Security Directory

I

Isadmission

isadmission.com

0

Isadmission is a French-based company specializing in digital solutions for managing student admission contests, targeting educational institutions. The website presents a professional and well-structured platform built on WordPress with modern plugins and tools, offering a good user experience and clear navigation. However, the technical infrastructure shows weaknesses, notably the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts security posture. The site implements basic privacy compliance measures including cookie consent and a privacy policy, but lacks advanced security policies or incident response information. Overall, the business appears credible with testimonials and social media presence, but the security shortcomings pose risks that should be addressed promptly.

杉山労務管理事務所 is a small, regionally focused social insurance labor consultant office based in Saitama Prefecture, Japan. The company provides labor management services including labor risk assessment, employment regulation creation and revision, and support for administrative investigations. Their target audience is primarily small to medium businesses in the Kanto region. The website content is primarily in Japanese and offers free labor risk diagnostic tools via external links. Technically, the website is basic with no CMS detected, minimal JavaScript and CSS usage, and no advanced frameworks. Performance data is missing but inferred slow. Critically, the site lacks HTTPS support and a valid SSL certificate, exposing users to security risks. No privacy or cookie policies are present, and no security best practices such as security headers or incident response information are published. Contact information is clearly provided including phone, email, physical address, and a contact form embedded via iframe. Overall, the site is functional but lacks modern security and privacy compliance measures, which significantly impacts trust and security posture.

B

Barkhausen Institut

barkhauseninstitut.org

0

The Barkhausen Institut is an independent research institute based in Dresden, Germany, specializing in trustworthy networked electronic systems and the Internet of Things (IoT). It collaborates closely with the Technical University of Dresden and focuses on research and development of secure, transparent, and sustainable digital technologies. The website targets researchers, academics, and industry professionals interested in IoT and trustworthy digital systems. The business model centers on research, innovation, and public outreach in the technology sector. The institute holds an international reputation with a medium-sized organizational footprint.

L

Le réseau des Carnot

instituts-carnot.eu

0

Le réseau des Carnot is a French network of research institutes dedicated to fostering innovation for enterprises through R&D partnerships and technology transfer. The website serves as an information hub for news, events, and resources related to the 39 affiliated Carnot institutes. The target audience primarily includes businesses seeking research collaborations and innovation support. Technically, the site is built on Drupal 10 with Apache hosting, utilizing jQuery and tarteaucitron.js for cookie consent management. Despite good content quality, mobile optimization, and accessibility, the site critically lacks HTTPS, exposing it to security risks and undermining user trust. Security headers are partially implemented, but the absence of SSL/TLS and modern protocols significantly lowers the security posture. Privacy compliance is basic, with a cookie consent mechanism present but no explicit GDPR compliance indicators or detailed privacy policy. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance credibility.

I

Institut Mines-Télécom

mines-telecom.fr

0

Institut Mines-Télécom is the leading public group of engineering and management Grandes Écoles in France, providing education, research, and innovation services focused on industrial, digital, energy, and ecological challenges. The website reflects a mature digital presence with professional design, multilingual support, and strong SEO integration. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL/TLS certificate and lack of HTTPS, which severely impacts the security posture. While privacy and cookie policies are well implemented and GDPR compliant, the site lacks explicit security policies and incident response information. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility.

N

Neoweb

neoweb.fr

0

Neoweb is a French digital agency established in 2004, specializing in custom web and mobile application development, consulting, and accessibility services. The company targets startups, enterprises, and institutions primarily in Lille and Paris, leveraging technologies such as React, Symfony, WordPress, and Directus. Their website reflects a mature digital presence with professional design, rich content, and structured data enhancing SEO and user experience. Technically, the site is built on WordPress with Elementor and Gravity Forms, incorporating modern JavaScript libraries and optimization tools like WP Rocket. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support and lack of modern TLS protocols, which significantly impacts the site's security posture. Privacy compliance is well addressed with GDPR-aligned cookie consent and privacy policies. Overall, the site demonstrates strong business credibility and technical maturity but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

I

IMT Nord Europe Alumni

imt-nord-europe.org

0

IMT Nord Europe Alumni is a French non-profit alumni association serving graduates, students, and recruiters affiliated with IMT Nord Europe. The website offers a comprehensive platform for alumni networking, career services, events, and publications, supported by a large member base. Technically, the site uses a modern JavaScript stack with libraries such as jQuery, Bootstrap, and slick-carousel, and integrates security features like hCaptcha and GDPR-compliant cookie consent. The SSL configuration is valid but could be improved with HSTS and stronger DMARC policies. Overall, the site is professional and trustworthy but has room for performance and security enhancements.

