v1.1 · 119 criteria · 9 categories

Scoring Methodology

Every score on this site is derived from a structured 119-item evaluation framework, applied consistently across all platforms. Below is the complete reference — categories, criteria weights, scoring bands, and how composite chart scores are computed.

Last updated March 7, 2026

Framework Version

v1.1

Current

Total Criteria

119

Scored items

Score Bands

All 119 criteria produce a 0–100 score. These bands define what each range means.

90-100Best-in-class. Industry-leading capability.

75-89Strong. Production-ready, minor gaps only.

60-74Adequate. Functional with known limitations.

40-59Weak. Significant gaps, workarounds required.

20-39Poor. Barely functional, extensive custom work needed.

0-19Absent, broken, or no evidence found.

Composite Scores

Raw category scores are combined into composites that drive the dashboard charts. This is how a platform's position on the bubble chart and detail panels is determined.

Capability ScoreX-axis position

Overall platform capability across content management, features, and architecture

Cat 1 ×0.3Cat 2 ×0.4Cat 3 ×0.3

Cost-to-Feature EfficiencyY-axis position

Value delivered relative to total cost of ownership

Cat 5

Build ComplexityBubble size

Difficulty and effort required to implement

Cat 6

Maintenance BurdenRing color

Ongoing operational and upgrade overhead

Cat 7

Platform VelocityTrend indicator

Release momentum, ecosystem health, market trajectory

Cat 4

Use-Case FitDetail panel

Suitability for specific use case categories

Cat 8

Compliance & TrustDetail panel

Platform-level regulatory compliance, security certifications, data governance, and authoring UI accessibility

Cat 9

Capability formula: (Cat 1 × 0.3) + (Cat 2 × 0.4) + (Cat 3 × 0.3) — weighted to reflect that platform capabilities (Cat 2) have broader differentiation than foundational CMS features or architecture alone.

Category Reference

Every scored criterion, organized by category and sub-category. Categories 1–4 are publicly visible; 5–9 require a free account. Item weights reflect relative importance within each category's weighted average.

Core Content Management

Fundamental content modeling, authoring, and delivery capabilities

14 items

1.1Content Modeling

1.1.1

Content type flexibility

How broadly you can define custom data structures — field types available, nesting depth, and whether schemas can be defined in code.

1.0×

1.1.2

Content relationships

How well the platform models connections between content entries, including bidirectional links, reference filtering, and graph-style traversal.

1.0×

1.1.3

Structured content support

Whether content can be built from reusable components and nested blocks rather than monolithic page documents.

1.0×

1.1.4

Content validation

The richness of rules that prevent invalid content from being saved or published — required fields, regex, cross-field, and custom validators.

0.8×

1.1.5

Content versioning

Whether editors can compare version history, roll back changes, schedule publications, and manage draft/published states independently.

1.0×

1.2Authoring Experience

1.2.1

Visual/WYSIWYG editing

How close the editing experience is to the actual rendered output, and how much visual control editors have without engineering help.

1.0×

1.2.2

Rich text capabilities

The power and extensibility of the inline text editor — custom marks, embeds, paste handling, and whether output is portable across frontends.

0.8×

1.2.3

Media management

How well the platform handles image, video, and file assets — including transforms, focal point, metadata, and organizational structure.

1.0×

1.2.4

Real-time collaboration

Whether multiple editors can work on the same content simultaneously without data loss or manual coordination to avoid conflicts.

0.8×

1.2.5

Content workflows

The depth of publish approval chains — customizable stages, role-based routing, scheduled transitions, and full audit history.

1.0×

1.3Content Delivery

1.3.1

API delivery model

Whether the platform exposes a well-designed REST and/or GraphQL API with flexible querying, filtering, sorting, and pagination.

1.0×

1.3.2

CDN and edge delivery

Whether content is served via a global CDN with fine-grained, per-entry cache invalidation and configurable TTL controls.

0.8×

1.3.3

Webhooks and event system

How reliably and configurably the platform notifies external systems of content events — payload filtering, retries, and debug tooling.

0.8×

1.3.4

Multi-channel output

Whether content is structured and delivered in a channel-agnostic way that supports web, mobile, and other surfaces from a single model.

0.8×

Platform Capabilities

Extended platform features beyond core content management

20 items

2.1Personalization & Experimentation

2.1.1

Audience segmentation

Whether the platform can define distinct audience segments based on behavioral, demographic, or contextual attributes without external tooling.

