Security Directory

D

Deciso

opnsense.org

0

OPNsense.org is the official website for OPNsense®, an open source firewall and routing platform developed by Deciso. The platform targets enterprises, professionals, and the open source community, offering a free core product alongside a commercial Business Edition with enhanced features. The website demonstrates a mature digital presence with comprehensive content, community engagement, and commercial offerings including official hardware and training. Technically, the site is built on WordPress with modern frontend frameworks and integrates Google Analytics and custom search capabilities. However, a critical security gap exists as the site lacks a valid SSL/TLS certificate and HTTPS support, exposing users to potential risks. Privacy policies and terms of service are present and comprehensive, but cookie consent mechanisms are not implemented. Overall, the site is professional and trustworthy but requires urgent security improvements to protect visitors and maintain credibility.

6

6WIND

6wind.com

0

6WIND is a technology company specializing in virtualized and secure networking software solutions. Their offerings target communication service providers, mobile network operators, cloud providers, and enterprises worldwide. The company positions itself as a trusted provider of high-performance, scalable, and cost-effective networking software, including virtual service routers, host accelerators, and cloud-native solutions. The website reflects a professional and consistent brand with rich content, including testimonials, case studies, and video resources. Technically, the site is built on WordPress with the Avada theme and integrates modern libraries and marketing tools such as Google Analytics, Pardot, and LinkedIn widgets. However, the security posture is weakened by an invalid or missing SSL certificate and lack of enabled TLS protocols, which is a critical issue that must be addressed to ensure secure communications and trust. Privacy compliance is well-handled with a cookie consent mechanism and a comprehensive privacy policy. Overall, the site demonstrates good digital maturity but requires immediate attention to its SSL configuration to improve security and user trust.

S

SECUDOS GmbH

secudos.de

0

SECUDOS GmbH is a German-based technology company specializing in innovative IT security solutions aimed at ensuring digital sovereignty and high-performance network infrastructures for businesses. Their product portfolio includes secure data exchange software (Qiata), a hardened operating system (DOMOS), and recovery technology for hardware appliances (SDR). The company positions itself as a reliable and experienced partner with over 20 years of expertise in complex network environments, serving a broad range of corporate clients. Technically, the website is built on Joomla CMS with modern frameworks like Bootstrap and jQuery, offering good mobile optimization and user experience. However, the absence of a valid SSL certificate and lack of HTTPS support significantly weaken the security posture, despite proper email authentication records and GDPR compliance. Overall, the site demonstrates good business credibility and privacy practices but requires urgent improvements in SSL/TLS implementation to enhance security and trust.

N

New Work SE

new-work.se

0

New Work SE is a large technology company focused on shaping the future of work through its portfolio of strong brands including XING, kununu, onlyfy, and InterNations. The company operates primarily in the German-speaking market, providing recruitment, employer branding, and global networking services. Their website reflects a professional and consistent brand image with comprehensive content aimed at professionals and companies seeking talent solutions. Technically, the website uses modern technologies such as Algolia for search, Usercentrics for consent management, and Adobe Analytics for tracking. Hosting is on Amazon AWS infrastructure. Security posture is solid with HTTPS, SPF, and DMARC configured, though improvements like HSTS and OCSP stapling are recommended. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy and professional, though performance optimization could enhance user experience.

V

VTT Technical Research Centre of Finland Ltd.

vtt.fi

0

VTT Technical Research Centre of Finland Ltd. is a leading European research institute providing visionary research, development, and innovation services across multiple sectors including energy, transportation, technology, manufacturing, and healthcare. The company offers a broad portfolio of advanced services such as 6G hardware technologies, quantum computing, cybersecurity, and sustainable development solutions. Their market position is strong, supported by extensive partnerships and a large expert community. Technically, the website is built on Drupal CMS with modern technologies and demonstrates good performance and accessibility. Security posture is solid with HTTPS, valid SPF, and OCSP stapling, though improvements like enabling HSTS and DNSSEC are recommended. Privacy compliance is well managed with comprehensive cookie consent via Cookiebot and a detailed privacy policy. Overall, the website reflects a professional, trustworthy, and mature digital presence.

S

SQS - Software Quality Systems

sqs.es

0

SQS - Software Quality Systems is a medium-sized Spanish company specializing in software testing, quality assurance, certification, and data space services. It serves regulated sectors such as healthcare, pharmaceuticals, railways, and automotive, offering professional consulting, managed testing services, and training. The company holds multiple recognized certifications including ISO 9001, ISO/IEC 27001, and ENS, positioning itself as a trusted provider in the technology and regulated industries. Technically, the website is built on WordPress with Divi theme and integrates modern marketing and analytics tools such as Google Analytics, Hotjar, and reCAPTCHA. However, the site lacks a valid SSL certificate and modern TLS support, which significantly weakens its security posture. Privacy compliance is well addressed with GDPR cookie consent and a comprehensive privacy policy. Contact information is clearly available, enhancing business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

N

net-maxX GmbH

net-maxx.de

0

net-maxX GmbH operates a virtual platform designed for fan communities, leveraging interactive virtual worlds to connect users. The company is a small technology startup based in Germany, founded in 2023, and collaborates with partners such as Telemaxx and agenturserver.de. The website is built on the Ghost CMS platform and demonstrates good content quality and user experience with moderate performance. Security posture is adequate with HTTPS and SPF configured, but lacks advanced TLS features and email security enhancements like DMARC. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional and trustworthy but could improve in security and privacy areas.

