Security/Meetings/SecurityAssurance/2013-10-01: Difference between revisions
< Security | Meetings | SecurityAssurance
Jump to navigation
Jump to search
(Created page with "{{SecAssuranceMeetingInfo}} {{TOC right}}") |
No edit summary |
||
| Line 1: | Line 1: | ||
{{SecAssuranceMeetingInfo}} | {{SecAssuranceMeetingInfo}} | ||
{{TOC right}} | {{TOC right}} | ||
=Agenda= | |||
* Q3 Goals - Please keep status up to date - https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AmLct3lOMM6ZdGVNXzUxZkJ0WHJPNG0wMDF3ODF6REE | |||
** Q3 goals sheet closes on Friday | |||
* Q4 goals | |||
** https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AthhYg2CqN25dGRDX0ZqTkJ4dTJGWFVyb2RmNTNDbmc | |||
** Consider that it's a short quarter (summit + holidays) | |||
** Consider that the recent reorg may change communication between teams | |||
* Metrics | |||
** https://security-review-statistics.vcap.mozillalabs.com/ | |||
** https://people.mozilla.com/~sarentz/p/dashboard | |||
* open sessions at Summit | |||
** Security Champs - Brussels: Curtis | Toronto: Yvan (Fri or Sat) |Santa Clara: Rob Fletcher | |||
*** slids: https://people.mozilla.org/~ckoenig/Presentations/SecChamps2013.html | |||
**** also mailed to team alias | |||
*** When is it? link? open session? | |||
**** summit has not given us the times yet | |||
** https://etherpad.mozilla.org/summit-sec-faqs <- FAQs for summit | |||
* Security/privacy session at Summit | |||
** Security Review Process - Brussels: Curtis | Toronto:Yvan (Fri or Sat) |Santa Clara: David Chan | |||
*** no slides; just a conversation | |||
***[yvan|toronto] I will have slides for my session; do we have timings for everything < times for open session are not posted yet - url to slides please? Will have ;) Slides will be ready on Wednesday evening (planning to author on flight / at hotel) | |||
** Secure coding guidelines (ad hoc - not a 'proper' session) - Brussels: | Toronto: mgoodwin | Santa Clara: | |||
*** Use the guidelines as a crib sheet | |||
* Silisec this Thursday: http://silisec.org/meetup/2013/October/ | |||
** That's just silly! | |||
* [gkw] I'm a Site Host at a location (SC) for Summit - anyone else? | |||
** Likely doing airport greets (freedom pats?) | |||
* [pt] App Sec USA | |||
https://security.etherpad.mozilla.org/appsec2013 | |||
* [gkw] HITB 2013 happening on 16-17 October, freddyb/gkw/mgoodwin will be there | |||
** mgoodwin planning talk | |||
** gkw getting phones (I still need to follow up) | |||
** gkw getting schwag? :) | |||
** freddy bringing "his" two dev-phones, anything else? can bring stickers, lots of 'em. | |||
*** ORGANISED!!111 :) | |||
https://blog.mozilla.org/security/2013/09/30/hitbsecconf-hackweekday-2013/ | |||
== HR Questions \o/ == | |||
* [decoder] How should we expense internet costs when we have a bundle (that includes other non-relevant stuff). If the same ISP offers the internet alone, can we expense that price? If you're a remote worker, eligible expenses can be expensed (bill.com) -- https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=35065222 | |||
** [curtis] my internet is bundled with phone and tv and I submit the whole receipt but only set the amount for the cost of the internet as shown on the bill I would suggest blacking out the non work-related piece (TV!), prorate it accordingly, and submit it in your expense report. More remote worker guidelines here: https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=35065222 | |||
* [pauljt] - How do we fix mistakes we've made in the PTO system? Answer: Joel Aguilera (US&Canada) - Doris (Everything else). Write to: payroll@mozilla.com... https://intranet.mozilla.org/pto/ | |||
Useful payroll link: https://mana.mozilla.org/wiki/display/PR/Payroll+and+Employment-Related+Business | |||
[Feedback Cycle] - Emily to put feedback link here by 10/8/2013 (probably quarterly) | |||
[360 Review Framework] - Emily to put link here by 10/8/2013 | |||
* Security Reports | |||
=Upcoming Speaking Engagements= | |||
(List it at these two locations too: https://developer.mozilla.org/en-US/events & https://wiki.mozilla.org/Security/Talks ) | |||
* | |||
=Planned Blog Posts= | |||
* [new] https://mana.mozilla.org/wiki/display/SECURITY/Security+Blog+Posts | |||
* [old] https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AlDw2hHXmVgCdHN3LWZTZ0hjMElPc1g2clRKb2lNN3c | |||
=Security Review Status (curtisk)= | |||
* Completed in Q1:64 / Q2: 72 | |||
https://security-review-statistics.vcap.mozillalabs.com/weekly <-- still broken | |||
Latest revision as of 21:05, 1 October 2013
- Time: (Weekly) Tuesday at 13:30 PM PDT / 16:30 PM EDT / 21:30 PM UTC.
