The anatomy of a WordPress core security update

Note: This is part of a series of posts highlighting talks from the BigWP San Francisco meetup at the Henry J Kaiser Family Foundation on the evening of November 6.

As both a WordPress VIP Technical Account Manager and a Core Security Release Lead on the WordPress project, I have a rare glimpse into one of the most critical aspects of enterprise WordPress: security.

I spoke at BigWP SF this fall to share a behind-the-scenes look at one small slice of what it takes to make WordPress a secure platform for 35% of the internet.

In this talk, I cover:

  • Who is in charge of safeguarding WordPress
  • How the team uses HackerOne to identify, disclose, and address vulnerabilities
  • What the security release process looks like from the inside
  • How people can contribute to keeping WordPress secure

You can see the full talk here:

BigWP is our enterprise WordPress meetup series. It brings together developers, business leads, and product people who work with high-scale WordPress applications every day. To be the first to find out about the next enterprise WordPress event in San Francisco, join the meetup group. You’ll find groups for other cities there as well.

Find all of the talks in the BigWP SF November 2019 playlist.

Leave a Reply

Your email address will not be published. Required fields are marked *

Ready to get started?

Drop us a note.

No matter where you are in the planning process, we’re happy to help, and we’re actual humans here on the other side of the form. 👋 We’re here to discuss your challenges and plans, evaluate your existing resources or a potential partner, or even make some initial recommendations. And, of course, we’re here to help any time you’re in the market for some robust WordPress awesomeness.

%d bloggers like this: