Changes

Security/FirefoxOperations

915 bytes removed, 22:52, 7 June 2016

no edit summary

The table below summarizes the open issues assigned to the CloudSec team, sorted by area of focus.

~~=== Operational Security ===~~

{| class="wikitable"

|- style="vertical-align:~~bottom~~top;"! style="height:100px; width:300px; text-align:center;" |

! style="height:100px; width:200px; text-align:center;" |

~~Continuous~~ Continous Testing ~~(TDS)~~

! style="height:100px; width:200px; text-align:center;" |

Fraud Detection

! style="height:100px; width:200px; text-align:center;" |

Infra Hardening

~~! style="height:100px; width:200px; text-align:center;" |~~

~~Threat monitoring~~

|-

! Operational security| style="background-color: ~~red~~yellow;"|~~[https://github.com/mozilla-services/cloudsec/issues?q=is%3Aopen+is%3Aissue+label%3A"1.1+TDS" '''3~~ 2 HIGH~~'''~~ ~~'''~~2 MEDIUM~~'''~~ ~~'''3~~ 2 LOW~~'''~~ ]| style="background-color: ~~red~~yellow;"|~~[https://github.com/mozilla-services/cloudsec/issues?q=is%3Aopen+is%3Aissue+label%3A"1.~~2~~+fraud+detection" '''3~~ HIGH~~'''~~ ~~'''~~1 MEDIUM~~'''~~ ]

| style="background-color: green;"|

~~[https://github.com/mozilla-services/cloudsec/issues?q=is%3Aopen+is%3Aissue+label%3A"1.3+identity+management" '''~~1 MEDIUM~~'''~~ ~~'''~~1 LOW~~'''~~ ]

| style="background-color: yellow;"|

~~[https://github.com/mozilla-services/cloudsec/issues?q=is%3Aopen+is%3Aissue+label%3A"1.4+infra+hardening" '''4~~ 3 MEDIUM~~'''~~ ~~'''3 LOW''' ]~~ ~~| style="background-color: green;"|[https://github.com/mozilla-services/cloudsec/issues?q=is%3Aopen+is%3Aissue+label%3A"~~3~~.2+monitor+external+threats" '''2~~ LOW~~'''~~ ]

|}

~~=== Application Security ===~~

{| class="wikitable"

|- style="vertical-align:~~bottom~~top;"! style="height:100px; width:300px; text-align:center;" |

! style="height:100px; width:200px; text-align:center;" |

Risk & Security reviews

! style="height:100px; width:200px; text-align:center;" |

Test & Implement Baseline Security

~~! style="height:100px; width:200px; text-align:center;" |~~

~~Data & Code Signing~~

! style="height:100px; width:200px; text-align:center;" |

Training & Communication

! style="height:100px; width:200px; text-align:center;" |

Bug Bounty

|-

! Application Security

| style="background-color: yellow;"|

2 HIGH 1 LOW

| style="background-color: yellow;"|

1 HIGH 1 MEDIUM

| style="background-color: green;"|

1 HIGH 2 LOW

| no pending task

|}

{| class="wikitable"

|- style="vertical-align:top;"

! style="height:100px; width:300px; text-align:center;" |

! style="height:100px; width:200px; text-align:center;" |

Data & Code Signing

! style="height:100px; width:200px; text-align:center;" |

Threat monitoring

! style="height:100px; width:200px; text-align:center;" |

External audits

|-

! Core security services

| style="background-color: yellow;"|

~~[https://github.com/mozilla-services/cloudsec/issues?q=is%3Aopen+is%3Aissue+label%3A"2.1+risk+assessment" '''2 HIGH''' '''1 LOW''' ]| style="background-color: yellow;"|[https://github.com/mozilla-services/cloudsec/issues?q=is%3Aopen+is%3Aissue+label%3A"2.2+appsec+baseline" '''1 HIGH''' '''1 MEDIUM''' ]| style="background-color: yellow;"|[https://github.com/mozilla-services/cloudsec/issues?q=is%3Aopen+is%3Aissue+label%3A"3.1+signature" '''~~1 HIGH~~'''~~ ~~'''~~1 MEDIUM~~'''~~ ~~'''~~1 LOW~~'''~~ ]

| style="background-color: green;"|

~~[https://github.com/mozilla-services/cloudsec/issues?q=is%3Aopen+is%3Aissue+label%3A"2.3+security+communication" '''1 HIGH''' '''~~2 LOW~~'''~~ ]~~| no pending task~~

| style="background-color: green;"|

~~[https://github.com/mozilla-services/cloudsec/issues?q=is%3Aopen+is%3Aissue+label%3A"3.3+external+audits" '''2~~ 1 LOW~~'''~~ ]

|}

* Set HSTS to 2592000 (30 days) ('''INFRA-HSTS''')

* Set HPKP to 2592000 (30 days) ('''INFRA-HPKP''')

* Admin panels must :** only be available behind Mozilla VPN ~~and~~ (which provides MFA) ('''INFRA-ADMINVPN''')** require LDAP ~~auth~~ authentication ('''INFRA-ADMINLDAP''')** enforce a two-man rule on sensitive changes ('''INFRA-~~ADMIN~~2MANRULE''')

=== Coding rules ===

Ulfr

Confirm

529

edits

Changes

Security/FirefoxOperations

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

How to Contribute

MozillaWiki

Around Mozilla

Tools