Security Directory

I

Implenia AG

implenia.com

0

Implenia AG is a leading Swiss construction and real estate services company with a strong multinational presence, particularly in Switzerland and Germany. The company specializes in infrastructure, real estate development, and specialized construction services such as tunnel and civil engineering. The website reflects a mature business with comprehensive content targeting business clients, investors, and partners. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates consent management and analytics tools. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing the site to risks and undermining user trust. Security headers are partially implemented but insufficient without HTTPS. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high professionalism and business credibility but requires urgent security improvements to align with best practices.

G

Geberit Gruppe

geberit.com

0

Geberit Gruppe is a leading European manufacturer of sanitary products, recognized as a market leader with a comprehensive product portfolio including installation and flushing systems, piping systems, and bathroom systems. The company targets professionals in the sanitary industry, investors, media, and career seekers, emphasizing innovation, quality, and sustainability. The website reflects a mature digital presence with modern technologies such as React and Next.js, hosted on Microsoft Azure, and includes a consent management system for privacy compliance. Security headers are implemented; however, the SSL certificate is currently invalid, and no modern TLS protocols are enabled, which poses a security risk. Overall, the website is professional, well-structured, and trustworthy, but the SSL issues should be addressed promptly to enhance security and user trust.

S

Swissport International AG

swissport.com

0

Swissport International AG operates as a global leader in airport ground services and air cargo handling, serving 286 airports worldwide. The company offers a broad portfolio of services including passenger services, ramp handling, air cargo services, airport hospitality, and executive aviation. Swissport targets airlines, airport operators, and cargo handlers, positioning itself as a market leader with a comprehensive service offering and a strong global network. The website reflects a professional and consistent brand image with extensive content and media releases supporting its market presence. Technically, the site leverages modern technologies such as Cloudflare CDN, Cookiebot for consent management, Google Tag Manager, and social media integrations, hosted on a CMS platform identified as Ibexa DXP. However, the website's SSL certificate is invalid or missing, which is a critical security concern that impacts the overall security posture. Security headers are well configured, but the lack of valid HTTPS and TLS protocols reduces the security score significantly. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Business credibility is high, supported by trust indicators such as ISO 27001 certification and official social media presence. Overall, the website is functional and professional but requires urgent remediation of SSL/TLS issues to improve security and trust.

C

Clariant Ltd.

clariant.com

0

Clariant Ltd. is a leading global specialty chemicals company focused on delivering innovative and sustainable chemical solutions across multiple industries including energy, manufacturing, and plastics. The website reflects a mature enterprise with comprehensive content, strong branding, and a clear business model targeting industrial customers, investors, and job seekers. Technically, the site is built on a modern CMS platform (Sitecore) and integrates multiple marketing and analytics tools, demonstrating a high level of digital maturity. However, the absence of a valid SSL/TLS certificate and disabled TLS protocols represent a critical security weakness that undermines user trust and data protection. While security headers and privacy policies are well implemented, the lack of HTTPS significantly lowers the overall security posture. Strategic improvements in SSL deployment and enhanced incident response documentation would strengthen the site’s security and compliance standing.

Pilz GmbH & Co. KG is a leading international provider of automation technology, specializing in components, systems, and services for safe automation. The company targets industrial automation customers, machine builders, and safety engineers with a comprehensive portfolio including products, consulting, training, and support. The website reflects a professional and consistent brand presence with detailed content tailored to its B2B audience in the manufacturing and technology sectors. Technically, the site uses Imperia CMS with JavaScript frameworks and integrates marketing and analytics tools such as Google Tag Manager, Cookiebot, and Etracker. However, the absence of a valid SSL certificate and lack of TLS support significantly weaken the security posture. Security headers are well configured, and privacy compliance is strong with GDPR-aligned cookie consent mechanisms. Overall, the website is trustworthy and professionally maintained but requires urgent SSL/TLS remediation to improve security and user trust.

Sulzer Ltd is a globally recognized leader in fluid engineering, specializing in the manufacturing and servicing of pumps, agitators, mixers, separation, and purification technologies. The company serves essential industries such as energy, manufacturing, and process industries, positioning itself as a key player in enabling sustainable and efficient industrial operations worldwide. Their website reflects a mature enterprise with comprehensive product and service offerings, strong branding, and a clear focus on sustainability and innovation. Technically, the website employs a modern technology stack including Apache server, Vue.js framework, and integrates multiple third-party analytics and marketing tools such as Google Analytics, Pardot, and Hotjar. The site is hosted with Azure DNS and demonstrates good SEO and mobile optimization practices. However, performance metrics are not explicitly available. From a security perspective, while the site implements several important security headers and content security policies, it critically lacks a valid SSL/TLS certificate and does not support HTTPS, which severely undermines its security posture. This exposes users to potential risks and reduces trustworthiness. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website is professional and credible but requires urgent remediation of its SSL/TLS configuration to ensure secure communications and improve its security score. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and enhancing security header configurations to protect users and maintain trust.

