24
edits
WebAppSec: Difference between revisions
→Mozilla Web Application Security
| (5 intermediate revisions by 3 users not shown) | |||
| Line 16: | Line 16: | ||
[[WebAppSec/Security_Review_Request|Security Review Request]] | [[WebAppSec/Security_Review_Request|Security Review Request]] | ||
[[WebAppSec/Wordpress_Security_Review_Process|Wordpress Theme or Plugin - Security Install Process]] | |||
[[WebAppSec/ | ==Filing a Web Security Bug== | ||
For instructions regarding the use of Bugzilla to file a web security bug, visit: [[WebAppSec/Filing_In_Bugzilla|Filing a Web Security Bug in Bugzilla]] | |||
== Presentations == | == Presentations == | ||
Infrastructure security will be presenting on various security topics on a regular basis. These courses are free and open to anyone that would like to attend. For those that are remote, please join us on air.mozilla.org to remotely watch the presentation. | Infrastructure security will be presenting on various security topics on a regular basis. These courses are free and open to anyone that would like to attend. For those that are remote, please join us on air.mozilla.org to remotely watch the presentation. | ||
===Schedule=== | ===Schedule-2012=== | ||
===Schedule-2011-Archive=== | |||
===='''April 23, 2011 - Stanford Open Source Bootcamp'''==== | ===='''April 23, 2011 - Stanford Open Source Bootcamp'''==== | ||
* Topic: Securing Web Applications through Hands On Security Hacking | * Topic: Securing Web Applications through Hands On Security Hacking | ||
| Line 68: | Line 73: | ||
* Remote Participation: Yes, streaming via [http://air.mozilla.org air.mozilla.org] | * Remote Participation: Yes, streaming via [http://air.mozilla.org air.mozilla.org] | ||
* Archived Video , Slides - Will be available after the session | * Archived Video , Slides - Will be available after the session | ||
===='''December 5, 2011 - Cross-Site Request Forgery and other cross domain technologies'''==== | |||
* Topic: Dealing with CSRF, the talk will also cover Cross-Origin Resource Sharing and the postMessage API | |||
* Time: 12pm-1pm Pacific | |||
* Location: Mountain View (10 Forward) | |||
* Remote Participation: Yes, streaming via [http://air.mozilla.org air.mozilla.org] | |||
* Archived Video , Slides - Will be available after the session | |||
===='''December 14, 2011 - What You See and What You Get - An Attacker's perspective'''==== | |||
* Topic: The talk covers how an attacker views a software system, how that differs from more common perspectives and what that teaches us about how to make secure products | |||
* Time: 5-6pm GMT | |||
* Location: Adsetts Learning Center (room 6619), Sheffield Hallam University, UK | |||
* Remote Participation: No | |||
* Archived Video - to be made available soon | |||
====Future Topics==== | ====Future Topics==== | ||