Today we are proud to officially announce the formation of the Wordfence Forensic Team and the launch of our site cleaning services. I’d like to take a moment and explain why we went into this business, the unique approach that Wordfence takes to repairing hacked sites and in conducting forensic analysis and investigation – and why this is great for Wordfence customers.
What is Wordfence Site Cleaning?
If you have a hacked WordPress website, we have a team of highly trained forensic investigators that are ready to help. The service is simple: We’re charging $179 to rapidly get your website clean and back into production. This includes:
- Cleaning the infection.
- Investigating how the attackers gained entry.
- Removing any malicious code, links or other content in your posts, pages, comments and source code.
- Providing an in-depth report of the infection removal and investigation.
- We provide a detailed checklist to protect your site from future attacks.
- Your site cleaning includes a 1 year Wordfence Premium license to keep you safe, worth $99.
Meet the Team
One thing I’ve learned as a CEO is that we can best serve our customers by building a team of people who are world-class at what they do. We went out and found the best forensic investigators we could and added them to the core of our team. We started by bringing on board two senior experts in the field:
Colette Chamberland is one of our two Senior Security Analysts and is a Certified Hacking Forensic Investigator (CHFI) and Certified Ethical Hacker (CEH). She has over 5 years of hands-on forensic investigation experience. You’ll also recognize her name as the person who discovered one of the possible entry points in the Panama Papers breach. She brings a wealth of experience, leadership and knowledge and uses it to effectively lead and mentor our team.
Brad Haas is our second Senior Security Analyst and joined us from STRATCOM (United States Strategic Command). He is an ISC2 CISSP, GIAC Certified Incident Handler (GCIH) and GIAC Certified Forensic Analyst (GCFA). Brad has over 7 years of forensic investigation experience and provides strong process and technical leadership in forensic investigations for our team along with a hands-on approach.
Brad and Colette have been working hard at optimizing our site cleaning processes, policies and procedures to ensure customer data confidentiality, integrity and to get our customer sites back online and available as soon as possible.
Our site cleaning team is now seven highly trained investigators and we continue to bring in more team members as quickly as we can. To recruit, evaluate and train site cleaners quickly and effectively, we decided to turn the challenge into a software problem. We have created a job application system that automatically creates an ‘infected’ virtual machine that our forensic investigator applicants need to clean as the very first step in their job application process. We then take our applicants who have scored well through a rapid evaluation process and if they are accepted into the team, we include excellent training and mentorship from our senior analysts. If you think you might be a good fit for the team we welcome you to apply.
Why does Wordfence Clean Hacked Sites?
Our business is to protect WordPress websites from hackers. That means we need to block known and unknown attacks using the Wordfence Firewall. It also means we need to be very good at detecting if a site has been compromised using Wordfence Scan. To be good at both of these things, we need to know how sites are compromised and what indicators of compromise (IOCs) or footprints a hacker leaves behind.
The best way for us to get this data is to investigate sites that have recently been hacked. Internally we have a sophisticated process that turns the data we gather from hacked sites into what we refer to as our Threat Defense Feed or TDF. The TDF includes the firewall and scan rules that are the product of our forensic investigation efforts. This flows out to the Wordfence plugin in real-time, continually updating our scan and firewall capability to provide you the best protection available.
What this means is that when you install Wordfence, you have a growing team of forensic investigators working hard to continually update Wordfence with the newest attacks that are occurring on the ground and to protect you from those attacks. The information gained from each hacked site we investigate is used to protect all of our customers from getting hacked using the same method. Furthermore, any footprints an attacker leaves behind are used to improve our scan capability so that we can provide an early warning should the worst case scenario occur.
Early breach detection and blocking attacks on WordPress websites is what we do. With our forensic investigators constantly increasing the intelligence of Wordfence via the TDF, you have a system that provides the best WordPress protection available.
Giving Back to the Community
Most firewalls for WordPress are expensive. With Wordfence, you get the Threat Defense Feed if you’re a free or a paid customer. The only difference is that our Premium customers receive real-time updates while our free community customers are delayed by 30 days.
As our forensic investigators analyze breaches and we build more intelligence into the TDF, that data flows out to all Wordfence users eventually and does an excellent job of keeping the WordPress community safer. When you choose to have your hacked website cleaned by the Wordfence team, know that the data from your site cleaning ultimately ends up helping to protect the WordPress community.
Excellence in Customer Service
I’m constantly surprised by how much positive feedback our customer service representatives and forensic team receives. Today is our official launch but we have actually been cleaning hacked WordPress sites since April 4th.
Part of our focus at Wordfence, whether we’re providing support for our software or for forensic services, is to provide excellent customer service. Since we soft-launched our site cleaning service I’ve seen many customers who have gone from being frustrated about a hacked site to being overjoyed at how quickly and effectively our team has turned their site around.
We knew that to provide the best service available for site cleaning, we would have to find the best people – and I’m very proud of our team’s technical ability along with their ability to serve and communicate with our customers and turn an unpleasant situation into a happy customer along with data that helps protect the broader community.
Let’s Make WordPress and our Community Safer Together
If you’ve been hacked, contact us immediately by visiting this page and our team will get right on it. We look forward to working with you to get your site repaired quickly and also ensuring that the rest of our community is protected from attacks that are similar to the one you experienced.