Home / About Sentiplug
Our Story

We Exist to Make
the Open Web
Safer for Everyone.

Sentiplug was founded by a team of security researchers and engineers who were tired of watching websites get silently compromised — and the owners finding out too late. We built the protection we always wished existed.

Read Our Story Meet the Team
500K+
Sites Protected Worldwide
2.1B
Attacks Blocked Lifetime
47
Team Members Globally
6yrs
Securing the Open Web

Our Origin

The Story Behind Sentiplug

2019
"We didn't start a company. We solved a problem that was costing real people everything."

Born out of frustration and necessity, Sentiplug's founding team spent years in enterprise security — and then watched small businesses get devastated by the same attacks with zero defenses.

In 2019, our co-founders Khandaker Zaman and Rakeybul Hasan were working as senior security engineers at a major cloud provider when a close friend's e-commerce business was wiped out overnight — not by a sophisticated nation-state actor, but by an automated bot exploiting an unpatched plugin vulnerability. The business lost six months of customer data and never fully recovered.

That incident was the catalyst. They both resigned within the same week and started building from a garage in Germantown, Maryland. The goal was singular: take the enterprise-grade firewall and threat intelligence that only Fortune 500 companies could afford, and make it accessible to every website owner on earth — for free if necessary.

The first version of Sentiplug was a 900-line PHP script shared in a WordPress developer forum. Within three months, it had been downloaded 40,000 times. They knew they were onto something real.

By 2021, the team had grown to 12 engineers, launched a cloud-based threat intelligence network, and secured seed funding from leading cybersecurity VCs. Today, Sentiplug protects over 500,000 active websites across WordPress, WooCommerce, and custom web frameworks — blocking more than 4.9 million threats every single day.

We remain headquartered in Maryland, with engineering offices in Austin, London, and Singapore. We are and always will be a security-first company — not an ad platform, not a data broker, not a growth-hacking machine. Just tools that keep websites safe and owners sleeping soundly.

Mission & Values

What We Stand For

Our principles aren't marketing language — they are the architectural decisions, product tradeoffs, and cultural norms we live by every day.

Security Without Compromise

We never dilute our protection features to hit a price point or appease a partner. Every rule we ship, we ship because it makes sites safer — period.

Radical Transparency

We publish our threat research. We disclose what data we collect and exactly why. Our Plugin is open for security audit. Security through obscurity is not security.

Democratizing Security

A solo blogger deserves the same firewall protection as a bank. Our free tier is generous by design — not a crippled bait-and-switch.

Speed as a Feature

Security that slows your site is security that gets disabled. We obsess over performance — our WAF adds under 2ms of latency on average.

Intelligence-Driven Defense

Signatures alone aren't enough. Our real-time threat network learns from 500,000 sites simultaneously — so a new attack hitting one site is blocked on all of them within seconds.

Community First

We built our reputation on free tools and honest advice in the WordPress community. That community ethos remains our north star as we grow.

Milestones

Six Years of Building the Shield

2019 · Q3
Day One — The Garage

Arjun Mehta and Leila Hassan resign to build Sentiplug. First PHP prototype shared on WordPress.org forums. 40,000 downloads in 90 days — zero marketing budget.

2020 · Q1
Threat Intelligence Network Launched

Cloud-based real-time threat feed goes live. Sentiplug's distributed sensor network begins sharing attack signatures across all connected sites within 90 seconds of discovery.

2020 · Q4
$4.2M Seed Round Closed

Led by CyberFoundry Capital and Ridge Ventures. Team scales to 18 full-time engineers. First enterprise customers onboarded with dedicated SLA support.

2021 · Q2
100,000 Sites Protected

Major milestone reached. Pro plan launched with advanced WAF, two-factor auth, and country blocking. SOC 2 Type I audit completed.

2022 · Q1
Multi-Framework Support Ships

Sentiplug extends beyond WordPress with REST API integration for Drupal, WooCommerce, and custom PHP applications. Central multisite dashboard released.

2022 · Q4
$18M Series A

Series A led by Sequoia Cybersecurity. London and Singapore engineering offices opened. 47-person team. SOC 2 Type II certification achieved.

