The Anatomy of a WordPress Core Security Update
As both a WordPress VIP Technical Account Manager and a Core Security Release Lead on the WordPress project, I have a rare glimpse into one of the most critical aspects of enterprise WordPress: security.
I spoke at BigWP SF this fall to share a behind-the-scenes look at one small slice of what it takes to make WordPress a secure platform for 35% of the internet.
In this talk, I cover:
- Who is in charge of safeguarding WordPress
- How the team uses HackerOne to identify, disclose, and address vulnerabilities
- What the security release process looks like from the inside
- How people can contribute to keeping WordPress secure