- Place: Mozilla HQ, 3A-All Your Base (3rd Floor)
- Phone (US/Intl): 650 903 0800 x92 Conf: 95316#
- Phone (Toronto): 416 848 3114 x92 Conf: 95316#
- Phone (US): 800 707 2533 (pin 369) Conf: 95316#
Agenda
- Q3 Goals - Please keep status up to date - https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AmLct3lOMM6ZdGVNXzUxZkJ0WHJPNG0wMDF3ODF6REE
- Q3 goals sheet closes on Friday
- Q4 goals
- https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AthhYg2CqN25dGRDX0ZqTkJ4dTJGWFVyb2RmNTNDbmc
- Consider that it's a short quarter (summit + holidays)
- Consider that the recent reorg may change communication between teams
- Metrics
- open sessions at Summit
- Security Champs - Brussels: Curtis | Toronto: Yvan (Fri or Sat) |Santa Clara: Rob Fletcher
- slids: https://people.mozilla.org/~ckoenig/Presentations/SecChamps2013.html
- also mailed to team alias
- When is it? link? open session?
- summit has not given us the times yet
- slids: https://people.mozilla.org/~ckoenig/Presentations/SecChamps2013.html
- https://etherpad.mozilla.org/summit-sec-faqs <- FAQs for summit
- Security Champs - Brussels: Curtis | Toronto: Yvan (Fri or Sat) |Santa Clara: Rob Fletcher
- Security/privacy session at Summit
- Security Review Process - Brussels: Curtis | Toronto:Yvan (Fri or Sat) |Santa Clara: David Chan
- no slides; just a conversation
- [yvan|toronto] I will have slides for my session; do we have timings for everything < times for open session are not posted yet - url to slides please? Will have ;) Slides will be ready on Wednesday evening (planning to author on flight / at hotel)
- Secure coding guidelines (ad hoc - not a 'proper' session) - Brussels: | Toronto: mgoodwin | Santa Clara:
- Use the guidelines as a crib sheet
- Security Review Process - Brussels: Curtis | Toronto:Yvan (Fri or Sat) |Santa Clara: David Chan
- Silisec this Thursday: http://silisec.org/meetup/2013/October/
- That's just silly!
- [gkw] I'm a Site Host at a location (SC) for Summit - anyone else?
- Likely doing airport greets (freedom pats?)
- [pt] App Sec USA
https://security.etherpad.mozilla.org/appsec2013
- [gkw] HITB 2013 happening on 16-17 October, freddyb/gkw/mgoodwin will be there
- mgoodwin planning talk
- gkw getting phones (I still need to follow up)
- gkw getting schwag? :)
- freddy bringing "his" two dev-phones, anything else? can bring stickers, lots of 'em.
- ORGANISED!!111 :)
https://blog.mozilla.org/security/2013/09/30/hitbsecconf-hackweekday-2013/
HR Questions \o/
- [decoder] How should we expense internet costs when we have a bundle (that includes other non-relevant stuff). If the same ISP offers the internet alone, can we expense that price? If you're a remote worker, eligible expenses can be expensed (bill.com) -- https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=35065222
- [curtis] my internet is bundled with phone and tv and I submit the whole receipt but only set the amount for the cost of the internet as shown on the bill I would suggest blacking out the non work-related piece (TV!), prorate it accordingly, and submit it in your expense report. More remote worker guidelines here: https://mana.mozilla.org/wiki/pages/viewpage.action?pageId=35065222
- [pauljt] - How do we fix mistakes we've made in the PTO system? Answer: Joel Aguilera (US&Canada) - Doris (Everything else). Write to: payroll@mozilla.com... https://intranet.mozilla.org/pto/
Useful payroll link: https://mana.mozilla.org/wiki/display/PR/Payroll+and+Employment-Related+Business [Feedback Cycle] - Emily to put feedback link here by 10/8/2013 (probably quarterly) [360 Review Framework] - Emily to put link here by 10/8/2013
- Security Reports
Upcoming Speaking Engagements
(List it at these two locations too: https://developer.mozilla.org/en-US/events & https://wiki.mozilla.org/Security/Talks )
Planned Blog Posts
- [new] https://mana.mozilla.org/wiki/display/SECURITY/Security+Blog+Posts
- [old] https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0AlDw2hHXmVgCdHN3LWZTZ0hjMElPc1g2clRKb2lNN3c
Security Review Status (curtisk)
- Completed in Q1:64 / Q2: 72
https://security-review-statistics.vcap.mozillalabs.com/weekly <-- still broken