Z

ZENIT GmbH

zenit.de

0

ZENIT GmbH is a regional innovation and technology center based in North Rhine-Westphalia, Germany, focused on transforming the Mittelstand (SMEs) through services in innovation, technology transfer, digitalization, funding, and internationalization. The company holds a strong market position as a key facilitator and network coordinator for SMEs and research institutions in NRW, leveraging partnerships with European and regional stakeholders. The website reflects a mature digital presence with comprehensive content, event management, and community testimonials. Technically, the site is built on WordPress with modern JavaScript libraries and SEO optimizations, but suffers from a critical lack of a valid SSL certificate and modern security configurations, exposing it to significant security risks. Privacy compliance is partially met with a detailed privacy policy but lacks cookie consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

F

Firstlead GmbH

firstlead-server.de

0

Firstlead GmbH operates the website firstlead-server.de as a service platform in partnership with the affiliate network ADCELL. The site primarily serves as an informational landing page providing company contact details and links to the ADCELL affiliate network. The business model focuses on affiliate marketing services targeting advertisers and affiliates in Germany. The website content is minimal and presented in both German and English, reflecting a small-sized technology sector company with a basic online presence. Technically, the website uses Cloudflare for DNS hosting but lacks a valid SSL certificate, resulting in no HTTPS support. The site includes Google Analytics and Google Tag Manager scripts for tracking but does not implement cookie consent mechanisms or advanced SEO features. Performance is moderate with basic mobile optimization and accessibility. The meta robots tag is set to noindex, indicating the site is not intended for public search engine indexing. From a security perspective, the absence of a valid SSL certificate is a critical vulnerability, exposing users to potential data interception risks. No security headers or advanced security policies are implemented. Privacy compliance is partial, with a privacy policy and terms of service linked externally on the ADCELL domain but no cookie consent or explicit GDPR compliance indicators on the site itself. Overall, the website presents a low-risk profile due to its limited functionality and content but requires urgent improvements in SSL configuration and privacy compliance to enhance trustworthiness and security posture.

E

Engatta

engatta.io

0

Engatta is a technology company providing a SaaS content operations platform designed to help content teams plan, create, organize, and collaborate on content across multiple channels. The company targets organizations seeking to optimize their content workflows and improve team alignment with real-time performance metrics. The website is built on HubSpot CMS and integrates marketing and analytics tools such as Google Analytics and Facebook Pixel. However, the technical infrastructure shows weaknesses including an invalid SSL certificate and disabled TLS protocols, which pose significant security risks. Additionally, multiple subdomains are vulnerable to takeover due to dangling DNS records. Privacy and cookie policies are present with consent mechanisms, but GDPR compliance indicators are basic. Overall, the website presents a professional business front but requires urgent security improvements to protect user data and maintain trust.

G

GX Software B.V.

xperiencentral.com

0

XperienCentral, operated by GX Software B.V., is a Netherlands-based enterprise software company specializing in content management systems designed to deliver personalized digital experiences. The company positions itself as a market leader with award-winning CMS solutions that cater to organizations seeking advanced content personalization and delivery capabilities. Their platform supports multiple configurations including Headful, Headless, and Hybrid CMS models, targeting enterprise clients across various sectors. The website reflects a professional and consistent brand image, showcasing notable clients and emphasizing their technological strengths. Technically, the website employs a modern technology stack including Java-based backend, Bootstrap for frontend styling, and integrates HubSpot for marketing and form management. It uses Google reCAPTCHA Enterprise for bot protection and Google Tag Manager for analytics. Hosting is on Amazon AWS infrastructure. While the site is mobile-optimized and SEO-friendly, performance is somewhat slow with a page load time exceeding 6 seconds, indicating room for optimization. From a security perspective, the site enforces HTTPS with TLS 1.2 and uses strong cipher suites. However, it lacks advanced security features such as HSTS, OCSP stapling, TLS 1.3 support, and DMARC email policies. No critical vulnerabilities were detected, but improvements are recommended to enhance security posture. Privacy compliance is well addressed with clear privacy and cookie policies and a functional consent mechanism. Overall, XperienCentral's website demonstrates a solid business and technical foundation with good privacy practices and moderate security maturity. Strategic enhancements in security configurations and performance optimization would further strengthen their digital presence and trustworthiness.

F

Fraunhofer-Verbund Mikroelektronik in Kooperation mit den Leibniz-Instituten FBH und IHP

forschungsfabrik-mikroelektronik.de

0

The Fraunhofer-Verbund Mikroelektronik (FMD) is a leading German research consortium specializing in micro- and nanoelectronics, collaborating closely with Leibniz institutes FBH and IHP. The website serves as a comprehensive portal offering information on technology platforms, funding programs, cooperation opportunities, and current projects, targeting industry players, startups, SMEs, and academic institutions. The business model focuses on providing a one-stop-shop for microelectronics R&D, supported by strong institutional backing and federal funding. Technically, the site is built on Adobe Experience Manager with modern JavaScript libraries, delivering a moderate performance and good mobile optimization. Security posture is solid with HTTPS and strong cipher suites, though improvements like HSTS, DNSSEC, and TLS 1.3 support are recommended. Privacy compliance is good with a clear privacy policy but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-positioned in its market niche.

D

DIN Solutions GmbH

dinsolutions.de

0

DIN Solutions GmbH is a medium-sized technology company operating within the DIN group, specializing in the development and operation of software, platforms, and databases for norming and standardization. The company serves DIN, DIN Media, and their customers and partners by delivering tailored technical solutions and engaging in innovative research and development, including artificial intelligence applications. Their market position is strong within the German norming ecosystem, supported by ISO 9001 certification and partnerships with recognized entities such as TÜV Rheinland. Technically, the website employs modern technologies including MarkLogic NoSQL database, X-Swift framework, and Swift programming language for transformation processes. The site is well-designed, mobile-optimized, and uses etracker for analytics. Performance is moderate with a page load time of about 3 seconds. However, the SSL certificate is nearing expiration, and security headers are minimal, indicating room for improvement in security hardening. Security posture is adequate with HTTPS, SPF, and DMARC configured, but lacks HSTS, DNSSEC, and advanced security headers. No vulnerabilities or malware were detected, but urgent SSL renewal is needed to maintain trust and secure communications. Privacy compliance is good with a comprehensive privacy policy and GDPR adherence, though no cookie consent mechanism was found. Overall, the website is professional and trustworthy with strong business credibility. Strategic recommendations include immediate SSL renewal, enhancing security headers, implementing DNSSEC and CAA, and adding cookie consent mechanisms to improve privacy compliance and security posture.

