I interviewed Bachiyski to learn why the role was created and what its purpose is.
What are the responsibilities of your new role?
My responsibilities are to coordinate the security efforts of WordPress.org, mostly with incident response and to make sure we respond quickly, have solid fixes, and make sure everyone involved is informed.
What circumstances led to this role’s creation?
Nothing too spicy around the creation of the role. As the volume of requests increased, we realized a bit more structure would be helpful so that we are more focused and use our resources wisely.
Will you only handle security issues for the open source project or will you also help with Automattic’s bounty program as well?
There are other colleagues at Automattic who are responsible for the bounty program.
How important are the connections and trust you’ve established over the last 11 years to your role?
Offline relationships are very important in an online community and I am lucky to know many of the members of the security team in person. This definitely makes working with them easier.
Learn More About the WordPress Security Team
If you’d like to learn more about who’s on the WordPress security team, what they do, and how they handle security releases, listen to my interview with Gary Pendergast.
Pendergast who works for Automattic, is a WordPress core contributor, and a member of the WordPress core security team. In the interview, we discuss what happened behind the scenes before 4.2.3 was released.