Security: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(Automated sync from https://github.com/mozilla/wikimo_content)
(Automated sync from https://github.com/mozilla/wikimo_content)
Line 37: Line 37:
* [[Security/Bug_Approval_Process|Approval for Landing Security Bugs]]
* [[Security/Bug_Approval_Process|Approval for Landing Security Bugs]]
* [[Security/Web_Bug_Rotation|Web Bug Verification Rotation]]
* [[Security/Web_Bug_Rotation|Web Bug Verification Rotation]]
===Request a Security or Privacy Review ===
* Complete the questions at the following page to provide the basic info to kickstart a security or privacy review
* We'll create and link the corresponding wiki page within the [[Security/Radar|Security Radar]]
* [[Security/Reviews/Review Request Form | Security & Privacy Review Request Form]]




Revision as of 00:00, 22 January 2017

“Individuals’ security and privacy on the Internet are
fundamental and must not be treated as optional.”
  - Mozilla Manifesto Principle 4

The Mozilla Security community provides leadership in security by building security features, testing software and systems, and leading industry standards to ensure that individuals retain the ability to make meaningful choices about security and privacy on the Internet.

This page documents the security-related activities for Mozilla and how to join us.

Reporting Security Issues

Mozilla relies on the security community to help secure our products and websites by reporting security issues. Our preference is to receive bug reports via our bug tracking system Bugzilla, however emailing security@mozilla.org (preferably encrypted) is also an option.

Details on the way we classify security bugs can be found here.

Security at Mozilla

Who are we?

Security at Mozilla is distributed among the following teams:

Contacting Us

The Mozilla security team is available via a number of channels:

  • Via email
    • security@mozilla.org: to contact us privately or reporting security bugs
    • dev-security@lists.mozilla.org: this is the best place to ask security questions that don't need to be private. You might also try searching this list for answers to your questions
    • You can also find us on a number of security related mailing lists including W3C WebAppSec
  • Via Mozilla IRC
    • #security - general security discussions
    • #contentsecurity - browser security engineering, DOM, CSP, Origins, content blocking etc
    • #infosec - general infosec discussions


Information for developers

Security Bug Processes


Contributing to the security of Mozilla products

There are a range of ways to contribute to security engineering at Mozilla.

Developers

  • Implement security features
  • Fix outstanding security bugs
  • Contribute to security feature development

Security Testers

  • Test Firefox or Mozilla Websites as part of our bug bounty programs

Community

  • Test & provide feedback on new security features
  • Improve security documentation

Mozilla Official Sites

Retrieved from "https://wiki.allizom.org/index.php?title=Security&oldid=1160320"