Confirmed users
529
edits
Security/FirefoxOperations: Difference between revisions
Rename to FoxSec
m (Ulfr moved page Security/CloudSec to Security/FoxSec: team rename) |
(Rename to FoxSec) |
||
| Line 1: | Line 1: | ||
= | = Firefox Services & Operations Security = | ||
The CloudSec team is tasked with securing core Firefox services operated by the Cloud Services organization at Mozilla. | The CloudSec team is tasked with securing core Firefox services operated by the Cloud Services organization at Mozilla. | ||
[[File: | [[File:Foxsec1024.png|300px]] | ||
== Contact == | == Contact == | ||
Email us at | Email us at foxsec@mozilla.com. | ||
To report a security issue on a given site, use the bug bounty form [https://www.mozilla.org/en-US/security/bug-bounty/faq-webapp/ as explained here]. | To report a security issue on a given site, use the bug bounty form [https://www.mozilla.org/en-US/security/bug-bounty/faq-webapp/ as explained here]. | ||
| Line 13: | Line 13: | ||
== Backlog == | == Backlog == | ||
The table below summarizes the open issues assigned to the | The table below summarizes the open issues assigned to the FoxSec team, sorted by area of focus. | ||
=== Operational Security === | === Operational Security === | ||
| Line 30: | Line 30: | ||
|- | |- | ||
| style="background-color: #d04437;"| | | style="background-color: #d04437;"| | ||
[https://github.com/mozilla-services/ | [https://github.com/mozilla-services/foxsec/issues?q=is%3Aopen+is%3Aissue+label%3A"1.1+TDS" <span style="color:white;">'''1 HIGH'''<br />'''4 MEDIUM'''<br />'''6 LOW'''<br /></span>] | ||
| style="background-color: #d04437;"| | | style="background-color: #d04437;"| | ||
[https://github.com/mozilla-services/ | [https://github.com/mozilla-services/foxsec/issues?q=is%3Aopen+is%3Aissue+label%3A"1.2+fraud+detection" <span style="color:white;">'''2 HIGH'''<br />'''4 MEDIUM'''<br />'''3 LOW'''<br /></span>] | ||
| style="background-color: #4a6785;"| | | style="background-color: #4a6785;"| | ||
[https://github.com/mozilla-services/ | [https://github.com/mozilla-services/foxsec/issues?q=is%3Aopen+is%3Aissue+label%3A"1.3+identity+management" <span style="color:white;">'''2 MEDIUM'''<br /></span>] | ||
| style="background-color: #d04437;"| | | style="background-color: #d04437;"| | ||
[https://github.com/mozilla-services/ | [https://github.com/mozilla-services/foxsec/issues?q=is%3Aopen+is%3Aissue+label%3A"1.4+infra+hardening" <span style="color:white;">'''6 MEDIUM'''<br />'''6 LOW'''<br /></span>] | ||
| style="background-color: #4a6785;"| | | style="background-color: #4a6785;"| | ||
[https://github.com/mozilla-services/ | [https://github.com/mozilla-services/foxsec/issues?q=is%3Aopen+is%3Aissue+label%3A"3.2+monitor+external+threats" <span style="color:white;">'''1 LOW'''<br /></span>] | ||
|} | |} | ||
| Line 58: | Line 58: | ||
|- | |- | ||
| style="background-color: #d04437;"| | | style="background-color: #d04437;"| | ||
[https://github.com/mozilla-services/ | [https://github.com/mozilla-services/foxsec/issues?q=is%3Aopen+is%3Aissue+label%3A"2.1+risk+assessment" <span style="color:white;">'''1 HIGH'''<br />'''4 MEDIUM'''<br />'''4 LOW'''<br /></span>] | ||
| style="background-color: #d04437;"| | | style="background-color: #d04437;"| | ||
[https://github.com/mozilla-services/ | [https://github.com/mozilla-services/foxsec/issues?q=is%3Aopen+is%3Aissue+label%3A"2.2+appsec+baseline" <span style="color:white;">'''4 HIGH'''<br />'''5 MEDIUM'''<br />'''3 LOW'''<br /></span>] | ||
| style="background-color: #ffd351;"| | | style="background-color: #ffd351;"| | ||
[https://github.com/mozilla-services/ | [https://github.com/mozilla-services/foxsec/issues?q=is%3Aopen+is%3Aissue+label%3A"3.1+signature" <span style="color:black;">'''2 MEDIUM'''<br />'''4 LOW'''<br /></span>] | ||
| style="background-color: #ffd351;"| | | style="background-color: #ffd351;"| | ||
[https://github.com/mozilla-services/ | [https://github.com/mozilla-services/foxsec/issues?q=is%3Aopen+is%3Aissue+label%3A"2.3+security+communication" <span style="color:black;">'''1 HIGH'''<br />'''1 MEDIUM'''<br />'''4 LOW'''<br /></span>] | ||
| style="background-color: #4a6785;"| | | style="background-color: #4a6785;"| | ||
[https://github.com/mozilla-services/ | [https://github.com/mozilla-services/foxsec/issues?q=is%3Aopen+is%3Aissue+label%3A"2.4+bug+bounty" <span style="color:white;">'''1 LOW'''<br /></span>] | ||
| style="background-color: #4a6785;"| | | style="background-color: #4a6785;"| | ||
[https://github.com/mozilla-services/ | [https://github.com/mozilla-services/foxsec/issues?q=is%3Aopen+is%3Aissue+label%3A"3.3+external+audits" <span style="color:white;">'''1 MEDIUM'''<br />'''1 LOW'''<br /></span>] | ||
|} | |} | ||
| Line 88: | Line 88: | ||
* Admin panels should rely on Mozilla's Identity Management platform provided by IT | * Admin panels should rely on Mozilla's Identity Management platform provided by IT | ||
