Wikimedia Security Team

Mission
Making life hard for the people who want to do harm to our sites or the people that use them.

Goals

 * 2015-16 Goals
 * Roadmap (2016-17)
 * Privacy roadmap

Responsibilities

 * Promoting and implementing security across Wikimedia Engineering throughout the software development life cycle
 * Training for developers and staff
 * Regular static and dynamic security scanning of MediaWiki and extensions
 * Vulnerability scanning
 * Tools and features that promote better security for developers and Wikimedia communities (OAuth, two-factor authentication, password policies)
 * Security auditing and response for MediaWiki and WMF deployed extensions and services
 * Security reviews
 * Triage, fix and deploy reported security issues