E

Expert Systems AG

provenexpert.net

0

ProvenExpert is a technology company based in Germany, operating a SaaS platform that enables businesses to collect, aggregate, and showcase customer reviews and ratings from multiple sources. The platform targets a broad audience including freelancers, SMEs, and large enterprises, offering tools such as customer surveys, rating seals, and Google star rating integration to enhance online reputation and drive revenue growth. The company has a solid market presence with over 1.2 million expert profiles and millions of reviews aggregated. Technically, the website is hosted on Google Cloud with DNS managed by Cloudflare, utilizing modern web technologies including jQuery, Bootstrap, and Cookiebot for cookie consent management. While the site is mobile optimized and SEO friendly, performance metrics indicate slow loading times, and accessibility features are basic. Security posture is weak due to the absence of a valid SSL certificate and lack of TLS protocol support, despite some security headers being present. The security evaluation highlights critical vulnerabilities such as missing HTTPS, no TLS support, and lack of HSTS enforcement, which significantly reduce the security score. Privacy compliance is good with clear privacy and cookie policies and GDPR adherence. Business credibility is strong with clear company information, testimonials, and trust seals. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and maintain compliance. Strategically, the company should prioritize SSL/TLS certificate installation and configuration, enhance security headers, and optimize site performance to improve user experience and security posture. Continued focus on privacy compliance and transparent communication will support sustained trust and growth.

F

Firstlead GmbH

adcell.de

0

ADCELL, operated by Firstlead GmbH, is a well-established affiliate marketing network founded in 2003, targeting the German-speaking markets of Germany, Austria, and Switzerland. The platform connects publishers, advertisers, and agencies, offering a performance-based affiliate marketing model with no setup fees or monthly charges. The company enjoys a strong market position with over 64,000 active publishers and 2,426 partner programs, supported by multiple industry awards and certifications. The website content is rich, professionally designed, and targets a broad audience including publishers, advertisers, and agencies. Technically, the site uses common web technologies such as jQuery, Bootstrap, and slick sliders, hosted behind Cloudflare DNS services. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security shortfall. Privacy compliance is addressed with a consent management platform and clear privacy and cookie policies. Overall, the site demonstrates good business credibility but requires urgent security improvements.

G

Grupa Pracuj

pracujwgp.pl

0

Grupa Pracuj operates as a leading HR technology platform in Europe, connecting job seekers with employers through a suite of recruitment and HR management products. The company maintains a strong market position with multiple subsidiary brands including Pracuj.pl, eRecruiter, and Softgarden. The website reflects a professional and comprehensive approach to employer branding and recruitment, targeting candidates and HR professionals primarily in Poland. Technically, the site is built on the Softgarden platform, leveraging modern JavaScript libraries and hosted via Cloudflare and Azure infrastructure. While the SSL certificate is valid and security policies such as DMARC are strictly enforced, there is room for improvement in HTTPS security by enabling HSTS and DNSSEC. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a mature digital presence with good content quality, though performance optimization could be enhanced.

H

HashiCorp

hashicorp.com

0

HashiCorp is a leading enterprise software company specializing in cloud infrastructure automation and security lifecycle management. As an IBM company, it offers a comprehensive suite of products and cloud platform services designed to help organizations automate hybrid cloud environments efficiently and securely. The company targets enterprises and developers seeking unified infrastructure and security lifecycle management solutions. HashiCorp's market position is strong, supported by a broad partner ecosystem, extensive certifications, and a large developer community. Technically, the website is built on modern frameworks such as Next.js and React, hosted on AWS infrastructure, and integrates multiple analytics and marketing tools. While the site exhibits excellent design, content quality, and mobile optimization, its performance is somewhat slow, indicating potential optimization opportunities. The site employs robust security measures including TLS 1.3, strong cipher suites, SPF and DMARC DNS records, but lacks some advanced HTTP security headers and DNSSEC. From a security perspective, HashiCorp demonstrates a mature posture with no detected vulnerabilities in SSL/TLS configuration and active incident response channels. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The company maintains a high level of business credibility through transparent contact options, certifications, and trust signals. Overall, HashiCorp's digital presence reflects a professional, secure, and trustworthy enterprise-grade platform with minor areas for technical and security enhancements to further strengthen its posture and user experience.

I

IBM

envizi.com

0

IBM Envizi is a comprehensive SaaS platform focused on sustainability data management, greenhouse gas emissions accounting, and ESG reporting. Positioned as a leader in the sustainability software market, it offers modular solutions that leverage AI to automate complex emissions calculations and support decarbonization efforts. The platform targets enterprise customers aiming to meet regulatory compliance and improve sustainability performance. Technically, the website is built on Adobe Experience Manager with modern JavaScript frameworks and integrates IBM Cloud services. While the site demonstrates excellent content quality, branding, and user experience, it suffers from critical security issues related to an invalid SSL certificate and lack of TLS protocol support, which significantly impact its security posture. Privacy and compliance policies are well documented and accessible, reflecting IBM's commitment to GDPR and other standards. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL configuration to ensure secure user interactions.