1.0×

2.1.2

Content personalization

How natively the platform swaps content variants for different audiences, without requiring a separate personalization service to orchestrate.

1.0×

2.1.3

A/B and multivariate testing

Whether the platform supports running controlled experiments — A/B tests and multivariate — to compare content or UX variants with statistical rigor.

0.8×

2.1.4

Recommendation engine

Whether the platform surfaces algorithmically or rule-based product and content recommendations to visitors as a native capability.

0.6×

2.2Search & Discovery

2.2.1

Built-in search

Whether the platform includes a configurable search engine that editors can tune without deploying a separate search infrastructure.

1.0×

2.2.2

Search extensibility

How extensively the built-in or integrated search can be customized — indexing fields, ranking signals, facets, and result filtering.

0.8×

2.2.3

AI/semantic search

Whether the search layer understands semantic meaning and query intent rather than relying purely on keyword matching.

0.6×

2.3Commerce Integration

2.3.1

Native commerce

Whether commerce functionality such as cart, catalog, and checkout is built into the platform rather than requiring third-party integration.

0.8×

2.3.2

Commerce platform integration

How well the platform connects to leading commerce engines — Shopify, Salesforce Commerce, commercetools, SAP — for real-world production use.

1.0×

2.3.3

Product content management

Whether the platform is optimized for managing product copy, attributes, enrichment, and catalog content at scale.

0.8×

2.4Analytics & Intelligence

2.4.1

Built-in analytics

Whether the platform includes its own analytics dashboard for content performance, visitor behavior, and engagement metrics.

0.8×

2.4.2

Analytics integration

How easily the platform connects to external analytics tools and surfaces data inside the CMS for editorial decision-making.

0.8×

2.4.3

Content intelligence

Whether the platform uses performance data to surface content recommendations, flag underperformers, or guide editorial priorities.

0.6×

2.5Multi-Site & Localization

2.5.1

Multi-site management

Whether managing multiple distinct sites, regions, or brands in a single instance is a supported workflow rather than an architectural workaround.

1.0×

2.5.2

Localization framework

Whether the platform has a structured locale model — content inheritance, translation state tracking, and fallback rules — built into the core.

1.0×

2.5.3

Translation integration

How well the platform integrates with human translation vendors or machine translation services to move content through localization workflows.

0.8×

2.5.4

Multi-brand governance

The degree to which multi-brand permissions, shared component libraries, and publishing guardrails are enforced at the platform level.

0.8×

2.6AI & Automation

2.6.1

AI content generation

Whether the platform generates or suggests content — copy, metadata, alt text, summaries — using AI as part of the authoring experience.

0.8×

2.6.2

AI-assisted workflows

Whether AI assists with routine content operations like tagging, routing, scheduling, or quality checks without manual effort.

0.6×

2.6.3

AI governance & trust

Whether the platform provides controls to review, override, or reject AI-generated content before it enters the live publishing pipeline.

0.6×

Technical Architecture

API design, security, infrastructure, and developer experience

17 items

3.1API & Integration

3.1.1

API design quality

How well-designed the platform APIs are — consistency, versioning strategy, RESTful or GraphQL conventions, and overall developer ergonomics.

1.0×

3.1.2

API performance

How fast and reliable API responses are at production scale, including latency, caching behavior, and rate limiting approaches.

0.8×

3.1.3

SDK ecosystem

The quality and breadth of official SDKs, typed client libraries, and code-first tooling available across programming languages.

1.0×

3.1.4

Integration marketplace

The size and quality of the pre-built connector and plugin ecosystem for common third-party tools and enterprise integrations.

0.8×

3.1.5

Extensibility model

Whether the platform exposes hooks, plugins, or extension points that allow custom behavior to be added without forking core code.

1.0×

3.2Security & Compliance

3.2.1

Authentication

The strength of identity and authentication options — SSO, SAML, OAuth 2.0, MFA, and programmatic API key management.

1.0×

3.2.2

Authorization model

The granularity of role and permission models — who can view, edit, publish, or delete specific content types, spaces, or environments.

1.0×

3.2.3

Compliance certifications

Whether the platform holds externally audited certifications that validate its security posture for enterprise procurement requirements.

0.8×

3.2.4

Security track record

The platform's historical record of handling security vulnerabilities — responsible disclosure, patch velocity, and severity of known CVEs.

