How can trakked help you with the security of Contao?
Let's establish some common ground here first. Contao consists of a composition of various packages (approx. 180 packages in a basic installation of Contao). These include e.g. the Symfony framework, which itself is divided into many individual components. In addition, there are the installed extensions and their dependencies. By the way, we call these dependencies of dependencies "transitive dependencies".
This means that even if your Contao core version is up to date, it is possible that an extension or any of these transitive dependencies has a security vulnerability that should be fixed urgently.
As you can imagine, it is extremely time-consuming to check every single package manually. Because hardly any installation is the same as the other.
And this is exactly where trakked comes into play.
In the future, trakked will not only check whether the monitored Contao and PHP version is up-to-date, but will also automatically check all dependencies for known security risks in the background.
The result is then displayed by trakked and it enables you to act much faster.
trakked is more than just a tool!
It is important to us that you can establish a process to ensure that updates are installed regularly and that the risk of a security breach is minimized. We also provide you with tips and tricks for this.
In addition to the technical monitoring with our tool, you may subscribe to our new security newsletter which will provide more information. Since there are two Contao core developers in our team, you will get first-hand expert knowledge.
This and much more awaits you with trakked 2.0.