B

BETTERHOMES AG

betterhomes-international.com

0

BETTERHOMES AG operates as an international technology-driven real estate franchise company, pioneering a hybrid brokerage model that combines proprietary software with local market expertise. Founded in 2005 in Zurich, it holds a strong market position as the largest independent real estate broker in Switzerland and has expanded across the DACH region with plans for further international growth. The company offers franchise opportunities supported by advanced technology and a strong partner development culture. Technically, the website is built on modern frameworks including PHP 8.2, Flow Framework, and Neos CMS, with integrations of Bootstrap, FontAwesome, and various JavaScript libraries. However, the website suffers from a critical security deficiency due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the site presents professional content and strong business credibility but requires urgent security improvements to protect user data and maintain trust.

I

Incentage AG

incentage.com

0

Incentage AG is a Swiss-based software company specializing in innovative financial technology solutions for banking and financial institutions. Their offerings include modular platforms for payment processing, securities transactions, innovation acceleration, and risk management with cyber protection. The company positions itself as a pioneer in accelerating financial innovation with a focus on flexibility and end-to-end security. The website reflects a professional and consistent brand image targeting financial sector clients. Technically, the site uses modern web technologies including Webflow CMS, jQuery, Weglot for translations, and Google Tag Manager for analytics. Hosting is via Cloudflare, but a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with cookie consent mechanisms and a privacy policy, though no explicit security policy or incident response contacts are found. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in SSL/TLS deployment and enhanced security practices are recommended to strengthen trust and compliance.

A

Arbonia AG

arbonia.com

0

Arbonia AG is a large Swiss manufacturing company specializing in interior architectural products such as doors, showers, and room partition systems. The company operates through 15 specialized subsidiaries producing in Central Europe and serves architects, interior designers, and construction industry professionals globally. The website is built on TYPO3 CMS and features a modern design with good navigation and mobile optimization. It includes a GDPR-compliant cookie consent mechanism and links to comprehensive privacy policies. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which significantly impacts its security posture. Security headers are well configured, but the absence of TLS protocols and OCSP stapling are notable vulnerabilities. Contact information is present but lacks direct emails or phone numbers on the site. Social media presence is active on YouTube, Instagram, and LinkedIn. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS implementation to enhance security and user trust.

H

Holcim

lafargeholcim.com

0

Holcim is a globally recognized enterprise specializing in innovative and sustainable building materials and solutions. The company positions itself as a leader in decarbonizing construction with a broad portfolio including low-carbon cement, concrete, roofing, and insulation products. Their website reflects a mature, well-established business with a strong emphasis on sustainability, innovation, and corporate responsibility. The target audience includes construction professionals, architects, investors, and sustainability advocates worldwide. Technically, the site is built on Drupal CMS, hosted on AWS infrastructure, and employs modern web technologies and SEO best practices. However, a critical security gap exists due to the absence of HTTPS/SSL, which severely impacts the site's security posture. While security headers are properly configured, the lack of encryption exposes users to risks. Privacy and cookie policies are comprehensive and GDPR compliant, indicating good privacy governance. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

C

Chemgineering Holding AG

chemgineering.com

0

Chemgineering Holding AG is a well-established consulting and engineering firm specializing in the life sciences sector, particularly in GxP-regulated environments such as pharmaceuticals, biotechnology, fine chemicals, medical technology, cosmetics, diagnostics, and food industries. With over 300 employees and a mature domain age of 27 years, the company positions itself as a preferred partner for multinational and local companies across Europe. Their service offerings include project management, construction management, commissioning, process planning, qualification and validation, and GMP compliance consulting, among others. The website reflects a professional and consistent brand image with detailed project case studies and a clear focus on their target industries.

A

Applied Chemicals International AG

acat.com

0

Applied Chemicals International AG operates as a medium-sized international chemical supplier specializing in innovative chemical products and technologies for wastewater treatment, paper production, and specialty industrial chemicals. The company maintains multiple offices across Europe and Africa, serving industrial clients with a B2B business model. Their website is professionally designed, multilingual, and optimized for SEO, reflecting a mature digital presence. However, the absence of a valid SSL certificate and HTTPS support significantly undermines their security posture. While security headers and content security policies are implemented, they are weakened by permissive settings and lack of modern TLS protocols. Privacy compliance is addressed with clear privacy and cookie policies, and contact information is readily available. Overall, the company presents a credible business front but must urgently address critical security gaps to protect user data and maintain trust.

O

Octapharma AG

octapharma.com

0

Octapharma AG is a leading global manufacturer of human protein therapies derived from plasma and human cell lines, serving patients in over 120 countries. The company operates a large network of plasma donation centers and production facilities, emphasizing patient engagement and innovation in immunotherapy, haematology, and critical care. The website is professionally designed with comprehensive content, including employee stories, press releases, and detailed product information. Technically, the site uses modern frameworks like Next.js and is hosted on AWS infrastructure, but suffers from critical SSL/TLS configuration issues, lacking a valid certificate and modern protocol support. Security headers are partially implemented, but the absence of HTTPS severely impacts the security posture. Privacy compliance is well addressed with clear policies and a cookie consent mechanism. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and trust.