U

Université de Lyon

universite-lyon.fr

0

Université de Lyon is a public academic consortium coordinating 10 member universities and 25 associates in the Lyon-Saint-Étienne academic site. The website serves students, researchers, academic staff, and international scientists by providing information on education, research programs, innovation, entrepreneurship, and campus life. The site is well-branded, professionally designed, and offers clear navigation with a focus on academic and research content. Technically, the site uses JavaScript, jQuery, and AT Internet analytics, hosted likely on academic infrastructure with a valid SSL certificate. Security posture is adequate with no major vulnerabilities detected, though improvements such as enabling HSTS and DNSSEC are recommended. Privacy compliance is basic with a cookie consent mechanism but no explicit privacy policy found in the analyzed content. Overall, the website is a credible and trustworthy source for academic information in the region.

Eudonet is a technology company specializing in CRM software solutions, targeting subscribers and clients primarily in France with additional presence in Canada and the UK. The website analyzed is a secure login portal for Eudonet CRM subscribers, offering multi-language support and user authentication features. The business model centers on SaaS CRM services with a focus on client account management. Technically, the site runs on Microsoft IIS with ASP.NET and uses XHTML transitional markup. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Security headers are partially implemented, but the absence of TLS protocols and certificate transparency compliance significantly weakens the security posture. Privacy and cookie policies are not present, and no contact or business information is provided on this login page, limiting transparency and compliance indicators. Overall, the site demonstrates moderate business credibility and good content quality but suffers from poor security and privacy compliance.

L

Logilys Inc.

imakeanonlinedonation.org

0

I Make An Online Donation is a French-language website initiative by Logilys Inc. offering an integrated online donation solution primarily targeting charitable organizations. The platform enables organizations to manage online donation forms integrated with the Prodon Donation and Donor Management Software, positioning itself as a niche SaaS provider in the non-profit sector in Canada. The website content is professionally presented with clear navigation and relevant business information, including contact details and social media presence. Technically, the site uses a modern tech stack including jQuery, Bootstrap, Google Fonts, Font Awesome, Google reCAPTCHA v3, and Google Tag Manager, but suffers from slow load times and lacks a valid SSL certificate, which critically impacts security and trust.

Logilys is a small Canadian technology company specializing in the development and distribution of specialized management software solutions, including PRODON for donation and donor management, PROLOC for leisure, sports, and culture management, and PROLYS for project and client relationship management. The company targets organizations requiring tailored software solutions primarily in Quebec, Canada. Their market position is niche with a focus on specialized software for non-profit and cultural sectors. Technically, the website uses modern frontend technologies such as Bootstrap and jQuery, with Google Tag Manager for analytics. However, the site lacks a valid SSL certificate, resulting in HTTP-only access, which negatively impacts security posture and user trust. Performance is slow with a high page load time, though mobile optimization and SEO are reasonably good. Security-wise, the company holds a COCD certification for its PRODON software, indicating a commitment to security in their product offerings, but the website itself lacks HTTPS, security headers, and cookie consent mechanisms. Privacy compliance is basic with a privacy policy present but no cookie banner or GDPR-specific indicators. Contact information is clearly provided with phone numbers and a physical address in Rimouski, Quebec. Overall, the website is professional and informative but requires significant improvements in security and privacy compliance to enhance trust and protect users.

S

Site not installed - OVHcloud

carnot-mines.eu

0

The website carnot-mines.eu currently hosts no active content and displays a default placeholder page provided by OVHcloud indicating that the site is not installed. There is no business information, services, or user-facing content available. The domain is registered and DNS records are configured with OVH and Gandi.net mail servers, but no SSL certificate or HTTPS support is present, resulting in a poor security posture. No privacy, cookie, or terms of service policies are found, and no contact information or forms exist on the site. The technical infrastructure is minimal and lacks modern security and performance features. Overall, the site is non-operational and does not provide any business or compliance information.

S

SIA "Juridiskā koledža"

jk.lv

0

Juridiskā koledža is a Latvian educational institution specializing in legal and related professional studies. The website presents a comprehensive offering of study programs, courses, and international cooperation such as ERASMUS. The institution positions itself as a provider of qualified specialists with practical and theoretical knowledge for the labor market in Latvia and abroad. Technically, the website is built on WordPress with common libraries like jQuery and Bootstrap, but suffers from slow performance and lacks a valid SSL certificate, which impacts security and user trust. Security posture is weak due to missing HTTPS, lack of security headers, and absence of DMARC records, although SPF is correctly configured. Privacy compliance is minimal with no visible privacy or cookie policies or consent mechanisms. Contact information and certifications are clearly presented, supporting business credibility. Overall, the site is functional but requires significant improvements in security and privacy to meet modern standards.

Security assessment completed with an overall score of 50/100 (unknown risk). Total of 7 security findings identified across all modules.