A

Apptio, Inc.

apptio.com

0

Apptio, Inc., an IBM company, is a leading provider of SaaS solutions focused on IT Financial Management, Cloud Financial Management, and Enterprise Agile Planning. The company empowers IT and Finance leaders to make data-driven decisions that connect technology investments to business outcomes. Apptio holds a strong market position as a founding member of the Technology Business Management (TBM) Council and is recognized by industry analysts such as Gartner and Forrester. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional design tailored for enterprise customers. However, the current lack of a valid SSL certificate and absence of modern TLS protocols represent critical security weaknesses that must be addressed promptly to ensure secure communications and maintain trust. The site employs advanced marketing and analytics tools including Google Tag Manager, Visual Website Optimizer, and Marketo, supporting extensive user tracking and data collection with appropriate privacy compliance mechanisms in place, such as OneTrust cookie consent and a comprehensive privacy policy. Overall, Apptio's website demonstrates strong business credibility and digital maturity but requires immediate security improvements to align with best practices.

I

IBM

trusteer.com

0

IBM Trusteer is a comprehensive suite of cloud services and endpoint software designed to enhance fraud detection, risk assessment, and user authentication across digital channels. Positioned as a key component of IBM's security portfolio, Trusteer leverages AI, machine learning, and a global intelligence network to provide real-time risk insights and fraud prevention capabilities. The website reflects IBM's enterprise-grade approach with detailed product offerings, case studies, and strong branding consistency. Technically, the site is built on Adobe Experience Manager and hosted on AWS infrastructure, integrating advanced marketing and analytics tools such as Adobe Analytics and Adobe Target. While the security posture is solid with TLS 1.2 and strong cipher suites, there are opportunities to improve HTTPS security by enabling HSTS, OCSP stapling, and DNS security features. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates a mature digital presence with high professionalism and trustworthiness, suitable for enterprise customers in finance, healthcare, and technology sectors.

G

GX Software

gxcloud.net

0

GX Software is a technology company specializing in digital communication software and services, offering proprietary products such as XperienCentral and Engatta, alongside partnerships with leading Customer Data Platforms like BlueConic and mParticle. The company positions itself as a Platinum BlueConic Partner in EMEA, focusing on privacy-conscious, data-driven customer engagement solutions. Their website reflects a professional and consistent brand image targeting businesses seeking integrated digital communication and customer data management solutions. Technically, the site is built on HubSpot CMS with modern JavaScript libraries and integrates multiple marketing and analytics tools, providing a good user experience with moderate performance. However, the security posture is weak due to the absence of a valid SSL certificate, lack of HTTPS, missing DMARC, and no security headers, which significantly lowers the overall security score. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Contact information is comprehensive and easily accessible. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

S

Sheltr

sheltr.eu

0

Sheltr is a technology company specializing in compliance solutions for privacy-focused businesses, offering leading whistleblower and data discovery platforms. Their services target HR, compliance, and GDPR teams, helping organizations comply with regulations such as GDPR and the EU Whistleblower Directive. The company positions itself as a trusted provider with a user-friendly SaaS model, including free and paid offerings. Technically, Sheltr employs a modern web stack based on the Astro framework, integrates Piwik Pro for analytics, and uses Cookie Information for consent management. The site is hosted on Azure DNS with valid TLS certificates, supporting modern protocols like TLS 1.3. Security posture is solid with SPF and DMARC records, but could be improved by enabling HSTS, DNSSEC, and additional security headers. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism. Overall, the website is professional, well-branded, and trustworthy, with good content quality and user experience. No critical security issues or blocking mechanisms were detected.

A

adesso SE

dws-webshop.com

0

The website dws-webshop.com currently serves a 404 error page indicating the requested content is not found. The page is branded with contact information for adesso SE, a technology company based in Dortmund, Germany, suggesting a possible relationship or misconfiguration. The business appears to be a B2B technology services provider, but no direct business content or services are presented on this page. Technically, the site supports HTTPS with modern TLS protocols but lacks important security headers and HSTS enforcement. DNS records show a strict SPF and DMARC policy, enhancing email security, though CAA records are invalid. The absence of privacy, cookie, or terms policies and lack of analytics or advertising scripts indicate minimal digital maturity or an incomplete deployment. Overall, the site is not currently functional for end users and requires remediation to restore content and improve security and compliance.

I

ION Group

iongroup.com

0

ION Group is a global enterprise technology company specializing in automation software for financial markets, commodities, core banking, treasury, and credit information sectors. Their website presents a comprehensive portfolio of products and services aimed at financial institutions, central banks, and corporations, emphasizing automation to improve decision-making and operational efficiency. The company maintains a strong market position with a diverse set of industry solutions and a professional online presence. Technically, the website is built on WordPress with a modern tech stack including analytics and marketing tools such as Google Analytics, Microsoft Clarity, and Eloqua. While the site is secure with HTTPS, TLS 1.2/1.3, and OCSP stapling, there is room for improvement in security headers and DNS security. The site features a robust cookie consent mechanism compliant with GDPR, reflecting good privacy practices. Overall, the website scores well in content quality, technical implementation, security posture, privacy compliance, and business credibility, though performance is somewhat slow due to large page size and resource count.

