my name is Frederik Braun and I'm a security engineer and manager working on the Mozilla Firefox web browser. My work on Firefox involves various topics ranging from security, web standards, static analysis, bug bounty, and public speaking. Some of my major projects include the eslint-plugin-no-unsanitized - which helps in finding and fixing DOM-Based XSS, the Mozilla Attack & Defense blog, the paper Hardening Firefox against Injection Attacks (PDF) and the Subresource Integrity web standard.
Before working at Mozilla, I wrote a diploma thesis about the Same Origin Policy in 2012, which concluded my studies of IT-Security at the Ruhr University in Bochum. This is also where I co-founded the CTF team fluxfingers.
Please proceed to my blog posts to read more.