T

Thommen Medical AG

thommenmedical.com

0

Thommen Medical AG is a Swiss-based manufacturer specializing in dental implantology products with over 35 years of clinical experience. The company offers a comprehensive range of dental implants, prosthetics, instruments, and digital workflow products, targeting dental professionals and patients globally. Their market position is strong within the healthcare manufacturing sector, emphasizing Swiss precision and innovation. The website is professionally designed, content-rich, and well-structured, supporting their business model of manufacturing and distribution alongside educational services and scientific collaboration. Technically, the site is built on TYPO3 CMS with modern frontend technologies and integrates multiple analytics and marketing tools. However, a critical security weakness exists due to the absence of a valid SSL certificate and proper HTTPS configuration, which significantly impacts the site's security posture. Privacy policies and cookie consent mechanisms are present and GDPR compliant, enhancing user trust. Contact information is comprehensive and clearly presented, supporting business credibility. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

K

Klapty

klapty.com

0

Klapty is a Swiss-based online platform specializing in the creation, sharing, and exploration of virtual tours in 360°, VR 360, and 3D. Established in 2019, it serves a diverse audience including real estate professionals, photographers, and tourism-related businesses. The platform offers a comprehensive suite of services such as virtual tour creation, embedding, QR code generation, and a marketplace for professional photographers. Technically, the website employs modern web technologies including jQuery, Bootstrap, and various analytics and monitoring tools, hosted behind Cloudflare for performance and security. Security measures include HTTPS with a valid SSL certificate, SPF and DMARC email policies, and basic domain protection, though improvements like HSTS and DNSSEC are recommended. The site demonstrates strong business credibility with consistent branding, extensive content, and active social media presence. However, the absence of a cookie consent mechanism and explicit security policies suggests areas for compliance enhancement. Overall, Klapty presents a mature, professional, and trustworthy digital presence with moderate performance that could benefit from technical optimizations and enhanced privacy controls.

Swiss Post Ltd is a mature, enterprise-level national postal and logistics service provider in Switzerland, offering a broad range of physical and digital services including mail, parcels, financial services, and business solutions. The website reflects a professional and consistent brand presence with clear navigation and comprehensive service information targeting both private and business customers. Technically, the site uses modern JavaScript libraries, Sitecore CMS, and integrates advanced search and monitoring tools, but suffers from a critical SSL certificate issue that undermines its security posture. Security headers are well implemented, but the lack of a valid SSL certificate and absence of cookie consent mechanisms are notable gaps. The domain registration data is consistent and trustworthy, supporting the legitimacy of the business. Overall, the website is functional and credible but requires urgent security improvements to ensure user trust and compliance.

P

Proton AG

simplelogin.co

0

SimpleLogin is a privacy-focused technology company offering an open source email alias service that enables users to protect their inboxes from spam and phishing by using anonymous email aliases. The company operates under Proton AG, a reputable Swiss privacy-centric organization, and targets privacy-conscious users seeking enhanced email anonymity. The website demonstrates strong branding, excellent content quality, and a comprehensive feature set including browser extensions and mobile apps. Technically, the site uses modern web technologies and is hosted on privacy-respecting infrastructure. However, the scanned domain lacks a valid SSL certificate and HTTPS enforcement, which is a critical security gap. The security posture is otherwise solid with SPF and DMARC configured, but improvements are needed in SSL/TLS configuration and security headers. Privacy compliance is good with a clear privacy policy and GDPR alignment, though cookie consent mechanisms are absent. Overall, the business credibility is high with transparent WHOIS data and strong domain protection. Strategic recommendations include immediate SSL certificate deployment, enabling HSTS, and adding cookie consent to enhance security and compliance.

Proton AG operates Proton Mail, the world’s largest secure email service with over 100 million users. The company offers a suite of privacy-focused services including encrypted email, calendar, cloud storage, password manager, VPN, and Bitcoin wallet. Proton AG is headquartered in Switzerland and emphasizes privacy by default, leveraging Swiss privacy laws to protect user data. The business model is subscription-based with a freemium offering supported by paid plans. The website is professionally designed, mobile-optimized, and rich in content, targeting privacy-conscious individuals and businesses globally. Technically, the site uses modern frameworks such as Astro and React, and supports multiple platforms including web, desktop, and mobile apps. However, the site currently lacks a valid SSL certificate and security headers, which are critical for secure communications. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, though no cookie consent mechanism was detected. Overall, Proton Mail demonstrates a high level of business credibility and trustworthiness, supported by consistent WHOIS data and community engagement.

C

Confederazione Boccistica Internazionale

cbi-prv.org

0

The Confederazione Boccistica Internazionale (CBI) is an international sports federation dedicated to the bocce sport. The organization provides comprehensive information about bocce events, news, rules, and membership. The website serves as a hub for bocce enthusiasts, players, and affiliated organizations worldwide, positioning itself as a key international governing body in this niche sport. The business model is non-profit, focusing on sport promotion and community engagement. Technically, the website is built on the 3WTURK CMS platform and uses legacy technologies such as jQuery and FlexSlider. While the site offers rich content and a consistent brand experience, it suffers from slow load times and basic mobile optimization. The absence of modern frameworks and performance optimizations indicates room for technical modernization. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. Although SPF and DMARC records are configured for email security, the lack of HTTPS and security headers exposes users to risks. No privacy or cookie policies are present, indicating compliance gaps with GDPR and other privacy regulations. Overall, the site is functional and content-rich but requires urgent improvements in security and privacy compliance to protect users and enhance trust. Performance optimizations and modernization of the technology stack would further improve user experience and operational resilience.