K

Klar Webagentur GmbH

klar-webagentur.ch

0

Klar Webagentur GmbH is a Swiss-based digital agency specializing in web design, web development, content production including photography and video, and online marketing services targeted primarily at Swiss small and medium-sized enterprises (KMU) and organizations. The company positions itself as a provider of clear, practical web solutions that help clients achieve their digital goals efficiently. Their website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website is built on Joomla CMS and leverages modern JavaScript libraries such as jQuery and GSAP, along with Mapbox for map integration. The site uses Google Analytics and Google Tag Manager for analytics and marketing purposes. Hosting appears to be managed via sui-inter.net nameservers. Performance is somewhat slow due to a large page size and many resources, but mobile optimization is good. From a security perspective, the site uses HTTPS with TLS 1.3 and 1.2 protocols and has valid SPF and DMARC DNS records, although DMARC is set to a non-enforcing policy. There is no HSTS enabled, no DNSSEC, and no OCSP stapling, which are areas for improvement. No explicit security or incident response policies are published on the site. Cookie consent is implemented with a banner and opt-in mechanism, but GDPR compliance indicators are basic. Overall, the website is functional, professional, and credible but could benefit from enhanced security configurations and improved performance. Strategic recommendations include enabling HSTS, improving DMARC policy, implementing DNSSEC, and optimizing page load times to strengthen security posture and user experience.

S

StrictlyVC, LLC

strictlyvc.com

0

StrictlyVC, LLC is a specialized media company providing venture capital news, events, and podcasts primarily targeting Silicon Valley and broader tech industry professionals. Acquired by Yahoo, Inc., it leverages a WordPress-based platform integrated with modern marketing and analytics tools such as MailerLite and Parsely. The website offers a rich content experience with multimedia elements and a newsletter subscription form protected by Google reCAPTCHA. Technically, the site uses Cloudflare for DNS and likely CDN services, supports modern TLS protocols, but lacks some advanced security configurations such as HSTS and proper CAA records. Privacy and terms are governed by Yahoo's legal framework, ensuring compliance with GDPR and other regulations. Overall, the site is professional and trustworthy but could improve its security posture and cookie consent mechanisms.

C

Christian Doppler Laboratory CDL-BOT

cdl-bot.at

0

The Christian Doppler Laboratory CDL-BOT is a research-focused institution specializing in blockchain technologies for the Internet of Things. It operates as a collaboration between academic institutions TU Hamburg and TU Wien, supported by Austria's Federal Ministry for Digital and Economic Affairs and industrial partners such as Pantos and the IOTA Foundation. The laboratory aims to advance Distributed Ledger Technologies to be practical and effective for IoT applications, including secure data exchange and payment mechanisms. The website reflects a professional research entity with clear academic and industrial partnerships but lacks direct contact information and comprehensive privacy or security policies. Technically, the website is built using modern web technologies including React and Next.js, providing a good user experience and mobile optimization. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. The DNS setup is standard but lacks advanced security features such as DNSSEC and CAA records. Performance is moderate with a page load time of approximately 4 seconds. Security-wise, the site does not implement essential best practices such as HTTPS, HSTS, or security headers, and lacks vulnerability disclosure or incident response information. Privacy compliance is minimal with a basic privacy policy present but no cookie consent mechanism or GDPR compliance statements. Overall, the site is functional and informative but requires urgent improvements in security and privacy to meet modern standards. Strategic recommendations include immediate deployment of a valid SSL certificate, enabling HTTPS, implementing security headers, adding cookie consent mechanisms, and publishing comprehensive security and privacy policies to enhance trust and compliance.

S

Sof.IA

sofia.vc

0

Sof.IA is a Brazilian technology company offering an AI-powered personal assistant accessible via WhatsApp. The service integrates multiple AI platforms such as ChatGPT, OpenAI, Google, and Microsoft to provide features including image generation, translations, mathematical solutions, and audio-based Q&A. The business model is credit-based with free trial credits and paid packages, targeting smartphone users seeking practical AI assistance. Technically, the website is built on WordPress with Elementor and related plugins, hosted on AWS infrastructure. However, the site suffers from slow performance and lacks a valid SSL certificate, exposing users to security risks. Security posture is weak with no HTTPS, no security headers, and missing DNS security records. Privacy compliance is poor, with no privacy or cookie policies despite collecting user data via forms. Contact information is available via email and contact forms, but no formal security or incident response policies are found. Overall, the site is functional but requires significant improvements in security and privacy to enhance trust and compliance.

N

NeoAssist

neoassist.com

0

NeoAssist is a Brazilian technology company offering a comprehensive omnichannel customer service platform that integrates multiple communication channels and leverages artificial intelligence to enhance customer experience and operational efficiency. The company is well-positioned in the market with a large client base of over 220 brands and a strong focus on data-driven insights and automation. Technically, the website is built on WordPress with modern SEO and analytics integrations, hosted on Cloudflare with robust SSL configurations. Security posture is good with proper SPF and DMARC records, TLS 1.3 support, and no critical vulnerabilities detected, though improvements in DNSSEC and HSTS are recommended. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent mechanisms, and GDPR alignment. Overall, NeoAssist demonstrates a mature digital presence with professional design, extensive marketing and analytics tools, and a high level of trustworthiness.

C

Catalog3D

catalog3d.com

0

Catalog3D is a technology platform focused on the creation, consumption, and sale of 3D models and materials, primarily targeting users of Promob software and 3D content creators. The platform offers subscription-based access to libraries of 3D models and materials, including those created by partner users and brands. The website is built on a Microsoft IIS server using ASP.NET MVC and AngularJS, with Babylon.js for 3D rendering. DNS hosting is managed via Microsoft Azure DNS. Despite a modern tech stack, the website lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Cookie consent is implemented via Cookiebot, but no privacy policy or terms of service pages are found in the accessible content. No explicit contact information or security policies are provided, limiting transparency and trust. The website content is primarily in Portuguese and includes partner brand logos, indicating some level of business credibility.

L

leadlovers

leadlovers.app

0

Leadlovers is a technology company offering marketing automation and lead generation services primarily through a SaaS platform. The website targets digital marketers and businesses seeking to optimize email marketing and sales funnels. The platform integrates various third-party tools for analytics and user engagement, indicating a moderate level of digital maturity. However, the website suffers from a critical security issue due to the absence of a valid SSL certificate, resulting in no HTTPS protection. This significantly impacts the security posture and user trust. Additionally, the lack of privacy and cookie policies suggests poor privacy compliance. Performance is suboptimal with a slow load time and large page size, which may affect user experience. Overall, while the business model and content quality are good, the technical and security shortcomings present risks that should be addressed promptly.

