Security/MockUp
< Security
STATUS: MOCKUP / DRAFT Welcome to the Mozilla Security wiki.
How To Find Us
Lot's of options, we're here to help:
- Security@mozilla.org - email us any questions, concerns, etc
- Bugzilla falg - sec-review - We triage based on this flag you don't need to set a target person we'll work that out if you don't know
- #security on IRC
- File a security/privacy review request via this link
- Attend a Security Talk given by one of the security team
Security Feature Development
At Mozilla, we build secure operation and user sovereignty into the web platform and leverage the open web to bring these attributes to more environments.
We focus hard on ways to improve the privacy and security of all web users, in a Mozilla way that engages the community in our design and implementation decisions. These priorities are reflected in the projects this team manages, public evangelism and participation in relevant standards bodies to maximize adoption of new privacy & security mechanisms.
For more information and how to participate: Security Engineering
- Security Severity Ratings
- How to report a security issue
- Want to fix a security bug? Here is a list of old thorny bugs you can take on.
Security Reviews
Main Article: Security/Reviews
- Need a security review or to find the documentation of completed reviews? This is what your looking for.
- Project Kick-Off Form
- Security & Privacy Review Request Form
- Find past reviews by Category:SecReview
To be moved under this page: * Security Radar
| Unlinked Reviews |
|---|
* Android System Storage * WebBattery * BrowserID C API * Add crossorigin attribute * Sync Dialogue * JetPack 2011-10-12 * XHR non-post rewrite * Stub Installer * Sync Client * Weave 1.3b5 Client * DNSSEC-TLS * Web Activities & F1 * MouseLock * Joystick |
| Unlinked Discussions |
|---|
* WebRTC |
Security Process Documents
Main Article: Security/Process
- Need a security approval? Looking for the documentation on how we do what we do? Look no further!
To be moved under this page/area: * Approval for Landing Security Bugs * Web Bug Verification Rotation * Understand the Secure Development Lifecycle used to secure our new features/products/applications * Information on Bugzilla and the Security Assurance Component
Security Initiatives
- Initiatevs the security team is currently working on or has worked on in the past (ie. Embedding and Champions)