We are excited to announce that Shield Security and Patchstack have partnered up to combine the efforts to build a strong security community behind the WordPress ecosystem.

Shield Security is supporting Patchstack Red Team and therefore making plugin security audits more accessible to all developers. This partnership allows us to keep information about WordPress-related security vulnerabilities free at the Patchstack database.

Read the interview we made with the founder of Shield Security, Paul Goodchild.

What are the biggest problems in WordPress security in your opinion?

There are 3 big problems with WordPress security right now. In no particular order they are:

• Speed of response and access to vulnerabilities research.
• Awareness & education around security.
• A lack of understanding & appreciation of the role that bots play in our security.

– Paul Goodchild,  Shield Security

Why do you support Patchstack Red Team?

Supporting the Read Team allows us to help address the first problem mentioned – speed of response and access to vulnerabilities research. It will also help with awareness and education around security.

By encouraging research and discovery of vulnerabilities throughout the WordPress ecosystem, we help to improve the security of all WordPress sites by reducing the possibility for successful attacks.

Incentivising discovery with rewards and prizes is a great way to ensure that the motivation to research remains strong, and we believe that everyone should be rewarded for their efforts, particularly if they’re contributing to the community as a whole.

– Paul Goodchild,  Shield Security

What do you like about the Red Team initiative the most?

The aspect that attracts us most to this endeavor is that the resulting research and discoveries will be available to the WordPress community, free of charge. We feel strongly that vulnerabilities in software should be always available to everyone and anyone, at any time, without restriction.

– Paul Goodchild,  Shield Security

Do you think Red Team can help to eliminate the security problems you mentioned above?

Yes. By making knowledge of vulnerabilities available to the wider community, with appropriate responsible disclosure, we help solve the first problem in a huge way.

And, indirectly, having this information more freely available opens up the community and its ability to discuss and provide education, thereby helping to resolve awareness and education problems in security.

– Paul Goodchild,  Shield Security

What does Shield Security offer to its clients?

Shield Security is a WordPress security plugin that provides WordPress admins with access to powerful WordPress security protection. Shields primary goal is to ensure that all WordPress websites have a powerful security solution that is:

• Easy to use;
• Removes the requirement of in-depth security expertise from the WP admin;
• Automates repetitive tasks and reduce notifications;
• Doesn’t cause fear and undue stress in our clients (by providing education and awareness).

Shield’s primary focus is on security protection through prevention, by eliminating access to WordPress sites by malicious bots. By better detecting malicious bots, we can block them, and prevent their ability to cause damage.