AppSec Europe 2016 has ended
Back To Schedule
Thursday, June 30 • 12:25 - 13:10
Open Source Approaches to Security for Applications and Services at Mozilla

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

At Mozilla, source exposure is a feature, not a bug. Adam Muntner discusses elements of Mozilla’s approach to securing the websites and services that support 400+ million Firefox users. These could be adopted by many types of organizations. 

- Why your bug bounty program is one of the best sources of intelligence for driving the future direction of your application security program. 
- Lessons learned from radical open sharing of design documentation. 
- Approaches to qualitative comparison of risk for an inventory of websites and services. 
- Using OpenSAMM in a DevOps organization. 
- Get non-security engineers help pentest by setting up a Red Team. 
- Maximizing the value gained from identified vulnerabilities. 


Adam Muntner

Security Engineer, Mozilla Corp
Adam Muntner works on the team that protects the websites and services which support 400+ million Firefox users. His current responsibilities include rethinking Mozilla's Application Security program, being Product Owner of Mozilla's Web Bug Bounty program, and breaking stuff. He... Read More →

Thursday June 30, 2016 12:25 - 13:10 CEST
Room D (Tiziano Ballrom Sec. 3)