A conversation at LoopConf earlier this year has led to a new open-source security initiative called FAIR Software Security Assistant, connecting FAIR with Patchstack’s vulnerability intelligence platform. The collaboration will debut at the inaugural CloudFest USA Hackathon on November 4, 2025, in Miami.
The Origin
Elliot Taylor, Head of Engineering at Patchstack, shared on X that a discussion with FAIR contributors Ryan McCue and John Blackbourn inspired the idea of integrating Patchstack as the security node in FAIR’s ecosystem.
The project will now be built during the hackathon, co-led by Elliot Taylor alongside FAIR TSC co-chair Carrie Dils and Brent Toderash, AspirePress Project Manager, with Alain Schlesser, Principal Architect at Yoast, serving as mentor.
About the Hackathon
The hackathon for developing the FAIR Software Security Assistant is an invitation-only event hosting 20–25 selected participants, including security professionals, hosting providers, and open-source contributors.
The project aims to automate vulnerability screening and policy enforcement for FAIR-based WordPress repositories. The tool is designed to help hosting providers automatically check plugins and themes shared via FAIR against Patchstack’s validated vulnerability data. It will also support configurable risk-based policies, allowing software to be approved, flagged, or blocked while maintaining a verifiable workflow for secure repository management.
Key deliverables for the one-day event include a repository monitoring system, a real-time security analysis engine, a basic policy engine for risk-based approvals, and a dashboard for visual representation.
Additional goals include compliance reporting, advanced policy settings, hosting integration guides, containerized deployment, vulnerability disclosure support, and admin dashboard access.
The project targets cloud hosting providers, enterprise IT teams, FAIR repository maintainers, WordPress agencies managing multiple sites and DevOps and infrastructure teams. Participants will contribute expertise across backend and frontend development, API integration, DevOps, and WordPress infrastructure.
The team aims to produce a working minimum viable product by the end of the hackathon, and the FAIR Software Security Assistant will be showcased the very next day on November 5.