The anatomy of a WordPress core security update

Jake Spurlock speaks at BigWP, giving a behind-the-scenes look at the WordPress approach to security

As both a WordPress VIP Technical Account Manager and a Core Security Release Lead on the WordPress project, I have a rare glimpse into one of the most critical aspects of enterprise WordPress: security.

I spoke at BigWP SF this fall to share a behind-the-scenes look at one small slice of what it takes to make WordPress a secure platform for 35% of the internet.

In this talk, I cover:

  • Who is in charge of safeguarding WordPress
  • How the team uses HackerOne to identify, disclose, and address vulnerabilities
  • What the security release process looks like from the inside
  • How people can contribute to keeping WordPress secure

BigWP is our enterprise WordPress event series. It brings together developers, business leads, and product people who work with high-scale WordPress applications every day. Find all of the talks in the BigWP SF November 2019 playlist.

Ready to get started?

Drop us a note.

No matter where you are in the planning process, we’re happy to help, and we’re actual humans here on the other side of the form. 👋 We’re here to discuss your challenges and plans, evaluate your existing resources or a potential partner, or even make some initial recommendations. And, of course, we’re here to help any time you’re in the market for some robust WordPress awesomeness.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.