These are interesting times for open-source security. Over the past year or so we've seen a significant increase in collaboration when it comes to making the WordPress ecosystem safer. This is a strong signal that the community is moving towards a more mature approach to security - and this will benefit everybody.
So in that spirit, we're very excited to announce that we now have a partnership with WPMU DEV - their Defender Pro security plugin now uses Patchstack's vulnerability intelligence feed to help protect their users' sites.
Defender Pro is a WordPress security plugin that lets users monitor and manage their website's security from one dashboard, from running scans to managing blocklists and firewalls.
It uses Patchstack's vulnerability feed to identify vulnerable WordPress components in those websites using. If any vulnerabilities are found it they show up in the Defender Pro dashboard:
It can also send users email notifications about any vulnerable components. From the dashboard, users can then update the components to a safe version.
The integration is already live for all Defender Pro customers, as long as you're running the latest version. For more information on how vulnerability detection works you can read WPMU DEV's announcement post.
WPMU DEV is a leading provider of WordPress plugins, hosting and site management tools. In addition to its products, the company also offers 24/7 support and a wealth of tutorials and resources to help users get the most out of their sites, and grow their online businesses.
Our partnership with WPMU DEV is one more step toward building a bigger safety net around the WordPress community. It follows collaboration with hosting services like Plesk, Hostinger, One.com, and others.
We're not just working together with hosts and WP management tools on this - there are many ways you can contribute to open-source security.
If you're a security researcher, you can join Patchstack Alliance, our bug bounty program, to report vulnerabilities and earn rewards.
If you're a plugin developer, join our recently launched mVDP program that makes it easier to manage and address vulnerability reports for your plugins - which in turn is a great way to show that you are taking the security of your projects seriously.