع تقنيات حديثة مثل Bootstrap وjQuery مع تكامل أدوات تتبع وتحليل مثل Google Tag Manager وFacebook Pixel. من حيث الأمن، الموقع يستخدم HTTPS بشكل كامل ويطبق ممارسات أمان أساسية، لكنه يفتقر إلى بعض السياسات الأمنية المنشورة مثل سياسة الأمان أو سياسة الحوادث. لا توجد سياسات خصوصية أو ملفات تعريف ارتباط واضحة، مما يشير إلى فجوات في الامتثال للخصوصية. من ناحية أخرى، وجود شهادات معتمدة وترخيص من البنك المركزي السعودي يعزز من مصداقية الشركة. التقييم العام للموقع جيد مع نقاط قوة في المحتوى والموثوقية، لكن هناك مجال لتحسين الامتثال للخصوصية وتعزيز ممارسات الأمان التقنية. التوصيات الاستراتيجية تشمل نشر سياسات الخصوصية والكوكيز، تحسين رؤوس الأمان، وتوفير قنوات اتصال للحوادث الأمنية.

M

MBC GROUP

mbc.net

0

MBC GROUP is a leading media company in the Middle East and North Africa, operating a broad portfolio of free-to-air satellite TV channels, radio stations, and digital platforms. The company targets diverse audiences across the MENA region with content ranging from family entertainment to youth-focused music channels. The website reflects a mature digital presence with modern technologies such as Next.js and Google Tag Manager, delivering fast and mobile-optimized user experiences. Security posture is strong with HTTPS and standard security practices, though explicit security policies and cookie consent mechanisms are absent. Overall, the site demonstrates high professionalism and trustworthiness, supporting MBC GROUP's market leadership.

K

Khyrat Alsharq Holding Company

kasco.com.sa

0

Khyrat Alsharq Holding Company operates as a diversified holding company in Saudi Arabia with subsidiaries in education, health care, energy, food supply, and training sectors. The website titled 'KASCO' presents the company as a regional player emphasizing integration, quality, leadership, and trust. The digital presence includes social media links and multimedia content but lacks modern security and privacy features. Technically, the site uses older JavaScript libraries and deprecated Flash content, indicating a need for modernization. Security posture is weak due to absence of HTTPS enforcement and security headers, and no privacy or cookie policies are present, exposing compliance risks. Overall, the site is functional but requires significant improvements in security, privacy, and technical modernization to meet current standards.

ش

شركة قو للاتصالات

go.com.sa

0

GO Telecom is a telecommunications company based in Saudi Arabia, offering high-speed internet services including fiber and fixed wireless internet, along with digital services such as quick payment and order tracking. The company targets individual consumers and businesses within the Saudi market, positioning itself as a competitive local provider with a focus on modern connectivity solutions. Technically, the website is built on a modern Angular framework with Bootstrap for responsive design, integrating Google Tag Manager and Analytics for marketing and tracking purposes. Security-wise, the site enforces HTTPS and uses some security best practices but lacks a fully implemented Content-Security-Policy and does not provide explicit vulnerability disclosure or incident response information. Overall, the website is professional, user-friendly, and trustworthy, though improvements in privacy compliance and security headers are recommended.

Khafji Joint Operations is an enterprise-level energy sector company operating in Saudi Arabia, likely focused on oil and gas joint operations. The website is built on SAP Enterprise Portal technology with a Java 6.0 backend and serves as a corporate portal. The site content is minimal and primarily technical, embedding the main content via an iframe. There is a lack of publicly accessible business and contact information, and no privacy or cookie policies are present. Technically, the site lacks HTTPS and security headers, which poses security risks. The overall digital maturity appears basic with room for improvement in security, privacy compliance, and user experience.

ج

جامعة الملك سعود

ksu.edu.sa

0

King Saud University is a large, well-established academic institution in Saudi Arabia, founded in 1957. It offers comprehensive educational and research services and holds a strong market position as one of the largest universities globally by area. The website is built on Drupal 9 with modern frontend technologies and provides rich content primarily in Arabic with English support. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security flaw that undermines user trust and data protection. Privacy and cookie policies are present, but no explicit security or incident response policies were found. The university maintains a strong digital presence with official social media channels and mobile applications. Overall, the website is professional and content-rich but requires urgent security improvements to meet modern standards.

S

SABIC

sabic.com

0

SABIC is a large multinational petrochemical company headquartered in Saudi Arabia, specializing in manufacturing and supplying polymers, chemicals, specialties, and agri-nutrients. The website reflects a mature enterprise with a comprehensive digital presence targeting industrial customers, investors, and job seekers. The content is professionally presented with clear navigation and consistent branding. Technically, the site uses ASP.NET technology with modern JavaScript libraries and Google Tag Manager for analytics and marketing. However, the SSL/TLS configuration is critically flawed with no valid certificate and no TLS protocols enabled, severely impacting security posture. Privacy compliance is strong with clear policies and cookie consent mechanisms. Overall, the site is trustworthy and professional but requires urgent remediation of HTTPS and SSL issues to ensure secure user interactions.

A

Anel Arabian company

anelarabia.com

0

Anel Arabian company is a Saudi-based business specializing in information and communication technologies and electromechanical technology services. Established in 2010, it positions itself as a leader in the Saudi market with a focus on leveraging local talent to meet customer needs. The website content is bilingual, targeting Arabic and English-speaking audiences, and is hosted on the Weebly platform with basic design and navigation features. However, the site lacks critical contact information and formal policies, which limits user trust and engagement. Technically, the website runs on an nginx server with jQuery and Weebly's platform scripts. Hosting is provided by Hostmonster. The site suffers from poor performance metrics, no mobile optimization beyond basic, and minimal SEO and accessibility features. Importantly, the site does not have a valid SSL certificate, resulting in no HTTPS support, which severely impacts security and user trust. From a security perspective, the absence of HTTPS, lack of security headers, and missing compliance policies such as privacy and cookie policies indicate a low security maturity level. No incident response or vulnerability disclosure information is provided. Analytics tools like Google Analytics and Snowplow are used, but no cookie consent mechanism is implemented, raising privacy compliance concerns. Overall, the website presents a basic online presence for the company but requires significant improvements in security, privacy compliance, and user engagement features to enhance trustworthiness and professionalism.

The General Authority of Civil Aviation (GACA) is the official Saudi government entity responsible for civil aviation regulation and services. The website serves as a comprehensive platform offering information on aviation policies, passenger rights, safety reporting, and electronic services. It targets citizens, travelers, and aviation stakeholders within Saudi Arabia, positioning itself as the national authority in the transportation sector. The site features a professional design with consistent branding and a strong social media presence, enhancing trust and engagement. Technically, the website employs modern web technologies including Bootstrap, jQuery, and Swiper.js, and is likely powered by the Sitecore CMS. Accessibility and digital experience tools are integrated, though performance is hindered by slow load times and a large page size. The SSL/TLS configuration is currently invalid or missing, which significantly impacts the security posture. Security-wise, the site lacks a valid HTTPS certificate and security headers, which are critical for protecting user data and ensuring secure communications. No explicit incident response or vulnerability disclosure mechanisms are evident. Privacy and cookie policies exist but are basic, with limited GDPR compliance indicators. The domain registration aligns with the Saudi government entity, supporting legitimacy. Overall, the website is functional and professional but requires urgent improvements in security configuration and performance optimization to enhance user trust and compliance with modern standards.