Inaugural CloudFest USA Hackathon
📅 November 4, 2025
📍 Miami Marriott Biscayne Bay
👥 20-25 Selected Participants
🎯 One Focused Project
🤝 Exclusive Partnership with Patchstack
This exclusive hackathon brings together 20-25 carefully selected industry professionals, open-source security contributors, and hosting providers.
Presented by
Patchstack, the leading WordPress security intelligence platform, is the exclusive presenting sponsor of this hackathon. With over 33,000 catalogued vulnerabilities and responsibility for 70% of all new WordPress vulnerability discoveries, Patchstack brings unparalleled expertise to this collaborative security initiative.
Mart Virkus
Head of Marketing
Patchstack
There are mainly two reasons why supporting this initiative is important to Patchstack. The Cyber Resilience Act will have a huge impact on the WordPress ecosystem – security can’t be an add-on anymore, it has to be baked into all digital products and their infrastructure. From the point of view of supply chain security, the official WP.org repository will definitely benefit from having alternative mirrors should something go wrong.
About the Hackathon 🤖
WordPress powers 43% of the web, making its security infrastructure critical to global digital stability. Recent ecosystem events have highlighted fundamental risks in centralized dependency models, while 96% of WordPress vulnerabilities stem from third-party plugins and themes. This hackathon addresses these challenges by bringing together the brightest minds in security and hosting to develop next-generation solutions.
The intersection of vulnerability intelligence, supply chain security, and infrastructure resilience creates unprecedented opportunities for innovation that could reshape how we approach open-source security at scale.
The Challenge
FAIR Software Security Assistant
⚡ Automating vulnerability screening and policy enforcement for FAIR-based WordPress repositories. ⚡
The FAIR Software Security Assistant helps hosting providers maintain secure and trusted WordPress repositories. The open-source tool automatically screens plugins and themes distributed through FAIR against verified vulnerability data from Patchstack. It enforces customizable security policies to block or flag risky software, providing hosting teams with an automated, auditable workflow for managing package security at scale.
Hackathon Goals
The project will deliver a working minimum viable product addressing hosting provider security workflows.
Potential primary MVP deliverables include:
– Repository monitoring system that provides current vulnerability labels to FAIR Aggregators or end users, and verifies the label before installing new or updated packages.
– Security analysis engine integrating Patchstack’s vulnerability database for on-the-fly scanning.
– Basic policy engine for risk-based package approvals (approve/flag/block workflows).
– Minimal dashboard to visualize repository security status and flagged packages.
Teams can focus on different components based on expertise: backend API integration, frontend dashboard development, security policy engine, or hosting platform integration.
Target Audience
– Cloud hosting providers and managed WordPress hosting companies
– Enterprise IT teams managing WordPress deployments
– FAIR repository maintainers
– WordPress agencies managing multiple client sites
– DevOps and infrastructure teams implementing FAIR
Meet the Project Leads!
Elliot Taylor
Project Co-Lead Head of Engineering
Patchstack
Carrie Dils
Project Co-Lead WordPress Developer & LinkedIn Learning Instructor
FAIR TSC
Brent Toderash
Project Co-Lead Project Director at Modern Earth, AspirePress Project Manager & FAIR TSC Member
Modern Earth, AspirePress Project Manager & FAIR TSC Member
Alain Schlesser
Project Mentor for CloudFest USA Principal Architect
Yoast
Who Should Attend?
This is an exclusive, invitation-only event limited to 20-25 carefully selected attendees.
We’re nearly at capacity, but we may be able to accommodate up to 5 additional participants with specific expertise that will complete our team composition and set us up for success.
WE’RE CURRENTLY SEEKING:
Full-Stack Developers
- Strong API integration experience, particularly with security APIs and RESTful services
- Ability to build end-to-end solutions connecting multiple systems
Frontend Developers & UI/UX Designers
- Experience creating dashboards and data visualization interfaces
- Skill in making complex security information accessible and actionable
- Understanding of hosting provider workflows and user needs
Security Engineers & DevOps Professionals
- Background in vulnerability assessment, threat intelligence, or security automation
- Experience with CI/CD pipelines, infrastructure automation, and scalable systems
- Knowledge of security policy engines and risk scoring algorithms
System Administrators & Hosting Infrastructure Specialists
- Hands-on experience managing WordPress hosting environments at scale
- Knowledge of control panel integrations (cPanel, Plesk, custom platforms)
- Understanding of hosting provider security operations and compliance requirements
Backend Developers
- Experience building data processing pipelines and automation systems
- Strong skills in working with databases, APIs, and asynchronous processing
- Background in building scalable, production-grade backend services
WHAT MAKES A STRONG CANDIDATE?
Beyond technical skills, we’re looking for professionals who:
- Have a genuine passion for solving real-world WordPress security challenges
- Can collaborate effectively in a fast-paced, focused environment
- Bring practical experience with the tools and workflows hosting providers actually use
- Are committed to contributing to open-source solutions that benefit the entire ecosystem
If you have deep expertise in any of these areas and are passionate about building practical security solutions that will protect millions of WordPress sites, we want to hear from you!
Expected Outcomes
Business Relationships: Direct collaboration between hosting decision-makers, security experts, and open-source contributors in an intimate, focused environment.
Practical Tools: Working prototypes addressing real-world security challenges faced by hosting providers and WordPress professionals.
Industry Insights: Deep understanding of emerging security trends, regulatory requirements, and infrastructure evolution affecting the WordPress ecosystem.
Strategic Positioning: Early access to technologies and methodologies that will define the next decade of WordPress security.
Investment & Participation
Confirmed CloudFest USA Partners: $500 USD per seat
Other Hosting Representatives & Industry Professionals: $1,000 USD per seat
Selected Individual Contributors: Invited – accommodation provided for qualifying open-source contributors and out-of-town attendees
Hosting companies and industry professionals sending employees will need to secure paid seats. Investment covers expert mentorship, exclusive venue access, meals, and post-event networking opportunities.
Organizer
Carole Olinger
Head of CloudFest Hackathon
CloudFest USA
Carole brings a decade of experience in the hosting industry and open-source community building. As a key architect of CloudFest and tech events worldwide, she has facilitated countless collaborations between hosting providers, developers, and technology innovators. Her expertise in bringing together diverse stakeholders to solve complex industry challenges makes her the ideal leader for this focused initiative.
The best innovations happen when you put the right people in a room with a shared challenge and the tools to build something meaningful. This hackathon is designed to do exactly that.
Want To Join Us In Miami?
Given the exclusive nature of this event, participation is by invitation and application only.
Request Invitation
Submit your interest and qualifications for individual consideration.