Video: What the hack? Fortifying your security by understanding your adversary

Malicious activity is an unfortunate reality when maintaining a web presence today. Most people involved in the web industry know someone who encountered the aftermath of a disruptive attack — if they haven’t themselves. Because of this, awareness of security best practices is at an all-time high. To many, though, it may not be clear exactly why these measures are important.

To remedy that, we’ll be taking a practical look at what’s actually happening when a website gets attacked, as well as discussing the hows and whys along the way. From understanding why small sites still get hacked, to why password reuse is really as bad as everyone says, we’ll explore the rationale behind the security principles you’re always being told to follow.

You can learn more about this session on the WPCampus 2018 website at

Mikey Veenstra

What is WPCampus?
WPCampus 2018 was the third annual in-person conference for the WPCampus community, a gathering of web professionals, educators and people dedicated to the confluence of WordPress in higher education. The event took place July 12-14 on the campus of Washington University in St. Louis. Learn more about the event at

Session Video

Michael Veenstra

Research Analyst, SiteLock@heyitsmikeyv

Michael Veenstra is an information security researcher, writer, and white-hat hacker with the mission to make the Internet a more secure place for everyone. He is a certified Web Application Penetration Tester, and a Global Information Assurance Certification advisory board member. In his current role as a Web Security Research Analyst with SiteLock, Michael analyzes malicious code in order to train automated scanners to detect and clean new threats more effectively. When he's not buried in a project, Michael can be found planning D&D campaigns, playing guitar, or hanging out with his wife and daughter.