Jetpack, a division of the commercial arm of WordPress, Automattic, announced that it is acquiring the popular WPScan WordPress security suite company. WPScan provides resources that enable the WordPress and WordPress security ecosystem to fight back against security issues quickly. Jetpack is a suite of WordPress tools that also includes a security component.
WordPress security is an important area for WordPress because it’s what competitors cite as a weakness in WordPress. So on that level it makes sense for Jetpack to acquire a company with a proactive stance on WordPress security.
Jetpack promised to keep the products free for non-commercial use while also noting that some of WPScan will be absorbed into the security offering within the Jetpack suite of tools.
Advertisement
Continue Reading Below
Why WPScan is Important
WPScan is a database of vulnerabilities.
WPScan also provides:
- An API for accessing the database
- WPScan Security Scanner, a Command Line Interface (CLI) scanner
- A WordPress security plugin
WPScan Database
WPScan is first and foremost an openly available database that records WordPress vulnerabilities and makes the information available via an API.
The information about WordPress vulnerabilities is hand curated by WPScan and contributors.
WPScan is also an official CVE Numbering Authority (CNA), which means they can assign the numbers that vulnerabilities are referenced by in the security community.