Security/Program Management

From MozillaWiki

Revision as of 16:45, 17 February 2010 by Bsterne (talk | contribs) (→‎Security Metrics)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

This document describes the Security Program Management function at Mozilla. If you have questions, please contact Brandon Sterne, the Security Program Manager.

External Communications

Ensure responses are sent to inquiries made to security@mozilla.org
- Researchers reporting vulnerabilities
- Users reporting security problems with Mozilla products
Help Mozilla Press produce responses to security-related questions from the media

Security Metrics

Raise awareness within the organization of key product security metrics
- Open Security Bugs
- Client software crashes

Security Releases

Help release drivers triage bugs needed on the stable branches
Publish advisories for the security bugs fixed in each release
Support Release Drivers, QA, and Release Engineering teams during out-of-band "firedrill" releases

Secure Development Lifecycle

Develop material to increase awareness of and utilization of security best practices by Mozilla developers
- Secure Development Guidelines
- Mozilla JavaScript Security Training
Deliver security training sessions to developers and QA engineers

Security Feature Development

Help design security features
- Content Security Policy
- Origin header
Drive implementation of security features, contributing to implementation where possible

New product and feature tracking

Track new products and new product features to ensure they are reviewed
Manage internal and external testing schedules

Retrieved from "https://wiki.allizom.org/index.php?title=Security/Program_Management&oldid=202818"