2023 · Q3
AI-Powered Anomaly Detection

Machine learning layer added to the WAF engine. Behavioral anomaly detection catches zero-day threats with no prior signature — a first in the WordPress security space.

2025 · Now
500,000+ Sites. 2.1B+ Attacks Stopped.

Sentiplug is the fastest-growing website security platform globally. SIEM integrations with Splunk, Datadog, and PagerDuty. Enterprise plan serving Fortune 1000 clients.

Leadership

The People Behind the Shield

Our leadership team combines decades of experience from enterprise security, cloud infrastructure, and open-source communities.

AM
Khandaker Zaman
Co-Founder & CEO

As a technical founder specializing in resilient, high-scale cloud infrastructure and advanced threat protection, he leads the company’s global mission to deliver uncompromised, enterprise-grade security solutions

LH
Rakeybul Hasan
Co-Founder & CTO

The visionary engineer who architected Sentiplug's core AI-powered WAF engine to redefine web application security.

DJ
Rakebul Hasan
VP of Engineering

Distributed systems veteran with 15 years of experience leading enterprise platform engineering. At Sentiplug, Rakebul scales global infrastructure processing 2B+ daily security events with zero downtime.

Global Presence

Defending Sites on Every Continent

Our threat intelligence network spans the globe — the more sites we protect, the smarter and faster our defenses become for everyone.

175+
Countries with Active Sites
SENTIPLUG GLOBAL NETWORK
Headquarters — Germantown, Maryland, USA

Our founding office and global HQ. Home to leadership, finance, legal, and our primary threat research team. Washington DC metro area, minutes from NIST and NSA campuses.

Engineering Hub — Austin, Texas, USA

Full-stack engineering and DevSecOps. Our Austin office leads platform infrastructure, cloud architecture, and the AI/ML threat detection pipeline.

EMEA Office — London, United Kingdom

European market operations, GDPR compliance oversight, and enterprise sales. Our London team runs 24/7 threat monitoring for the EU region.

APAC Office — Singapore

Asia-Pacific growth, localization, and regional threat intelligence. Singapore is the hub for our APAC data center network covering Southeast Asia, Japan, and ANZ.

Industry Recognition

Awards & Certifications

🏆
Best WordPress Security Plugin

Awarded by WP Engine's annual plugin review board for outstanding firewall performance and user experience.

2024 · WP Engine Awards
🔐
SOC 2 Type II Certified

Independently audited for Security, Availability, and Confidentiality. Recertified annually. Report available to enterprise customers on request.

2022–2025 · AICPA
🌟
Top 50 Cybersecurity Startups

Named among the 50 most innovative cybersecurity companies by CyberScoop and the RSAC Innovation Sandbox committee.

2023 · CyberScoop / RSAC
🛡️
GDPR & CCPA Compliant

Full compliance with global privacy regulations including GDPR, CCPA, LGPD, and PDPA. Privacy-by-design architecture from day one.

Ongoing · Verified 2025

Research & Transparency

We Don't Just Protect — We Publish.

Sentiplug's Threat Research Lab publishes weekly vulnerability disclosures, monthly threat landscape reports, and a real-time CVE advisory feed. We believe the security community wins when knowledge is shared freely.

  • 80+ responsible vulnerability disclosures published in 2024 alone
  • Weekly Sentiplug Threat Intelligence Report emailed to 120,000 subscribers
  • Open-source signature database with community contribution program
  • Bug bounty program: up to $5,000 per valid critical vulnerability report
Read Latest Research Bug Bounty Program
80+
CVEs Published
2024 alone
120K
Research Subscribers
Weekly newsletter
$5K
Max Bug Bounty
Per critical vuln
2,800+
WAF Signatures
Updated daily

Join the Team

Help Us Guard the Open Web

We're a 47-person team on a mission to make website security accessible to everyone. We're fully remote-friendly, equity-generous, and relentlessly focused on impact. If you care about security, good engineering, and open-source communities — we want to meet you.

Senior Security Engineer ML Engineer – Threat Detection DevRel / WordPress Advocate Product Designer Enterprise Sales AE Threat Researcher
View All Open Roles Life at Sentiplug
Remote First
Work from anywhere
Meaningful Equity
Real ownership stake
$3K Learning Budget
Certs, courses, conferences
Mission-Driven
Work that actually matters