Blog posts by Duncan Stuart

Six years is an unusual amount of time to spend working for the same company these days – more so when that company works with technology. The thing is, my time at dxw has really been like working for a number of different companies. These days we have a well-developed recruitment process involving an application […]

In my first blog post about the Cyber UK conference, I talked about the first big idea which resonated with me: that security is everyone’s responsibility and there’s little value in punishing individuals for any failures. So how do you start to implement this in practice? The second big idea from the conference was that […]

Earlier this month Harry and I attended the second edition of the Cyber UK conference  in Liverpool, hosted by the National Cyber Security Centre (NCSC) (https://www.ncsc.gov.uk/) Across three days of talks, workshops, networking, and hacking challenges (which we won!) we heard a lot of ideas and opinions about the state of information security in the […]

Most of my time recently has involved working with WordPress plugin security. In a previous post I talked about some of the vulnerabilities which the dxw Security team have discovered and recently published. One of my other responsibilities is monitoring lots of feeds for plugin security vulnerabilities reported by other people and adding them to […]

Most of my time recently has involved working with WordPress plugin security and I’d like to have a look at some of the security issues and themes which I’ve come across recently: One of my day-to-day responsibilities is managing the quality assurance and reporting of security vulnerability reports which we produce as a result of […]

We have recently launched MongooseWP – an email subscription service to alert website developers to security vulnerabilities in WordPress plugins. It’s unfortunately very common for WordPress plugins to have vulnerabilities. As part of our managed hosting service we review plugins for security issues. We’ve found that over half of the plugins we’ve tested to date contain serious security vulnerabilities. Most vulnerabilities […]