K

Kommo

kommo.com

0

Kommo is a technology company offering a cloud-based CRM platform focused on conversational sales through messaging apps such as WhatsApp, Instagram, Telegram, and SMS. The platform targets small to medium-sized businesses and entrepreneurs, providing tools like customizable sales pipelines, unified chat inbox, sales automation bots, and AI-powered chat management. Kommo positions itself as a leading CRM solution for messaging-based sales with a strong emphasis on user experience and integration capabilities. Technically, the website is built on modern JavaScript frameworks, uses Cloudflare for hosting and CDN, and integrates multiple marketing and analytics tools. However, a critical security issue is the invalid SSL certificate and lack of enabled TLS protocols, which significantly impacts the security posture. Privacy and compliance are well addressed with comprehensive policies and GDPR adherence. Overall, Kommo presents a professional and trustworthy online presence but must urgently fix SSL/TLS issues to ensure secure user interactions.

G

GO-2B AG

go-2b.de

0

GO-2B AG is a German-based technology company specializing in product data management solutions tailored for industries such as furniture and retail. As a brand under Compusoft Deutschland AG, it offers a suite of services including software applications, configurators, and data management platforms to support complex product marketing and sales processes. The website reflects a professional and consistent brand image with clear business information and client references, targeting B2B customers in industrial and retail sectors. Technically, the site is built on WordPress with popular plugins and frameworks, but suffers from slow load times and lacks some modern security configurations. Security posture is moderate with valid SSL and SPF records but missing critical headers and HSTS. Privacy compliance is strong with comprehensive policies and consent mechanisms. Overall, the site is functional and trustworthy but would benefit from technical and security enhancements.

Mozaik Software operates a UK-based e-commerce website offering software subscriptions and online training services. The company targets businesses and professionals seeking specialized software solutions and training. The website is built on WordPress with WooCommerce, indicating a standard e-commerce platform setup. However, the site suffers from slow performance and minimal content, with only a single product listed. Technically, the site uses common marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Microsoft Clarity, but lacks modern security configurations. Critically, the absence of an SSL certificate means the site is served over HTTP, exposing users to potential risks and undermining trust. Privacy and cookie policies are present but hosted on a third-party domain, which may affect compliance perception. Overall, the site demonstrates basic digital maturity but requires significant improvements in security and performance to enhance user trust and compliance.

D

Dinamize Informática Ltda

dinamize.com.br

0

Dinamize Informática Ltda is a Brazilian technology company specializing in digital marketing automation solutions, including email marketing, WhatsApp marketing, CRM, and integrated platforms. The company serves over 12,000 clients and maintains a strong partner network, positioning itself as a significant player in the marketing automation SaaS market. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to businesses seeking marketing automation services. Technically, the site is built on WordPress with Elementor and JetMenu, leveraging Cloudflare for DNS and CDN services. Performance is moderate, with good mobile optimization and accessibility features. Security posture is strong with valid SSL, HSTS, SPF, and DMARC policies, though DNSSEC and CAA records are absent, representing an area for improvement. Privacy and cookie policies are present and GDPR-compliant, with consent mechanisms implemented. Overall, the website demonstrates a high level of professionalism, security, and compliance, supporting the company's credibility and trustworthiness.

O

one.com Group AB

dogado.group

0

group.one is a leading European technology company specializing in empowering small and medium-sized businesses (SMBs) with AI-powered website building, SaaS products, hosting, and digital marketing solutions. With a portfolio of local and global brands, the company serves over 2 million customers across 15 countries, positioning itself as a trusted partner for SMB digital success. The business model focuses on integrated digital tools that support the entire customer journey from online presence to commerce and growth. Technically, the website leverages modern frameworks such as React and Next.js, integrates AI capabilities via OpenAI, and supports WordPress platforms, reflecting a mature digital infrastructure. Security posture is adequate with TLS 1.2 and strong cipher suites, but lacks advanced features like HSTS, OCSP stapling, and TLS 1.3, which are recommended for enhanced protection. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, though cookie consent mechanisms are not explicitly detected. Overall, the website is professional, content-rich, and trustworthy, with room for security improvements to further strengthen its posture.

S

StackAdapt

stackadapt.tech

0

StackAdapt is a recognized leader in the AdTech industry, operating a high-performance demand side platform (DSP) that handles billions of ad requests daily. Their technology blog serves as a platform to share insights and experiences from their engineering teams, focusing on scalable software development, AI integration, and user experience. The website is hosted on the Medium platform, leveraging its CMS capabilities and social features. Technically, the site employs modern technologies including Ruby on Rails and React, with a solid SSL/TLS configuration ensuring secure communications. However, performance is suboptimal with a high load time and large page size, which could impact user experience. Security posture is generally good, with proper SPF and DMARC email configurations and no critical SSL vulnerabilities, but lacks some security headers and HSTS enforcement. Privacy compliance is adequate, relying on Medium's comprehensive privacy and terms policies, though no explicit cookie consent mechanism is present. Overall, the site demonstrates a professional and trustworthy presence with room for technical and security improvements.

