This is a request not just for Defender but all WPMUDev related plugins. An example is that recently there is an issue and still present with the latest release of Defender where the WAF doesn’t activate. Forcing a rollback to the previous version.
Out agency updates manually for the most part so this isn’t a huge issue for us but many agencies auto-update which in this case could have caused multiple websites to become compromised. For which they might hold WPMUDEV accountable.
What would be good is that if WPMUDEV releases a plugin and there is a known issue that the email registered with the client account or website admin email, received a notification with details of the issue and warning them to not update or rollback.
Better yet with an issue like this even if detected after releasing the plugin should be pulled from the marketplace because it’s actually defective at this point.
You could essentially take this even further by sending out a monthly email with all installed plugins on a particular website and emailing out any known issues / conflicts with other plugins / vulnerabilities. This would be really helpful.
