Skip to content
Giles Wright

Giles Wright

Information Security Specialist

Menu

  • Home
  • Blog
  • Contact Giles Wright
System Security

System Security

Certified Ethical Hacker (CEH, EC Council). Experienced with tools like Burp Suite, Acunetix and OpenVAS.

Read more
Disaster Recovery

Disaster Recovery

Certified Information Systems Security Professional (CISSP, ISC2). Experienced at keeping businesses running in the event of a disaster.

Read more
Qualified

Qualified

Masters degrees in Software Engineering (2002) and Information Security (2020) at Royal Holloway, University of London.

Read more
Digital Forensics and Remediation

Digital Forensics and Remediation

Certified Computer Hacking Forensic Investigator (EC Council, CHFI). Analysis of compromised servers or websites to determine the intrusion vector and the extent of the infection, removal of infection/backdoors and returning systems to normal function.

Read more

Part 8 – WordPress Security – Conclusions

At the start of this report into WordPress security, we listed three main objectives, which were: To provide an explanation of how WordPress sites are often compromised and why. This will be based on real data gathered from the Defiant

gilesw October 25, 2020October 25, 2020 Security, WordPress Security Read more

Part 7 – Hardening and keeping WordPress Sites Secure

What is required to build secure WordPress websites and how to ensure they stay secure. There are a number of considerations that need to be taken into account when first developing a secure WordPress site, however a good starting point

gilesw October 25, 2020November 2, 2020 Security, WordPress Security Read more

Part 6 – The Importance of Responsible Disclosure

This section of the report looks at the importance of responsible disclosure. I do this by carrying out an analysis of Wordfence attack data following the responsible disclosure of vulnerabilities in two WordPress plugins, and comparing this to attack data

gilesw October 17, 2020October 25, 2020 Security, WordPress Security Read more

Part 5 – Providing Customers with a Clean WordPress site

As mentioned in the introduction, I am a Senior Security Analyst in the Wordfence Security Services Team (SST). The SST is a group of security analysts responsible for cleaning compromised websites and performing security audits on WordPress websites. Wordfence already

gilesw October 6, 2020October 19, 2020 Security, WordPress Security Read more

Part 4 – OWASP Top 10 Vulnerabilities Affecting WordPress Applications

The following is an analysis of how WordPress applications can be impacted by each of the OWASP Top 10 vulnerabilities discussed in the previous section. Much of the following research originates from work carried out by the Wordfence team, as

gilesw October 3, 2020October 29, 2020 Security, WordPress Security Read more

Part 3 – The OWASP Top 10 Web Application Vulnerabilities

OWASP (The Open Web Application Security Project) describe themselves as a “worldwide not-for-profit charitable organization focused on improving the security of software” . They run a number of projects related to web application security, however the project they are best known for

gilesw October 1, 2020October 29, 2020 Security, WordPress Security Read more

Part 2 – Content Management System – A Background

In this section we are going to provide a Background to Content Management Systems with a look at what a Content Management System is and then go on to look at specific options for Web Content Management Systems available today.

gilesw October 1, 2020November 2, 2020 Security, WordPress Security Read more

Part 1 – Content Management Systems and WordPress

Introduction to Content Management Systems and WordPress I decided to write about Content Management Systems and WordPress after seeing the damage that irresponsible disclosure can have on website owners globally. WordPress is the most popular Content Management System (CMS) in

gilesw October 1, 2020October 19, 2020 Security, WordPress Security Read more

WordPress Security and the Importance of Doing the Right Thing

I recently completed a Master degree in Information Security at Royal Holloway, University of London. My dissertation was on the importance of responsible disclosure of vulnerabilites, so I’m going to start with a few posts on that subject. I’ll hopefully

gilesw October 1, 2020November 2, 2020 Security, WordPress Security Read more

Recent Comments

    Archives

    • October 2020

    Categories

    • Security
    • WordPress Security

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org

    Contact Info

    • Email: giles [at] gileswright.com
    • Twitter: @thegdwright

    Useful Links

    • Royal Holloway ISG
    • Offensive Security
    • EC Council
    • Exploit DB
    • Wordfence
    Copyright © 2021 Giles Wright. All rights reserved. Theme Spacious by ThemeGrill. Powered by: WordPress.
    • Contact Giles Wright