MozillaWiki

Security/Meetings/SecurityAssurance/2013-05-07: Difference between revisions

Page Discussion

Security/Meetings/SecurityAssurance/2013-05-07 (view source)

Revision as of 21:12, 30 May 2013

8,977 bytes added ,  30 May 2013
→‎No Meeting, SF Work Week
No edit summary
Line 2: Line 2:
{{TOC right}}
{{TOC right}}
=No Meeting, SF Work Week=
=No Meeting, SF Work Week=
{| class="wikitable sortable mw-collapsible"
|-
!colspan="9"| Monday 6-May
|-
| align="center" style="background:#f0f0f0;"|
| align="center" style="background:#f0f0f0;"|
| align="center" style="background:#f0f0f0;"|'''All'''
| align="center" style="background:#f0f0f0;"|'''Other'''
| align="center" style="background:#f0f0f0;"|'''Firefox Desktop & Mobile'''
| align="center" style="background:#f0f0f0;"|'''Firefox OS'''
| align="center" style="background:#f0f0f0;"|'''Web Security'''
| align="center" style="background:#f0f0f0;"|'''Operations Security'''
| align="center" style="background:#f0f0f0;"|'''Misc'''
|-
| Breakfast||8am - 9am
|colspan="6" style="text-align: center;"|Catered @Mozilla SF office
|-
|rowspan="3"|Morning
|9 - 10am
|colspan="6" style="text-align: center;"|Welcome & Intro
|-
|10 - 11am||||[https://security.etherpad.mozilla.org/secreview-talk&sa=D&usg=ALhdy2-f_oRsamjMsnsiKnu8hbYcqlGSlQ Security Review Process]||[https://security.etherpad.mozilla.org/automatedCrashStackGeneration&sa=D&usg=ALhdy29XZUn-9_v2RuEe8X146APLjJfdNA Fuzzing: Crash bucketing (JSON format and heuristics)]||||||||
|-
|11 - noon||||[https://security.etherpad.mozilla.org/SecurityReviewArtifacts&sa=D&usg=ALhdy2-atPIske0JmWEDOS2wpzksjleZHg Security Review Output Artifacts]||||||||||
|-
| Lunch||
|colspan="6" style="text-align: center;"|Catered @Mozilla SF office
|-
|rowspan="4"|Afternoon
|1pm - 2pm|
|colspan="6" style="text-align: center;"|Open Team Work
|[https://mana.mozilla.org/wiki/display/SECURITY/Social+API+multi-providers+Security+Review Notes]
|-
|2pm - 3pm||||||Fuzzing: Releasing harness and related tools||||Scanning Web Services and APIs with Minion||||
|-
|3pm - 4pm||||||||||ZAP & Firefox|
|rowspan="2"|Cloud, System, & Network Security Policies
|-
|4pm - 5pm||||||||||Zest, Gcli howto||
|-
| Dinner||
|colspan="6" style="text-align: center;"|On your own in SF
|-
| Evening Activities||
|colspan="6" style="text-align: center;"|On your own in SF
|https://security.etherpad.mozilla.org/TeamMeetUp
|-
|}
{| class="wikitable sortable mw-collapsible"
|-
!colspan="9"| Tuesday 7-May
|-
| align="center" style="background:#f0f0f0;"|
| align="center" style="background:#f0f0f0;"|
| align="center" style="background:#f0f0f0;"|'''All'''
| align="center" style="background:#f0f0f0;"|'''Other'''
| align="center" style="background:#f0f0f0;"|'''Firefox Desktop & Mobile'''
| align="center" style="background:#f0f0f0;"|'''Firefox OS'''
| align="center" style="background:#f0f0f0;"|'''Web Security'''
| align="center" style="background:#f0f0f0;"|'''Operations Security'''
| align="center" style="background:#f0f0f0;"|'''Misc'''
|-
| Breakfast||8am - 9am
|colspan="6" style="text-align: center;"|Catered @Mozilla SF office
|-
|rowspan="3"|Morning
|9 - 10am
