Security at Pinglyra
Pinglyra is built with security-first defaults. We monitor websites the safe way — passively and read-only — and protect your account, your data and your clients at every layer.
How does Pinglyra keep monitoring secure?
Pinglyra performs only passive, read-only checks of websites you own or are authorized to monitor — no intrusive scanning or payloads. Requests to private, internal and loopback networks are blocked (SSRF protection), tenant data is isolated per organization, access uses role-based permissions with mandatory multi-factor authentication, and billing is handled securely by Stripe.
Passive, read-only checks
Every check is the same kind of request a browser or DNS resolver makes. We never run vulnerability scans, send payloads, or attempt intrusive access — monitoring has no impact on the target site.
Authorized-domain monitoring
Our terms require you to monitor only websites and domains you own or are authorized to monitor. Checks are public-facing and non-intrusive.
Private networks blocked (SSRF)
Targets that resolve to private, internal or loopback addresses are rejected before any request is made, and redirects are re-validated — so the platform can't be used to probe internal networks.
Tenant isolation
Every monitor, report, status page and billing record is scoped to your organization and enforced server-side. One tenant can never read another tenant's data.
Authentication & mandatory MFA
Accounts use strong Argon2id password hashing and role-based access. Where enabled, multi-factor authentication (authenticator app + recovery codes) is mandatory for dashboard access and always required for platform administrators.
OAuth sign-in
Sign in with Google or Microsoft where configured, using standard OpenID Connect with verified-email account linking.
Billing security
Payments are processed by Stripe. We store billing identifiers only — never full card numbers — and subscription state is verified through signed, idempotent webhooks.
Data storage & retention
Check results and notification logs are retained for a configurable window and then automatically pruned. You can delete monitors, reports and your account at any time.
Alerts & integrations
Alerts go to the channels you configure — email, Slack, Teams, Discord, SMS/WhatsApp or a signed webhook. Outbound webhook destinations are SSRF-validated too.
White-label & report data
Branded reports and status pages render only the data within your organization. Client viewers are scoped to their own client label and never see other clients' data.
Secrets handling
Platform secrets live in environment/secret configuration and sensitive values are encrypted at rest — never committed to source control or shown in logs.
Audit logging
Security-relevant actions — authentication, MFA events, settings and admin changes — are recorded in an append-only audit log.
Responsible disclosure
We welcome reports from security researchers. If you believe you've found a vulnerability, email [email protected] with details and steps to reproduce. Please act in good faith, avoid privacy violations or service disruption, and give us reasonable time to investigate and resolve the issue before any public disclosure.
We describe our security posture honestly. Pinglyra is designed with security-first defaults; we do not currently claim formal certifications (such as SOC 2 or ISO 27001) and will only state them here once they are genuinely completed.
Security FAQ
Does Pinglyra scan or attack my sites?
Can someone monitor a site they don't own?
How is my data isolated from other customers?
Is multi-factor authentication required?
How do I report a security issue?
See it for yourself
Run a free, passive scan of any domain you control — or explore the live demo.