As both a WordPress VIP Technical Account Manager and a Core Security Release Lead on the WordPress project, I have a rare glimpse into one of the most critical aspects of enterprise WordPress: security.

I spoke at BigWP SF this fall to share a behind-the-scenes look at one small slice of what it takes to make WordPress a secure platform for 35% of the internet.

In this talk, I cover:

• Who is in charge of safeguarding WordPress
• How the team uses HackerOne to identify, disclose, and address vulnerabilities
• What the security release process looks like from the inside
• How people can contribute to keeping WordPress secure