Confirmed users
529
edits
Security/Automation/WinterOfSecurity2014: Difference between revisions
Security/Automation/WinterOfSecurity2014 (view source)
Revision as of 14:55, 7 April 2014
, 7 April 2014no edit summary
No edit summary |
|||
| Line 1: | Line 1: | ||
'''THIS IS A WORK IN PROGRESS AND NOT READY FOR PRIME TIME.''' | |||
= Winter Of Security 2014 = | = Winter Of Security 2014 = | ||
The Winter of Security is | The Winter of Security (MWOS) is Mozilla program to involve students with Security projects. Students who have to perform a semester project as part of their university curriculum can apply to one of the MWOS project. Projects are guided by a Mozilla Adviser, and a University Professor. Students are graded by their University, based on success criteria identified at the beginning of the project. Mozilla Advisers allocate up to 2 hours each week to their students, typically on video-conference, to discuss progress and roadblocks. | ||
Projects are focused on tools, and students are expected to write code. | Projects are focused on building security tools, and students are expected to write code. | ||
== Selection process == | == Selection process == | ||
| Line 12: | Line 14: | ||
* links to relevant resources (university website, resumes, ...) | * links to relevant resources (university website, resumes, ...) | ||
== | == Student projects == | ||
=== Web Security === | === Web Security === | ||
==== ScanJS: Contribute to a JavaScript source code analyzer ==== | ==== ScanJS: Contribute to a JavaScript source code analyzer ==== | ||
* | * Mozilla Advisor: Frederik Braun | ||
* difficulty: high | * difficulty: high | ||
* language: english | * language: english | ||
| Line 21: | Line 23: | ||
==== Conduct Security Reviews ==== | ==== Conduct Security Reviews ==== | ||
* | * Mozilla Advisor: Frederik Braun | ||
* difficulty: high | * difficulty: high | ||
* language: english | * language: english | ||
| Line 28: | Line 30: | ||
=== Forensic === | === Forensic === | ||
==== Cross-platform memory scanning in Go ==== | ==== Cross-platform memory scanning in Go ==== | ||
* | * Mozilla Advisor: Julien Vehent | ||
* difficulty: high | * difficulty: high | ||
* language: english or french | * language: english or french | ||
| Line 36: | Line 38: | ||
=== Network Security === | === Network Security === | ||
==== Active measurement of firewalls configuration compliance ==== | ==== Active measurement of firewalls configuration compliance ==== | ||
* | * Mozilla Advisor: TBD | ||
* difficulty: medium | * difficulty: medium | ||
* language: english | * language: english | ||
| Line 42: | Line 44: | ||
==== Cross-platform firewall driver in Go ==== | ==== Cross-platform firewall driver in Go ==== | ||
* | * Mozilla Advisor: Julien Vehent | ||
* difficulty: medium | * difficulty: medium | ||
* language: english or french | * language: english or french | ||
| Line 51: | Line 53: | ||
=== Cryptography === | === Cryptography === | ||
==== Compliance checking of TLS configuration ==== | ==== Compliance checking of TLS configuration ==== | ||
* | * Mozilla Advisor: Julien Vehent | ||
* difficulty: easy | * difficulty: easy | ||
* language: english or french | * language: english or french | ||
| Line 57: | Line 59: | ||
=== Risk Management === | === Risk Management === | ||
==== A playful way of teaching risk management to individuals ==== | ==== A playful way of teaching risk management to individuals ==== | ||
* | * Mozilla Advisor: TBD | ||
* difficulty: medium | * difficulty: medium | ||
* language: english | * language: english | ||
| Line 63: | Line 65: | ||
==== An online threat modelling tool ==== | ==== An online threat modelling tool ==== | ||
* | * Mozilla Advisor: TBD | ||
* difficulty: medium | * difficulty: medium | ||
* language: english | * language: english | ||