A

Alpiq Holding Ltd.

alpiq.com

0

Alpiq Holding Ltd. is a leading Swiss electricity producer and energy service provider operating across Europe. The company focuses on electricity generation, energy trading, and renewable energy management, positioning itself as a key player in the energy sector with a large operational footprint and multiple subsidiaries in European countries. The website reflects a mature and professional business with comprehensive content and clear branding. Technically, the site is built on TYPO3 CMS and hosted on AWS infrastructure, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS, lack of security headers, and no modern TLS protocols enabled. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism implemented via OneTrust. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

M

Mission 21

mission-21.org

0

Mission 21 is a well-established Swiss non-profit organization dedicated to sustainable development and humanitarian aid across 18 countries in Africa, Asia, and Latin America. Their work focuses on peace promotion, education, health, food sovereignty, and combating violence against vulnerable groups. The organization is supported by church bodies, foundations, government agencies, and private donors, reflecting a robust and diverse funding model. The website presents comprehensive content in multiple languages, demonstrating a strong commitment to accessibility and outreach. Technically, the website is built on WordPress using the Astra theme and integrates various plugins for forms, e-commerce, and multimedia content. While the site is mobile-optimized and SEO-friendly, performance metrics are not available, indicating potential areas for improvement. The security posture is currently weak due to the absence of a valid SSL certificate and modern TLS protocols, which poses significant risks to user data and trust. Privacy compliance is well addressed with clear privacy and cookie policies, including a consent mechanism, aligning with GDPR requirements. However, the site lacks explicit security policies and incident response information, which are important for transparency and user confidence. Overall, the domain registration data aligns well with the organization's identity, supporting legitimacy. Strategically, Mission 21 should prioritize securing their website with valid SSL/TLS certificates and updating their security configurations to protect user data and enhance trust. Enhancing transparency around security policies and incident response would further strengthen their credibility. Continuous monitoring and performance optimization will also benefit user experience and engagement.

Y

Yelp

yelp.ch

0

Yelp.ch is a localized German-language website serving the Swiss market, providing user-generated reviews and recommendations for local businesses such as restaurants, shopping, nightlife, and wellness services. The platform operates under Yelp Inc., a well-established company founded in 2004, with a strong market position as a leading local business review platform. The website offers extensive business listings, search functionality, and advertising services for business owners. Technically, the site uses modern web technologies including React and GraphQL, hosted primarily on Amazon AWS infrastructure. However, performance is hindered by slow load times and a large page size. Security posture is weakened by an invalid SSL certificate and lack of HTTPS enforcement, absence of security headers, and no HSTS policy, which are critical areas for improvement. Privacy compliance is strong, with comprehensive privacy and cookie policies and GDPR adherence. Overall, the site is professional, trustworthy, and content-rich but requires urgent security enhancements to protect users and maintain trust.

W

Wire in The Wild

wireinthewild.com

0

Wire in The Wild is a small technology-focused community platform that showcases real world Laravel Livewire and TALL Stack projects. It serves as an inspiration and resource hub for developers and clients interested in Livewire applications. The site is curated by Silvan Hagen from Switzerland and relies on user submissions to grow its project collection. Technically, the site uses modern web technologies including Laravel Livewire, Tailwind CSS, Alpine.js, and Tom Select, hosted behind Cloudflare DNS services. However, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts its security posture and user trust. Performance is slow with a high page load time, and no security headers or advanced DNS security features are configured. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site is functional and professionally designed but requires urgent security improvements to protect users and enhance credibility.

A

Anqa IT-Security GmbH

anqa.ch

0

Anqa IT-Security GmbH is a specialized provider of IT security awareness and training services, focusing on cyber-sensibilization for employees primarily targeting Swiss SMEs. Their offerings include phishing simulations, e-learning with certification, dark web scans, and review meetings to enhance organizational cybersecurity culture. The company maintains a partnership with Mobiliar Versicherung, providing exclusive discounts and free training options for insurance customers. Technically, the website is built on WordPress with multilingual support and uses modern JavaScript libraries for UI elements. However, the site suffers from a lack of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts its security posture. DNS records show proper email security configurations such as SPF and DMARC with a reject policy, but no advanced security headers or TLS protocols are enabled. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information is clearly provided, enhancing business credibility. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect users and data.

