Security
Updated Jan 2026

Security that feels boring—in the best way.

Security here is operational: tight access, safe changes, real monitoring, and tested recovery. Pulse + Protect are the foundation. Add Propel when you want more shipped—through the same controls.

Need a security questionnaire answered or special requirements? Contact us and we’ll route it correctly.

Security, at a glance
Always-on Monitored
Operational view
AccessTight access, clean handoffs
ChangesTested, documented, reversible
MonitoringUptime, errors, regressions
RecoveryBackups + tested restores
One important thing: Security is a system, not a plugin. We reduce risk with layers: hosting, operations, and change control.
Foundation
Pulse + Protect
Add Propel when you want more shipped—through the same controls.
Real-world threats

What we’re protecting you from.

Common failures we see on production WordPress sites—and how we reduce risk and recover fast.

Account takeover

Looks likePassword reuse, admin logins spike, settings change.
We doLeast-privilege access, clean handoffs, auth monitoring.

Malware & injected code

Looks likeRedirects, spam pages, unknown scripts, warnings.
We doScanning, cleanup, patching, and hardened defaults.

Bad updates / plugin supply chain

Looks likeSite breaks after updates, forms fail, checkout errors.
We doSafer change practices, verification, and rollback-ready recovery.

Data loss & failed restores

Looks likeBackups exist—but restores don’t work when needed.
We doCoverage + tested restores and a documented recovery path.

Downtime & regressions

Looks likeRandom 500s, slowdowns, broken pages after changes.
We doMonitoring + alerts + fast rollback/restore workflows.

Vendor / access sprawl

Looks likeOld accounts linger, plugins installed without review.
We doAccess audits, vendor hygiene, and change visibility.
Controls

How we operate.

Clear responsibilities, consistent practices.

Outcome We do You provide
Access
Reduced takeover risk
Role-based access, audits, cleanup. Team approvals and internal login hygiene.
Updates
Fewer breakages
Safer updates + verification. Change windows and approvals when needed.
Backups
Restores are real
Coverage + tested recovery. Domain/DNS context for urgent verification.
Monitoring
Issues caught early
Health checks + alerting. Define what “urgent” means for your business.
Incidents
Fast recovery
Triage → contain → restore → document. On-call contact for urgent approvals.
Compliance
Evidence when needed
Operational detail for questionnaires. Requirements and deadlines early.
Monthly report
Change log

This page is an overview of our practices. For exact SLAs, coverage, and commitments, see What we cover and your service agreement.

How it maps to modules

Security is layered.

Pulse + Protect are the foundation. Propel adds shipping through the same controls.

Pulse™

Foundation

Pulse is the foundation: stable hosting, secure defaults, and clean infrastructure.

Transport securityHTTPS/SSL and secure connections (where supported).
Secure defaultsReduce common hosting-level risk and misconfigurations.
Managed upgradesPlatform updates handled without drama.
Protect™

Always‑on operations

Protect turns security into a routine: monitoring, backups, updates, and response.

Routine updatesCore/plugin/theme updates with verification.
MonitoringUptime, errors, and regressions.
Backups + responseCoverage, restores, and incident handling.
Propel™

Improvements & cleanup

Propel ships improvements through the same controls—cleanup, refactors, and bigger changes with verification.

Cleanup & hardeningRemove risky plugins, reduce surface area.
Refactors & custom workBuild and modernize without fragility.
Bigger changesShipped with verification and rollback-ready recovery.
Incident response

Incident response

We restore service first, then reduce the chance of repeat issues.

Response steps
1) TriageConfirm impact and scope.
2) ContainStop the issue and isolate risk.
3) RestoreBring the site back online quickly.
4) DocumentShare what changed and what we recommend.
Shared responsibility
We run opsMonitoring, updates, backup/recovery, and remediation.
You control approvalsVendor access, content, compliance requirements.
TogetherDefine what “urgent” means.
About guarantees Security reduces risk. We stay transparent about tradeoffs and keep improving.
Responsible disclosure

Found a security issue?

If you believe you’ve found a vulnerability affecting a Parameter-managed property, please report it privately. We’ll respond and coordinate next steps.

Email security@parameterllc.com
Contact form

Please avoid public disclosure until we’ve had a chance to investigate.

Quick answers

Common security questions.

Do you support 2FA / MFA?

Yes—where the platform supports it, we encourage and help set up stronger authentication (2FA/MFA) for admin surfaces and critical vendors.

Can you fill out our security questionnaire?

Usually, yes. Send it through Contact or the Support portal and we’ll respond with the details appropriate to your plan and environment.

What should we do if our site is down?

If you’re a customer, use the Support portal for the fastest routing. If you can’t access the portal, email us and include your domain, what changed recently, and screenshots if available.