|1) A Look at Metrics 2) Data Protection Program||||||||||||
|-
|10 - 11am||||||||Preventing malware in Firefox OS||||NSM (Network Security Monitoring) Presentation & Workshop (mpurzynski)||
|-
| ||11 - noon||||||Product Security Roadmap (with Security Engineering)||||||
|-
| Lunch||
|colspan="6" style="text-align: center;"|Catered @Mozilla SF office
|-
|rowspan="4"|Afternoon
|1pm - 2pm|
|Q&A - Your career, HR questions, benefits, etc - w/ Emily Chardac
|colspan="5" style="text-align: center;"|Open Team Work
|-
|2pm - 3pm||||
|rowspan="2"|Static and Dynamic Analysis of JavaScript (2 hr workshop)
||||Minion & Stooge Demos and brainstorm sessions||Security Alerting (gdestuynder)||
|-
|3pm - 4pm||Incentivizing Security Fixes||||||||Collecting Logs (mhenry)||
|-
|4pm - 5pm||Matt Wobensmith - Security QA||||||||||||
|-
|Dinner||
|colspan="6" style="text-align: center;"|Team Dinner||
|-
| Evening Activities||
|colspan="6" style="text-align: center;"|Team Dinner - 6pm Roy's -  575 Mission St, San Francisco, CA 94105||
|-
|}
{| class="wikitable sortable mw-collapsible"
|-
!colspan="9"| Wednesday 8-May
|-
| align="center" style="background:#f0f0f0;"|
| align="center" style="background:#f0f0f0;"|
| align="center" style="background:#f0f0f0;"|'''All'''
| align="center" style="background:#f0f0f0;"|'''Other'''
| align="center" style="background:#f0f0f0;"|'''Firefox Desktop & Mobile'''
| align="center" style="background:#f0f0f0;"|'''Firefox OS'''
| align="center" style="background:#f0f0f0;"|'''Web Security'''
| align="center" style="background:#f0f0f0;"|'''Operations Security'''
| align="center" style="background:#f0f0f0;"|'''Misc'''
|-
| Breakfast||8am - 9am
|colspan="6" style="text-align: center;"|Catered @Mozilla SF office
|-
|rowspan="3"|Morning
|9 - 10am||Security Automation - Discuss how to do more than Web Security||||||||||||
|-
|10 - 11am||Endpoint security||||Fuzzing with WebIDL||||||||
|-
|11 - noon
|rowspan="2"|[https://security.etherpad.mozilla.org/QAWithJimCook Q&A with Jim 11-1pm during lunch]
|-
| Lunch||
|colspan="5" style="text-align: center;"|Catered @Mozilla SF office||
|-
|rowspan="4"|Afternoon
|1pm - 2pm
|colspan="6" style="text-align: center;"|Open Team Work||
|-
|2pm - 3pm||||Bug Triage (curtisk, yvan, dveditz, joes, abilings)||Fuzzing||Brainstorm security features. Workshop: develop a comparitive analysis against other mobile OS||
|"Compliance checks
* System (kang)
* Network (mpurzynski)"
|-
|3pm - 4pm||||||||||Identity Syncup||||
|-
|4pm - 5pm||||A - Team : Clint Talbert||||Firefox OS Sandboxing w/ seccomp (kang)||||||
|-
|Dinner||
|rowspan="2" colspan="6" style="text-align: center;"|[https://security.etherpad.mozilla.org/2013q2-wed&sa=D&usg=ALhdy2-vGjX0JIRwbjAvVuww8AWhSjQAOw Pizza and Board Games]||
|-
| Evening Activities||
|-
|}
{| class="wikitable sortable mw-collapsible"
|-
!colspan="9"| Thursday 9-May
|-
| align="center" style="background:#f0f0f0;"|
| align="center" style="background:#f0f0f0;"|
| align="center" style="background:#f0f0f0;"|'''All'''
| align="center" style="background:#f0f0f0;"|'''Other'''
| align="center" style="background:#f0f0f0;"|'''Firefox Desktop & Mobile'''
| align="center" style="background:#f0f0f0;"|'''Firefox OS'''
