We are working hard to advance the security of Mozilla web applications. This includes efforts such as threat modelling, security training, security throughout development, code review, testing, the bounty program, and more. In addition to secure development, we are also working to make our applications “attack aware”.
Attack aware applications?!? Is this the new line of defense for Web App Security?