J

JDM Technology Group

jdmtechnologygroup.com

0

JDM Technology Group is a well-established company providing integrated software solutions for the construction industry and built environment. With over 41 years in business, 34 subsidiary companies, and a global customer base exceeding 18,000, they offer a broad portfolio of construction management, maintenance, estimating, and operational software. Their business model focuses on strategic acquisitions to expand market share and deliver comprehensive solutions. Technically, the website is built on WordPress with modern frontend technologies like Bootstrap and jQuery, optimized by NitroPack, but suffers from slow load times and lacks a valid SSL certificate, impacting security and user trust. Security posture is weak due to missing HTTPS and TLS protocols, though DNS records show good email security practices with SPF and DMARC. Privacy compliance is poor with no visible privacy or cookie policies, and no contact information is provided on the homepage. Overall, the site is professional and content-rich but requires significant improvements in security and privacy to enhance trust and compliance.

A

Association Forum Ensai

forum-ensai.com

0

Association Forum Ensai is a student-run non-profit organization based in France that facilitates connections between students and the professional world, particularly in data science and statistics. The website serves as an information hub for the association's activities, events, and contact points. The site is built on WordPress with popular plugins such as Yoast SEO and Elementor, and integrates Google Analytics for visitor tracking. However, the technical infrastructure shows significant security weaknesses, notably the absence of a valid SSL certificate and HTTPS support, which exposes users to potential risks. Privacy compliance is minimal, with no visible privacy or cookie policies and no consent mechanisms for tracking. Business credibility is moderate, supported by consistent branding and a clear focus on its educational mission, but lacking in formal certifications or detailed contact information.

S

Sodern

sodern.com

0

Sodern is a French technology company specializing in space optronics and neutron technology, operating as a subsidiary of ArianeGroup. The company holds a leading position globally and in Europe in its niche markets, providing advanced products such as star trackers, spatial cameras, and neutron analysis equipment primarily for defense, space, and mining sectors. The website reflects a professional corporate presence with comprehensive content, legal compliance pages, and active social media engagement. Technically, the site is built on WordPress with modern plugins and frameworks, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

M

Maiaspace

maia-space.com

0

Maiaspace is a small European space transportation company focused on designing, manufacturing, and operating eco-responsible reusable mini launchers for space mobility services. Their business model targets satellite operators and space industry customers requiring flexible launch solutions to Low Earth Orbit and other orbits. The website is built on WordPress with good SEO practices and mobile optimization but lacks a valid SSL certificate, resulting in no HTTPS support. Security posture is weak due to missing TLS protocols and security headers beyond HSTS. Privacy compliance is minimal with no visible privacy or cookie policies. Contact information is limited to a contact page without direct emails or phone numbers. Overall, the site presents a professional image with consistent branding and relevant content but requires urgent security and privacy improvements.

A

Arianespace

arianespace.com

0

Arianespace is a leading global satellite launch company providing a versatile family of launch vehicles including Ariane 6, Soyuz, and Vega C. The company serves commercial and institutional customers worldwide, offering launch services to various orbits and ground services expertise. The website reflects a mature digital presence with comprehensive content, strong SEO, and active social media engagement. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which poses a critical risk to secure communications. Privacy compliance is supported by clear policies but lacks an explicit cookie consent mechanism. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

S

Sciences Po Alumni

sciencespo-alumni.fr

0

Sciences Po Alumni is a well-established alumni association serving the students and graduates of Sciences Po in France. The website offers a comprehensive platform for networking, career services, events, and publications, targeting alumni, students, and recruiters. The platform leverages a custom CMS likely provided by AlumnForce and integrates modern web technologies including Vue.js, Backbone.js, and Google services. Despite a rich content offering and good user experience, the website suffers from a critical security flaw due to the absence of a valid SSL certificate, severely impacting its security posture. Privacy and cookie policies are present and GDPR compliance is indicated, but could be enhanced. Overall, the site is professional and functional but requires urgent security improvements to protect user data and trust.

T

Transdev North America, Inc.

transdevna.jobs

0

Transdev North America, Inc. operates a comprehensive career portal focused on transportation jobs across North America. As the largest private-sector provider of multiple transportation modes including transit, rail, and on-demand services, the company targets job seekers interested in diverse roles such as drivers, management, safety, and technical positions. The website provides detailed information about career opportunities, benefits, and hiring processes, supported by a consistent brand presence and trust indicators such as an EEO statement and a Code of Business Conduct. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, with integrations for Google Analytics, Facebook Pixel, and other marketing tools. However, performance is slow and accessibility is basic. Security posture is weak due to the absence of a valid SSL certificate, lack of security headers, and missing DNS security records, which poses significant risks to user data and trust. Privacy compliance is basic with a cookie consent mechanism and a privacy policy, but GDPR compliance is not clearly demonstrated. Overall, the site is functional and professional but requires urgent security improvements to protect users and enhance credibility.