P

ProtektaFe

protekta.ch

0

Protekta.ch appears to be a website with minimal publicly accessible content, primarily serving as a frontend application titled 'ProtektaFe'. The lack of visible business descriptions, contact information, or policy documents suggests the site is either under development or intended for internal or limited use. The technical infrastructure includes an Express backend and Angular frontend, hosted behind Cloudflare with modern TLS protocols enabled, indicating a baseline level of digital maturity. However, the absence of SEO metadata, structured data, and comprehensive content limits its public engagement and discoverability. Security posture is moderate with HTTPS enforced and OCSP stapling active, but lacks critical security headers such as HSTS and Content-Security-Policy, and does not provide privacy or cookie policies, which are essential for compliance and user trust. Overall, the site presents a low risk but also low transparency and trustworthiness due to minimal information exposure.

S

SwissCaution SA

swisscaution.ch

0

SwissCaution SA is a leading Swiss company specializing in rental guarantees without requiring tenants to block bank deposits. Positioned as the number one provider in Switzerland, it offers services for private tenants, businesses, and lessors, including provisional certificates and a 24/7 HomeAssistance service. The website is built on modern technologies such as Next.js and React, with integration of Google Tag Manager for analytics. Despite good content quality, SEO, and user experience, the site suffers from a critical security issue due to an invalid SSL certificate, which undermines trust and security. Privacy and legal compliance are well addressed with comprehensive privacy and terms of service pages. Social media presence and customer reviews enhance credibility.

Q

Quad9 Foundation

quad9.net

0

Quad9 Foundation operates a globally recognized public DNS recursive service focused on enhancing Internet security and privacy by blocking malicious domains. The organization is a not-for-profit entity based in Switzerland, leveraging partnerships with major industry players such as IBM and the Global Cyber Alliance. Their service is widely used, with resolver clusters in over 110 countries and millions of daily blocks, positioning them as a key player in the DNS security space. Technically, the website is built using the Hugo static site generator and employs modern web technologies with good mobile optimization and accessibility. However, performance is hindered by slow load times and a high number of resources. The DNS configuration is robust with SPF records but lacks DNSSEC and DMARC, and critically, the SSL/TLS configuration is invalid or missing, exposing the site to security risks. From a security perspective, Quad9 demonstrates strong privacy commitments and transparency, including GDPR compliance and no logging of IP addresses. Despite this, the absence of HTTPS and security headers significantly lowers the security posture. No incident response or vulnerability disclosure policies are publicly evident, which could be improved to enhance trust. Overall, Quad9 presents a trustworthy and professional service with excellent content quality and business credibility. The main risk lies in the missing SSL certificate and related security configurations, which should be addressed promptly to protect users and maintain trust.

C

CSEM

csem.ch

0

CSEM is a Swiss public-private, non-profit technology innovation center founded in 1984, headquartered in Neuchâtel, with over 600 employees and multiple locations across Switzerland. It specializes in developing and transferring disruptive technologies with high societal impact across sectors such as precision manufacturing, digitalization, ultra-low-power electronics, AI, optical elements, and sustainable energy. The organization collaborates extensively with universities, research institutes, and industry partners, supporting innovation and economic growth in Switzerland. Technically, the website is built on modern frameworks like Nuxt.js and uses Prismic CMS, hosted on Netlify, but suffers from a critical security weakness due to the absence of a valid SSL certificate and disabled TLS protocols, which severely impacts secure communications. Privacy and cookie policies are well implemented with consent mechanisms, and contact information is comprehensive, including email, phone, and physical address. The site demonstrates strong business credibility with testimonials, certifications, and active participation in industry events. Overall, while the business and content quality are excellent, the security posture requires urgent improvement to protect user data and maintain trust.

E

economiesuisse

economiesuisse.ch

0

economiesuisse is the leading umbrella organization representing the interests of the competitive, internationally connected, and responsible Swiss economy. The website provides comprehensive information about their advocacy, publications, news, and events targeting Swiss businesses and policymakers. Technically, the site is built on Drupal 10 and integrates modern tools such as Google Tag Manager and Hotjar for analytics and user tracking. However, the site suffers from a lack of a valid SSL certificate and modern TLS protocols, which significantly impacts its security posture. While cookie consent and privacy policies are well implemented, the absence of security headers and HTTPS reduces trust and security. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

I

innovAARE AG

parkinnovaare.ch

0

innovAARE AG operates the Park Innovaare, a high-tech innovation and industrial park in Switzerland focused on accelerating deep-tech research and commercialization. The park provides modern office, laboratory, and specialized research spaces, along with community and networking services to startups, SMEs, and R&D departments. The website is professionally designed, content-rich, and well-structured, targeting innovation ecosystem participants. Technically, the site uses TYPO3 CMS with modern frontend libraries and is hosted by cyon AG. However, a critical security gap is the lack of HTTPS/SSL, exposing users to risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Business credibility is strong with clear contact details and legal information.

Switzerland Innovation Park Biel/Bienne AG is a private Swiss non-profit organization focused on applied research and development, bridging the gap between research and industry. It operates as part of the Switzerland Innovation Foundation network, promoting innovation, startups, and research investment in Switzerland. The website is professionally designed using WordPress and Elementor, showcasing multiple research centers, projects, and partnerships. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. The overall security posture is basic with room for significant improvement in SSL/TLS configuration and security headers.

