SlideShare a Scribd company logo

WordPress Security Update: How we're building the web's most secure platform and what you can do to help

J
jessepollak

How we're building the web's most secure platform and what you can do to help. A talk given by Brennen Byrne, CEO of Clef, at the SF WordPress Meetup on June 25th, 2014.

TechnologyBusiness
1 of 23
Download to read offline
Brennen Byrne @brennenbyrne CEO of Clef (getclef.com) getclef.com/wpsecurityupdate
WordPress Security Update How we're building the web's most secure platform and what you can do to help
Haves vs. Have Nots
Haves vs. Have Nots
Solo vs. Community
Security through community (we’ve built an infrastructure of care)
Communal knowledge We educate each other.
Heartbleed
Software distribution Fix it for one of us, fix it for all of us.
Jetpack
Discovery and correction of issues how to report a problem
HTTP cookies
The Year of WordPress Security { 2014
The zombie army
How the community protects us communal knowledge software distribution discovery and correction
password strength indicator ✓ distributed attack detection one time passwords We’re getting stronger
How can you help?
Protect yourself first
Protect yourself first but pay it forward
Pay attention
✓ Push for better defaults
Security through community (we’ve built an infrastructure of care)
WordPress Security Update How we're building the web's most secure platform and what you can do to help

Recommended

TYPO3 & Security @ Drupal Meetup
TYPO3 & Security @ Drupal MeetupTYPO3 & Security @ Drupal Meetup
TYPO3 & Security @ Drupal MeetupGeorg Ringer
 
Passwords and Botnets and Zombies (oh my!)
Passwords and Botnets and Zombies (oh my!)Passwords and Botnets and Zombies (oh my!)
Passwords and Botnets and Zombies (oh my!)jessepollak
 
Criza eco1929
Criza eco1929Criza eco1929
Criza eco1929Butnaras Doina
 
Simulovaný soudní proces
Simulovaný soudní procesSimulovaný soudní proces
Simulovaný soudní procesTomasPistek
 
Transition to Management: The Other Side of the Desk
Transition to Management: The Other Side of the DeskTransition to Management: The Other Side of the Desk
Transition to Management: The Other Side of the DeskCynthia Clay
 
Capture More Recurring Revenue
Capture More Recurring RevenueCapture More Recurring Revenue
Capture More Recurring RevenueServiceSource
 
Silver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSilver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSeniorStoryteller
 
dotSecurity2017
dotSecurity2017dotSecurity2017
dotSecurity2017Zane Lackey
 

More Related Content

Similar to WordPress Security Update: How we're building the web's most secure platform and what you can do to help

Building a Modern Security Engineering Organization
Building a Modern Security Engineering OrganizationBuilding a Modern Security Engineering Organization
Building a Modern Security Engineering OrganizationZane Lackey
 
How I Learned to Stop Worrying and Love the Update Button
How I Learned to Stop Worrying and Love the Update ButtonHow I Learned to Stop Worrying and Love the Update Button
How I Learned to Stop Worrying and Love the Update Buttonchris-koerner
 
Strategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
Strategies on How to Overcome Security Challenges Unique to Cloud-Native AppsStrategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
Strategies on How to Overcome Security Challenges Unique to Cloud-Native AppsVMware Tanzu
 
"The death of security as we know it: Platform and Security Engineering join ...
"The death of security as we know it: Platform and Security Engineering join ..."The death of security as we know it: Platform and Security Engineering join ...
"The death of security as we know it: Platform and Security Engineering join ...Fwdays
 
10 practices that every developer needs to start right now
10 practices that every developer needs to start right now10 practices that every developer needs to start right now
10 practices that every developer needs to start right nowCaleb Jenkins
 
Ben Dechrai - Writing Viruses for Fun, not Profit - Codemotion Rome 2019
Ben Dechrai - Writing Viruses for Fun, not Profit - Codemotion Rome 2019Ben Dechrai - Writing Viruses for Fun, not Profit - Codemotion Rome 2019
Ben Dechrai - Writing Viruses for Fun, not Profit - Codemotion Rome 2019Codemotion
 
