
CASE STUDY
How WP Engine automates security for over 1.5 million customer sites with WPScan.
The Hero: WP Engine
- WP Engine is a leading WordPress hosting platform, empowering thousands to create and share their unique digital stories with the world.
- With a focus on speed, security, and support, WP Engine serves over 1.5 million WordPress websites.
The Problem
- The importance of keeping its customers’ websites safe from vulnerabilities and threats is a huge priority for WP Engine.
- With the increasing sophistication and frequency of attacks, it was becoming increasingly difficult to do so.
- They engineered a workflow to notify customers of new vulnerabilities but lacking automation, it was challenging to inform customers of new threats in a timely and scalable way.
“We know that there are other options out there, but given the sense of completeness and alerts for ALL relevant plugins, we never had a need to go crosscheck WPScan against anyone else.”
— Brent Stackhouse, VP Security, WP Engine
The Solution & Results
- WP Engine turned to WPScan, the #1 WordPress vulnerability scanner, to integrate an automated security workflow into their existing systems.
- By tapping into WPScan’s API and real-time vulnerability database, they were quickly able to provide their customers with up-to-date security alerts, enabling them to keep their sites secure.
- The results have been overwhelmingly positive, solidifying WP Engine’s position as a true security partner for their customers and helping them build a customer base that is more loyal than ever before.
A Trusted Partner
WPScan is consistently rated as the top WordPress CNA Assigner each year:


“Our customers love it. It really helps them stay out of a bad security state. And we couldn’t do it without WPScan.”
— Brent Stackhouse, VP Security, WP Engine