PENSPY PROTECTION

About Us

Penspy is an award-winning Canadian team of Web platform Security and Compliance experts leveraging a proprietary AI toolset to Discover, Scan, Protect, and Monitor your web application assets

PENSPY AI EXPERTS

Dedicated Services

Founded in 2010, Penspy is a Canada-based team of dedicated Cyber Security, Compliance, and Management experts ensuring data privacy and compliance in critical Web, Mobile, and API applications. Our award-winning fully managed platform integrates our AI guided web application scanner, firewall, and threat mitigation platform with the most comprehensive threat and vulnerability databases available.

SECURITY & COMPLIANCE EXPERTS

Dedicated Services

Founded in 2010, Penspy is a Canada-based team of dedicated Cyber Security, Compliance, and Management experts ensuring data privacy and compliance in critical Web, Mobile, and API applications. Our award-winning fully managed platform integrates our AI guided web application scanner, firewall, and threat mitigation platform with the most comprehensive threat and vulnerability databases available.

Cyber Security, Monitoring, & Restoration

Dedicated Security Services

As cyber security threats grow, effective web stack security, threats & vulnerabilities detection, and fault restoration has become the most important concern to business owners with regards to their websites.  Our dedicated CISA certified cyber security experts implement industry standard NIST framework components and a corresponding risk mitigation toolset to ensure that your website is compliant and secured by those standards.  We provide weekly reports detailing risks identified, mitigation measures taken, and security measures employed to ensure your website is protected by industry security standards.

Data Privacy & Compliance

Dedicated Compliance Services

Effective Data Governance and Privacy Compliance can be a tricky endeavor as governing frameworks vary between regions while constantly changing. Ensuring that your website is compliant requires a thorough understanding of the compliance standards set in your region. Our AI-guided toolset analyzes your website based on your region and implements those measure required to ensure your website is compliant with those frameworks for your region. Furthermore our toolset monitors regional framework changes and updates your website accordingly to ensure ongoing compliance.

Website Content Management

Dedicated Webmaster Services

First and foremost we are a team of WordPress experts, each with over a decade of experience working with WordPress at an administrative level. Choosing Penspy as your website management team means you get a native-English speaking account manager, backed by a team of WordPress administrative and developer experts on call to make changes, update content, diagnose issues, manage backups, and consult on any website-related tech-stack questions or concerns.  Our website management team is backed by an AI-Driven Network Operations Center tasked with 24/7 monitoring and weekly status reporting.

PENSPY ANALYTICS

Threats & Vulnerabilities Catalog

We've partnered with and integrated in to our platform the largest threats & vulnerabilities database in the world, ensuring that our AI is instantly aware of the most recent threats and vulnerabilities, preserving your website's risk profile.

Known Vulnerabilities

3rd Party Apps Cataloged

Vulnerable 3rd Party Apps

Vulnerable Design Themes

PENSPY ANALYTICS

Vulnerabilities Breakdown

95% of Vulnerabilities are discovered to be a result of 3rd party theme design and 3rd party application integrations. The Penspy Threats and Vulnerabilities detection focuses primarily on these core areas.

%

3rd Party Apps

Plugins, API integration, and Widgetized Apps

%

Design Themes

3rd Party Non-Builder Framework Themes

Why do you focus on 3rd party apps and themes
Our experience and analytical research has shown that the vast majority of threats and vulnerabilities to your website originate from the 3rd party apps and themes our customers integrate in to their websites to extend their functionality. The remainder of threats originate from web server vulnerabilities which are mitigated by your website hosting provider
What is a 3rd party app?

A 3rd party app or plugin is a code-base developed by 3rd party companies that offer extended functionality to your website.  Most companies providing these integrations ensure that vulnerabilities are patched but many either disregard those vulnerabilities or are late to patching them leaving your website at risk.

What is a 3rd party theme?
Often times website owners will choose to start with a predesigned website theme and customize it to their requirements. Although this saves A LOT of time in development, those 3rd party designs may integrate vulnerable code leaving your website at risk.

PENSPY GUIDELINES

NIST SP. 800-44 / 800-53

Our primary operating framework adheres to the National Institute of Standards and Technology Special Publication 800-44 v2 (which outlines best practices for securing web server and web-based applications) and was built around the SP 800-53 controls & monitoring best practices as they relate to Detecting, Responding, Responding to, and Recovering From critical threats & vulnerabilities.

Our platform operates at the application layer, irrespective of the physical infrastructure, ensuring a consistent and scaleable security framework across our clientbase.

TESTIMONIAL

What People Are Saying!

Our Mission is to pretect our customers from the threats and vulnerabilities poised to attack their websites. And we LOVE hearing just how safe we're keeping them!

My website was hacked 3 times before I found Penspy.  I had no idea what was possible and what needed to be done but I've been safe from anything for 2 years thanks to their team!

Douglas Bird

Douglas Bird Clothing

Simply put, we had no idea what compliance and data governance meant until local jurisdictions began making it a requirement in order to join their chamber associations. Thank you Penspy!

Ben Rathjie

President, Urbanetics Marketing