| align="center" style="background:#f0f0f0;"|'''Web Security'''
| align="center" style="background:#f0f0f0;"|'''Operations Security'''
| align="center" style="background:#f0f0f0;"|'''Misc'''
|-
| Breakfast||8am - 9am
|colspan="6" style="text-align: center;"|Catered @Mozilla SF office
|-
|rowspan="3"|Morning
|9 - 10am||
|FYI - Manager hacking is 9-10am in SFO main area. Attend if interested.||||||||||
|-
|10 - 11am||||Review/Adjust Bug Risk Ranking / SecReview Process||||Fun in the TrustZone: what good is it to FxOS?||||
|-
|11 - noon||||||Fuzzing (Justice League)||Firefox OS Bug Bounty||Social API Review||Compliance checks - Cloud (AWS)||
|-
| Lunch||
|colspan="5" style="text-align: center;"|Catered @Mozilla SF office||
|-
|rowspan="4"|Afternoon
|1pm - 2pm
|colspan="6" style="text-align: center;"|Open Team Work||
|-
|2pm - 3pm||Security Assurance - Open House / Show & Tell||||||||||||
|-
|3pm - 4pm||Board room unavailable||||Fuzzing (Paramount)||||WebDev Chat w/Mike Morgan (SFO-7B)||Infra chat with MRZ (Golden Gate bridge 3rd)||
|-
|4pm - 5pm||Board room unavailable||Rob Miller (services engineering) 30m talk/preso + 30m Q&A (SFO-3rd floor, Golden Gate)||Fuzzing||||||||
|-
|Dinner||
|rowspan="2" colspan="6" style="text-align: center;"|6pm - Team Dinner & Bowling @ Lucky Strike (200 King Street, San Francisco, CA 94107)|
|-
| Evening Activities||
|colspan="6" style="text-align: center;"|
|-
|}
{| class="wikitable sortable mw-collapsible"
|-
!colspan="9"| Friday 10-May
|-
| align="center" style="background:#f0f0f0;"|
| align="center" style="background:#f0f0f0;"|
| align="center" style="background:#f0f0f0;"|'''All'''
| align="center" style="background:#f0f0f0;"|'''Other'''
| align="center" style="background:#f0f0f0;"|'''Firefox Desktop & Mobile'''
| align="center" style="background:#f0f0f0;"|'''Firefox OS'''
| align="center" style="background:#f0f0f0;"|'''Web Security'''
| align="center" style="background:#f0f0f0;"|'''Operations Security'''
| align="center" style="background:#f0f0f0;"|'''Misc'''
|-
| Breakfast||8am - 9am
|colspan="6" style="text-align: center;"|Catered @Mozilla SF office
|-
|rowspan="3"|Morning
|9 - 10am||
||||||Fuzzing: logging||||Security Review Outputs||
|-
|10 - 11am||||||||Orangfuzz with orangutan (gkw) - pushed to 10.30am||||Multi Factor Authentication (kang)||
|-
|11 - noon||||Malicious code in Firefox - Monitoring for suspicious code commits||||||||||
|-
| Lunch||
|colspan="5" style="text-align: center;"|Catered @Mozilla SF office||
|-
|rowspan="4"|Afternoon
|1pm - 2pm
|Google Security Visit||Open Team Work||||||||||
|-
|2pm - 3pm||Google Security Visit||https://security.etherpad.mozilla.org/googleappstalk||||||||Asset discovery and vulnerability management (mhenry)||
|-
|3pm - 3:30pm||Google Security Visit||||||||||||
|-
|3:30 pm - 4pm||Wrap Up||||||||||||
|-
| Dinner||
|colspan="6" style="text-align: center;"|On your own in SF||
|-
| Evening Activities||
|colspan="6" style="text-align: center;"|On your own in SF||
|-
|}
Curtisk
canmove, Confirmed users, Bureaucrats and Sysops emeriti
2,776

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/661897"