0.6×

3.3Infrastructure & Reliability

3.3.1

Hosting model

Whether the platform's infrastructure model — SaaS, PaaS, or self-hosted — aligns with enterprise reliability, sovereignty, and control needs.

0.8×

3.3.2

SLA and uptime

The strength of contractual and documented uptime guarantees, SLA tier definitions, and incident communication practices.

1.0×

3.3.3

Scalability architecture

How the platform behaves under sudden traffic spikes — auto-scaling behavior, global distribution, and capacity management controls.

0.8×

3.3.4

Disaster recovery

Whether the platform provides automated backups, point-in-time recovery, and documented RTO and RPO commitments.

0.8×

3.4Developer Experience

3.4.1

Local development

How smooth the inner-loop developer experience is — local setup speed, emulators or stubs, hot reload, and dev environment parity.

1.0×

3.4.2

CI/CD integration

Whether the platform integrates cleanly into CI/CD pipelines — preview environments, content migrations, and automated deployment gates.

0.8×

3.4.3

Documentation quality

The depth, accuracy, and usability of official documentation including API references, step-by-step guides, and real-world code examples.

1.0×

3.4.4

TypeScript support

The quality of TypeScript type definitions and type-safe SDK support throughout the developer experience.

0.8×

Platform Velocity & Health

Release momentum, ecosystem health, and market trajectory

13 items

4.1Release Cadence

4.1.1

Release frequency

How frequently the platform ships meaningful improvements — features, performance updates, and bug fixes — to production.

1.0×

4.1.2

Changelog quality

Whether release notes are detailed, clearly communicated, and structured to help developers understand the scope and impact of each change.

0.8×

4.1.3

Roadmap transparency

Whether the vendor publicly shares a product roadmap that gives customers confidence in the platform's future direction and priorities.

0.8×

4.1.4

Breaking change handling

How the platform handles breaking API or schema changes — versioning windows, deprecation notices, and automated migration tooling.

1.0×

4.2Ecosystem & Community

4.2.1

Community size

The size of the active developer and practitioner community across forums, GitHub, Discord, Slack, Stack Overflow, and events.

0.8×

4.2.2

Community engagement

How actively the vendor engages with community questions, feature requests, bug reports, and open-source contributions.

0.8×

4.2.3

Partner ecosystem

The breadth and quality of certified implementation partners and system integrators with verified production experience.

0.8×

4.2.4

Third-party content

The volume of community-created learning resources — tutorials, blog posts, open-source starters, templates, and video content.

0.6×

4.3Market Signals

4.3.1

Talent availability

How easily organizations can hire experienced developers and practitioners for this platform in the general job market.

1.0×

4.3.2

Customer momentum

Signals of healthy customer growth — published case studies, analyst recognition, net new logo announcements, and review site ratings.

0.8×

4.3.3

Funding and stability

The vendor's financial health and structural stability — funding runway, revenue signals, ownership structure, and assessed longevity risk.

0.8×

4.3.4

Competitive positioning

How clearly the platform differentiates itself and maintains a defensible competitive position against its closest direct alternatives.

0.6×

4.3.5

Customer sentiment

Aggregated user ratings and community feedback from G2, Capterra, TrustRadius, Reddit, and review forums — reflecting real-world satisfaction across both technical and editorial stakeholders.

1.0×

Total Cost of OwnershipGated

Licensing, implementation, and operational cost signals

11 items

5.1Licensing

5.1.1

Pricing transparency

Whether pricing tiers, feature inclusions, usage limits, and overage rules are clearly documented without requiring a sales conversation.

1.0×

5.1.2

Pricing model fit

Whether the pricing model — seat-based, usage-based, flat, or consumption — aligns with how typical teams actually use the platform.

1.0×

5.1.3

Feature gating

How many enterprise-essential features are locked behind higher tiers, inflating effective cost for realistic production use cases.

0.8×

5.1.4

Contract flexibility

The flexibility of contract terms — availability of monthly options, multi-year discounts, and ease of adjusting capacity up or down.

0.8×

5.1.5

Free / Hobby Tier

Whether the platform offers a usable free or developer tier that enables genuine prototyping and evaluation before committing.

0.8×

5.2Implementation Cost Signals

5.2.1

Time-to-first-value

How quickly a new team can go from account creation to a working content-driven application in a real project context.

1.0×

5.2.2

Typical implementation timeline

The typical calendar time and team composition required for a standard production implementation at a mid-market scale.