Types of Software - Y9 Computing
Types of Software - Y9 ComputingTypes of Software - Y9 Computing
Types of Software - Y9 ComputingMrJRogers
 
Managing WordPress
Managing WordPressManaging WordPress
Managing WordPressSteven Watts
 
Automation Without Exposure.pptx
Automation Without Exposure.pptxAutomation Without Exposure.pptx
Automation Without Exposure.pptxSiddhartha
 
The 5 key V's of Big Data
The 5 key V's of Big DataThe 5 key V's of Big Data
The 5 key V's of Big DataAnric Blatt
 
Week 4 - HIDS or AntiVirus Systems Research Paper The focus of the res (1).docx
Week 4 - HIDS or AntiVirus Systems Research Paper The focus of the res (1).docxWeek 4 - HIDS or AntiVirus Systems Research Paper The focus of the res (1).docx
Week 4 - HIDS or AntiVirus Systems Research Paper The focus of the res (1).docxmtruman1
 
Cyber security innovation imho
Cyber security innovation imhoCyber security innovation imho
Cyber security innovation imhoW Fred Seigneur
 
ExpressionEngine vs Wordpress - Choose the right tool for the job
ExpressionEngine vs Wordpress - Choose the right tool for the jobExpressionEngine vs Wordpress - Choose the right tool for the job
ExpressionEngine vs Wordpress - Choose the right tool for the jobJohn Macpherson
 
Beginning WordPress Security WordCamp North Canton 2015
Beginning WordPress Security WordCamp North Canton 2015Beginning WordPress Security WordCamp North Canton 2015
Beginning WordPress Security WordCamp North Canton 2015Michele Butcher-Jones
 
Building a Modern Security Engineering Organization. Zane Lackey
Building a Modern Security Engineering Organization. Zane Lackey Building a Modern Security Engineering Organization. Zane Lackey
Building a Modern Security Engineering Organization. Zane LackeyYandex
 

Similar to WordPress Security Update: How we're building the web's most secure platform and what you can do to help (20)

Building a Modern Security Engineering Organization
Building a Modern Security Engineering OrganizationBuilding a Modern Security Engineering Organization
Building a Modern Security Engineering Organization
 
How I Learned to Stop Worrying and Love the Update Button
How I Learned to Stop Worrying and Love the Update ButtonHow I Learned to Stop Worrying and Love the Update Button
How I Learned to Stop Worrying and Love the Update Button
 
Data security
Data securityData security
Data security
 
Strategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
Strategies on How to Overcome Security Challenges Unique to Cloud-Native AppsStrategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
Strategies on How to Overcome Security Challenges Unique to Cloud-Native Apps
 
"The death of security as we know it: Platform and Security Engineering join ...
"The death of security as we know it: Platform and Security Engineering join ..."The death of security as we know it: Platform and Security Engineering join ...
"The death of security as we know it: Platform and Security Engineering join ...
 
Building appliances
Building appliancesBuilding appliances
Building appliances
 
10 practices that every developer needs to start right now
10 practices that every developer needs to start right now10 practices that every developer needs to start right now
10 practices that every developer needs to start right now
 
Ben Dechrai - Writing Viruses for Fun, not Profit - Codemotion Rome 2019
Ben Dechrai - Writing Viruses for Fun, not Profit - Codemotion Rome 2019Ben Dechrai - Writing Viruses for Fun, not Profit - Codemotion Rome 2019
Ben Dechrai - Writing Viruses for Fun, not Profit - Codemotion Rome 2019
 
Types of Software - Y9 Computing
Types of Software - Y9 ComputingTypes of Software - Y9 Computing
Types of Software - Y9 Computing
 
Managing WordPress
Managing WordPressManaging WordPress
Managing WordPress
 
Automation Without Exposure.pptx
Automation Without Exposure.pptxAutomation Without Exposure.pptx
Automation Without Exposure.pptx
 
The 5 key V's of Big Data
The 5 key V's of Big DataThe 5 key V's of Big Data
The 5 key V's of Big Data
 
