We are excited to announce that SecuPress and Patchstack have partnered up. The aim of this partnership is to help strengthen the WordPress ecosystem and its security by working together.
SecuPress has joined Patchstack in a mission to make WordPress security information more accessible to all developers. This partnership allows us to grow Patchstack Alliance and keep information about WordPress-related security vulnerabilities free at the Patchstack database.
Read the interview we made with the creator of SecuPress Julio Potier.
What are the biggest problems in WordPress security in your opinion?
Everyone knows (or is starting to understand) that security matters. It matters, even more, when you have clients, who are agencies, or just aware of the vulnerabilities and their effect on security.
The question that everyone asks me is “Julio, how do you know? Where do you get accurate information?” and that’s true, it’s not easy to find a simple solution. Like everyone else, we try to find as many pieces of information using Twitter, feeds, newsletters, etc.
This is a big problem. People don’t know where to find information about WordPress vulnerabilities unless spending too much time on it. And did you think I am talking about WordPress core here? Nope, I am not.
– Julio Potier
Why do you support Patchstack Alliance?
At SecuPress, we decided to support Patchstack for several reasons. Firstly, because they are open-minded enough to have a free public database of WordPress vulnerabilities.
They understand the importance of spreading this information to protect everyone using WordPress instead of locking everything down to make a business out of it.
Another point – they reward ethical hackers/ researchers when they find vulnerabilities in WordPress plugins (yes, even free ones from the WordPress plugin repository). To reward the researchers, they are using a prize-pool system. How cool is that?
And last, they accept our money to fill the prize pool, so now, we try to be as cool as they are ? and help to make the WordPress ecosystem more secure.
– Julio Potier
What do you like about the Alliance initiative the most?
I can’t decide between the idea of the prize pool, (it’s one of the best ideas ever around WordPress security) or the free public vulnerability database. Can I choose both?
– Julio Potier
*Editors note: Yes, Julio, you can! ?
Do you think Alliance can help to eliminate the security problems you mentioned above?
Totally, a centralized website where information is public, verified, accurate, accessible using an API and data freely shareable to avert people is mandatory in our community, and we didn’t have that before.
– Julio Potier
What does SecuPress offer to its clients?
SecuPress helps to save time and reduce the hassle of having to log in to your backend every day. It eliminates the need of doing daily security chores and the constant need of checking stuff here and there.
SecuPress is a plugin dedicated to protecting WordPress websites by reducing the intervention of their owners. That doesn’t mean that once installed, everything is done or everything will be fine. Keep in mind that you can never be 100% secured, that’s impossible (if someone says that to you, run, it’s a lie!).
SecuPress helps with blocking attacks, reducing risks, delaying hacks, and alerts you quickly when action is needed thanks to its alerts and (Slack) notifications.
You can learn more about SecuPress here.
You can also read the partnership announcement from the SecuPress blog here.