W

WebBuilds B.V.

documentator.io

0

Documentator is a technology SaaS company providing a documentation platform designed to simplify the creation and management of product and developer documentation. Positioned as an affordable alternative to established documentation tools, it targets developers and product teams seeking an easy-to-use, flexible solution with features like custom domains, translation support, and analytics. The business operates under WebBuilds B.V., founded in 2020, and offers tiered subscription plans with a free trial to attract users. Technically, the website employs modern JavaScript frameworks (likely Vue.js), Cloudflare DNS services, and Matomo analytics configured for privacy. However, the site suffers from a critical security shortfall due to an invalid SSL certificate and lack of HTTPS enforcement, which significantly impacts its security posture. Performance is moderate to slow, with good mobile optimization and basic accessibility features. Security-wise, the absence of HTTPS, missing security headers, and lack of DNS security records (DMARC, CAA) present vulnerabilities that could expose users to risks. Privacy compliance is reasonably addressed with a comprehensive privacy policy and GDPR references, but no cookie consent mechanism is implemented. Business credibility is supported by clear policies, testimonials, and transparent pricing. Overall, Documentator is a functional and professional SaaS platform with solid business fundamentals but requires urgent improvements in security infrastructure to protect user data and enhance trust.

V

Vidzemes Augstskola

va.lv

0

Vidzemes Augstskola is a regional higher education institution in Latvia offering a range of academic programs including bachelor, master, doctoral, and lifelong learning courses. The website serves students, staff, alumni, and cooperation partners with information on study processes, events, and services. The institution maintains an active online presence with regular news and event updates, supported by social media channels. Technically, the website is built on Joomla CMS using the Helix Ultimate framework and hosted behind Cloudflare, but critically lacks a valid SSL certificate, resulting in no HTTPS support. This is a significant security risk that undermines user trust and data protection. The site implements cookie consent mechanisms and has comprehensive privacy policies, indicating good privacy compliance. However, the absence of HTTPS and modern TLS protocols severely impacts the overall security posture. Strategic improvements in SSL/TLS deployment and security headers are essential to enhance the site's security and trustworthiness.

V

Veterans United Home Loans

vu.com

0

Veterans United Home Loans is a leading mortgage lender specializing in VA home loans, serving veterans and military families across the United States. The company holds the position as the nation's #1 VA lender by volume for multiple consecutive years, demonstrating strong market leadership and trust within its target audience. Their website offers comprehensive services including VA home loans, refinancing options, mortgage calculators, and additional services such as credit building and insurance. The site features extensive customer testimonials and a robust multi-step lead form designed to capture detailed mortgage-related information securely. Technically, the website employs a modern technology stack including jQuery, Formocity forms, and various analytics and tracking tools such as Google Tag Manager and TrustedForm. Hosting is provided via Amazon AWS, ensuring scalability and reliability. While the site is mobile-optimized and accessible with good SEO practices, performance is somewhat slow with a high load time and large page size, indicating potential areas for optimization. From a security perspective, the site uses valid SSL certificates supporting TLS 1.2 and 1.3, but lacks advanced security headers and HSTS enforcement, which are recommended to enhance security posture. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Contact information is prominently displayed, enhancing business credibility. Overall, Veterans United Home Loans presents a professional, trustworthy, and secure online presence with minor technical and security improvements recommended to further strengthen their digital maturity and user experience.

P

Pomelo International, Inc.

pomelo.com

0

Pomelo International, Inc. operates a specialized financial services platform focused on international money transfers primarily to the Philippines and Mexico. The company differentiates itself by offering no transfer fees, a proprietary Pomelo Mastercard® credit card designed for money transfer with rewards points, and 24/7 customer support. The website is professionally designed, mobile-optimized, and rich in content, targeting individuals sending money internationally from the US. Technically, the site leverages modern web technologies including Webflow CMS, Cloudflare CDN, and integrates multiple analytics and marketing tools such as Google Tag Manager, Segment, Facebook Pixel, and Reddit Pixel. Security features are prominently highlighted on the site, including biometric security and advanced encryption. However, a critical security weakness is the invalid or missing SSL certificate and lack of TLS protocol support, which significantly impacts the security posture and user trust. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site presents a strong business credibility and user experience but requires urgent remediation of SSL/TLS issues to ensure secure transactions and maintain customer trust.

D

DigiTrace GmbH

digitrace.de

0

DigiTrace GmbH is a specialized IT-forensics and IT-security service provider based in Germany, offering a broad range of services including IT forensics, incident response, eDiscovery, and expert IT assessments. The company targets businesses, authorities, auditors, and legal professionals, positioning itself as a trusted expert in IT security and forensic investigations. The website is professionally designed using Joomla CMS and includes detailed service descriptions and contact information, although it lacks some modern security configurations. Technically, the site suffers from the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts its security posture. Other security best practices such as security headers and HSTS are also missing. Privacy compliance is addressed with a comprehensive privacy policy and DMARC/SPF email protections, but no cookie consent mechanism is present. Overall, the site is functional and informative but requires urgent improvements in security infrastructure to meet modern standards.

