WebAppSec: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
Line 22: Line 22:


===Schedule===
===Schedule===
* '''[https://wiki.mozilla.org/WebAppSec/Presentations/2011-07-14-MobileHacking July 14, 2011 - Mobile Hacking]'''  
===='''[https://wiki.mozilla.org/WebAppSec/Presentations/2011-07-14-MobileHacking July 14, 2011 - Mobile Hacking]'''====
** Topic: Blake Turrentine presents Mobile Hacking courseware for BlackHat 2011
* Topic: Blake Turrentine presents Mobile Hacking courseware for BlackHat 2011
** Time: 6pm-9:30pm Pacific
* Time: 6pm-9:30pm Pacific
** Location: Mountain View (10 Forward) (Sorry, no streaming)
* Location: Mountain View (10 Forward) (Sorry, no streaming)
** Remote Participation: No, lab element requires in-person attendance
* Remote Participation: No, lab element requires in-person attendance
** Limited Space - [https://wiki.mozilla.org/WebAppSec/Presentations/2011-07-14-MobileHacking#RSVP RSVP Required]
* Limited Space - [https://wiki.mozilla.org/WebAppSec/Presentations/2011-07-14-MobileHacking#RSVP RSVP Required]
* '''July 20, 2011 - Hands-On Hacking Brownbag''' (Specific date not yet confirmed)
===='''July 20, 2011 - Hands-On Hacking Brownbag - Cross Site Scripting''' ====
** Topic: Cross Site Scripting
* Topic: Cross Site Scripting
** Time: 12pm-1pm Pacific
* Time: 12pm-1pm Pacific
** Location: Mountain View (10 Forward)
* Location: Mountain View (10 Forward)
** Remote Participation: Yes, streaming via air.mozilla.org
* Remote Participation: Yes, streaming via air.mozilla.org
* '''August 16, 2011 - Hands-On Hacking Brownbag''' (Specific date not yet confirmed)
* Lab Setup - Please setup your VM test instance prior to the session - [http://people.mozilla.org/~mcoates/WebSecurityLab.html instructions]
** Topic: SQL Injection
===='''August 16, 2011 - Hands-On Hacking Brownbag - SQL Injection'''====
** Time: 12pm-1pm Pacific
* Topic: SQL Injection
** Location: Mountain View (10 Forward)  
* Time: 12pm-1pm Pacific
** Remote Participation: Yes, streaming via air.mozilla.org
* Location: Mountain View (10 Forward)  
* <Monthly Hands-On Hacking Classes Planned>
* Remote Participation: Yes, streaming via air.mozilla.org
* Lab Setup - Please setup your VM test instance prior to the session - [http://people.mozilla.org/~mcoates/WebSecurityLab.html instructions]
====Future Topics====
* Hands-On Hacking Classes Planned For Each Month
* Submit an idea for a topic or brownbag to infrasec@mozilla.com


'''Old Presentations'''
===Archive ===
* April 23, 2011 - Stanford Open Source Bootcamp - [http://people.mozilla.org/~mcoates/WebAppSec-Training.html Securing Web Applications]
* April 23, 2011 - Stanford Open Source Bootcamp - [http://people.mozilla.org/~mcoates/WebAppSec-Training.html Securing Web Applications]
* Mozilla Summit 2010 - Web Application Security [https://docs.google.com/leaf?id=0B2Pqt0j8wq08MzUwZmQ5YmQtMTQ3Yi00MjFmLWE3OTAtZjBhMTVkYTA0ZDJj&sort=name&layout=list&num=50 (.key)] [http://docs.google.com/present/edit?id=0AWPqt0j8wq08ZGQ4OWhzNmRfMTM5aHRqamp6czc&hl=en&authkey=COzwmvEH (.ppt)]
* Mozilla Summit 2010 - Web Application Security [https://docs.google.com/leaf?id=0B2Pqt0j8wq08MzUwZmQ5YmQtMTQ3Yi00MjFmLWE3OTAtZjBhMTVkYTA0ZDJj&sort=name&layout=list&num=50 (.key)] [http://docs.google.com/present/edit?id=0AWPqt0j8wq08ZGQ4OWhzNmRfMTM5aHRqamp6czc&hl=en&authkey=COzwmvEH (.ppt)]

Revision as of 15:06, 2 July 2011

Mozilla Web Application Security

Welcome to the home page for Mozilla Web Application Security. This page will provide security information related to Mozilla hosted web applications and web services.

Note: This public page has been recently created and will be updated with more information.

Secure Development Guidance

Web Application Security Severity Ratings

Secure Coding Guidelines

Secure Coding QA Checklist

Request a Security Review

Are you releasing a Mozilla web application or service? If so, the Mozilla infrasec team can review the code and running application for security flaws.

Security Review Request

Presentations

Infrastructure security will be presenting on various security topics on a regular basis. These courses are free and open to anyone that would like to attend. For those that are remote, please join us on air.mozilla.org to remotely watch the presentation.

Schedule

July 14, 2011 - Mobile Hacking

  • Topic: Blake Turrentine presents Mobile Hacking courseware for BlackHat 2011
  • Time: 6pm-9:30pm Pacific
  • Location: Mountain View (10 Forward) (Sorry, no streaming)
  • Remote Participation: No, lab element requires in-person attendance
  • Limited Space - RSVP Required

July 20, 2011 - Hands-On Hacking Brownbag - Cross Site Scripting

  • Topic: Cross Site Scripting
  • Time: 12pm-1pm Pacific
  • Location: Mountain View (10 Forward)
  • Remote Participation: Yes, streaming via air.mozilla.org
  • Lab Setup - Please setup your VM test instance prior to the session - instructions

August 16, 2011 - Hands-On Hacking Brownbag - SQL Injection

  • Topic: SQL Injection
  • Time: 12pm-1pm Pacific
  • Location: Mountain View (10 Forward)
  • Remote Participation: Yes, streaming via air.mozilla.org
  • Lab Setup - Please setup your VM test instance prior to the session - instructions

Future Topics

  • Hands-On Hacking Classes Planned For Each Month
  • Submit an idea for a topic or brownbag to infrasec@mozilla.com

Archive

Security Learning Materials

Mozilla WebAppSec Mailing List

Interested in discussing web application security concerns and the impact on Mozilla web applications? Then this is the list for you. Please note, this is a public list and is not the appropriate channel to discuss open security vulnerabilities (please file a bug in bugzilla).

https://mail.mozilla.org/listinfo/webappsec

Infrastructure Security Blog - http://blog.mozilla.com/webappsec/

Retrieved from "https://wiki.mozilla.org/index.php?title=WebAppSec&oldid=324594"