The anatomy of a WordPress core security update

As both a WordPress VIP Technical Account Manager and a Core Security Release Lead on the WordPress project, I have a rare glimpse into one of the most critical aspects of enterprise WordPress: security.

I spoke at BigWP SF this fall to share a behind-the-scenes look at one small slice of what it takes to make WordPress a secure platform for 35% of the internet.

In this talk, I cover:

  • Who is in charge of safeguarding WordPress
  • How the team uses HackerOne to identify, disclose, and address vulnerabilities
  • What the security release process looks like from the inside
  • How people can contribute to keeping WordPress secure

BigWP is our enterprise WordPress event series. It brings together developers, business leads, and product people who work with high-scale WordPress applications every day. Find all of the talks in the BigWP SF November 2019 playlist.

Leave a Reply

Your email address will not be published. Required fields are marked *

Ready to get started?

Drop us a note.

No matter where you are in the planning process, we’re happy to help, and we’re actual humans here on the other side of the form. 👋 We’re here to discuss your challenges and plans, evaluate your existing resources or a potential partner, or even make some initial recommendations. And, of course, we’re here to help any time you’re in the market for some robust WordPress awesomeness.