About

About Ryan Dewhurst

Vulnerability intelligence researcher with 15+ years across offensive security, vulnerability research and threat intelligence.

I'm Ryan Dewhurst, a vulnerability intelligence researcher based in Malaga, Andalusia, Spain. My work centres on how attackers actually operate in the real world - tracking exploitation activity, vulnerability trends, and the tradecraft behind them.

I'm the founder of KEVIntel, a curated, real-time database of Known Exploited Vulnerabilities. I'm especially interested in the intersection of AI, vulnerability intelligence and real-world exploitation: identifying which vulnerabilities are genuinely likely to be exploited, prioritising response, and using attacker telemetry to improve detection and mitigation.

I'm probably best known as the creator of the Damn Vulnerable Web Application (DVWA) and the founder of WPScan, the WordPress vulnerability scanner I built from a side project in 2011 into a business that was acquired by Automattic in 2021. More recently I founded KEVIntel.

Focus areas

• Vulnerability intelligence and Known Exploited Vulnerabilities (KEVs)
• Real-world exploitation tracking and threat intelligence
• Honeypots and deception operations
• Offensive security and web application security research

Credentials & recognition

• SC Magazine Europe 2013 - 'Rising Star' award
• Tenable Vulnerability Management Specialist (2024)
• 15+ years across offensive security, vulnerability research and threat intelligence

Previously

• watchTowr

  Head of Threat Intelligence

  Previously led proactive threat intelligence, tracking real-world exploitation and attacker tradecraft across nation-state, APT and ransomware activity.

• Automattic

  Senior Security Engineer

  Joined following the acquisition of WPScan, integrating WordPress vulnerability intelligence into Jetpack.

• RandomStorm

  Security Consultant

  Early-career penetration testing and security consultancy work.

Media & appearances

Podcasts

• THREATCON1 - with Patrick Garrity Ep 13 - Why Hackers Are Targeting Edge Devices
• Decipher - with Dennis Fisher How to Stay Ahead of Attackers
• WP Builds - with Nathan Wrigley Ep 158 - Keeping WordPress secure with Ryan Dewhurst from WPScan

TV

---

Want to talk vulnerability intelligence or work together? Get in touch.