Case Study

Q: Question: Normally, old, installed code is considered a security risk. So why not a new build?

Answer: We rely on a dual strategy of modern infrastructure and intelligent code remediation. First, we host the platform in a container-based environment in the Microsoft Azure cloud. Deployment is fully automated via Infrastructure as Code, eliminating human error. Since budget and time constraints didn't allow for a complete rewrite of the complex logic, we also isolated the "external" code and analyzed it using the four-eyes principle. Based on a detailed security report, we decided together with the client which parts needed to be modified or replaced. The subsequent successful external penetration test (without critical findings) proves that security doesn't necessarily mean "building from scratch," but rather masterful craftsmanship in remediation.

Q: Question: Commend operates globally with thousands of products. How is this volume of data managed in TYPO3?

Answer: We rely on automation instead of manual maintenance. Deep integration of the company's ERP system automatically imports technical data, images, and relationships into TYPO3. For the global rollout, we also developed a custom extension that breaks TYPO3's standard language logic: It allows content (e.g., English) to be intelligently mapped to different country markets without having to maintain content twice.

Q: Question: How were 2,500 files made accessible efficiently and cost-effectively?

Answer: Manually maintaining alternative text would have taken weeks – and would have been correspondingly expensive. Instead, we used technology: Our extension in2code/alternative analyzed all images using Gemini AI and generated context-related descriptions. The result was so precise ("close to perfection") that we were able to make the website fully BITV-compliant in time for the TYPO3 v13 launch – at a fraction of the usual cost.

Q: Question: How does Commend efficiently distribute software, security updates, and manuals to global partners?

Answer: Here, cLibrary functions as a central knowledge platform. Technically, it's based on a highly customized TYPO3 extension with strict access control (registration is implemented via femanager). The key feature for users is the intelligent shopping cart system: Instead of downloading hundreds of files individually, technicians can simply "bookmark" relevant software updates and instructions and then download them as a bundled package (ZIP) with a single click. This guarantees maximum efficiency in the global distribution of critical updates.

Security audit passed, AI integration & TYPO3 v13 launch

Commend International (Salzburg), a global market leader in security and communication systems, initially faced a complex situation: Their cLibrary – a dedicated website for downloading software and tutorials – needed to be made even more resilient against hacker attacks. What began as a "rescue mission" for legacy code evolved into a model technological partnership.

The result: A high-security system certified by penetration testing professionals, an editor-friendly main website, and – as the latest milestone – the successful launch on TYPO3 v13, including automated accessibility features powered by Gemini AI.

Commend Website on Notebook, Tablet and Smartphone — Responsive Design auf allen Geräten: Alle Websites von Commend sind abgesichert und gehärtet

The collaboration began immediately after the client requested hardening of the cLibrary (then still TYPO3 v10). The code had grown organically over time and was highly nested. To save costs and time, we jointly decided against a complete rebuild. Our first task: immediate security measures, hosting transfer, and "surgical interventions" in the code to migrate the business logic and further stabilize and modernize it.

For over a year, we hardened the cLibrary and migrated it to TYPO3 v11. The ultimate test was conducted by a specialized web penetration testing service. The result was sensational for a project involving legacy code migration: the experts were completely baffled. Aside from minimal recommendations, the system remained unhacked. The "fortress" stood firm.

In parallel, we took over the main website, commend.com. Here, the focus was on the international editors. By implementing frontend editing, marketing teams worldwide can edit text and images directly in the web view – without complex backend knowledge.

The latest milestone: the upgrade to TYPO3 v13. What is often a nerve-wracking experience with complex enterprise systems went off without a hitch here. Herbert Stadler (Team Lead Marketing Agency, Commend) confirms: "Thank you so much for your sensational work on this update! A CMS update has never been so smooth!"

For Commend's international marketing teams, we've removed the hurdles of content maintenance. Instead of navigating complex backend structures, editors now use intuitive frontend editing.

Radically simplified onboarding: Texts and images are edited directly in the web view – the "what you see is what you get" principle drastically reduces training requirements for new employees.
Time-to-web: Marketing needs to react quickly. Changes go live in seconds, without having to log in to the backend or search through the page tree.
Investment security through core integration: Technically, we don't rely on a vulnerable plugin with its own functions for modifying elements, but rather on an architecture developed extremely close to the TYPO3 core. This not only guarantees maximum security but also ensures that this feature remains stable and maintainable even with future TYPO3 updates.

Frontend Editing Screenshot TYPO3 — Easy content changes directly in the frontend

Answer: We rely on a dual strategy of modern infrastructure and intelligent code remediation. First, we host the platform in a container-based environment in the Microsoft Azure cloud. Deployment is fully automated via Infrastructure as Code, eliminating human error. Since budget and time constraints didn't allow for a complete rewrite of the complex logic, we also isolated the "external" code and analyzed it using the four-eyes principle. Based on a detailed security report, we decided together with the client which parts needed to be modified or replaced. The subsequent successful external penetration test (without critical findings) proves that security doesn't necessarily mean "building from scratch," but rather masterful craftsmanship in remediation.

Answer: We rely on automation instead of manual maintenance. Deep integration of the company's ERP system automatically imports technical data, images, and relationships into TYPO3. For the global rollout, we also developed a custom extension that breaks TYPO3's standard language logic: It allows content (e.g., English) to be intelligently mapped to different country markets without having to maintain content twice.

Answer: Manually maintaining alternative text would have taken weeks – and would have been correspondingly expensive. Instead, we used technology: Our extension in2code/alternative analyzed all images using Gemini AI and generated context-related descriptions. The result was so precise ("close to perfection") that we were able to make the website fully BITV-compliant in time for the TYPO3 v13 launch – at a fraction of the usual cost.

Answer: Here, cLibrary functions as a central knowledge platform. Technically, it's based on a highly customized TYPO3 extension with strict access control (registration is implemented via femanager). The key feature for users is the intelligent shopping cart system: Instead of downloading hundreds of files individually, technicians can simply "bookmark" relevant software updates and instructions and then download them as a bundled package (ZIP) with a single click. This guarantees maximum efficiency in the global distribution of critical updates.

Commend.com ist now

Imported product information from ERP — Product information is imported from the company's own ERP system every night and displayed in a format suitable for visitors in the frontend.

Individual mega menu — Editors can customize the design of the main navigation: number of columns, line breaks, and helpful content directly in the menu.

Download portal with TYPO3 — The cLibrary - Commend's download portal - offers software and manuals for download in a shop layout.

Individual language and region configuration in TYPO3 allows languages to be shared across multiple regions. Only relevant information – depending on the visitor's region – is displayed.

Automatic translations in TYPO3 with DeepL — A DeepL extension helps editors translate pages into one of the 13 available languages with a single mouse click.

Improved backend UX — In this project, we also offer an optimized UX for the TYPO3 backend: hiding unused fields and individual previews for plugins and content elements.

in2code/alternative in use for commend.com

"I just tested it and, combined with our context, it's incredibly close to perfect! Amazing."

This refers to the automatic assignment of alt text, title text, and descriptions to 2,500 images to achieve accessibility.

Herbert Stadler | Team Lead Marketing Agency - COMMEND

To automate the flow of information to partners and customers, we seamlessly integrated the email marketing tool Mailworx. Registration is flexible and takes place at two strategic points: either directly as an option during user registration in the cLibrary (via femanager) or via dedicated registration forms on the website (via powermail). Technically, we implemented this using custom-designed finishers. These ensure a clean data transfer to the Mailworx API in the background as soon as a form is submitted – stable, maintainable, and deeply integrated into the core process.