S

Switzerland Innovation Park Basel Area AG

sip-baselarea.com

0

Switzerland Innovation Park Basel Area AG operates a comprehensive innovation hub and coworking space platform focused on healthcare, life sciences, and technology sectors in Switzerland. The company provides flexible workspace solutions including ready-made offices, coworking spaces, lab spaces, and customizable workspaces tailored to startups, SMEs, and research institutions. Positioned as a key player in the Basel Area innovation ecosystem, it supports collaboration and growth through community building and event hosting. Technically, the website is built on WordPress with modern plugins and tracking tools, but lacks a valid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. The site is professionally designed with excellent content quality and user experience, though performance data is limited. Security weaknesses include missing HTTPS, HSTS, DMARC, DNSSEC, and vulnerability disclosure mechanisms, which should be prioritized to improve trust and compliance. Overall, the business demonstrates strong market positioning and digital maturity but requires urgent security enhancements to protect user data and maintain credibility.

S

Switzerland Innovation

switzerland-innovation.com

0

Switzerland Innovation is a Swiss innovation park ecosystem that facilitates collaboration between companies, startups, and universities to accelerate the transformation of research into marketable products and services. It holds a leading position in the Swiss innovation landscape, offering access to world-class research institutions and a broad range of support services. The website is built on Drupal 10 and integrates modern web technologies and marketing tools such as Google Analytics and HubSpot. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness that undermines user trust and data protection. The site features comprehensive cookie consent mechanisms and clear contact information, supporting good privacy compliance. Overall, the website presents a professional and trustworthy image but requires urgent improvements in security infrastructure.

E

EnviDat

envidat.ch

0

EnviDat is a specialized open-source platform dedicated to environmental research data management and publication, primarily serving researchers affiliated with Swiss institutions such as the Swiss Federal Institute for Forest, Snow and Landscape WSL and the ETH Domain. The platform supports FAIR data principles and integrates with major international data repositories to enhance data discoverability and reuse. Technically, the website employs modern JavaScript frameworks like Vue.js and Vuetify, but suffers from slow load times and lacks a valid SSL certificate, which impacts security and user trust. The security posture is weak due to missing HTTPS, absence of security headers, and no evident incident response or vulnerability disclosure policies. Privacy compliance is partial, with a cookie consent banner present but no explicit privacy policy found. Overall, the site is professional and trustworthy in content but requires significant improvements in security and privacy compliance to meet modern standards.

MeteoSchweiz is the Swiss Federal Office for Meteorology and Climatology, providing authoritative weather forecasts, climate monitoring, and natural hazard warnings for Switzerland. As a government agency, it holds a strong national market position and offers key services including meteorological data, public information, and specialized applications for weather and climate. The website is professionally designed, content-rich, and targets both the general public and specialized users such as government bodies and meteorology professionals. Technically, the site uses modern web technologies and is hosted via Google infrastructure, with good performance and accessibility features. However, a critical security issue is the lack of a valid SSL certificate and disabled TLS protocols, which undermines secure HTTPS access. Security headers and content policies are well implemented, but the absence of cookie consent mechanisms and some advanced security features reduces privacy compliance. Overall, the site is trustworthy and authoritative but requires urgent improvements in SSL/TLS configuration to meet modern security standards.

W

WSL Institute for Snow and Avalanche Research SLF

whiterisk.ch

0

White Risk is a comprehensive avalanche prevention platform developed and published by the WSL Institute for Snow and Avalanche Research SLF in partnership with Suva and the Swiss Red Cross. It offers a suite of modules including avalanche knowledge resources, e-learning lessons, tour planning tools, and presentation software aimed at winter mountain tour participants and avalanche educators. The platform is well-established in the Swiss market and provides valuable educational and safety services. Technically, the website is built on a modern Angular framework with rich interactive content and multimedia integration, supporting both web and mobile platforms. However, the current lack of a valid SSL certificate and HTTPS implementation is a critical security weakness that undermines user trust and data protection. Privacy and legal compliance are well addressed with comprehensive policies and cookie consent mechanisms. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to meet modern standards.

G

glatec

glatec.ch

0

glatec is a non-profit business incubator based in Zurich-Dubendorf, Switzerland, supporting startups and collaborative research in materials science, environmental science, and technology. It operates in partnership with prominent research institutions such as Empa and Eawag, providing infrastructure and professional support to new companies. The website is built on the Liferay CMS platform with React and Alloy UI technologies, featuring a comprehensive navigation structure and multilingual support. However, the site suffers from a lack of a valid SSL certificate, impacting its security posture. Cookie consent mechanisms are implemented, but no explicit privacy policy or terms of service were found in the scanned content. Contact information including phone numbers and physical addresses for multiple Swiss locations is clearly provided, alongside active social media channels.

