Trent.ai is one of the more technically credible AI-security companies in the wider tech and software category coming out of the UK, building agentic security infrastructure for organisations adopting autonomous and agentic workflows. The product is sophisticated, the team has real depth, and the category is moving fast enough that being mistaken for “another AI startup” is a commercial cost in itself. The existing site was slow, structurally weak, and didn’t communicate any of that.
What they asked for was a fast, polished site that could carry the brand into enterprise conversations, paired with a consistent visual system across social and email.
What it actually required, given the audience, was harder. Performance fast enough that Core Web Vitals weren’t a credibility tax in enterprise procurement. A consent and analytics layer that would survive a real GDPR audit. A content architecture their marketing team could operate at the speed of the AI category without ever filing a ticket with engineering. An infrastructure footprint that wouldn’t be the weakest link in the story they were telling prospects.
A custom WordPress theme built on a modular ACF (Advanced Custom Fields) block library. Hero variants, framework explainers, press coverage cards, filtered articles, comparison views, conversion CTAs, an announcement banner for launches, and forms wired into HubSpot (“Request a Demo,” “Get Early Access,” contact). No page builder, no proprietary stack, no lock-in. The marketing team composes pages by dragging blocks and filling fields. They can’t break global styles or push a malformed page live.
Performance budgets were agreed up front: hero imagery capped, Lottie animations capped, non-critical JavaScript deferred. The site hits a Lighthouse desktop Performance score of 93, with Core Web Vitals passing on field data, and Best Practices and SEO at 100.
Consent runs on CookieYes paired with Google Tag Manager consent mode v2. Analytics and marketing tags respect user choice rather than firing speculatively. HubSpot, GA4 and any conditional third-party scripts are gated by consent state. The implementation is auditable end to end.
The site ships and runs on HostLogic, the WebLogic-operated managed WP Cloud platform: daily backups, plugin and core updates tested on staging first, malware scanning, firewall, uptime monitoring, modern security headers (Content Security Policy with nonces, X-Frame-Options, Referrer-Policy, Permissions-Policy) configured at the application layer, and a same-day SLA on anything that flags.
Alongside the site, we shipped a social template system and email templates so every Trent.ai communication, regardless of channel, reads like the same company.
Buyers of an AI-security product will scrutinise the marketing site. Slow load times read as operational sloppiness. A misconfigured consent banner suggests the same posture extends to data handling. Stock WordPress meta tags and a default wp-admin footprint suggest no one thought past launch day.
We treated those as the floor we build from, not optional extras. Security headers configured at the application layer. WordPress fingerprint reduction (generator, RSD, WLW, shortlink, oEmbed and emoji meta stripped). XML-RPC disabled. A hardened session model. Plugin and core updates tested on staging before they touch production. A documented incident-response runbook with SLAs by tier.
None of that is visible on the homepage, and that’s the point. It’s the work that means the site doesn’t become a liability the first time a prospect’s security team looks at it properly.
Trent.ai’s marketing team ships landing pages, framework launches and product announcements independently, without engineering involvement. Lighthouse Performance hits 93 on desktop, Core Web Vitals pass on field data, and Best Practices and SEO both score 100. Brand integrity is consistent across web, social and email. Trent’s engineers have never had to touch the marketing site or its infrastructure post-launch. Hosting, security, updates, backups and incident response are owned by HostLogic.
The build, the infrastructure, and the editorial workflow are split into three clearly owned tracks. WebLogic owns the build. HostLogic owns the infrastructure and security posture. Trent.ai’s marketing team owns editorial. Each side has the tooling and authority to keep its part current.
Security findings, whether from our monitoring, a platform alert, or an external researcher, flow into a documented response runbook with SLAs by tier.
For a company in the AI-security category, that’s the difference between a marketing site that supports the story and one that quietly undermines it.
| Area | What we delivered |
|---|---|
| Discovery and UX | Sitemap and information architecture, three homepage concepts, wireframes for all core templates, content modelling, and a 48-hour feedback SLA built into the sprint cadence. |
| Brand and visual system | Visual identity refresh, type and colour system, motion guidelines, component library in Figma, extended consistently into web, social and email. |
| Website design | Custom design for homepage, product pages, framework explainers, About, Insights, Press Coverage, Comparison view, contact and form pages, across desktop, tablet and mobile. |
| Custom WordPress theme | Fully bespoke theme. No page builder, no proprietary stack, no lock-in. Built and version-controlled in a private GitHub repo. |
| ACF block library | Hero variants, feature blocks, framework explainers, press coverage cards, filtered article sections, comparison tables, testimonial layouts, conversion CTAs, top-of-page announcement banner. Composable by the marketing team without engineering involvement. |
| Forms and lead capture | “Request a Demo,” “Get Early Access,” and general contact forms, wired into HubSpot with full event tracking. |
| Performance engineering | Asset budgets agreed up front (hero imagery, Lottie, non-critical JS). Desktop Lighthouse Performance 93, Core Web Vitals (field) passed, Best Practices 100, SEO 100. |
| SEO foundation | Technical SEO baseline: schema markup, sitemaps, canonical structure, internal linking, Core Web Vitals tuning, Rank Math configuration. |
| Analytics and tracking | GA4 and Google Tag Manager wired with consent mode, HubSpot tracking, conversion events configured end to end. |
| Consent and privacy | CookieYes consent management paired with GTM consent mode. Marketing and analytics tags gated by user choice, with a server-side audit trail of consent actions. |
| Security hardening | Application-layer security headers (CSP with nonces, X-Content-Type-Options, X-Frame-Options, Referrer-Policy, Permissions-Policy), hardened session model, WordPress fingerprint reduction, XML-RPC disabled. |
| Social media templates | On-brand templates for LinkedIn, X, Instagram and Facebook covering launches, framework explainers, press features and recurring content formats. |
| Email templates | Branded, responsive email templates for product updates, thought leadership and campaign sends. |
| Managed hosting (HostLogic) | Managed WP Cloud hosting, staging environment, daily backups, plugin and core updates tested on staging, malware scanning, firewall, uptime monitoring, same-day response SLA. |
| Launch and handover | Staging-to-production migration, SSL, caching and backup validation, post-launch performance audit, editor training for the marketing team, documentation and admin guide. |