SiteInspect

Solutions

One platform for website readiness: scans, monitoring, compliance reports, and pentesting. By role and by product.

What we offer

Readiness scans

Single-URL or multi-page; SEO, accessibility, compliance, security, performance. Real-time progress and PDF report.

Monitoring & alerts

PagerDuty, Slack, JIRA, ClickUp. Get notified when critical or high-severity findings appear.

Compliance & reports

WCAG-mapped findings, executive summary, broken links, PDF export for stakeholders.

CI, API & MCP

Run scans from GitHub Actions, GitLab CI, or Cursor MCP. REST API for custom tools.

Metrics & trends

Readiness score over time, completed scans, top issues. Filter by organization.

Pentesting

Hands-on exploit testing (IDOR, auth, session & business logic) and a narrowly scoped automated option. See Pricing.

AI prompt injection testing

Automated scans and hands-on assessments for LLM-powered apps: prompt injection, jailbreaking, data leakage, and guardrail bypass. See Pricing.

Coming later: Scheduled monitoring (e.g. weekly scans + regression alerts), API endpoint scanning. Docs and FAQ for the latest.

AI prompt injection testing

Test chat interfaces, AI APIs, and LLM-powered features for prompt injection, jailbreaking, system-prompt leakage, and guardrail bypass. Available as an automated scan (run on demand or from CI) and as a hands-on assessment (human-led red-team style exercise).

Automated scan

Run a battery of prompt-injection and safety tests against your AI endpoint or chat UI.

You provide the target: a public or authenticated chat URL, or an API endpoint that accepts user input and returns model output. We run a structured set of checks and report what we find.

  • Prompt injection — Direct and indirect injection payloads to override instructions or extract system prompts
  • Jailbreaking & refusal bypass — Attempts to circumvent safety refusals or role boundaries
  • Data leakage — Whether system prompts, internal context, or PII can be elicited in responses
  • Output consistency — Whether the app behaves predictably under adversarial input

Results are delivered as a report: which payloads succeeded, sample responses, and remediation guidance. You can run the scan on demand from the dashboard or trigger it from CI for regression. Scope is limited to the endpoints and flows you configure (e.g. one chat interface or one API).

Automated scan pricing

Hands-on assessment (pentest-style)

A human-led exercise: our team probes your AI feature like an attacker would.

Beyond automated payloads, we perform a hands-on assessment: crafting custom prompts, chaining behaviors, testing multi-turn and context-window edge cases, and exploring business-logic abuse (e.g. prompt-based privilege escalation or data exfiltration).

  • Custom attack design — Tailored to your use case, model, and guardrails
  • Multi-turn and context — Testing conversation memory, tool use, and long-context behavior
  • Integration and data flow — How user input reaches the model and how output is filtered or used downstream
  • Prioritized report — Findings with severity, proof-of-concept prompts, and remediation steps

Ideal for pre-launch of an AI feature, compliance or procurement requirements, or periodic deep dives. Scope and depth are agreed up front (e.g. single chat product vs. multiple models or APIs).

Hands-on assessment pricing

Pricing for both options.

By role

Accessibility teams

Stay compliant with WCAG 2.1, ADA, Section 508, and EAA.

Run scans on key pages, get findings mapped to WCAG success criteria with “Learn more” links. Executive summary and score trend in the dashboard help you showcase progress and tie improvements to readiness.

Start free scan

Marketing & SEO

Technical SEO, website auditing, and AI crawler visibility (AEO).

Check title, meta, canonical, Open Graph, robots.txt, sitemap, and AI crawler access. Reports show broken same-site links and AEO readiness. Use CI or MCP to scan on deploy or from your workflow.

CI & MCP

Dev & QA

Find and fix issues before launch.

Run scans from the dashboard or from CI. Get a readiness score, prioritized findings with fix guidance, and optional PDF report. Multi-page scans discover URLs from the homepage and sitemap for paid plans.

Start free scan

Compliance

Privacy, terms, and security in one report.

Reports flag missing privacy policy or terms links, cookie consent presence, and security headers (HTTPS, HSTS, CSP, etc.). Align with WCAG, ADA, Section 508, and EAA expectations; we don’t provide legal advice.

What we scan

Pentesting

Narrowly scoped automated scan and hands-on exploit testing (IDOR, auth bypass, session & business logic) with detailed reports.

SiteInspect scans cover common security headers, exposure risks, and configuration. For deeper assurance, we offer a narrowly scoped automated pentest and hands-on penetration testing: our team runs exploit testing — IDOR, authentication bypass, session and business-logic flaws — and delivers a detailed report. Three hands-on tiers (Basic, Professional, Enterprise) plus the automated option. See Pricing for tiers and scope.

Pentesting & pricing