WordPress Security Testing Service

  • Security testing for web sites built with WordPress
  • Scanning using the same tools hackers use
  • Identification of vulnerabilities, permissive controls, and insecure functionality
  • Targeted interpretation and recommendations for proactive security hardening

Free WordPress Security Assessment

Receive a complimentary preliminary assessment of your web site’s security.

Web Site Security Assessment Agreement

This Agreement is entered into by and between you (“You” / “Your”) and Scott Brown Consulting (“Provider”) in connection with the services described herein (the “Service”).

ENGAGEMENT. You hereby engage Provider to perform a web site security assessment. You represent that you are the owner of the web site, or have been authorized by the owner of the web site to engage Provider to perform this security assessment. You authorize Provider to access and perform security testing of the web site for the purposes of this assessment.

DISCLAIMER OF WARRANTIES. YOU EXPRESSLY AGREE THAT USE OF THE SERVICE IS AT YOUR SOLE RISK. THE SERVICE IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. PROVIDER EXPRESSLY DISCLAIMS ALL WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. PROVIDER MAKES NO WARRANTY THAT THE SERVICE WILL MEET YOUR REQUIREMENTS, OR THAT THE SERVICE WILL BE TIMELY, SECURE, OR ERROR-FREE; NOR DOES PROVIDER MAKE ANY WARRANTY AS TO THE RESULTS THAT MAY BE OBTAINED FROM THE USE OF THE SERVICE OR AS TO THE ACCURACY OR RELIABILITY OF ANY INFORMATION OBTAINED THROUGH THE SERVICE. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED BY YOU FROM PROVIDER OR THROUGH THE SERVICE SHALL CREATE ANY WARRANTY NOT EXPRESSLY MADE HEREIN. Some jurisdictions do not allow the exclusion of certain warranties, so some of the above exclusions may not apply to You and each provision is severable from the remainder if adjudicated by a court of competent jurisdiction.

LIMITATION OF LIABILITY. PROVIDER SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, SPECIAL, INCIDENTAL, OR PUNITIVE DAMAGES, RESULTING FROM THE USE OR THE INABILITY TO USE THE SERVICE, OR FOR COST OF PROCUREMENT OF SUBSTITUTE GOODS AND SERVICES, OR MESSAGES RECEIVED OR TRANSACTIONS ENTERED INTO THROUGH THE SERVICE, OR RESULTING FROM UNAUTHORIZED ACCESS TO OR ALTERATION OF YOUR TRANSMISSIONS OR DATA, INCLUDING BUT NOT LIMITED TO, DAMAGES FOR LOSS OF PROFITS, USE, DATA OR OTHER INTANGIBLE. THE LIABILITIES LIMITED BY THIS SECTION APPLY: (A) TO LIABILITY FOR NEGLIGENCE; (B) REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT, STRICT PRODUCT LIABILITY, OR OTHERWISE; (C) EVEN IF PROVIDER IS ADVISED IN ADVANCE OF THE POSSIBILITY OF THE DAMAGES IN QUESTION AND EVEN IF SUCH DAMAGES WERE FORESEEABLE; AND (D) EVEN IF YOUR REMEDIES FAIL OF THEIR ESSENTIAL PURPOSE. If applicable law limits the application of the provisions of this section, Provider's liability will be limited to the maximum extent possible. Some jurisdictions do not allow the limitation or exclusion of liability for incidental or consequential damages, so some of the above limitations may not apply to You and each provision is severable from the remainder if adjudicated by a court of competent jurisdiction.

It is Your responsibility to back-up the data, software, information or other files stored on Your systems. Provider shall not be liable under any circumstances for any loss, disclosure, alteration or corruption of any data, software, information, files, or other media.

You acknowledge Your understanding that use of the Service does not guarantee the security of a web site, or that security incidents will not occur.

Threats to WordPress

WordPress is massively deployed on the web because it’s free, powerful, and extensible. One out of every three web sites runs it. It’s ten times more popular than any other content management system or web application framework out there.

That very popularity, though, makes WordPress an attractive target for attackers. Not only are there a multitude of installs, but hackers know WordPress is often woefully poorly secured.

The focus of WordPress development is on adding features, not security. The vast plugin ecosystem that provides such deep extensibility also creates giant security liabilities. Meanwhile, developers habitually neglect to even mention the need for ongoing security management to site owners.

WordPress Security Testing: an Expert Tactical Evaluation of Your Site

This testing service assesses your site from two directions. The first mimics the techniques prospective intruders use to case your site for exploitation. The second thoroughly evaluates your site’s security from a WordPress administrator’s vantage point.

These assessments complement one another to effectively identify vulnerabilities, permissive controls, and insecure functionality on your site. The results are compiled into a detailed report with findings, interpretation, and recommended corrective actions.

Benefits

  • See your site as attackers see it
  • Discover security gaps
  • Mitigate intrusion risk
  • Gain personalized, expert insight and interpretation
  • Guide corrective measures

Schedule Service

The web security threatscape advances very quickly. It is ideal to perform this assessment on a monthly basis to stay ahead of security state drift and newly disclosed vulnerabilities.

Security incidents can stop your business in its tracks. Don’t leave your site’s security to chance.

Top