I just wanted to ask if you will have a professional, independent security audit done on this version seeing as how there are a lot of pretty big changes? Do you usually have them done?

I believe IPS gets each version and subversion audited, including the point releases. I could be wrong about the point releases, but it would make sense if they do, to ensure that any bug fixes made doesn't inadvertently open up a security hole.

Good question about the audit. Could someone from staff answer definitively?

Thanks.

We constantly audit security and yes we often hire people to do it independently.

We constantly audit security and yes we often hire people to do it independently.

This is what makes IPB a great piece of software. IPS would rather shell out some money to have it tested and known to be a sturdy product, than to just assume that they made something secure and put other peoples sites at risk. Often times I'm sure it's money spent to get no results, but that all becomes worth the price when something is found and is able to be corrected, without a site being compromised to do it.

This is what makes IPB a great piece of software. IPS would rather shell out some money to have it tested and known to be a sturdy product, than to just assume that they made something secure and put other peoples sites at risk. Often times I'm sure it's money spent to get no results, but that all becomes worth the price when something is found and is able to be corrected, without a site being compromised to do it.

Well... our own developers are very capable of writing secure code ;)
The point of a third party security audit is more to consult with a security professional to recommend things we might not have thought about - they don't just come back with "Yeah, looks fine." :P

We also consult with SEO professionals in the same manner.

Well... our own developers are very capable of writing secure code ;)

The point of a third party security audit is more to consult with a security expert to recommend things we might not have thought about - they don't just come back with "Yeah, looks fine." :P

Which just validates my point. A separate set of eyes, testing things out and giving feedback. Even if they were to come back with "Looks fine" several times in a row, it all pays off when they come back with, "Hey we found something."