Security Directory

N

NORGATE.LV SIA

norgate.lv

0

The website exhibits a weak overall security posture with critical gaps in privacy compliance, security headers, and core security policies. There is a critical GDPR compliance failure due to the absence of privacy and cookie policies, as well as no cookie consent mechanism, exposing the business to regulatory and reputational risks in the EU market. Security headers are largely missing, increasing vulnerability to common web-based attacks such as clickjacking, cross-site scripting, and data injection. The SSL/TLS configuration is suboptimal with weak keys and impending certificate expiration, risking data interception and trust issues. Absence of a formal information security framework, incident response plan, and security documentation further increases operational risks and slows incident handling. Exposure of high-risk services like FTP and lack of DNSSEC can be exploited by attackers to gain unauthorized access or manipulate traffic. While email security and DNS health scores are relatively better, they still require improvements to prevent spoofing and domain abuse. Overall, the website is at high risk for security breaches, non-compliance fines, and damage to customer trust unless prompt remediation occurs.

W

webbuilding.lv

webbuilding.lv

0

The website's security posture is currently weak, with multiple critical and high-severity issues posing significant risks to business operations and regulatory compliance. Key vulnerabilities include missing essential security headers, exposed critical services like MySQL and FTP, and a complete lack of GDPR compliance measures for an EU business. The absence of documented security policies, incident response procedures, and business continuity planning further exacerbates operational risk. While email security and SSL/TLS configurations are relatively strong, foundational network security and privacy controls require urgent attention. Failure to address these issues could lead to data breaches, regulatory fines, reputational damage, and operational disruptions. Immediate remediation is essential to protect sensitive customer data, ensure compliance, and maintain stakeholder trust. Overall, the current security framework is inadequate for supporting business continuity and regulatory obligations in its operating regions.

A

Advania

advania.no

0

The website demonstrates a moderate overall security posture with no critical vulnerabilities but multiple high and medium-risk issues that could expose the business to regulatory penalties, reputational damage, and security breaches. Key weaknesses are evident in compliance with GDPR and NIS2 requirements, including the absence of privacy policies, cookie consent mechanisms, and formal security frameworks. Missing essential security headers and weak SSL configurations increase the risk of web-based attacks and data interception. While network and email security are robust, the gaps in policy documentation and incident response readiness pose significant operational risks. Immediate attention to regulatory compliance and cryptographic standards is necessary to protect customer data and ensure business continuity. Overall, the environment requires a focused remediation plan to elevate both security controls and governance policies to industry standards. Addressing these issues proactively will reduce legal exposure and enhance customer trust.

A

Advania

advania.dk

0

The website's overall security posture is concerning, with critical and high-severity issues predominantly in GDPR compliance, security headers, and information security governance. The absence of basic privacy policies and consent mechanisms exposes the business to regulatory and reputational risks, especially within the EU. Security headers are inadequately configured, increasing the risk of common web-based attacks such as clickjacking and content spoofing. Furthermore, missing security framework documentation, incident response plans, and vulnerability disclosure policies indicate a lack of mature cybersecurity governance, elevating operational risks. SSL/TLS weaknesses and expiring certificates further threaten secure communications and user trust. While email security and network security show strong scores, critical gaps in legal compliance and technical controls must be addressed urgently. Immediate remediation will reduce legal liabilities, protect customer data, and strengthen overall resilience against cyber threats.

C

Contentful

contentfulstatus.com

0

The website exhibits significant security gaps, particularly in compliance, email security, and incident management frameworks, which pose substantial risks to business operations and regulatory adherence. Critical and high severity issues, such as the absence of email authentication and missing key security headers, expose the organization to phishing attacks, data breaches, and clickjacking vulnerabilities. GDPR compliance is notably weak, with no cookie policy or consent mechanism, risking regulatory fines and eroding customer trust. The lack of documented information security and incident response policies under NIS2 directives indicates unpreparedness for cyber incidents, threatening operational resilience. Although network security and SSL/TLS configurations show strengths, weaknesses in DNS security and HTTP security headers reduce overall protection. Addressing these issues promptly will reduce exposure to cyber threats, improve regulatory compliance, and enhance customer confidence. Prioritizing governance and technical controls will support sustainable security posture improvements. Incremental remediation aligned with business priorities is essential to mitigate risks effectively.

I

Inside Systems A/S

insidesystems.com

0

The website's overall security posture is critically weak, primarily due to the absence of HTTPS encryption, which exposes all data in transit to interception and manipulation. Key security headers are missing, increasing the risk of cross-site scripting, clickjacking, and other web-based attacks. GDPR compliance is severely lacking, with no cookie policy or consent banner, potentially leading to regulatory penalties and loss of customer trust. The absence of an information security framework, incident response procedures, and security policy documentation further exacerbates the organization's vulnerability to cyber threats and operational disruptions. While email and network security are strong, these isolated strengths do not mitigate the critical risks posed by the core deficiencies. The low scores in NIS2 compliance indicate the organization is unprepared to meet mandatory cybersecurity standards, risking legal and financial consequences. Immediate remediation is necessary to protect sensitive data, maintain regulatory compliance, and uphold the company's reputation. Failure to address these issues may result in data breaches, regulatory fines, and significant business disruption.