Automattic takes WordPress security company WPScan under its wing

Automattic’s Jetpack has announced that it will acquire the popular WordPress WPScan vulnerability database for an undisclosed amount.

Although WPScan started out as a simple Ruby script to help identify vulnerabilities in self-hosted WordPress sites in 2011, over the years its database has grown into a security tool used across the WordPress ecosystem. .

Today, security researchers and WordPress communities are using the WPScan database to learn about new vulnerabilities in WordPress themes, WordPress plugins, and even the WordPress core. The vulnerabilities originate from the web and over the past 10 years the company has listed over 23,000 WordPress vulnerabilities.

In addition to sponsoring WPScan for years, Automattic relies on its vulnerability database to help power Jetpack Scan.

In addition to creating an exceptional security offering, Automattic’s goal for its acquisition of WPScan is to make malware data and APIs more open source.

At the same time, the company wants to ensure that WPScan remains a high quality security resource for the entire WordPress community. That’s why she’s exploring ways to make the API completely free for non-commercial sites, according to Jetpack Product Engineering Lead at Automattic. , Steve Seear.

As part of the acquisition, two of WPScan’s founders, Ryan Dewhurst and Erwan Le Rousseau, will join Automattic to continue their work to improve security across the WordPress ecosystem. Once the deal is done, WPScan will continue to operate independently in the short term, although it may be integrated with Jetpack Scan in the future.

WPScan founder Ryan Dewhurst explained in a press release how the acquisition will help take WPScan to the next level, saying:

“We are extremely proud to have built WPScan over the past ten years. Automattic has always been a great partner, and we look forward to starting to work more closely together so that we can take WPScan to the next level. I’m really excited to be working on making our WordPress vulnerability database more open and accessible to the community.

We also presented the best WordPress hosting, best WordPress security plugins and best WordPress site builder

Comments are closed.