Following up on my original post, WP Tavern today adds more details and color to Patchstack’s background and SaaS transition, WebARX Rebrands To Patchstack, Combines Services To Focus on WordPress Plugin and Theme Security: “In 2018, WebARX launched the first version of its security platform and grew to 3,000 users. Earlier this month, the company decided to rebrand to Patchstack. Outside of customers getting the name wrong, the company had grown beyond its original SaaS product, providing other services like PlugBounty, an open-source bug-hunting platform. Earlier this year, they also acquired ThreatPress, a WordPress security service provider. Combining the three created an opportunity to relaunch the brand.”
BigScoots: Personal. Expert. Always There. That’s Real Managed Hosting.
Original Post form March 11, 2021: I had a chance to speak with Oliver Sild back in January when WebARX acquired ThreatPress. They had a consolidation and rebrand in mind. Today they’ve announced that the combination of WebARX and ThreatPress is now Patchstack. The ThreatPress public vulnerability database is still active and available except now it’s part of the Patchstack world. ThreatPress has been and will continue to be utilized by some of the most well known security tools in hosting and WordPress.
Cybersecurity company Patchstack has come out with a unique approach to connect bug bounties and community-driven security research with virtual patching technologies to reach its goal to make the web a safer place for everyone.
Open source is only getting bigger, and WordPress is now running 40% of all websites. There is a large developer community for WordPress, who have built more than 50,000 plugins, which you can use to extend the functionality of your website. Some of these plugins have hundreds of thousands to millions of active installations and a single security vulnerability can affect all sites using a single plugin.
The developer communities behind open source projects are growing fast and Patchstack is set to build an equally strong community of security researchers behind open source. Patchstack believes that only by working together can we make the open source truly secure.
The Three Pillars of Patchstack
1) Patchstack Platform – A SaaS platform to automatically detect and patch third-party code vulnerabilities within websites.
2) Patchstack Red Team – A bug bounty platform (currently invite-only) that is paying security researchers for finding vulnerabilities in plugins and other popular open-source web components.
3) Patchstack Database – A free and open vulnerability database that can be used to keep up to date with the latest vulnerabilities within the web app components (currently WordPress core, plugins, themes).
According to Oliver Sild, CEO and founder of Patchstack, the plan is to expand all three services to every popular content management system and then scale this approach to other PHP and JavaScript frameworks.
“Giving back to the community is very important to us and for that reason, we have decided to make the data publicly accessible to everyone. Everything our in-house researchers or Patchstack Red Team members report will ultimately be accessible for free at Patchstack Database.”
Patchstack is an Estonian cyber security company and allows for more than 40,000 developers to detect vulnerabilities and receive virtual patches on their websites.