We are always looking at how we can improve the service that we provide to our customer. One of the ways we do that is by looking at how we compare to products and services that product similar functionality. Back in March we took a look at a plugin named Security and Vulnerability Shield, which connects to the plugin developer’s service to provide data on vulnerabilities in WordPress plugins. At first glance the service behind the plugin sounded impressive, but looking a little deeper we were left wondering as to the veracity of claims made by the developer.

At that point we wanted to see if looked like they were even collecting their own data or if they had in fact copied their data from another source, but we found that the plugin only told you if the currently installed version was vulnerable. That meant we couldn’t use other common data, like the type of vulnerability and a URL with more information on the vulnerability, to see if that information was identical to other sources of data. That also limited the usefulness of the plugin/service, as those details can rather important. For example, if the vulnerability hadn’t been fixed yet, the type of vulnerability and the specific details could tell whether the plugin needs to be removed right away or if it is of little concern. [Read more]

As we look at how we can improve our service, one of things we are doing is comparing our service to other available options that provide a similar functionality. One such option is a WordPress plugin named Security and Vulnerability Shield. Looking at the information on its Plugin Directory page certainly makes it sound impressive, they claim to monitor numerous sources to collect their vulnerability data (emphasis theirs):

No need to monitor 20 websites and receive 100+ emails (from groups and newsletters) so that you can keep up to date with the latest vulnerabilities in WordPress and its related plugins… our team will do that for you! [Read more]