WithSecure is a well-established cybersecurity company founded in 1988, headquartered in Finland, offering advanced B2B cybersecurity solutions focused on protecting businesses from evolving digital threats. The company holds a strong market position in Europe with a comprehensive portfolio including XDR, Exposure Management, and Co-Security services, supported by multiple industry awards and certifications. Their website demonstrates a high level of digital maturity, leveraging modern technologies such as Adobe Experience Manager, Google Tag Manager, and advanced analytics tools, ensuring fast performance and excellent user experience across devices. Security posture is robust with valid EV SSL certificates, strong security headers, and a clear commitment to privacy and GDPR compliance. Overall, WithSecure presents a trustworthy and professional online presence with comprehensive business and support information, making it a reliable partner in cybersecurity.

N

Network Box Corporation Ltd.

network-box.com

0

Network Box Corporation Ltd. operates a professional website offering managed cybersecurity services globally, targeting businesses of all sizes. Their core offerings include 24x7x365 managed security services, penetration testing, dark web monitoring, and zero trust endpoint security. The company positions itself as a cost-effective, enterprise-grade MSSP with a strong focus on real-time protection and comprehensive cyber defense. Technically, the website is built on Squarespace with standard web technologies and integrates Google Analytics and Tag Manager for tracking. However, the site lacks a valid SSL/TLS certificate, resulting in an insecure HTTP connection, which is a critical security concern. Security headers are partially implemented but could be improved. Privacy compliance is basic with a cookie banner and privacy policy present, but no explicit GDPR compliance indicators or terms of service are found. The site includes multiple contact forms with CAPTCHA protection and active social media channels, enhancing business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to enable HTTPS and strengthen its security posture.

E

EURECOM

eurecom.fr

0

EURECOM is a reputable graduate school and research center specializing in digital science, located in Sophia Antipolis, France. It offers advanced education and research programs in computer science, telecommunications, and digital security, targeting students, researchers, and industry partners. The institution holds recognized certifications such as the 4DIGITAL label and European Heritage Award, positioning it as a key player in digital education and research in Europe. Technically, the website is built on Drupal 9 with modern frontend libraries and integrates Google Tag Manager for analytics. However, the site suffers from a lack of HTTPS support due to an invalid or missing SSL certificate, which significantly impacts its security posture. The cookie consent mechanism is implemented, but no explicit privacy policy or terms of service pages are found on the homepage. Contact information is limited to a physical address and phone number, with no verified company emails available. Overall, the website presents professional content and good user experience but requires urgent security improvements to protect user data and enhance trust.

É

École des Mines de Saint-Étienne

mines-stetienne.fr

0

École des Mines de Saint-Étienne is a prestigious French engineering school with a 200-year history, offering high-level engineering education, research, and international partnerships. The website reflects a mature digital presence with comprehensive content, multiple academic programs, and strong branding. Technically, the site is built on WordPress with Elementor and integrates modern web technologies and marketing tools such as Sendinblue and Google Tag Manager. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy and cookie policies are well implemented with consent mechanisms, indicating good GDPR compliance. Overall, the site is professional and trustworthy but requires urgent security improvements.

I

Institut Mines-Télécom Business School (IMT Business School)

imt-bs.eu

0

Institut Mines-Télécom Business School (IMT-BS) is a French public business school specializing in commerce, management, and digital transformation education. It holds a strong market position with multiple prestigious accreditations such as AACSB, AMBA, and CGE, and is part of the Institut Mines-Télécom group. The school offers a range of programs including Bachelor, Grande Ecole, Masters of Science, Executive Education, and doctoral partnerships, targeting students, enterprises, and international audiences. Technically, the website is built on WordPress with Elementor and several modern plugins, but suffers from slow performance and lacks a valid SSL certificate, which impacts security and user trust. Security posture is moderate with some best practices like SPF and DKIM for email, but critical issues exist due to missing HTTPS and TLS protocols. Privacy compliance is good with clear policies and consent mechanisms, and accessibility is excellently addressed with a dedicated plugin and detailed accessibility statement. Overall, the site is professional and trustworthy but requires urgent security improvements to enable HTTPS and modern TLS protocols.

