We perform internal and third party code reviews, unit testing and version control across our entire internal work. These efforts are baked into our PressArmor™ service, taking full advantage of our 10 years of experience committed to Secure WordPress Hosting.
Any changes made to the Pagely backend code or customer server configuration is required to be signed off by staff other than the committer. This process is ingrained in our DevOps process and code life cycles. All changes made to code or your server configuration that we make is properly logged alongside who specifically made any changes.
If a severe vulnerability is reported in a plugin or theme, our security team will scan all customer sites looking for the affected plugin or theme, upgrade the code if possible, provide a custom web application firewall (WAF) rule if applicable, and notify the users affected.
The process your team employs for your code workflows is completely up to you, we don’t enforce a particular single workflow. Most of our customers have their own methods for deploying code to our servers, and you can learn some of those hooks involved in setting up Git for 1-click deployment.