We’ve decided to reorganize our security teams and as part of the change we are going to be using this blog in some new ways.
The most notable change is this blog will now host posts on a variety of topics including product security, application security and network/server security. We merged the work of our platform, web application and infrastructure security teams to form the Security Assurance team. This team will continue the work of verifying and guiding the best possible security practices across three spaces and combine some duplicate effort. Complementing this, our Security Engineering team will focus on creating and shepherding new security and privacy features into our products following the roadmaps at https://wiki.mozilla.org/Security/Roadmap and https://wiki.mozilla.org/Privacy/Roadmap
Traditionally this space has been used to announce security incidents and their impact, major changes to security process and security update information. In addition to that content, this space will also host posts about the different projects and features team members are working on, including topics in web security and fuzzing. We also want to share our perspectives on security related developments in the community, as well as insights into security conferences and ideas.
To make the transition easier for our readers, who may not want to read all of our posts, we will be using categories for our posts so you can filter what interests you. In particular, we will make use of tags such as “Announcements”, “Security Updates” and “Vulnerabilities” to cover posts that detail information required to stay on top of Mozilla product security notifications.
We are very excited to share more with our community and have a broader conversation with regards to security and we hope that you feel the same way and engage with us in the comments of this blog.
Security Program Manager
*edit: minor change to first line, second paragraph