S

Secure Mailgate

secure-mailgate.com

0

Secure Mailgate operates as a specialized provider of secure email gateway services, focusing on secure login and email domain management primarily targeting business users requiring secure email access. The website is functional and accessible, featuring a login form and multilingual support but lacks comprehensive public-facing content such as privacy policies, terms of service, or contact information. Technically, the site uses standard web technologies including JavaScript and CSS, hosted on infrastructure associated with Cloudpit. Performance is moderate with a relatively small page size and acceptable load times. From a security perspective, the site enforces HTTPS with modern TLS protocols (1.3 and 1.2) and a valid wildcard SSL certificate, but lacks advanced security features such as HSTS, OCSP stapling, DNSSEC, and DMARC records. No security headers are detected, and no vulnerability disclosures or incident response contacts are publicly available. This indicates a basic security posture with room for significant improvement to enhance email domain protection and overall site security. Overall, the website presents a basic but functional digital presence with limited transparency on privacy and security policies. The lack of contact information and policy documents may impact user trust and compliance with data protection regulations. Strategic improvements in security configuration, policy publication, and user communication are recommended to strengthen the company's market position and compliance posture.

E

easyname GmbH

easyname.com

0

easyname GmbH is a medium-sized Austrian technology company specializing in webhosting, domain registration, website building, VPS hosting, SSL certificates, and digital marketing services. Positioned as a reliable European provider, easyname emphasizes customer support, data privacy, and operational transparency. Their business model targets individuals and SMEs seeking comprehensive online presence solutions. The website reflects a professional and consistent brand image with clear navigation and relevant content. Technically, the site uses modern JavaScript frameworks including React and jQuery, supported by a custom platform hosted on their own datacenters in Austria, Germany, and Switzerland. However, performance is currently slow and accessibility is basic. Security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, despite presence of some security headers and SPF/DMARC email protections. Privacy compliance is good with clear policies and consent mechanisms. Overall, the site is trustworthy but requires urgent SSL/TLS remediation to improve security and user trust.

H

Hund

hundstat.us

0

Hund.io operates a status page at hundstat.us providing real-time and historical operational status for its services including website, DNS, GitLab, and platform components. The site targets users and customers who require transparency on service availability and performance. The business model centers on operational monitoring and status reporting, positioning Hund.io as a technology service provider in the monitoring niche. The website content is professional and consistent with the brand, but lacks comprehensive business and compliance information. Technically, the site is hosted on AWS infrastructure with DNS managed partly by AWS and Hurricane Electric. The technology stack includes standard web technologies with Google Analytics and Google Tag Manager for tracking. However, the site suffers from slow performance and lacks modern optimizations such as full mobile responsiveness and accessibility features. From a security perspective, the site has critical weaknesses including an invalid or missing SSL certificate, absence of HTTPS, no security headers, and no DNSSEC or CAA records. These issues significantly reduce the security posture and expose users to risks. Additionally, there is no evidence of privacy compliance, incident response policies, or contact information for security matters. Overall, the site presents moderate business credibility but requires urgent improvements in security and privacy compliance to reduce risk and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, implementing security headers, and publishing privacy and security policies.

S

SoSafe

humanfirewallconference.com

0

SoSafe operates the Human Firewall Conference, a leading European cybersecurity event focused on the human factor in security. The company provides cybersecurity awareness training and human risk management services, positioning itself as a key player in the cybersecurity education and event space. The website is professionally designed, content-rich, and targets security professionals and CISOs. Technically, the site uses WordPress CMS, integrates with HubSpot for forms, Matomo and Google Analytics for tracking, and Cookiebot for GDPR-compliant cookie management. However, the site suffers from an invalid SSL certificate and lacks important security headers and DNS security features, which lowers its security posture. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Business credibility is strong with clear contact information, social media presence, and trust signals such as testimonials and speaker highlights. Overall, the site is functional and professional but requires improvements in security infrastructure to enhance trust and compliance.

S

SoSafe

sosafe.de

0

SoSafe is a leading European provider of security awareness training and human risk management solutions, serving over 4.5 million users. Their platform leverages behavioral psychology, gamification, and AI to empower employees to recognize and mitigate cyber threats effectively. The company offers a suite of products including personalized e-learning, phishing simulation tools, an AI chatbot named Sofie, and a comprehensive human risk management dashboard. Technically, the website is built on WordPress, uses Cloudflare for hosting and CDN, and integrates marketing and analytics tools such as Google Tag Manager and Visual Website Optimizer. While the site is content-rich, well-designed, and privacy compliant with GDPR and cookie consent mechanisms, it suffers from a critical security issue: an invalid SSL certificate and disabled TLS protocols, which significantly lowers its security posture. The company demonstrates strong trust signals through ISO 27001, TISAX certifications, customer testimonials, and industry awards. Overall, SoSafe presents a professional and credible online presence but must urgently address its SSL/TLS configuration to ensure secure communications and maintain trust.

U

Unit M GmbH

unit-m.de

0

Unit M GmbH is a German-based specialist company focused on automating routine tasks in B2B sales and customer service, leveraging over 30 years of industry experience. The company offers a comprehensive suite of services including B2B eCommerce webshops, spare parts shops for mechanical engineering, customer portals, configurators, and IT consulting services. Their market position is strengthened by a solid client portfolio featuring well-known brands and recognized innovation funding. Technically, the website is built on WordPress with the Divi theme, integrating modern tools like Cookiebot for privacy compliance and Matomo for analytics. However, the site suffers from a critical security issue due to an invalid SSL certificate and lack of modern TLS protocol support, which undermines its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is professional, content-rich, and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

L

Landitec GmbH

landitec.de

0

Landitec GmbH is a medium-sized German company specializing in high-quality, flexible, and high-performance appliance solutions and services for the B2B sector. They focus on tailored IT security and network solutions, including hardware appliances, virtualization, SD-WAN, and industrial applications. The company holds a strong market position as an OPNsense Platinum Partner and collaborates with several notable technology providers such as Barracuda, 6WIND, and SECUDOS. Their offerings include customized appliances, pre-installed systems, and comprehensive customer support through an online portal. Technically, the website is built on Joomla CMS with Helix Ultimate framework and utilizes modern web technologies including Bootstrap 5 and jQuery. They employ Google Tag Manager and Google reCAPTCHA for analytics and security. However, a critical security gap is the absence of HTTPS/SSL, which significantly impacts their security posture. The site is mobile-optimized with good content quality and SEO practices. From a security perspective, while some security headers are present, the lack of SSL/TLS encryption, HSTS, and modern TLS protocols exposes the site to potential risks. No explicit security or incident response policies were found. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism. Overall, the site is professional and trustworthy in content and business representation but requires urgent security improvements to protect data and enhance user trust.