0.8×

5.2.3

Specialist cost premium

Whether platform expertise commands a meaningful salary or consulting rate premium above general web development market rates.

0.8×

5.3Operational Cost Signals

5.3.1

Hosting costs

The all-in infrastructure cost at scale — bandwidth, storage, compute, and required add-on services — beyond the base license.

0.8×

5.3.2

Ops team requirements

How large a dedicated operations team is required to keep the platform secure, healthy, and performant in production.

0.8×

5.3.3

Vendor lock-in and exit cost

How difficult and costly it is to migrate away — data export completeness, API portability, proprietary dependencies, and switching friction.

1.0×

Build SimplicityGated

How easy it is to implement and get started — higher scores mean simpler builds

10 items

6.1Learning Curve

6.1.1

Concept complexity

How intuitive the platform's core concepts are for a developer encountering them for the first time, before any training.

1.0×

6.1.2

Onboarding resources

Whether the vendor provides structured onboarding — quickstarts, tutorials, sandbox environments, and interactive guided paths.

0.8×

6.1.3

Framework familiarity

Whether the platform uses mainstream languages, frameworks, and patterns that most developers already know and can apply immediately.

0.8×

6.2Implementation Complexity

6.2.1

Boilerplate and starter quality

How well the official starter templates and boilerplate generators reduce initial project setup friction and accelerate time to first feature.

0.8×

6.2.2

Configuration complexity

How much configuration is required before the platform is usable, versus sensible out-of-the-box defaults that work for most cases.

0.8×

6.2.3

Data modeling constraints

Whether the data modeling layer imposes constraints or conventions that require workarounds for common real-world content patterns.

1.0×

6.2.4

Preview and editing integration

How easily developers can wire up live preview and in-context visual editing in a frontend application without platform-specific complexity.

0.8×

6.3Team & Talent

6.3.1

Required specialization

Whether the platform demands hard-to-hire specialist skills or whether any competent full-stack developer can be productive quickly.

1.0×

6.3.2

Team size requirements

The minimum viable team size needed to build, ship, and sustain a production project on this platform.

0.8×

6.3.3

Cross-functional complexity

How much cross-functional coordination — between developers, designers, content editors, and ops — the platform's model inherently demands.

0.6×

Operational EaseGated

How easy it is to operate, upgrade, and maintain — higher scores mean less burden

10 items

7.1Upgrade & Patching

7.1.1

Upgrade difficulty

How painful and risky major version upgrades are — including breaking change frequency, migration tooling, and required downtime.

1.0×

7.1.2

Security patching

Whether security patches are applied automatically by the vendor (SaaS) or require manual operator action with associated downtime risk.

1.0×

7.1.3

Vendor-forced migrations

Whether the vendor has a history of forcing customers through disruptive platform migrations — infrastructure, API version, or product EOL.

1.0×

7.1.4

Dependency management

How much ongoing effort is required to keep platform plugins, modules, and runtime dependencies current and mutually compatible.

0.6×

7.2Operational Overhead

7.2.1

Monitoring requirements

How much observability, alerting, and monitoring infrastructure the team must build and maintain around this platform.

0.8×

7.2.2

Content operations burden

The editorial overhead of day-to-day content operations — publishing bottlenecks, approval delays, broken workflows, or fragile processes.

0.8×

7.2.3

Performance management

How much ongoing engineering effort is required to keep the site performant — cache tuning, image optimization, and query analysis.

0.6×

7.3Support & Resolution

7.3.1

Support tier quality

The responsiveness, expertise, and reliability of vendor support at standard enterprise contract tiers during real production incidents.

0.8×

7.3.2

Community support quality

How effective the community forum, Stack Overflow, and GitHub issues are for resolving real implementation problems without vendor support.

0.8×

7.3.3

Issue resolution velocity

How quickly the vendor and community resolve reported bugs and regressions between initial identification and confirmed fix delivery.

0.8×

Use-Case FitGated

Suitability for specific use case categories

14 items

8.1Marketing Sites

8.1.1

Landing page tooling

Whether the platform provides purpose-built tools for building and iterating landing pages quickly without requiring engineering involvement.

1.0×

8.1.2

Campaign management

Whether campaign-specific content, time-bounded promotions, and audience-targeted variations are first-class authoring concepts.

0.8×

8.1.3

SEO tooling

How well the platform structures and surfaces metadata, structured data markup, sitemap generation, and canonical URL management.

