Mozilla Hires Ex-Microsoft Security Strategist Window Snyder


Looks like Mozilla is toughening it’s stance on security, people have been putting it down lately, especially those from the Microsoft camp as there have been a few flaws.

But well, it’s still not part of the operating system, the flaws are generally fixed within a couple of days and the patching system is simple and bandwidth friendly since version 1.5.0.1.

I generally find it more effecient, better designed, more secure and less proprietary :P than Internet Exploder.

Anyway back on topic..

Former Microsoft security strategist Window Snyder is joining Mozilla to lead the company’s effort to protect its range of desktop applications from malicious hacker attacks.

Snyder, who was responsible for security sign-off for Microsoft’s Windows XP Service Pack 2 and Windows Server 2003, will spearhead Mozilla’s security strategy, eWEEK has learned.

The hiring of Snyder is a coup for Mozilla Corp., the for-profit subsidiary of the Mozilla Foundation, based in Mountain View, Calif.

The group has seen its flagship Firefox Web browser chip away at the market dominance of Microsoft’s Internet Explorer, largely because of high-profile security flaws in and attacks on IE, and the addition of Snyder is sure to help beef up Mozilla’s security process and improve its communications with bug finders.

Sounds like a very good idea to me, with a proper security stance and process in place Firefox will become a market dominating product, it’s already fantastic, now it’s getting more money and skills injected, it’s evolving faster and smoother than ever.

Snyder most recently served as principal and founder of Matasano Security, a New York-based startup that was one of several external penetration testers hired by Microsoft to conduct simulated hacking attacks on Windows Vista.

She is also credited with seeding the idea for Microsoft’s internal “Blue Hat” security briefings, in which the crème de la crème of the hacking community is invited to the company’s Redmond, Wash., headquarters to discuss security with employees.

Snyder, a regular at security conferences, helped to soothe Microsoft’s contentious relationship with security consultants, and played a part in the improvement of the software maker’s strategy for reaching out to security vendors and researchers.

She was HITB conference this year I think if anyone was there, she’s quite cute too :P

Source: eWeek

Posted in: Hacking News

, , , , , ,


Latest Posts:


SharpHose - Asynchronous Password Spraying Tool SharpHose – Asynchronous Password Spraying Tool
SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike's execute-assembly.
Axiom - Pen-Testing Server For Collecting Bug Bounties Axiom – Pen-Testing Server For Collecting Bug Bounties
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.
Quasar RAT - Windows Remote Administration Tool Quasar RAT – Windows Remote Administration Tool
Quasar is a fast and light-weight Windows remote administration tool coded in C#. Used for user support through day-to-day administrative work to monitoring.
Pingcastle - Active Directory Security Assessment Tool Pingcastle – Active Directory Security Assessment Tool
PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level based on a risk and maturity framework.
Second Order - Subdomain Takeover Scanner Tool Second Order – Subdomain Takeover Scanner Tool
Second Order Subdomain Takeover Scanner Tool scans web apps for second-order subdomain takeover by crawling the application and collecting URLs (and other data)
Binwalk - Firmware Security Analysis & Extraction Tool Binwalk – Firmware Security Analysis & Extraction Tool
Binwalk is a fast and easy to use Python-based firmware security analysis tool that allows for firmware analysis, reverse engineering & extracting of firmware.


Comments are closed.