Security/Program Management

From MozillaWiki

Revision as of 22:33, 2 April 2009 by Bsterne (talk | contribs) (Creating Security Program Management wiki page)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

This document describes the Security Program Management function at Mozilla. If you have questions, please contact Brandon Sterne, the Security Program Manager.

External Communications

Ensure responses are sent to inquiries made to security@mozilla.org
- Researchers reporting vulnerabilities
- Users reporting security problems with Mozilla products
Help Mozilla Press produce responses to security-related questions from the media

Security Metrics

Raise awareness within the organization of key product security metrics
- Open Security Bugs
- Client software crashes

Security Releases

Help release drivers triage bugs needed on the stable branches
Publish advisories for the security bugs fixed in each release
Support Release Drivers, QA, and Release Engineering teams during out-of-band "firedrill" releases

Secure Development Lifecycle

Develop material to increase awareness of and utilization of security best practices by Mozilla developers
- Secure Development Guidelines
- Mozilla JavaScript Security Training
Deliver security training sessions to developers and QA engineers

Security Feature Development

Help design security features
- Content Security Policy
- Origin header
Drive implementation of security features, contributing to implementation where possible

Retrieved from "https://wiki.allizom.org/index.php?title=Security/Program_Management&oldid=137822"