Security
How We Think About Website Security
I recently attended WordCamp San Francisco (WCSF) where Matt Mullenweg, founder of the WordPress project and CEO of Automattic, gave his annual State of the Word. WordCamps are informal, community-organized events that are put together by WordPress users like you. Everyone from casual users to core developers participate, share ideas, and get to know each…
Read MoreWordCamp Europe 2014: WordPress Security Starts With Posture
Recently I spoke at WordCamp Europe 2014 on the topic WordPress Security — It Starts With Posture. The threats website owners face today range in scale and complexity — from large DDOS attacks leveraging WordPress core functionality, to vulnerabilities found in some of the largest plugins in the ecosystem. The Security dilemma is not shrinking,…
Read MoreAccounting for Security in Website Projects
Many know very little about me, my past what I used to do, most just know me for my time in security. There was a time though that I spent as Project / Program Manager for a couple different organizations. I even dabbled in a WordPress centric design / development shop called CubicTwo in early…
Read MoreWhat’s wrong with your pa$$w0rd?
The discussion on access control seems to be common place these days with the latest revelations news. Found this video on some research Lorrie Faith Cranor is doing on the subject very interesting and insightful.
Read MoreImportance of Updates in Website Security: WordPress, Joomla, Drupal and CMS’s
In my recent post talking to the dilemma that is WordPress Security, there seemed to be some confusion as to my position on updates. Allow me a moment to provide clarity on the subject, yes, updates are very important. My previous statements are specific to the importance level of updates, it was designed to foster…
Read MoreThe Dilemma that is WordPress Security
The past few weeks WordPress Security has come to the forefront of the discussion again, as it often does every few months. As is often the case, it’s highly emotional and generates a lot of discussion. Chris Lema shared a post, Our discussions around WordPress security should change, and that sparked some interesting conversations. He’s…
Read More