Confirmed users
65
edits
Security/InfoSec: Difference between revisions
s/opsec/infosec/g
Gdestuynder (talk | contribs) (https://github.com/mozilla/wikimo_opsec/commit/f0e144fea1c554d46bfa80718e25ae051a56974c) |
(s/opsec/infosec/g) |
||
| Line 1: | Line 1: | ||
= | =Enterprise Information Security Team= | ||
{{TOC right|limit=2}} | {{TOC right|limit=2}} | ||
Infosec assists Mozillians in defining and operating security controls to ensure that data at Mozilla is protected consistently across the organization. | |||
* we help you define the risks around your services and data | * we help you define the risks around your services and data | ||
* we help projects design and implement security controls | * we help projects design and implement security controls | ||
| Line 14: | Line 14: | ||
For security incidents, file a bug in Bugzilla under the product/component [https://bugzilla.mozilla.org/enter_bug.cgi?product=Enterprise%20Information%20Security&component=Investigation] or [https://bugzilla.mozilla.org/enter_bug.cgi?product=Enterprise%20Information%20Security&component=Incident]. | For security incidents, file a bug in Bugzilla under the product/component [https://bugzilla.mozilla.org/enter_bug.cgi?product=Enterprise%20Information%20Security&component=Investigation] or [https://bugzilla.mozilla.org/enter_bug.cgi?product=Enterprise%20Information%20Security&component=Incident]. | ||
Our IRC channel is #security at [irc://irc.mozilla.org/security irc.mozilla.org]. | Our IRC channel is #foxsignal or #security at [irc://irc.mozilla.org/security irc.mozilla.org]. | ||
= Members = | = Members = | ||
| Line 43: | Line 43: | ||
=== Description === | === Description === | ||
InfoSec develops and operates MozDef as a service to assist Mozilla projects in defending their operations. Mozilla systems can send events, logs and other data to MozDef to be automatically correlated and consistently treated. | |||
=== What you can do with this service === | === What you can do with this service === | ||
| Line 81: | Line 81: | ||
: business hours availability. 1 year data retention. | : business hours availability. 1 year data retention. | ||
; Costs | ; Costs | ||
: platform supported by | : platform supported by InfoSec. Subscriber’s handles the cost of provisioning and monitoring the agents on target systems. | ||
: [https://bugzilla.mozilla.org/enter_bug.cgi?product=Enterprise%20Information%20Security&component=MIG&assigned_to=jvehent%40mozilla.com&blocked=896480 request bug] | : [https://bugzilla.mozilla.org/enter_bug.cgi?product=Enterprise%20Information%20Security&component=MIG&assigned_to=jvehent%40mozilla.com&blocked=896480 request bug] | ||
=== Description === | === Description === | ||
[[File:Mig-console.png|right|300px]] | [[File:Mig-console.png|right|300px]] | ||
InfoSec operates a client/server platform to facilitate the investigation of large numbers of systems in parallel. We distribute agents across endpoints of an infrastructure that can be queried in real-time through a central console. This service uses Mozilla InvestiGator (MIG). | |||
=== What you can do with this service === | === What you can do with this service === | ||
| Line 95: | Line 95: | ||
* Search through the memory of a live system. | * Search through the memory of a live system. | ||
* Search for MAC addresses, IP addresses and connected IPs. | * Search for MAC addresses, IP addresses and connected IPs. | ||
* Verify conformity of a configuration with | * Verify conformity of a configuration with InfoSec best practices. | ||
== Service: Test driven systems security == | == Service: Test driven systems security == | ||
| Line 102: | Line 102: | ||
: business hours availability. 1 year data retention. | : business hours availability. 1 year data retention. | ||
; Costs | ; Costs | ||
: platform supported by | : platform supported by InfoSec. Subscriber’s handles the cost of provisioning and monitoring the agents on target systems. | ||
; Service request | ; Service request | ||
: [https://bugzilla.mozilla.org/enter_bug.cgi?product=Enterprise%20Information%20Security&component=MIG&assigned_to=jvehent%40mozilla.com&blocked=896480 request bug] | : [https://bugzilla.mozilla.org/enter_bug.cgi?product=Enterprise%20Information%20Security&component=MIG&assigned_to=jvehent%40mozilla.com&blocked=896480 request bug] | ||
| Line 120: | Line 120: | ||
: Response within a week. | : Response within a week. | ||
; Costs | ; Costs | ||
: 30 minutes meeting with | : 30 minutes meeting with InfoSec. | ||
; Service request | ; Service request | ||
: [https://bugzilla.mozilla.org/enter_bug.cgi?product=Enterprise%20Information%20Security&component=Review request bug] | : [https://bugzilla.mozilla.org/enter_bug.cgi?product=Enterprise%20Information%20Security&component=Review request bug] | ||
| Line 140: | Line 140: | ||
: Response within a week. | : Response within a week. | ||
; Costs | ; Costs | ||
: One or more meeting with | : One or more meeting with InfoSec. | ||
; Service request | ; Service request | ||
: [https://bugzilla.mozilla.org/enter_bug.cgi?product=Enterprise%20Information%20Security&component=Review request bug] | : [https://bugzilla.mozilla.org/enter_bug.cgi?product=Enterprise%20Information%20Security&component=Review request bug] | ||
| Line 242: | Line 242: | ||
* Go beyond traditional SIEM systems in automating incident handling, information sharing, workflow, metrics and response automation | * Go beyond traditional SIEM systems in automating incident handling, information sharing, workflow, metrics and response automation | ||
= Documentation maintained by | = Documentation maintained by InfoSec = | ||
* [https://wiki.mozilla.org/Security/OpSec This page] | * [https://wiki.mozilla.org/Security/OpSec This page] | ||
* [https://wiki.mozilla.org/Security/Server_Side_TLS Server Side TLS] | * [https://wiki.mozilla.org/Security/Server_Side_TLS Server Side TLS] | ||