Intro to Devops
Intro to DevopsIntro to Devops
Intro to Devops
 
Week 4 - HIDS or AntiVirus Systems Research Paper The focus of the res (1).docx
Week 4 - HIDS or AntiVirus Systems Research Paper The focus of the res (1).docxWeek 4 - HIDS or AntiVirus Systems Research Paper The focus of the res (1).docx
Week 4 - HIDS or AntiVirus Systems Research Paper The focus of the res (1).docx
 
Tech w23
Tech w23Tech w23
Tech w23
 
Cyber security innovation imho
Cyber security innovation imhoCyber security innovation imho
Cyber security innovation imho
 
ExpressionEngine vs Wordpress - Choose the right tool for the job
ExpressionEngine vs Wordpress - Choose the right tool for the jobExpressionEngine vs Wordpress - Choose the right tool for the job
ExpressionEngine vs Wordpress - Choose the right tool for the job
 
Beginning WordPress Security WordCamp North Canton 2015
Beginning WordPress Security WordCamp North Canton 2015Beginning WordPress Security WordCamp North Canton 2015
Beginning WordPress Security WordCamp North Canton 2015
 
Building a Modern Security Engineering Organization. Zane Lackey
Building a Modern Security Engineering Organization. Zane Lackey Building a Modern Security Engineering Organization. Zane Lackey
Building a Modern Security Engineering Organization. Zane Lackey
 
Understanding Virus
Understanding VirusUnderstanding Virus
Understanding Virus
 

More from jessepollak

Building Trust on the Blockchain: The Importance of Mental Models
Building Trust on the Blockchain: The Importance of Mental ModelsBuilding Trust on the Blockchain: The Importance of Mental Models
Building Trust on the Blockchain: The Importance of Mental Modelsjessepollak
 
Passwords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityPasswords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityjessepollak
 
Passwords the weakest link in word press security
Passwords the weakest link in word press securityPasswords the weakest link in word press security
Passwords the weakest link in word press securityjessepollak
 
Passwords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityPasswords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityjessepollak
 
Cryptography 101 (with math)
Cryptography 101 (with math)Cryptography 101 (with math)
Cryptography 101 (with math)jessepollak
 
Cryptography 101
Cryptography 101Cryptography 101
Cryptography 101jessepollak
 
Passwords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityPasswords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityjessepollak
 
Clef security architecture
Clef security architectureClef security architecture
Clef security architecturejessepollak
 
Anatomy of a WordPress Hack
Anatomy of a WordPress HackAnatomy of a WordPress Hack
Anatomy of a WordPress Hackjessepollak
 

More from jessepollak (9)

Building Trust on the Blockchain: The Importance of Mental Models
Building Trust on the Blockchain: The Importance of Mental ModelsBuilding Trust on the Blockchain: The Importance of Mental Models
Building Trust on the Blockchain: The Importance of Mental Models
 
Passwords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityPasswords: the weakest link in WordPress security
Passwords: the weakest link in WordPress security
 
Passwords the weakest link in word press security
Passwords the weakest link in word press securityPasswords the weakest link in word press security
Passwords the weakest link in word press security
 
Passwords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityPasswords: the weakest link in WordPress security
Passwords: the weakest link in WordPress security
 
Cryptography 101 (with math)
Cryptography 101 (with math)Cryptography 101 (with math)
Cryptography 101 (with math)
 
Cryptography 101
Cryptography 101Cryptography 101
Cryptography 101
 
Passwords: the weakest link in WordPress security
Passwords: the weakest link in WordPress securityPasswords: the weakest link in WordPress security
Passwords: the weakest link in WordPress security
 
Clef security architecture
Clef security architectureClef security architecture
Clef security architecture
 
Anatomy of a WordPress Hack
Anatomy of a WordPress HackAnatomy of a WordPress Hack
Anatomy of a WordPress Hack
 

Recently uploaded

Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentMahmoud Rabie
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 

Recently uploaded (20)

Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career Development
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 

WordPress Security Update: How we're building the web's most secure platform and what you can do to help