— layout: default —

# Enterprise Information Security Infosec assists Mozillians in defining and operating security controls to ensure that data at Mozilla is protected consistently across the organization.

  • we help you define the risks around your services and data
  • we help projects design and implement security controls
  • we maintain a risk-based inventory of systems and their functional security controls to help Mozilla management determine where to invest in security measures
  • we develop a catalog of services and tools that help you appropriately secure your data
  • we respond to security investigations and incidents
  • we provide baseline practices and assist teams in defining their security standards

## Documentation

{% include_relative guidelines/index.md %} {% include_relative fundamentals/index.md %}

## Contact Email us: infosec [at] mozilla.com. For confidential information, encrypt your email using [our public PGP key](https://gpg.mozilla.org/pks/lookup?op=get&search=0x85D77543B3D624B63CEA9E6DBC17301B491B3F21). Our full fingerprint is 0x85D77543B3D624B63CEA9E6DBC17301B491B3F21

For security incidents, file a bug in Bugzilla under the product/component [investigation](https://bugzilla.mozilla.org/enter_bug.cgi?product=Enterprise%20Information%20Security&component=Investigation) or [incidents](https://bugzilla.mozilla.org/enter_bug.cgi?product=Enterprise%20Information%20Security&component=Incident).

Our IRC channel is [#infosec](irc://irc.mozilla.org/infosec) or [#security](irc://irc.mozilla.org/security) at irc.mozilla.org.

## Members

  • Jeff Bryner [:jeff] - Guillaume Destuynder [🐦](https://twitter.com/kangsterizer) [💻](https://github.com/gdestuynder/) [:kang] - Gene Wood [:gene] - April King [:April] - Andrew Krug [:andrew] - Justin Dow [:jabba] - Jonathan Claudius [:claudijd] - Caglar Ulucenk [:Cag] - Tristan Weir [:weir]

    • Alicia Smith [:phrozyn]
    • Brandon Myers [:pwnbus]
    • Lucius Bono [:lucius]
    • Michal Purzynski [:michal`]
    • Zack Mullaly [:zack]