New Patchstack Integration for iThemes Security and Security Pro

February 8, 2023 — Today, iThemes is pleased to announce we’re partnering with Patchstack to provide early warnings about potential vulnerabilities in WordPress sites protected by our security plugins, iThemes Security and Security Pro.

What’s changing?

Patchstack’s vulnerability database and Threat Feed are now powering the iThemes Security Site Scan feature.

Site Scan is a key security tool in our iThemes Security and Security Pro products. Site Scan alerts WordPress site owners if the version of a plugin or theme they’re using has a known vulnerability. As soon as vulnerabilities emerge, Site Scan warns site owners and administrators with further information provided by Patchstack.

Timothy Jacobs, iThemes Security Lead Developer and WordPress Core Committer says he’s “excited to bring Patchstack’s Threat Feed to the iThemes Security community” so iThemes customers can respond to vulnerabilities quickly.

This change is effective immediately and does not require an iThemes Security or Security Pro plugin update. Users will notice the Patchstack logo when they click for more details about vulnerabilities detected by Site Scan.

Using Patchstack’s vulnerability database doesn’t change how iThemes Security works. Its Site Scan feature and vulnerability alerts have not changed. Only the data source that Site Scan uses has changed. The security alerts iThemes Security users receive will not change. 

Why we’re making this change

Patchstack Security Advocate Robert Rowley says the Threat Feed is a way for site owners to “get ahead of hackers.” Patchstack’s service will provide iThemes Security with a 48-hour advance warning and information about new WordPress core, theme, and plugin vulnerabilities.

Rowley described Patchstack as a company focused on “empowering site owners” to address vulnerabilities “based on security intelligence.” Sending warnings as soon as possible “when sites are running insecure components” is how he sees Patchstack helping iThemes users. According to Rowley, web developers and agencies that need to “easily secure WordPress sites from plugin vulnerabilities” can best use timely security alerts. 

At iThemes, we want to share the benefits of Patchstack’s security intelligence with all our users. That’s why the Patchstack Thread Feed will power security alerts in our premium and free security products. Following open source values, sharing actionable security information widely is essential to securing WordPress and its product ecosystem.

Who is Patchstack?

Patchstack is a leader in the WordPress security space with an innovative platform and team dedicated to openness and collaboration. Patchstack’s progressive initiatives include support for many security researchers whose work makes WordPress and open-source software safer. Patchstack’s commitment to WordPress is reflected in its impact on the well-being of the software platform and its community. 

Looking to the future  

WordPress currently powers more than 43% of all websites. As attempted cyberattacks increase annually, securing hundreds of millions of sites depends on the free flow of vulnerability data.

Timely security notifications are invaluable to site owners, agencies, and freelancers using iThemes Security to protect numerous WordPress sites vital to their business, clients, and users. With iThemes Security, anyone can use Patchstack’s security intelligence to deliver rock-solid security for all their WordPress websites. 

We’re looking forward to supporting our iThemes Security customers with a long collaborative partnership with Patchstack that benefits the entire WordPress community!