S

Switzerland Innovation Park Ost

startfeld.ch

0

Switzerland Innovation Park Ost operates a comprehensive startup support platform focused on the Eastern Switzerland region, providing services such as consulting, financing, infrastructure, and networking to ambitious startup founders. The organization holds a strong market position, recognized as the 3rd ranked startup hub in Switzerland within Europe’s Leading Start-Up Hubs 2024. The website is built on a modern WordPress stack with Elementor and WooCommerce, integrating advanced front-end libraries and marketing tools like Google Tag Manager and CleverReach for newsletters. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, exposing the site to potential risks and undermining user trust. Privacy and cookie policies are present and GDPR compliant, with clear contact information and social media presence enhancing business credibility.

S

swissuniversities

swissuniversities.ch

0

swissuniversities.ch is the official website of swissuniversities, the umbrella organisation representing Swiss universities. It serves as a central platform to promote cooperation and coordination among Swiss higher education institutions, providing information on policies, scholarships, research, and international relations. The website targets academic institutions, students, researchers, and stakeholders in the Swiss education sector. Technically, the site is built on TYPO3 CMS and integrates modern tools such as Klaro for cookie consent and Matomo for analytics. However, the site currently lacks a valid SSL certificate, resulting in no HTTPS support, which is a significant security concern. The site is well-structured with good navigation, accessibility, and SEO, but performance is slow with a page load time exceeding 6 seconds. Security posture is weak due to missing HTTPS and limited security headers, though SPF and DMARC records are properly configured. Privacy compliance is good with clear privacy and cookie policies. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration and performance optimization.

E

Empa - Swiss Federal Laboratories for Materials Science and Technology

empa.ch

0

Empa is a Swiss federal research institute specializing in materials science and technology, operating under the ETH Domain. The organization focuses on interdisciplinary research to address industrial and societal challenges, aiming to transform research into marketable innovations. The website reflects a mature digital presence with extensive content, multilingual support, and a professional design tailored to industry partners, researchers, and the public. Technically, the site is built on Liferay CMS with React and Alloy UI, integrating modern web technologies and analytics tools. Security posture is adequate with HTTPS and SPF/DMARC email protections, though improvements in HSTS, DNSSEC, and DMARC policy are recommended. Privacy compliance is partially addressed with a cookie policy and consent mechanism, but no explicit privacy policy page was found. Overall, the site demonstrates a high level of professionalism and trustworthiness, suitable for a leading research institution.

E

Eawag

eawag.ch

0

Eawag is a leading water research institute within the ETH domain in Switzerland, focusing on sustainable water resource management, aquatic ecology, and environmental research. The website serves as a comprehensive portal for research, education, consulting, and public information, targeting researchers, policymakers, and the general public. Technically, the site is built on TYPO3 CMS and integrates modern web technologies and analytics tools, but suffers from slow load times and lacks a valid SSL certificate, impacting security and user trust. The security posture is basic with HSTS enabled but no valid TLS protocols or certificate, which is a critical issue. Privacy policies are present and GDPR compliant, though no explicit cookie consent mechanism is implemented. Overall, the site is professional and content-rich but requires urgent improvements in security and performance to enhance trust and compliance.

S

Swiss Federal Institute for Forest, Snow and Landscape Research WSL

wsl.ch

0

The Swiss Federal Institute for Forest, Snow and Landscape Research WSL is a prominent Swiss federal research institute focused on environmental sciences including forest, landscape, biodiversity, natural hazards, and snow and ice. It operates under the ETH Domain and serves a broad audience including researchers, forestry experts, policymakers, and the public. The website reflects a professional government research entity with comprehensive content and consistent branding. Technically, the site is built on TYPO3 CMS and uses Matomo for analytics, hosted likely by switch.ch. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. No privacy or cookie policies are explicitly found, and security headers are absent, indicating gaps in security best practices. Overall, the site is content-rich and trustworthy but requires urgent security improvements.

W

WEBKINDER AG

webkinder.ch

0

WEBKINDER AG is a Swiss digital agency specializing in web design, development, and online strategies, primarily serving clients in Luzern and Zürich. The company offers comprehensive services including WordPress and WooCommerce development, SEO, and custom web applications, positioning itself as a trusted partner for businesses and non-profit organizations seeking effective digital solutions. The website reflects a mature digital presence with professional design, clear navigation, and rich content including client references and insights. Technically, the website is built on WordPress with a modern tech stack including Gravity Forms, Yoast SEO, and WP Rocket for performance optimization. Hosting is managed via cyon.ch, and the site employs HTTPS with valid SSL certificates and SPF records for email security. The site is mobile-optimized and accessible, with good SEO practices implemented. From a security perspective, the site enforces HTTPS, uses security headers like HSTS (though not fully enabled), and employs Google reCAPTCHA v3 on forms. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. Contact information is clearly presented, enhancing trust and credibility. Overall, WEBKINDER AG demonstrates a strong digital maturity and security posture suitable for its business model. Strategic improvements could include enabling full HSTS policies, OCSP stapling, and publishing a security.txt file to further enhance security transparency and resilience.