I

IMT Mines Alès

imt-mines-ales.fr

0

IMT Mines Alès is a recognized French engineering school affiliated with the IMT group, offering a broad range of engineering and management education programs with a strong emphasis on creativity, innovation, and environmental and societal responsibility. The institution targets engineering students, researchers, and industry partners, positioning itself as a national leader in engineering education with a medium-sized footprint. Technically, the website is built on Drupal 10 with modern web components such as Swiper sliders and Plyr video players, but suffers from a critical lack of HTTPS and valid SSL certificates, which severely impacts its security posture. The site implements cookie consent mechanisms and uses Matomo for analytics, reflecting moderate privacy compliance. However, the absence of a security policy, incident response contacts, and vulnerability disclosure reduces its overall security maturity. Strategic improvements in SSL/TLS deployment and security policy transparency are recommended to enhance trust and compliance.

I

IMT Mines Albi

imt-mines-albi.fr

0

IMT Mines Albi is a reputable French engineering school specializing in generalist engineering education and research, operating under the Institut Mines-Télécom group. The website presents a professional and content-rich platform targeting prospective students, researchers, and industry partners. Technically, the site is built on Drupal 10 with modern frontend technologies and includes cookie consent mechanisms. However, the absence of HTTPS and a valid SSL certificate is a critical security flaw that undermines user trust and data protection. The site shows good design, navigation, and accessibility but lacks explicit privacy and terms of service documentation. Security headers are partially implemented but insufficient without HTTPS. Overall, the site is functional and credible but requires urgent security improvements.

I

IMT Nord Europe

imt-nord-europe.fr

0

IMT Nord Europe is a French graduate engineering school affiliated with the Institut Mines-Télécom and partnered with the University of Lille. Positioned strategically in northern France, it serves as a key educational and research institution focusing on energy, ecological, digital, and industrial transitions. The website presents a professional and content-rich platform targeting students, researchers, and industry partners, offering a wide range of engineering programs and continuous training. Technically, the site is built on WordPress with modern plugins and frameworks but lacks a valid SSL certificate, which impacts its security posture. While security best practices such as hCaptcha and cookie consent are implemented, the absence of HTTPS and minimal security headers present significant vulnerabilities. Overall, the site is functional and trustworthy but requires urgent improvements in security to protect user data and enhance trust.

I

IMT Atlantique

imt-atlantique.fr

0

IMT Atlantique is a prestigious French engineering school specializing in generalist engineering education with a strong focus on digital technologies, energy, and environmental sciences. It holds a significant market position as evidenced by its high ranking and membership in the Institut Mines-Télécom network. The website reflects a mature digital presence with comprehensive content targeting students, researchers, academic partners, and enterprises. Technically, the site is built on Drupal 10 with modern front-end libraries and good SEO and accessibility practices. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to risks and undermining trust. The site implements GDPR-compliant cookie consent and privacy policies, but lacks visible terms of service and incident response information. Social media integration and partner affiliations enhance its credibility and outreach.

N

NetAnswer

netanswer.fr

0

NetAnswer is a French technology company specializing in community management platforms, primarily targeting alumni networks, professional associations, foundations, and companies with donor communities. With over 20 years of experience and a client base exceeding 300 organizations, NetAnswer offers a comprehensive, modular SaaS solution that supports community engagement, event management, donation processing, and career support. The website reflects a professional and consistent brand presence, showcasing client testimonials and partner logos to build trust. Technically, the site is built on WordPress with the Divi theme and leverages various plugins and libraries such as jQuery, Swiper Carousel, and Matomo Analytics. However, the site lacks a valid SSL certificate and does not properly implement HTTPS, which is a critical security shortfall. Email security is well managed with valid SPF and DMARC policies. Privacy compliance is basic but includes cookie consent mechanisms. Overall, the website is content-rich and user-friendly but requires urgent improvements in security infrastructure to meet modern standards.

I

Intelsat

intelsat.com

0

Intelsat is a leading global satellite communications provider, combining the world's largest satellite backbone with terrestrial networks to deliver secure, reliable connectivity across land, sea, and air. Their extensive service portfolio targets governments, telecommunications companies, media, and various industries, positioning them as a key player in the telecommunications sector. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding. Technically, the site is built on WordPress with modern plugins and frameworks, supported by Cloudflare for DNS and CDN services. Performance is moderate, with room for optimization. Security posture is solid with valid SSL, SPF, and DMARC records, though improvements like enabling HSTS and DNSSEC are recommended. Privacy compliance is robust, featuring detailed policies and OneTrust consent mechanisms. Overall, Intelsat's website demonstrates professionalism, trustworthiness, and a commitment to compliance, supporting their enterprise-level market position.

S

Safran

safran.com

0

Safran is a UK-based medium-sized company specializing in project management software and risk analytics solutions, serving industries such as energy, aerospace, defense, and construction. Positioned as a global leader, Safran offers integrated tools for project planning, risk management, and execution, supported by professional services including consulting, training, and partner services. The website is professionally designed, content-rich, and targets project managers and risk professionals. Technically, the site is built on HubSpot CMS with multiple modern JavaScript libraries and integrates various analytics and marketing tools. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which critically impacts HTTPS security. Privacy policies and terms of service are present and comprehensive, but no cookie consent mechanism is detected. Social media presence and customer testimonials enhance business credibility. Overall, the site is functional and professional but requires urgent SSL/TLS remediation to improve security and trust.

