Presentation Title: Tools and Strategies for Securing a Large Development Project
Presentation Abstract:

Developing secure software is difficult. There is more information available on application security now than ever before. But how much of this information has been successfully used on a large scale, widely deployed, complex software project? What really works? Mozilla is making the process of securing a large software project transparent. Window Snyder will discuss the methods Mozilla uses to secure Firefox and share tools created by Mozilla. Developers can use these methods and tools to secure applications in their own environment. Ms. Snyder will also talk about the new security features coming in Firefox 3.

About Window

Window Snyder is Chief Security Something-or-Other at Mozilla Corporation.

Prior to joining Mozilla, Ms. Snyder was a principal, founder, and core team member at Matasano, a security services and product company based in New York City and a senior security strategist at Microsoft in the Security Engineering and Communications organization. At Microsoft she managed the relationships between security consulting companies and the Microsoft product teams and the outreach strategy for security vendors and security researchers. Previously she was responsible for security sign-off for Windows XP SP2 and Windows Server 2003.

Ms. Snyder was Director of Security Architecture at @stake. She developed application security analysis methodologies and led the Application Security Center of Excellence. She was a software engineer for 5 years focused primarily on security applications, most recently at Axent Technologies, now Symantec.

Ms. Snyder is co-author of Threat Modeling, a manual for security architecture analysis in software.