Ex-Microsoft Security Strategist Joins Mozilla

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Former Microsoft security strategist Window Snyder is joining Mozilla to lead the companys effort to protect its range of desktop applications from malicious hacker attacks.

Snyder, who was responsible for security sign-off for Microsofts Windows XP Service Pack 2 and Windows Server 2003, will spearhead Mozillas security strategy, eWEEK has learned.

The hiring of Snyder is a coup for Mozilla Corp., the for-profit subsidiary of the Mozilla Foundation, based in Mountain View, Calif.

The group has seen its flagship Firefox Web browser chip away at the market dominance of Microsofts Internet Explorer, largely because of high-profile security flaws in and attacks on IE, and the addition of Snyder is sure to help beef up Mozillas security process and improve its communications with bug finders.

/zimages/6/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

Snyder most recently served as principal and founder of Matasano Security, a New York-based startup that was one of several external penetration testers hired by Microsoft to conduct simulated hacking attacks on Windows Vista.

She is also credited with seeding the idea for Microsofts internal “Blue Hat” security briefings, in which the crème de la crème of the hacking community is invited to the companys Redmond, Wash., headquarters to discuss security with employees.

Snyder, a regular at security conferences, helped to soothe Microsofts contentious relationship with security consultants, and played a part in the improvement of the software makers strategy for reaching out to security vendors and researchers.

/zimages/6/28571.gifClick here to read more about Mozillas efforts to improve Firefox security.

Prior to joining Microsoft, Snyder was director of security architecture at @Stake, the old-school hacking group that was acquired by Symantec in September 2004.

At @Stake, she developed application security analysis methodologies and led the Application Security Center of Excellence. Snyder is also the co-author of “Threat Modeling,” a manual that offers a structured approach for identifying, evaluating and mitigating risks to system security.

/zimages/6/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.