* Third-party services (datadog, pagerduty, aws) should have automated user management (userplex). | * Third-party services (datadog, pagerduty, aws) should have automated user management (userplex). | ||
foxsec need to facilitate integration with Mozilla's IAM with standard libraries and tools. | |||
==== 1.4 Harden the infrastructure ==== | ==== 1.4 Harden the infrastructure ==== | ||
| Line 101: | Line 101: | ||
==== 2.1 Help new projects identify threats and controls (RRA, threat models,...) ==== | ==== 2.1 Help new projects identify threats and controls (RRA, threat models,...) ==== | ||
Risk assessment and threat modeling help people think through failure scenarios they wouldn’t evaluate otherwise. RRAs often leads to architectural changes that are best identified early. Each new project must undergo a 30/60min RRA with one of the member of | Risk assessment and threat modeling help people think through failure scenarios they wouldn’t evaluate otherwise. RRAs often leads to architectural changes that are best identified early. Each new project must undergo a 30/60min RRA with one of the member of foxsec to assess the security posture of the project. | ||
==== 2.2 Implement baseline services security standards ==== | ==== 2.2 Implement baseline services security standards ==== | ||
Content Security Policy (CSP), HSTS, HPKP, data signature and encryption, input validation, XSS and SQLi protection are part of techniques developers should care about when building new services. | Content Security Policy (CSP), HSTS, HPKP, data signature and encryption, input validation, XSS and SQLi protection are part of techniques developers should care about when building new services. foxsec defines services security standards that devs can implement and foxsec tests in TDS. | ||
==== 2.3 Communicate security effectively throughout the organization ==== | ==== 2.3 Communicate security effectively throughout the organization ==== | ||
Teams need a channel to ask security questions, discuss concerns and share techniques. | Teams need a channel to ask security questions, discuss concerns and share techniques. FoxSec must organize information flow and broadcast to developers, ops and managers. This includes general security best practices, analyzis and actions to take on CVE vulnerabilities, response and communication on incidents. | ||
==== 2.4 Use Mozilla’s bug bounty program ==== | ==== 2.4 Use Mozilla’s bug bounty program ==== | ||
| Line 115: | Line 115: | ||
==== 3.1 Sign data that changes the configuration of user agents ==== | ==== 3.1 Sign data that changes the configuration of user agents ==== | ||
We iterate fast, and eventually someone, either us or a partner, is bound to make a mistake and open a door that could put our users at risk. Signing the data we send to our users helps cover that risk. Digital signature for Firefox is a complex topic - not every project can implement it independently - so | We iterate fast, and eventually someone, either us or a partner, is bound to make a mistake and open a door that could put our users at risk. Signing the data we send to our users helps cover that risk. Digital signature for Firefox is a complex topic - not every project can implement it independently - so foxsec must provide the tooling and services to facilitate signing ([autograph](https://github.com/mozilla-services/autograph)) | ||
==== 3.2 Monitor our ecosystem for external threats ==== | ==== 3.2 Monitor our ecosystem for external threats ==== | ||
| Line 205: | Line 205: | ||
== Sites and Services == | == Sites and Services == | ||
FoxSec is responsible for the security of the following websites and backend services. | |||
(note: | (note: foxsec is not responsible for the security of implementations in firefox, only of the backend services). | ||
=== ABSearch === | === ABSearch === | ||
| Line 313: | Line 313: | ||
* receiptcheck.marketplace.firefox.com | * receiptcheck.marketplace.firefox.com | ||
* static.marketplace.firefox.com | * static.marketplace.firefox.com | ||
In Bounty Scope? Yes | In Bounty Scope? Yes | ||
| Line 358: | Line 338: | ||
Code: | Code: | ||
* [https://github.com/mozilla/normandy normandy] | * [https://github.com/mozilla/normandy normandy] | ||
Public Endpoints: TBD | Public Endpoints: TBD | ||
| Line 365: | Line 344: | ||
=== Telemetry === | === Telemetry === | ||
Code: | Code: | ||
* [https://github.com/mozilla/telemetry-server telemetry-server] | * [https://github.com/mozilla/telemetry-server telemetry-server] (deprecated moving to [https://github.com/mozilla/telemetry-analysis-service telemetry-analysis-service]) | ||
* [https://github.com/mozilla/telemetry-dashboard/ telemetry-dashboard] | * [https://github.com/mozilla/telemetry-dashboard/ telemetry-dashboard] | ||