
Is zoner.cz Safe? Security Analysis for ZONER software, a.s.
Check if zoner.cz is a scam or legitimate. Free security scan and reviews.

AI Summary
ZONER software, a.s. operates the website www.zoner.cz, offering a comprehensive photo and video editing software suite primarily targeting the Czech market. The company positions itself as a leading Czech provider of photo editing tools, cloud storage, and educational content for photographers and enthusiasts. Their business model includes software sales, subscription services, and supplementary offerings such as photo galleries, printing, and merchandise. The website demonstrates a high level of professionalism with rich multimedia content, tutorials, and customer testimonials, reinforcing their market position. Technically, the website employs modern web technologies including Bootstrap, Google Tag Manager, and asynchronous script loading to optimize performance and user experience. The site is mobile-optimized, accessible, and SEO-friendly, with embedded video content and interactive elements enhancing engagement. Analytics and marketing tools are integrated with user consent mechanisms to comply with privacy regulations. From a security perspective, the site enforces HTTPS and implements a robust cookie consent mechanism with granular user controls. However, it lacks explicit security headers and a published security policy or incident response page. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The absence of WHOIS data from the CZ.NIC server limits domain registration trust assessment, but the website's content and branding suggest legitimacy. Overall, the website presents a secure, privacy-conscious, and user-friendly platform aligned with industry best practices. Strategic recommendations include enhancing security headers, publishing a security policy, and providing explicit incident response contacts to further strengthen trust and compliance.
Detected Technologies
🧠AI Business Intelligence
Technology stack, business insights, and market analysis powered by AI.
Business Intelligence
Market & Strategic Analysis
ZONER software, a.s. holds a strong position in the Czech photo editing software market, leveraging a diversified business model that includes software licensing, cloud services, and educational content. Their target customers range from casual home users to professional photographers, schools, and businesses. The company maintains an active digital presence with frequent content updates, tutorials, and customer engagement through social media channels. Their competitive advantage lies in offering an all-in-one solution with intuitive tools, competitive pricing, and localized support. Growth indicators include regular feature updates, awards recognition, and a comprehensive ecosystem of related services. Partnerships with content platforms and marketing networks support their outreach and monetization strategies.
Extracted Contact Information
Marketing Intelligence Data
Email Addresses (1)
Security Posture Analysis
Comprehensive Security Assessment
The website exhibits a mature security posture with enforced HTTPS and a comprehensive cookie consent framework supporting GDPR compliance. The use of third-party analytics and marketing scripts is managed with user consent, minimizing privacy risks. However, the absence of key security headers such as Content-Security-Policy and X-Frame-Options represents an area for improvement. No direct contact for security incidents or vulnerability disclosure is provided, which could hinder incident response effectiveness. The lack of a security.txt file or published security policy reduces transparency. Overall, the site is secure for general users but would benefit from enhanced security communication and header implementation.
Strategic Recommendations
Priority Actions for Security Improvement
Implement security headers including Content-Security-Policy, X-Frame-Options, and X-XSS-Protection to mitigate common web attacks.
✨Observations
AI-powered comprehensive website and business analysis.
AI-Enhanced Website Analysis
Business Insights
ZONER software, a.s.
Program na úpravu fotek i videí v jednom. Nejlepší český software na stříhání, retušování, ukládání i prezentaci fotek a videí s podporou v češtině.
excellent
consistent
Technical Stack
moderate
good
good
good
Security Assessment
- HTTPS enforced
- Cookie consent with granular control
- No exposed sensitive data in HTML
- Use of async loading for scripts
Analytics & Tracking
Advertising & Marketing
Website Quality Assessment
Key Observations
Website is fully accessible with rich content and multimedia.
🛡️Security Headers
HTTP security headers analysis and recommendations.
Security Headers
HTTP security headers analysis
Missing X-Frame-Options header
HIGHPrevents clickjacking attacks
Missing X-Content-Type-Options header
MEDIUMPrevents MIME type sniffing
Missing Content-Security-Policy header
HIGHControls resources the browser is allowed to load
Missing X-XSS-Protection header
MEDIUMLegacy XSS protection (deprecated but still recommended)
Missing Referrer-Policy header
LOWControls referrer information sent with requests
Missing Permissions-Policy header
MEDIUMControls browser features and APIs
👤GDPR Compliance
Privacy and data protection assessment under GDPR regulations.
GDPR Compliance
Privacy and data protection assessment
Privacy policy may not be GDPR compliant
MEDIUMPrivacy policy lacks explicit GDPR compliance elements
GDPR Compliance Analysis
🛡️NIS2 Compliance
Network & Information Security Directive compliance assessment.
NIS2 Compliance
Network & Information Security Directive
No information security framework found
HIGHNIS2 requires documented cybersecurity and information security measures
No vulnerability disclosure policy
MEDIUMNIS2 encourages coordinated vulnerability disclosure
No security policy documentation found
HIGHNIS2 requires documented cybersecurity governance and risk management
No incident response procedures found
HIGHNIS2 requires documented incident response and business continuity plans
No business continuity planning found
MEDIUMNIS2 emphasizes operational resilience and business continuity
No security contact information
HIGHNIS2 requires clear incident reporting channels
No vulnerability reporting mechanism
MEDIUMClear vulnerability reporting supports coordinated disclosure
No NIS2 reference found
LOWConsider explicitly mentioning NIS2 compliance efforts
Critical sector without clear security compliance
HIGHDetected sectors: transport, digital
📧Email Security
SPF, DKIM, and DMARC validation and email security assessment.
Email Security
SPF, DKIM, and DMARC validation
No MTA-STS Policy
MEDIUMMTA-STS enforces TLS for email delivery
No TLS-RPT Record
LOWTLS-RPT provides reporting for email TLS issues
SPF Details
DKIM Selectors Found
DMARC Details
🏆SSL/TLS Security
Certificate validity and encryption analysis.
SSL/TLS Security
Certificate validity and encryption analysis
Weak Protocols Supported
HIGHServer supports weak protocols: TLSv1.1
OCSP Stapling Not Enabled
LOWOCSP stapling improves performance and privacy
Certificate Transparency Not Implemented
LOWCertificate is not logged in Certificate Transparency logs
Partial SSL/TLS Assessment
LOWCompleted 3 of 4 security checks due to time constraints
Protocol Support
OCSP Status
📊DNS Health
DNS configuration and security assessment.
DNS Health
DNS configuration and security assessment
DNSSEC Not Enabled
MEDIUMDNSSEC is not configured for this domain
CAA Records Not Configured
LOWCertificate Authority Authorization (CAA) records not found
Weak SPF Policy
HIGHSPF record has permissive policy allowing any server to send email
Domain Registration Details
DNS Records
DNSSEC Status
DNS Performance
SPF Analysis
⚡Network Security
Port scanning and network exposure analysis.
Network Security
Port scanning and network exposure analysis
High-Risk Service Exposed: FTP
HIGHPort 21 (FTP) is publicly accessible - FTP - Often unencrypted file transfer
High-Risk Service Exposed: RPC
HIGHPort 135 (RPC) is publicly accessible - RPC - Windows RPC endpoint
🔧Technical Analysis
Detailed technical findings and analysis from AI assessment.
Technical Analysis
Comprehensive security assessment findings