Security Directory

B

BHD studio – Architecture and design

bhd.rs

0

BHD studio is a Serbian-based creative design studio specializing in interior and exterior design as well as 360° virtual and VR tours for commercial and private spaces. The company targets clients seeking high-quality, functional, and visually appealing space designs, leveraging modern visualization technologies to enhance presentation and marketing. Their market position is that of a specialized boutique studio with a focus on immersive virtual experiences. Technically, the website is built on WordPress with Elementor, employing modern web technologies and image optimization for moderate performance and good mobile responsiveness. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies, indicating room for compliance improvement. Contact information is clearly presented, supporting business credibility. Overall, the website is professional and functional but would benefit from enhanced privacy compliance and security hardening.

M

Masterplast YU doo

masterplast.rs

0

Masterplast YU doo is a Serbian-based manufacturing company specializing in thermal insulation, roofing membranes, and dry construction systems. Established in 1997, it has grown into a leading regional producer and distributor of building insulation materials, serving primarily B2B customers such as construction firms and distributors. The company holds ISO and TUV certifications, reinforcing its commitment to quality. The website reflects a professional digital presence with clear navigation, localized content, and integration of modern web technologies including WordPress, Vue.js, and Google services. The site is well-optimized for SEO and mobile devices, providing comprehensive product and contact information. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though explicit security policies and incident response information are absent. Privacy compliance is addressed with a cookie consent banner and a privacy policy page, indicating awareness of GDPR requirements. Overall, the website supports the company's market position as a reputable and established player in the manufacturing sector.

The website duskavrhovac.com serves as a personal and informational platform dedicated to the author Duška Vrhovac, offering multilingual content including biography, literary works, translations, interviews, and related materials. The site targets readers and literary enthusiasts interested in the author's work, operating as a small-scale, niche literary website without commercial e-commerce features. Technically, the site is built with basic HTML, CSS, and JavaScript, lacking modern frameworks or CMS integration. The design is dated, with limited mobile optimization and basic accessibility features. Security posture is weak, as the site is served over HTTP without HTTPS encryption, lacks security headers, and exposes a personal email address directly in the HTML. No privacy or cookie policies are present, indicating non-compliance with GDPR and related regulations. Visitor analytics are implemented via StatCounter, but user tracking is minimal. Overall, the site demonstrates moderate trustworthiness but requires significant improvements in security, privacy compliance, and technical modernization.

RCSRD d.o.o. is a Serbia-based technology company specializing in open-source software solutions, technical support, development, and education. Founded in 2007 through partnerships with industry leaders such as Red Hat and IBM, RCSRD serves a broad Southeast European market with enterprise-grade open-source products and services. The company maintains a medium-sized international team and subsidiaries in Vienna and Katowice, positioning itself as a regional leader in open-source innovation. Technically, the website is built on the Bitrix CMS platform, utilizing modern web technologies including jQuery, Bootstrap, and OwlCarousel. Google Tag Manager is employed for analytics and tracking. The site is mobile-optimized with good navigation and professional design, though accessibility and SEO optimizations are basic. Performance metrics are unavailable. From a security perspective, the website lacks HTTPS and SSL/TLS encryption, representing a critical vulnerability. While some security headers are present, the absence of encryption and modern TLS protocols significantly reduces the security posture. No privacy or cookie policies are found, indicating compliance gaps with GDPR and related regulations. Contact information is clearly provided, enhancing business credibility. Overall, the website demonstrates solid business credibility and content quality but suffers from critical security and privacy compliance issues. Strategic improvements in SSL implementation, privacy policy publication, and security best practices are recommended to enhance trust and protect user data.

SLOS is an enterprise software company specializing in open-source based software platforms designed for stability, security, and performance. Their product suite includes enterprise, virtualization, middleware, storage, cloud, application, container, and automation platforms targeting modern business needs. The company operates primarily from Serbia with subsidiaries in Vienna and Katowice. Technically, the website is built on Bitrix Site Manager CMS with common web technologies like jQuery and Bootstrap, but lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented but overall security posture is weak due to missing HTTPS and DNS security features. The website lacks privacy and cookie policies, impacting compliance and user trust. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security and compliance improvements.

The website srbijaupokretu.org is currently suspended and displays a hosting provider's suspension notice. No business or service information is available on the site, and it lacks any privacy, cookie, or terms of service policies. The only contact information present is a phone number for the hosting provider, AdriaHost. Technically, the site is served by an nginx server without SSL/TLS encryption, resulting in an insecure HTTP-only connection. No security headers or advanced security configurations are in place, and no analytics or tracking technologies are detected. The domain is registered and DNS configured properly but lacks DNSSEC and CAA records. Overall, the site is non-operational and presents significant security and compliance deficiencies.

G

GRAWE osiguranje a.d.o.

grawe.rs

0

GRAWE Srbija is a well-established insurance company operating in Serbia, offering a broad range of life and non-life insurance products including vehicle, property, and health-related insurance. The company is part of the larger GRAWE Group, which has a long tradition in the insurance sector. The website is professionally designed using TYPO3 CMS and integrates modern technologies such as Google Tag Manager and Cloudfront CDN. It provides clear navigation, comprehensive product information, and multiple contact channels including phone, email, and social media. Privacy and cookie policies are present and include consent mechanisms, indicating good compliance with GDPR requirements. However, the website suffers from a critical security issue: the SSL certificate is invalid or missing, resulting in HTTPS not being properly enabled. This significantly impacts the security posture and user trust. Security headers are well configured, but the lack of valid SSL and modern TLS protocols is a major vulnerability. No explicit security or incident response policies are published, and no vulnerability disclosure or security.txt files are found. Overall, the website is functional and credible but requires urgent remediation of SSL/TLS issues to improve security and trust.