June 7, 2025 — European Union passed Cyber Resilience Act as a law in October 2024. Many plugin and theme authors need to comply with the first obligations by early 2026. In this talk, I will give a deep dive into how Cyber Resilience Act affects the WordPress ecosystem, and what are the practical steps everyone can take to become compliant.

Presentation Slides »

October 12, 2024 — Managing the security of a product with tens of millions of installations is challenging; add Open Source to the equation and the challenges become even more complex. This talk will showcase how Elementor has established internal and external processes to handle security and will highlight our partnership with Patchstack as our bug bounty program and how they have helped enhance our ability to mitigate issues quickly and effectively.

September 30, 2023 — This talk offers insights into the overall security of WordPress ecosystem and shows how 2022 has changed compared to 2021.

The presentation is based on data collected from 2022 by processing more than 4000 security vulnerabilities and analyzing logs of tens of millions of attacks.

Learn what to expect as open-source and supply-chain security aligns with national security, in combination with increasing regulation by European Union and US.