E

Ensae-Ensai Formation Continue (Cepe)

lecepe.fr

0

Ensae-Ensai Formation Continue (Cepe) is a well-established continuing education center affiliated with the Groupe des écoles nationales d'économie et statistique (Genes) in France. It specializes in providing professional training and certification programs in statistics, data science, finance, and economics. The organization maintains strong partnerships with prestigious institutions such as Ensae Paris, Ensai, Crest, and Institut Polytechnique de Paris, positioning itself as a reputable education provider in its sector. The website reflects a professional and comprehensive approach to education, targeting professionals and learners seeking advanced skills and certifications in quantitative fields. Technically, the website employs modern web technologies including Bootstrap, jQuery, Font Awesome, and integrates third-party services like Google Analytics and Calendly for analytics and scheduling. Hosting is managed through Gandi, and the site uses a valid SSL certificate with strong key length, although some security enhancements such as HSTS and DNSSEC are absent. Performance is moderate to slow due to a large number of resources and page size, but mobile optimization and accessibility are adequately addressed. From a security perspective, the site uses HTTPS with a valid certificate and implements cookie consent mechanisms aligned with GDPR requirements. However, it lacks several security headers and DNS security features that could improve its security posture. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and secure environment for users. Privacy policies and terms of service are clearly available, enhancing compliance and user trust. Overall, the website demonstrates a strong business credibility and professional presence with room for technical and security improvements. Strategic recommendations include enhancing security headers, enabling DNSSEC and CAA, optimizing performance, and publishing incident response information to further strengthen trust and compliance.

E

ENSAI

ensai.fr

0

ENSAI is a French grande école specializing in data science education, offering a range of programs from engineering degrees to doctorates and continuing education. It holds a strong market position due to its unique academic model and historical ties with INSEE and public statistics. The website reflects a professional and comprehensive digital presence targeting students, researchers, and public sector professionals. Technically, the site is built on WordPress with common plugins and libraries, but suffers from slow load times and lacks a valid SSL certificate, impacting security posture. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. Security weaknesses include missing HTTPS, lack of security headers, and no explicit security or incident response policies. Overall, the site is trustworthy and professional but requires urgent improvements in security infrastructure to protect user data and enhance trust.

A

ArianeGroup

ariane.group

0

ArianeGroup is a leading European aerospace company specializing in civil and military space transportation, including the development and manufacturing of launchers such as Ariane 6 and Maia. The company positions itself as a global industrial leader supporting Europe's independence and security in space. The website reflects a mature digital presence with comprehensive content, professional design, and clear navigation targeting aerospace industry stakeholders, government entities, and potential employees. Technically, the site is built on WordPress with SEO optimizations and uses modern web technologies, but suffers from slow load times and lacks a valid SSL certificate, which impacts security posture. Security-wise, the absence of HTTPS and security headers is a critical vulnerability, although no WAF or blocking mechanisms are detected. Privacy compliance is supported by a comprehensive privacy policy, but no cookie consent mechanism is present. Overall, the site is professional and trustworthy but requires urgent improvements in security configurations to protect user data and enhance trust.

N

Naval Group

naval-group.com

0

Naval Group is a leading European naval defence company serving over 50 navies worldwide. The company specializes in the design, construction, integration, and support of submarines and surface ships, positioning itself as an international player in the naval defence sector. The website reflects a mature business with comprehensive content targeting customers, candidates, journalists, suppliers, and employees. Technically, the site is built on Drupal 10 with modern JavaScript libraries and includes a cookie consent mechanism and Matomo analytics for user tracking. However, the absence of a valid SSL certificate and lack of modern TLS protocols significantly weaken the security posture. No advanced security headers or session management features are implemented, exposing the site to potential risks. Privacy compliance is well addressed with GDPR-aligned policies and consent management. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

X

XMP-Consult

xmp-consult.org

0

XMP-Consult operates as a network of independent consultants primarily serving French-speaking business leaders and members seeking consulting services. The website provides a membership platform, events calendar, publications, and a newsletter to engage its community. The business model focuses on connecting consultants with clients and fostering professional development through events and shared resources. Technically, the site is hosted on OVH with Apache server, uses a variety of JavaScript libraries including jQuery, Bootstrap, and TinyMCE, and employs a CMS likely based on NetAssoc. While the site is content-rich and well-structured with good mobile optimization, performance is slow and SEO is basic. Security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocols, despite good security headers and cookie consent mechanisms. Privacy compliance is strong with GDPR-aligned cookie policies and consent banners. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

P

ParisTech Alumni - Accueil

paristech-alumni.org

0

Security assessment completed with an overall score of 50/100 (unknown risk). 9 high-priority issues should be addressed promptly. Total of 20 security findings identified across all modules.

