Penji
Company Details
Linkedin ID:
dotpenji
Website:
Employees number:
189
Number of followers:
4,753
NAICS:
541
Industry Type:
Homepage:
penji.co
IP Addresses:
0
Company ID:
PEN_3197269
Scan Status:
In-progress
Penji Company CyberSecurity Posture
penji.co
Penji is an on-demand and unlimited design service upgrading the way you work. Create a project on our app today, and get your designs tomorrow. Yep, it’s that simple. No hiring. No contracts. And no more missed deadlines. Enjoy agency-level production while only paying a fixed monthly rate. Try us today and stop overpaying for graphic design.
Penji A.I CyberSecurity Scoring
Penji Risk Score (AI oriented)Between 750 and 799
Penji
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Penji Global Score (TPRM)XXXX
Penji
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Penji Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
Penji Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Penji
Incidents vs Graphic Design Industry Average (This Year)
No incidents recorded for Penji in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Penji in 2025.
Incident Types Penji vs Graphic Design Industry Avg (This Year)
No incidents recorded for Penji in 2025.
Incident History — Penji (X = Date, Y = Severity)
Penji cyber incidents detection timeline including parent company and subsidiaries
Penji Company Subsidiaries
Penji is an on-demand and unlimited design service upgrading the way you work. Create a project on our app today, and get your designs tomorrow. Yep, it’s that simple. No hiring. No contracts. And no more missed deadlines. Enjoy agency-level production while only paying a fixed monthly rate. Try us today and stop overpaying for graphic design.
Loading...
Penji Similar Companies
Absher Design Group
At Absher Design Group Inc., our goal is to create brand experiences that stimulate. That involve. That interact. That touch each and every part of the relationship between your customers and the product with creative campaigns and non-traditional forms of advertising for today’s evolving brand mess
Dragonfly Design and Production
Dragonfly Design and Production is a computer graphics studio that provides high-end graphic design and visual effects B2B and as a contractor. Some of the services include: • Print graphic design • Motion design • 3D modeling and animation • VFX and post production services (compositing
Black Canvas
Black Canvas the { logo design : graphic design : web design } experts www.blackcanvas.com.au Black Canvas looks at the world a little differently to most. We are passionate about design and love the challenge of developing creative solutions for your enterprise. We scribble, we brainstorm, an
Baixo Illustraties
Creatief, eigenzinnig, kleurrijk; kortom ‘Baixo Illustraties’. Mijn naam is Bas van Houwelingen, de man achter Baixo Illustraties. Met mijn eigenwijze en zelfontwikkelde stijl creëer ik unieke illustraties. Voor verschillende bedrijven heb ik illustraties gemaakt van het personeel, die ze bijvoor
LGR Presentations
LGR is a specialized PowerPoint presentation design agency. We design on-brand PowerPoint presentations to help companies with their key strategic, financial meetings and events. Our team of in-house designers helps respected global brands across Europe and North America turn their slides into on
Stylorouge
Stylorouge is an independent creative consultancy with over 30 years experience in commercial media. We work in the areas of graphic design and art direction, advertising, film and television, photography and multimedia. Our priority is effective creative communication. We produce work which h
.png)
Penji CyberSecurity News
May 17, 2025 07:00 AM
Indonesia Prepares New Cybersecurity Law, Sanctions for Negligent Platforms
The Indonesian government is preparing a revision of the Cybersecurity and Resilience (RUU KKS) that will include penalties for platforms that fail to...
October 14, 2024 07:00 AM
Accelerating PDP Law Compliance with Microsoft Cloud – Indonesia News Center
Read the Indonesian version here. In the rapidly evolving digital era, personal data protection has become a very crucial issue.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Penji CyberSecurity History Information
Official Website of Penji
The official website of Penji is https://penji.co.
Penji’s AI-Generated Cybersecurity Score
According to Rankiteo, Penji’s AI-generated cybersecurity score is 752, reflecting their Fair security posture.
How many security badges does Penji’ have ?
According to Rankiteo, Penji currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Penji have SOC 2 Type 1 certification ?
According to Rankiteo, Penji is not certified under SOC 2 Type 1.
Does Penji have SOC 2 Type 2 certification ?
According to Rankiteo, Penji does not hold a SOC 2 Type 2 certification.
Does Penji comply with GDPR ?
According to Rankiteo, Penji is not listed as GDPR compliant.
Does Penji have PCI DSS certification ?
According to Rankiteo, Penji does not currently maintain PCI DSS compliance.
Does Penji comply with HIPAA ?
According to Rankiteo, Penji is not compliant with HIPAA regulations.
Does Penji have ISO 27001 certification ?
According to Rankiteo,Penji is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Penji
Penji operates primarily in the Graphic Design industry.
Number of Employees at Penji
Penji employs approximately 189 people worldwide.
Subsidiaries Owned by Penji
Penji presently has no subsidiaries across any sectors.
Penji’s LinkedIn Followers
Penji’s official LinkedIn profile has approximately 4,753 followers.
Penji’s Presence on Crunchbase
No, Penji does not have a profile on Crunchbase.
Penji’s Presence on LinkedIn
Yes, Penji maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/dotpenji.
Cybersecurity Incidents Involving Penji
As of December 03, 2025, Rankiteo reports that Penji has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
Penji has an estimated 2,657 peer or competitor companies worldwide.
Penji CyberSecurity History Information
How many cyber incidents has Penji faced ?
Total Incidents: According to Rankiteo, Penji has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at Penji ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Description
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=dotpenji' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