E

eCube GmbH

ecube.de

0

eCube GmbH is a German-based software development and consulting company specializing in sustainable software ecosystems and e-commerce architecture. They serve businesses seeking innovative, scalable digital solutions with a focus on technical excellence and long-term planning. Their market position is that of a trusted specialist with strong partnerships and a portfolio of successful case studies. Technically, the website is built on WordPress with modern SEO and multilingual support, though performance optimization is needed due to slow load times. Security posture is strong with HTTPS, valid SPF and DMARC policies, and no critical vulnerabilities detected, but improvements like HSTS and DNSSEC are recommended. Privacy compliance is well addressed with comprehensive cookie consent and GDPR-aligned privacy policies. Overall, eCube demonstrates a professional and trustworthy online presence with clear business and technical maturity.

C

CyberForum e.V.

cyberlab-karlsruhe.de

0

CyberLab Karlsruhe is a well-established startup accelerator and community hub operating under CyberForum e.V. It offers comprehensive services including founding consulting, accelerator programs, coworking spaces, mentoring, coaching, and investment facilitation. The website targets startups and entrepreneurs primarily in Germany, positioning itself as a key regional player with over 28 years of experience and a large active network. Technically, the site is built on TYPO3 CMS, uses modern TLS protocols, and integrates various frontend libraries and APIs, though performance is hindered by a high number of resources and slow load times. Security posture is adequate with HTTPS and SPF records but lacks advanced features such as HSTS, OCSP stapling, DMARC, DNSSEC, and certificate transparency compliance. Privacy compliance is good with a clear privacy policy and cookie consent mechanism. Overall, the site is professional, trustworthy, and content-rich, but could improve technical and security aspects to enhance user experience and protection.

C

Colina Tech

colinatech.com.br

0

Colina Tech is a Brazilian digital marketing agency specializing in SEO, paid traffic, website development, and inbound marketing services. The company serves over 100 active clients across Brazil and holds multiple industry certifications such as Google Partner and Meta Business Partner, positioning itself as a technically proficient and data-driven marketing partner. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency. Technically, the site is built on WordPress with modern JavaScript libraries and performance optimizations, but lacks HTTPS, which is a critical security shortfall. Security posture is weak due to absence of SSL/TLS, HSTS, and modern TLS protocols, exposing the site to potential risks. Privacy compliance is basic, with no cookie consent mechanism despite use of tracking tools. Contact information is clearly provided, enhancing business credibility. Strategic recommendations include immediate SSL certificate installation, enabling security headers, and implementing privacy consent mechanisms to improve trust and compliance.

A

absence.io GmbH

absence.io

0

absence.io GmbH is a medium-sized technology company based in Germany specializing in SaaS solutions for absence management, time tracking, digital personnel files, and expense management. The company serves over 2,500 companies and 100,000 users, positioning itself as a reliable and trusted provider in the HR software market. Their platform supports multiple languages and integrates with major services like Google Workspace, Microsoft 365, and Slack, enhancing usability and enterprise adoption. The website demonstrates a strong brand presence with multiple trust signals including ISO certification and positive customer testimonials. Technically, absence.io uses TYPO3 CMS with a modern JavaScript stack including jQuery, Bootstrap, and Swiper for UI components. Hosting is on DigitalOcean with DNS managed via AWS Route53. The site supports TLS 1.3 and 1.2 but lacks advanced SSL features like HSTS and OCSP stapling. Cookie consent is managed via Usercentrics CMP, and analytics are extensive using HubSpot, Google Analytics, and Crazy Egg. Performance is moderate to slow, likely due to large page size and resource count. Security posture is solid with ISO-certified servers, daily backups, SPF and DMARC email protections, and SSL encryption. However, DNSSEC is not enabled, and CAA records are malformed. No public vulnerability disclosure or security.txt file was found. Privacy policies and terms of service are present and GDPR compliant. Overall, the company demonstrates a mature security and compliance stance but could improve SSL and DNS security features. Strategically, absence.io is well positioned in the HR SaaS market with a comprehensive product suite and strong customer trust. Continued investment in security hardening and performance optimization will enhance their competitive edge and customer confidence.

G

Grupa Pracuj S.A.

grupapracuj.pl

0

Grupa Pracuj S.A. is a leading European HR Tech platform headquartered in Poland, specializing in digital recruitment and HR process automation. The company operates multiple subsidiary brands including Pracuj.pl and Robota.ua, serving both job seekers and employers with technology-driven solutions. Their market position is strong within the HR technology sector, supported by a large workforce and a broad client base. Technically, the website leverages modern tracking and analytics tools such as Google Tag Manager and Microsoft Clarity, hosted on Azure and using Cloudflare DNS services. However, performance is somewhat slow with a load time exceeding 7 seconds. Security posture is adequate with valid SSL and SPF/DMARC records, but lacks advanced protections like HSTS, DNSSEC, and CAA records. No explicit security or incident response policies are publicly available. Overall, the website is professional, well-branded, and compliant with GDPR and cookie consent requirements, but could improve in security hardening and performance optimization.