W

WebBuilds B.V.

webbuilds.nl

0

WebBuilds B.V. is a small Dutch technology company specializing in custom web application development and SaaS products. Their offerings include CRM, e-commerce, API integrations, and proprietary SaaS tools such as ploi.io and Documentator. The company targets businesses seeking tailored web solutions and emphasizes quality and precision in development. Technically, the website uses modern frameworks like Laravel and TailwindCSS and is hosted behind Cloudflare. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Security headers are present but insufficient without HTTPS. Privacy compliance is minimal, with no visible privacy or cookie policies. The company uses Matomo analytics, indicating some privacy awareness. Overall, the website is professional and well-branded but requires urgent security improvements to protect users and enhance trust.

I

ivy.mayhem GmbH

stella-projects.de

0

stella.projects is a small, specialized web agency based in Hamburg, Germany, with over 15 years of experience in web design and development. They focus on delivering custom digital products including websites, online platforms, consulting, and hosting services. The company positions itself as a reliable partner for startups, SMEs, and private clients, emphasizing clarity, focus, and quality in their offerings. Their market position is strengthened by an official partnership with Statamic CMS and a portfolio of diverse clients. Technically, the website uses modern frameworks such as Laravel and Statamic CMS, with frontend technologies including Alpine.js and a well-structured responsive design. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security flaw. Security headers are mostly present but the absence of HTTPS and HSTS significantly reduces the security posture. Privacy compliance is addressed with a privacy and cookie policy, though no explicit cookie consent mechanism is implemented. Contact information is clearly provided, including phone, email, physical address, and a contact form. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and improve trust.

T

Transdev United States

transdevna.com

0

Transdev United States operates as the largest private sector operator of multiple modes of transit in North America, providing services including bus, paratransit, rail, health solutions, microtransit, shuttle, autonomous mobility, fleet services, and ferry operations. The company targets public transportation clients and transit authorities, positioning itself as a leading integrator and operator in the transportation sector. The website reflects a large, well-established enterprise with a focus on safety, innovation, and sustainability. Technically, the site is built on WordPress with a modern tech stack including WPBakery Page Builder, jQuery, and Google services, hosted on WP Engine with Cloudflare CDN. Performance is fast, mobile optimization is good, and accessibility features are implemented via third-party tools. Security posture is strong with HTTPS, modern TLS protocols, CSP, and secure cookie settings, though improvements such as enabling HSTS and DNSSEC are recommended. Privacy compliance is addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional, trustworthy, and well-structured, supporting the company's market position and business model effectively.

T

Transdev Canada

transdev.ca

0

Transdev Canada operates as a global mobility operator and integrator, providing a wide range of transportation services including bus, rail, ferry, cargo, and autonomous mobility solutions. The company holds a strong market position with a large operational footprint in Canada and is part of the larger Transdev Group. Their services target passengers, public authorities, and companies, emphasizing efficiency, safety, and sustainability. The website reflects a professional and comprehensive digital presence with rich content, news updates, and recruitment information. Technically, the site is built on WordPress with Elementor and integrates advanced search via Algolia, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and lack of HTTPS enforcement. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Social media integration is robust, enhancing business credibility. Overall, while the business and content aspects are strong, the security posture requires urgent improvement to protect user data and maintain trust.

RETHMANN SE & Co. KG is a well-established German family-owned holding company founded in 1934, operating primarily in the transportation and energy sectors through its subsidiaries REMONDIS, Rhenus, SARIA, and a significant stake in Transdev. The company provides comprehensive services in recycling, logistics, sustainable product manufacturing, and public mobility solutions, targeting industrial clients, municipalities, and private customers. The website is built on TYPO3 CMS, featuring good content quality, clear navigation, and professional design, though it lacks a valid SSL certificate, which is a critical security concern. Privacy policies are comprehensive and GDPR compliant, but no cookie consent mechanism is present. The company demonstrates strong business credibility with detailed contact information and legal disclosures.

C

Chief Tools

chief.tools

0

Chief Tools provides a comprehensive suite of web-based utilities aimed primarily at developers and IT professionals. The website offers tools such as JSON formatting, DNS lookups, IP address retrieval, encoding and hashing utilities, and certificate chain resolution. The business operates from the Netherlands and positions itself as a niche provider of free and partner-linked technical tools. The website is well structured with clear navigation and a consistent brand presence, targeting a technical audience seeking quick and reliable utility tools. The business model appears to be primarily free tools supplemented by partner services and related applications.