Mozilla Winter of Security 2016

After Google’s Summer of code, covering another season of programming, we applied and got selected for Mozilla’s Winter of Security program and will be working with our mentors for these winters – 2016.

500px-winterofsecurity_logo_light_horizontal

We will be working on a security utility called `ssh_scan`, which basically is a configuration and policy scanner for SSH servers. This is a native ruby project and relies on minimal dependencies to do its work. You can take a look at its initial functionality here: https://asciinema.org/a/7pliiw5zqhj7eqvz7q437u6vx

It has been some time since we have been working with this now and we already have a command-line tool which just needs an SSH service(to be scanned) and gives back a JSON report for possible improvements. We follow a Test-driven Development approach to keep our code tested and try to keep our test coverage high. We are also using Travis CI for continuous integration of our tool across various ruby version(about 5). We also have an official `ssh_scan` blog running on jekyll which you can take a look here: https://mozilla.github.io/ssh_scan//2016/10/20/first-meeting-with-mwos-project-team.html

So this was just an introductory post about Mozilla Winter of Security program and I will talk about my work in the following blogs. Until then

bbts

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s