Corporate & Government Audits

Eight Audits, Eight Real Bugs: What We Actually Found Checking San Jose's Own Companies

We've spent the last several weeks doing something most web studios don't bother with: actually checking. Eight real San Jose-area organizations, across eight completely different industries, audited independently — unpaid, unsolicited, using nothing but publicly available information. Every single one had at least one real, directly observable problem. Here's what that actually looked like, and why it matters more than a generic pitch about "the importance of audits" ever could.

This wasn't a hunt for nitpicks

Before getting to the findings, the standard matters as much as the results. We only publish findings we can directly verify ourselves — not things inferred from third-party data we can't confirm. Two earlier audits actually got pulled from our own published portfolio for exactly this reason: when we set out to make a "100% independently verified" claim actually true, two findings didn't hold up to our own bar, so they came down. Every finding below is something we observed firsthand, by fetching the actual live page, the same way a search engine or a visitor would. No production access requested. No guessing.

What we actually found

Law Firm · 50+ Years

Berliner Cohen LLP

Raw, unescaped HTML code was leaking directly into a meta tag on their Contact Us page instead of a real description — and the broken code itself misspelled the firm's own name. Shared on LinkedIn or Facebook, that page's preview would show broken markup instead of a description.

Read the full audit →
Nonprofit News Organization

San José Spotlight

San Jose's own independent nonprofit newsroom had two real problems on the one page built to handle them: every email address on its Contact Us page rendered as literal "[email protected]" placeholder text without JavaScript, and the link inviting readers to become a sustaining donor pointed to a staging server instead of the real donation page.

Read the full audit →
Healthcare · Dialysis Provider

Satellite Healthcare

The tool patients use to find a dialysis center — arguably the single most important page on the entire site — displayed literal, unrendered template code instead of real text. For a population that may include elderly or vulnerable patients, that's not a cosmetic bug.

Read the full audit →
Municipal Government

City of San José

Six core informational pages — covering departments, official records, and a disability access grant program — returned nothing but "please enable JavaScript" to anything that can't fully execute it, including search crawlers. The City has a real ADA Coordinator and a genuine accessibility program; this slipped past both.

Read the full audit →
Credit Union

Meriwest Credit Union

A homepage section built specifically to show off real charitable giving displayed "$0" as the headline number for both donation statistics, with the actual figures ($47,836 and $22,000+) only visible in the text underneath. For a section meant to demonstrate generosity, that's an unfortunate irony.

Read the full audit →
Automotive Dealer Group

Del Grande Dealer Group

The Bay Area's largest family-owned auto group has a page whose own metadata lists the wrong contact email entirely — not their own, but the internal support inbox for the third-party company that built their website.

Read the full audit →
Supply Chain Technology Consulting

Bristlecone

A live legal page's canonical tag pointed to a staging server instead of the real site — confirmed by checking it against another page on the same domain that correctly referenced itself, ruling out a sitewide quirk.

Read the full audit →
Electrical Engineering & Construction

Cupertino Electric

A 70-year, 5,300+ employee national contractor with $500M+ in revenue had no meta description anywhere on its site — checked directly across three different page types, not just the homepage.

Read the full audit →

The pattern that emerged

None of these are unknown or under-resourced organizations. Several have a thousand or more employees, decades of operating history, and real marketing budgets. Size and budget didn't prevent any of this. What they actually do is make these issues less likely to ever get caught — because almost nobody on the inside is checking from outside their own team's blind spots.

That's the real mechanism behind every finding above: a person who works there every day already knows what the page is supposed to say. They read past the broken parts without noticing, the same way you stop seeing a typo in a document you've read fifty times. A search crawler, a first-time visitor, or someone sharing the page on social media doesn't have that context. They just see what's actually there.

Why this isn't just a technical curiosity

Each of these findings maps to a real, concrete consequence, not a hypothetical one:


We offer this same independent audit — read-only, no production access, severity-ranked findings — to corporations and government agencies across San Jose. If a free, unsolicited preview can turn up something at organizations this established, it's worth finding out what a full engagement would surface for yours.

Learn about Corporate & Government Audits →