I typically cover releases of new products and services and not subsequent Version X.Xs. But this one comes with a couple interesting stories attached, two of which are about AI. But let me cover the news first.
Announcing Fullworks Anti Spam v2.0
Fullworks Plugins has released Version 2 of their Anti Spam plugin, introducing AI Analysis, Allow / Deny Lists, Alerts and upgrading several of their form integrations. It’s a major release that has taken Fullwork’s owner and operator, Alan Fuller, and his team over a year to complete.
AI Analysis is the hero of the release.:
The new AI analysis sits alongside the Machine Learning analysis and is highly configurable, perhaps more than any ‘black box’ spam tool with the ability to use either or both and apply rules conservatively or aggressively.
Positioning it both as an effective tool for catching and dealing with spam, as well as respectful of folk’s privacy:
We have built a ‘no transmit’ option that still utilizes the Machine Learning, but is local to your WordPress install, that learns from both curated data and your classification of messages. This brings the power of version 1 without any privacy concerns.
I can attest that the tool works – I’ve been using it on this website for a week and the drop in spam is noticeable. I also like the price: USD $9 / year is fair for a plugin with a limited (albeit important) scope.
AI in WordPress products: gimmick or legit?
I’m still a bit of a skeptic, admittedly, but I’m coming across use cases where the benefits are undeniable. Including research and analysis which are also foundational in cyber security. So, when Alan got in touch about covering his update I fired a couple of questions back to get more details about the released from him:
Q&A – Two questions for Alan Fuller
Question: To what extent was the development of AI Analysis driven by its capabilities versus the need to feature AI for marketing reasons?
Answer: Okay, so I’d started off with machine learning tokenization process, which is a form of basic AI for spam detection, well before the AI exploded about a year and a half ago. And when it did, I thought, well, hang on a minute, let me just compare notes between AI and my own machine learning.
My machine learning obviously requires human curated data. And so we were honey-potting in spam and putting that through. I started comparing notes in the background in honeypots with Open AI and discovered that I actually had to train the models quite a lot.
But they were trainable. And I carried on monitoring that for quite a long time. Initially, it was just really ‘technical nosiness’ to try and understand what AI can do and also to see how good my existing models were.
Actually, they’re pretty good. But then, obviously, there is that benefit of having a belt and braces system where I would have two models running. And so I decided that I would productionize the AI option within Fullworks Anti-Spam.
So it was driven by technical nosiness and yes, it does have some marketing aspects. But to date, I’ve only just actually released it because I’ve been running this in background in parallel for a year and a half now, working out the best approach.
As it has just been released into production and to the market, it’s too early so know if this feature is going to make a difference, commercially speaking.
Question: In what ways have you differentiated from competing products?
Looking at the competing products, there were a couple of big questions that were being raised.
One was about level of control. A lot of the major players are black box products. And so you can’t apply additional allow and deny rules, which some people wanted.
Another concern is privacy with GDPR and some other privacy laws being in the forefront of people’s minds. And the big players, Akismet and CleanTalks all rely on you sending data to the server. And I thought, well, I knew that there was a demand to not send data to the server.
So whilst I can’t use the AI component locally, I decided that I would be able to build a machine learning option that could run entirely locally. It gives people the option for GDPR to run and have some pretty good intelligence because I’ve been mapping it against Open AI’s intelligence on their own server. In the context of WordPress security, well, that’s a massive subject.
And what all the security firms would like you to believe is it’s all about monitoring your website and monitoring the people trying to attack it and monitoring the quality of the plugins and whether they’ve been updated it. I have some security plugins that I’ve built that do very similar things, but the real risk to security in IT in general, WordPress or not, is human beings.
We can see that all the major significant breaches ever have been human-led. The hackers have been there, but they’ve been extracting access via human beings, whether that’s phishing or other social engineering. So whether you can class it all as social engineering, but that’s the threat to WordPress security.
