Modules What we cover Pricing Case studies Articles Support

Book a call Start

Security

Updated Jan 2026

Security that feels boring—in the best way.

Security here is operational: tight access, safe changes, real monitoring, and tested recovery. Pulse + Protect are the foundation. Add Propel when you want more shipped—through the same controls.

Start Controls snapshot

What we cover →

Need a security questionnaire answered or special requirements? Contact us and we’ll route it correctly.

Security, at a glance

Always-on Monitored

Operational view

AccessTight access, clean handoffs

ChangesTested, documented, reversible

MonitoringUptime, errors, regressions

RecoveryBackups + tested restores

One important thing: Security is a system, not a plugin. We reduce risk with layers: hosting, operations, and change control.

Foundation

Pulse + Protect

Add Propel when you want more shipped—through the same controls.

Real-world threats

What we’re protecting you from.

Common failures we see on production WordPress sites—and how we reduce risk and recover fast.

Account takeover

Looks likePassword reuse, admin logins spike, settings change.

We doLeast-privilege access, clean handoffs, auth monitoring.

Malware & injected code

Looks likeRedirects, spam pages, unknown scripts, warnings.

We doScanning, cleanup, patching, and hardened defaults.

Bad updates / plugin supply chain

Looks likeSite breaks after updates, forms fail, checkout errors.

We doSafer change practices, verification, and rollback-ready recovery.

Data loss & failed restores

Looks likeBackups exist—but restores don’t work when needed.

We doCoverage + tested restores and a documented recovery path.

Downtime & regressions

Looks likeRandom 500s, slowdowns, broken pages after changes.

We doMonitoring + alerts + fast rollback/restore workflows.

Vendor / access sprawl

Looks likeOld accounts linger, plugins installed without review.

We doAccess audits, vendor hygiene, and change visibility.

Controls

How we operate.

Clear responsibilities, consistent practices.

Outcome	We do	You provide
Access Reduced takeover risk	Role-based access, audits, cleanup.	Team approvals and internal login hygiene.
Updates Fewer breakages	Safer updates + verification.	Change windows and approvals when needed.
Backups Restores are real	Coverage + tested recovery.	Domain/DNS context for urgent verification.
Monitoring Issues caught early	Health checks + alerting.	Define what “urgent” means for your business.
Incidents Fast recovery	Triage → contain → restore → document.	On-call contact for urgent approvals.
Compliance Evidence when needed	Operational detail for questionnaires.	Requirements and deadlines early.

Monthly report

Change log

This page is an overview of our practices. For exact SLAs, coverage, and commitments, see What we cover and your service agreement.

How it maps to modules

Security is layered.

Pulse + Protect are the foundation. Propel adds shipping through the same controls.

Pulse™

Foundation

Pulse is the foundation: stable hosting, secure defaults, and clean infrastructure.

Transport securityHTTPS/SSL and secure connections (where supported).

Secure defaultsReduce common hosting-level risk and misconfigurations.

Managed upgradesPlatform updates handled without drama.

Protect™

Always‑on operations

Protect turns security into a routine: monitoring, backups, updates, and response.

Routine updatesCore/plugin/theme updates with verification.

MonitoringUptime, errors, and regressions.

Backups + responseCoverage, restores, and incident handling.

Propel™

Improvements & cleanup

Propel ships improvements through the same controls—cleanup, refactors, and bigger changes with verification.

Cleanup & hardeningRemove risky plugins, reduce surface area.

Refactors & custom workBuild and modernize without fragility.

Bigger changesShipped with verification and rollback-ready recovery.

Incident response

We restore service first, then reduce the chance of repeat issues.

Response steps

1) TriageConfirm impact and scope.

2) ContainStop the issue and isolate risk.

3) RestoreBring the site back online quickly.

4) DocumentShare what changed and what we recommend.

Shared responsibility

We run opsMonitoring, updates, backup/recovery, and remediation.

You control approvalsVendor access, content, compliance requirements.

TogetherDefine what “urgent” means.

About guarantees Security reduces risk. We stay transparent about tradeoffs and keep improving.

Responsible disclosure

Found a security issue?

If you believe you’ve found a vulnerability affecting a Parameter-managed property, please report it privately. We’ll respond and coordinate next steps.

Email security@parameterllc.com

Contact form

Please avoid public disclosure until we’ve had a chance to investigate.

Quick answers

Common security questions.

Do you support 2FA / MFA?

Yes—where the platform supports it, we encourage and help set up stronger authentication (2FA/MFA) for admin surfaces and critical vendors.

Can you fill out our security questionnaire?

Usually, yes. Send it through Contact or the Support portal and we’ll respond with the details appropriate to your plan and environment.

What should we do if our site is down?

If you’re a customer, use the Support portal for the fastest routing. If you can’t access the portal, email us and include your domain, what changed recently, and screenshots if available.

Start Read all FAQs →