1.0×

8.1.4

Performance marketing

Whether the platform integrates with ad platforms, tracking pixels, and performance marketing attribution workflows out of the box.

0.8×

8.2Commerce

8.2.1

Product content depth

Whether product descriptions, specifications, variants, and rich media can be managed at the depth that e-commerce operations require.

1.0×

8.2.2

Merchandising tools

Whether merchandising rules, featured product placement, and promotional content can be controlled directly by business users.

0.8×

8.2.3

Commerce platform synergy

How tightly the platform integrates with commerce engines in the context of real Shopify, Salesforce Commerce, or SAP implementations.

1.0×

8.3Intranet & Internal

8.3.1

Access control depth

Whether fine-grained access control for sensitive internal content — by role, team, classification, or department — is native to the platform.

1.0×

8.3.2

Knowledge management

Whether the platform supports wiki-style knowledge bases, searchable document libraries, and structured internal content at scale.

1.0×

8.3.3

Employee experience

Features that make the platform suitable for employee-facing digital workplaces — org charts, service portals, and HR content delivery.

0.8×

8.4Multi-Brand / Multi-Tenant

8.4.1

Tenant isolation

Whether brand instances or tenant accounts are genuinely isolated at the data and permission level, not just separated by naming convention.

1.0×

8.4.2

Shared component library

Whether design system components, global content templates, and shared assets can be distributed across brands with controlled local overrides.

1.0×

8.4.3

Governance model

The governance tools available for central oversight — cross-brand publishing approvals, policy enforcement, and consistency monitoring.

1.0×

8.4.4

Scale economics

Whether the per-brand cost and operational overhead decreases meaningfully as the number of managed brands or tenants grows.

0.8×

Regulatory Readiness & TrustGated

Platform-level regulatory compliance, security certifications, data governance operations, and accessibility of the authoring interface

11 items

9.1Data Privacy & Regulatory

9.1.1

GDPR & EU data protection

Whether the vendor has documented GDPR compliance as a data processor — DPA availability, SCC coverage, and DSR automation tooling.

1.0×

9.1.2

HIPAA & healthcare compliance

Whether the vendor offers a Business Associate Agreement and has published HIPAA-compliant configuration guidance for healthcare deployments.

0.8×

9.1.3

Regional & industry regulations

Compliance posture beyond GDPR — including CCPA, FedRAMP, LGPD, PIPEDA, APPI, and sector-specific regulatory certifications.

0.6×

9.2Security Certifications

9.2.1

SOC 2 Type II

Whether the platform holds a current SOC 2 Type II report from an accredited auditor, covering the in-scope cloud infrastructure.

1.0×

9.2.2

ISO 27001 / ISO 27018

Whether the platform holds ISO 27001 and/or ISO 27018 certifications that are actively maintained through annual surveillance audits.

0.8×

9.2.3

Additional certifications

Additional compliance certifications the platform holds beyond SOC 2 and ISO — such as PCI DSS, CSA STAR, FedRAMP, or HITRUST.

0.6×

9.3Data Governance

9.3.1

Data residency & sovereignty

Whether customers can contractually and technically restrict where their data is stored and processed to specific regions or jurisdictions.

1.0×

9.3.2

Data lifecycle & deletion

Whether the platform provides tools for content retention policy automation, right-to-erasure workflows, and deletion confirmation certificates.

0.8×

9.3.3

Audit logging & compliance reporting

Whether the platform logs admin actions, content changes, and authentication events with sufficient retention and fidelity for compliance audits.

0.8×

9.4Platform Accessibility

9.4.1

Authoring UI accessibility

Whether the authoring interface meets WCAG 2.1 AA for keyboard navigation, screen reader support, and color contrast ratios.

1.0×

9.4.2

Accessibility documentation

Whether the vendor publishes a VPAT or Accessibility Conformance Report documenting accessibility compliance for enterprise procurement.

0.6×

Confidence Levels

Each scored item carries a confidence level indicating the quality of evidence available.

HIGH

Verified directly from official documentation, changelogs, or hands-on evaluation.

MEDIUM

Assessed from public sources, community reports, or partial documentation.

LOW

Inferred from limited or indirect evidence. Treat with caution.

INFERRED

No direct evidence found. Score estimated from analogous features or category norms.

Open methodology. This framework is openly documented and reproducible. Found an error or have a correction? Submit feedback — all substantive corrections are reviewed and validated before the scorecard is updated.