O

Open Research Data Portal

open-research-data-portal.ch

0

The Open Research Data Portal is a collaborative platform dedicated to implementing Open Research Data (ORD) practices within the ETH Domain, encompassing prominent Swiss research institutions such as ETH Zurich, EPFL, Eawag, PSI, WSL, and Empa. The portal provides comprehensive information on ORD projects, services, and training resources, targeting researchers and academic institutions. Technically, the website is built on WordPress using Elementor and various Jet plugins, with integration of Google Analytics for minimal user tracking. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. The presence of SPF and DMARC records indicates some email security awareness, though the DMARC policy is set to 'none', offering no enforcement. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the site offers good content quality and professional design but requires urgent security improvements to protect user data and enhance trust.

E

ETH Zürich Foundation

ethz-foundation.ch

0

ETH Zürich Foundation is a reputable non-profit organization dedicated to supporting education, research, and innovation at ETH Zürich through donations and strategic projects. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting donors, alumni, and organizations interested in philanthropy. The technical infrastructure is based on WordPress with modern JavaScript libraries and SEO optimizations, hosted likely within ETH Zürich's infrastructure. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with detailed cookie consent mechanisms and a comprehensive privacy policy. Contact information and social media presence further enhance business credibility.

A

Applied Behavioural Science Academy by Affective Advisory Ltd.

behavioralscience.academy

0

The Applied Behavioural Science Academy by Affective Advisory Ltd. is a specialized education provider offering a unique three-day executive program in applied behavioural science and behavioural economics. The program targets executives, policy makers, and project leaders seeking practical insights to drive sustainable change. The academy operates with a small, exclusive cohort model, emphasizing quality and networking in a prestigious Zurich location. Technically, the website is built on Squarespace, leveraging modern web technologies and Google services for analytics and security. While the site is well-designed and content-rich, performance is somewhat slow due to large page size and resource count. Security posture is good with strong TLS configurations but lacks some advanced headers like HSTS and DMARC. Privacy compliance is basic with a cookie banner and privacy policy present but no explicit GDPR certification. Overall, the site projects high professionalism and trustworthiness, with clear contact channels and social media presence.

R

Rod Kommunikation

rod.ag

0

Rod Kommunikation is a well-established communications agency based in Zurich, Switzerland, specializing in market, brand, and human-centered communication services. The website reflects a professional and creative business model targeting companies and brands seeking comprehensive communication and marketing solutions. The agency demonstrates strong market positioning with a portfolio of notable clients and industry memberships, supported by high-quality content and consistent branding. Technically, the site is built on Drupal 10, hosted by Hostpoint, and integrates modern marketing tools such as Google Tag Manager and HubSpot forms. However, the website suffers from an invalid SSL certificate and lacks modern TLS protocol support, which significantly impacts its security posture. While security headers are properly configured and no major vulnerabilities are detected, the absence of a valid SSL certificate and cookie consent mechanism are notable compliance and security gaps. Overall, the site offers excellent user experience, clear navigation, and trustworthy business information, but requires urgent improvements in SSL/TLS configuration and privacy compliance to enhance security and regulatory adherence.

J

jim & jim

jimjim.ch

0

jim & jim is a leading Swiss marketing agency specializing in NextGen Marketing, focusing on engaging young, hyperconnected customers through innovative digital and physical strategies. The company offers a wide range of services including content creation, community management, live execution, and strategic consulting, positioning itself as a comprehensive partner for brands targeting Millennials and Gen Z. The website reflects a professional and consistent brand image with strong client references and active social media presence. Technically, the site is built on WordPress with modern enhancements like Lottie animations and integrates marketing and analytics tools such as Google Tag Manager and HubSpot. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing the site to potential risks and undermining user trust. Privacy compliance is partially addressed with a comprehensive privacy policy, but lacks a cookie policy and explicit consent mechanisms. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to meet modern standards.

F

Farner Consulting AG

farner.ch

0

Farner Consulting AG is a well-established Swiss communication agency with over 70 years of experience and a large team of 300 experts. The company offers a broad range of communication services including public affairs, media relations, corporate communications, healthcare, financial services, technology communications, and more. Their target audience primarily consists of businesses and organizations in Switzerland seeking integrated communication solutions. The website is built on WordPress and leverages multiple modern JavaScript libraries and marketing tools such as HubSpot and Google Tag Manager. While the site is professionally designed with good SEO and mobile optimization, it suffers from a critical security issue due to the absence of a valid SSL certificate, which undermines HTTPS security. The presence of HSTS headers is positive but ineffective without proper SSL. Email authentication records like SPF have syntax errors, and the DMARC policy is minimal, indicating room for improvement in email security. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism despite tracking scripts. Overall, the website is functional and professional but requires urgent security enhancements to protect user data and improve trust.

B

BlueGlass | Team Farner

blueglass.ch

0

BlueGlass Interactive AG, operating as BlueGlass | Team Farner, is a leading digital marketing agency based in Zurich, Switzerland. The company offers a comprehensive suite of services including digital strategy consulting, SEO, content marketing, social media marketing, web design and development, data analytics, and e-sports video productions. With a strong market position supported by multiple industry awards and partnerships with major technology providers such as Google, Meta, and Microsoft, BlueGlass serves both national and international clients with a focus on data-driven and user-centric marketing solutions. The company is a medium-sized enterprise founded in 2007 and is part of the larger Team Farner communications group.