Skip to main content
All Industries

EU Industry Benchmark

Technology

Anonymized security posture data for the technology sector across the EU. Based on 17722 monitored sites.

46.4

Avg. Score /100

D

Avg. Grade

17722

Sites Tracked

+3.0

vs. EU Average

Critical findings in this industry

9722 of 17722 without HTTPS redirect

55.0%

10918 of 17722 with unencrypted email (no STARTTLS)

62.0%

12855 of 17722 without DMARC protection (spoofable)

73.0%

9555 of 17722 missing 3+ critical security headers

54.0%

14578 of 17722 without DNSSEC (vulnerable to DNS spoofing)

82.0%

16272 of 17722 without CAA records (unrestricted certificate issuance)

92.0%

17366 of 17722 without MTA-STS (email downgrade attacks possible)

98.0%

Grade Distribution

A
1 (0.0%)
B
256 (1.0%)
C
1818 (10.0%)
D
10863 (61.0%)
F
4784 (27.0%)

Security across Europe

Average security score by country — hover for details, click to explore.

Austria: 45.0/100 (730 sites) Belgium: 48.1/100 (479 sites) Bulgaria: 48.7/100 (186 sites) Croatia: 47.5/100 (163 sites) Cyprus: 46.3/100 (76 sites) Czech Republic: 49.1/100 (351 sites) Denmark: 49.5/100 (237 sites) Estonia: 48.2/100 (127 sites) Finland: 48.6/100 (242 sites) France: 44.4/100 (1566 sites) Germany: 44.8/100 (5191 sites) Greece: 46.2/100 (291 sites) Hungary: 45.8/100 (314 sites) Ireland: 50.3/100 (213 sites) Italy: 44.0/100 (1007 sites) Latvia: 49.3/100 (94 sites) Lithuania: 48.4/100 (131 sites) Luxembourg: 48.5/100 (57 sites) Netherlands: 49.9/100 (1168 sites) Norway: 51.4/100 (196 sites) Poland: 44.4/100 (1106 sites) Portugal: 48.1/100 (240 sites) Romania: 48.9/100 (259 sites) Slovakia: 50.1/100 (343 sites) Slovenia: 46.2/100 (125 sites) Spain: 45.4/100 (754 sites) Sweden: 50.0/100 (181 sites) Switzerland: 51.2/100 (681 sites) United Kingdom: 46.3/100 (1012 sites)
Worse
Better

Score by Country

🇦🇹 Austria
45.0 730 🇧🇪 Belgium
48.1 479 🇧🇬 Bulgaria
48.7 186 🇭🇷 Croatia
47.5 163 🇨🇾 Cyprus
46.3 76 🇨🇿 Czech Republic
49.1 351 🇩🇰 Denmark
49.5 237 🇪🇪 Estonia
48.2 127 🇪🇺 European Union
54.3 78 🇫🇮 Finland
48.6 242 🇫🇷 France
44.4 1566 🇩🇪 Germany
44.8 5191 🇬🇷 Greece
46.2 291 🇭🇺 Hungary
45.8 314 🇮🇸 Iceland
48.3 70 🇮🇪 Ireland
50.3 213 🇮🇹 Italy
44.0 1007 🇱🇻 Latvia
49.3 94 🇱🇮 Liechtenstein
53.4 8 🇱🇹 Lithuania
48.4 131 🇱🇺 Luxembourg
48.5 57 🇲🇹 Malta
45.8 46 🇳🇱 Netherlands
49.9 1168 🇳🇴 Norway
51.4 196 🇵🇱 Poland
44.4 1106 🇵🇹 Portugal
48.1 240 🇷🇴 Romania
48.9 259 🇸🇰 Slovakia
50.1 343 🇸🇮 Slovenia
46.2 125 🇪🇸 Spain
45.4 754 🇸🇪 Sweden
50.0 181 🇨🇭 Switzerland
51.2 681 🇬🇧 United Kingdom
46.3 1012

Hosting & Data Residency

57%

EU-headquartered provider

43%

Non-EU provider (CLOUD Act / Schrems II)

Cloudflare (US) 2456 27.7%
Hetzner (DE) 1384 15.6%
IONOS (1&1) (DE) 1243 14.0%
Amazon Web Services (US) 1041 11.8%
OVHcloud (FR) 902 10.2%

Server location via IP geolocation (MaxMind GeoLite2). Company HQ from ASN registry. A site may be physically hosted in the EU but use a US-headquartered provider subject to the CLOUD Act — per Schrems II (CJEU C-311/18), this requires SCCs with supplementary measures. · GDPR Art. 44–49

How does your site compare?

Run a free security scan and see your grade instantly.

Scan your site

All data is anonymized. No individual sites are identified. Statistics updated weekly.