Most of the breaches in WordPress are things like privilege escalation. So first of all, they have to engineer themselves access to the site at a low level and then get a privilege escalation or cross site request forgery where effectively opens you up to stealing of your human credentials or phishing. It’s a big subject and that’s where AI can significantly help.
It certainly does in the anti-spam arena because obviously detecting social engineering patterns and in terms of text, in terms of phishing emails, for instance, or leading people into paying invoices that they don’t actually own. The next step certainly in the way that AI could be used for this is a sort of sequential analysis of events. So limiting it in terms of anti-spam, we have the concept of understanding a series of messages.
The challenge is, of course, a series of messages may be over multiple platforms. They may be over social media. They may be over email. They may be through contact forms on websites. I can’t honestly hand on heart say that my plugin will solve this and be able to solve that, but it does play a part in the bigger context of using AI to enhance security.
There are a couple of takeaways here.
- There’s a fair amount of experimentation involved when building a AI-powered product. Alan started with a hypothesis and tested it over time. Given the nature of IA models, testing and learning never ends. Product builders need to be aware of this level of commitment.
- The new solution addresses new market requirements around privacy. Alan’s solution can run locally and comply with some of the strictest regulations.
I’ll add this too: Alan hasn’t just slapped the AI label on a product. He’s done the work and, I think, earned the right to say that ‘Fullworks Anti-Spam 2.0 is powered by AI’. He just needs to add another icon on this website to reflect this.
Have you introduced AI functionality in your WordPress product yet?
Alan has and so has Elementor, which now allows you to unlock your business potential with Elementor AI. Then there is Bluehost’s Wondersuite that makes WordPress made wonderful with AI. And close to 1,000 plugins in the WordPress Plugin Directory that offer some flavour of AI.
No doubt a number of these implementations are gimmick-grade rather than offer tangible value. However, there are use cases where AI can make a big difference, as we’ve seen with Fullwork’s Anti-Spam plugin.
The question shouldn’t just be ‘how can AI make plugin XYZ better’ (measured in terms of additional value delivered to the customer). You need to answer these questions too:
- How can an AI feature help you fine-tune your positioning?
- Will an AI feature help me reach new audiences and markets?
- Can the new AI feature be monetized?
Expanding on this last point, if you already a decent-sized audience, the up/cross sell opportunity is significant. A recent example is Elementor’s launch of Image Optimizer, with a starting price of USD $50 / year. Elementor AI is priced similarly. Given the size of their customer base, even a low one-digit conversion rate will make their CFO very happy.
Could Alan have merchendized his AI efforts? I don’t think so. As mentioned, an anti-spam function solves one specific problem. That said, this is an opportunity to bump up the price by 50% – 100%. Slapping a ‘Now Powered by AI’ label should work if he backs the claim with content that explains and validates the claim, which can easily do – see the Q&A above.
Remember: make Version 2.0 of your WordPress plugin a noisy one
Not every Marketer will agree, but I think releases, even for minor functionalities, are always an opportunity to get some attention. Perhaps not if you’re just fixing a bunch of bugs. If you’re introducing something new, there’s always a story to tell.
Marketing of a release should start even before you know what new features to work on. That is, let Marketing inform you about… the market. A good example of this is Convesio’s announcement of their platform being HIPAA compliance, which has little to do with their position as scalable WordPress host (and nothing to do with AI either). They’ve followed this up with a ton of content and a webinar. Have a look at how it’s working for them from an SEO perspective to you’ll appreciate how strategic this effort was. My only criticism is that HIPAA compliance could have been the sole hero of a release, and not the third story of a bundle of announcement.
Thinking about the Convesio example above and the idea of introducing AI, why don’t you think about of a new AI-powered feature that can help you reach a new market? Maybe ask ChatGPT?
Alan, instead, has played his AI card and needs to start thinking of what the next big story will be when he releases Anti-Spam Version 3.