The Anatomy of a WordPress Core Security Update

Product
Product Overview

Move faster with a complete content platform.
VIP Content Management

Claim your content freedom with the world’s most popular CMS.
VIP Content Analytics by Parse.ly

Use data to understand, improve, and deliver your content.
Headless CMS

Unlock architectural flexibility while enabling your content creators.

Industries and Departments
For enterprise brands

The platform the biggest brands trust.
For media

In today’s crowded media landscape, speed matters.
For government

The only secure, compliant WordPress platform for government.
For marketers

Your web presence matters. Go with the leader.
For IT

Managed WordPress at unmatched scale.

Our customers

Learn why our customers love WordPress VIP.
Case studies

Read what happens when top brands choose WordPress VIP to drive business growth.

Resource library

Explore great content curated by the WordPress VIP team.
Blog

Keep up with the latest from the WordPress ecosystem, WordPress VIP, and our Partner network.
Glossary

Get quick background on popular content- and CMS-related terms.
Documentation

Learn the ins and outs of WordPress VIP, the agile content management platform.
Case studies

Read what happens when top brands choose WordPress VIP to drive business growth.

Running an agile CMS and giving more people “the keys to the publishing kingdom” is how Salesforce and its 2,000-strong marketing force keep up with constantly changing market forces.

Watch the video

About us

Explore WordPress VIP—our history, our values, and how we work.
Events

Save the dates, save your spots.
Careers

Work with us. Location: remote.
Partners

Find unmatched WordPress expertise.
WordPress ecosystem

Understand the difference: WordPress.org, WordPress.com, WordPress VIP.

Get a demo

Jake Spurlock speaks at BigWP, giving a behind-the-scenes look at the WordPress approach to security

As both a WordPress VIP Technical Account Manager and a Core Security Release Lead on the WordPress project, I have a rare glimpse into one of the most critical aspects of enterprise WordPress: security.

I spoke at BigWP SF this fall to share a behind-the-scenes look at one small slice of what it takes to make WordPress a secure platform for 35% of the internet.

In this talk, I cover:

Who is in charge of safeguarding WordPress
How the team uses HackerOne to identify, disclose, and address vulnerabilities
What the security release process looks like from the inside
How people can contribute to keeping WordPress secure