Application Security is a tough challenge in any organization, but working in open source projects has some distinct challenges. Working on AppSec in an open source project that has several hundred employees, thousands of contributors, and hundreds of millions of users has a whole other set of challenges.
In this session I will cover off how the Mozilla Security Assurance team addresses application security for client applications, web applications and services, and introduce two tools that we have developed to help scale our security program.