Changes

Security/InfoSec

4 bytes added, 01:38, 18 July 2015

→‎Service: Security Review

* Find out if you need a security review.

== Service: ~~Security Review~~ Threat Modeling ==

; Support commitment

=== Description ===

~~Security reviews are in depth reviews~~ Threat modeling defines a set of ~~the security of a project or a technical issue~~attack scenarios to consider against an application. They are more specific, thorough and often more time consuming than Rapid Risk Assessments (RRA).When a ~~security review~~ threat model or analysis is requested on a large service (ie, larger than a quick reply in a bug), a an RRA is required to ensure that the security recommendations cover the areas of concerns of the service.

=== What you can do with this service ===

* Get an in depth ~~security review~~ threat model of your project with technical details, recorded in a document.

* Get a quick in-line reply in Bugzilla (responses sec-review flag).

* Get architectural tips from the security point of view at the project design time.

Gdestuynder

Confirm

502

edits

Changes

Security/InfoSec

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

How to Contribute

MozillaWiki

Around Mozilla

Tools