Security

Join forces with Mattermost on cybersecurity

Hello, Mattermost community! 👋

I’m Andrew Zigler, a developer advocate here at Mattermost, and I’ve recently had the privilege of representing our open source research at two great cybersecurity community conferences: BSides Barcelona 2024 and AppSec SoCal 2024.

Andrew Zigler
Andrew presenting about AI and security at BSides Barcelona 2024 — Photo credit: Natalia Zakamulina (Instagram: nata_ph)

Security challenges & innovations with Mattermost Copilot

At these events, I presented Securing the Future: Navigating the Complexities of Multi-User AI Environments, a talk focusing on how Mattermost is pioneering with Copilot and sharing early security review learnings. The real discussions I had with users and interested developers underscored the critical role that open source security plays.

Open source security opportunities at Mattermost

As part of our commitment to accelerate work for mission-critical organizations, Mattermost is deeply committed to open source and security, valuing the contributions of security researchers. 

And our community is our fortress, enhancing our platform’s security and driving innovation. If you’re looking to start your open source security researcher journey, here are some ways you can do exactly that with Mattermost. 

1. Dive into bug bounty programs and get paid

Engage in our continuous effort to strengthen security through bug bounties. Our active program on HackerOne invites you to responsibly disclose vulnerabilities you might discover about our software and be monetarily rewarded.

2. Contribute and be rewarded

Through our Responsible Disclosure Policy and Security Researcher Hall of Fame, we highlight and celebrate every contribution — big or small — reinforcing the importance of community efforts in shaping a secure environment.

With their first valid submission, security researchers also earn the Mattermost Security Researcher Mug, a unique, special edition reward for an individual’s first vulnerability report that leads to a security improvement in the Mattermost code base.

This distinctive mug is our way of saying a heartfelt thank you to the security researchers who diligently work behind the scenes. Their efforts in identifying vulnerabilities not only safeguard our platform but also fortify the open source landscape at large.

3. Engage with our community

Join the discussion on our Mattermost community server and forums. Whether you’re sharing insights, asking questions, or offering help, your involvement enriches the security conversation and aids in collective problem-solving.

Mattermost’s security contributors are heroes

It’s the dedication and expertise of our community that fortify our defenses against security threats. Your proactive involvement not only enhances Mattermost’s security but also contributes to the broader security of open source software.

In recent talks — like those at BSides Barcelona and AppSec SoCal — we’re reminded of the importance of community collaboration and continuous learning. For those interested in digging deeper into the topics covered, I’m sharing my slides from these events:

👉 Navigating the Complexities of Multi-User AI Environments (AppSec SoCal)

🗃️ Accompanying GitHub repository

These represent just a glimpse into the wealth of knowledge and potential strategies for navigating security challenges in multi-user AI environments.

Join us in the journey towards a more secure open source world!

Now more than ever, your role in the security ecosystem is crucial. 

Whether you’re a seasoned security researcher or new to the open source community, there are myriad opportunities to contribute, learn, and grow with us.

Are you ready to contribute to a safer open digital world? Dive into our security page to learn more about our bug bounty program and discover how you can make a difference.

Together, let’s continue to build a secure future and foster an environment where open source thrives, protected and strong. Your insights, expertise, and contributions are not just welcome — they are essential.

Read more about:

security

Andrew Zigler is a developer advocate at Mattermost and public speaker at the intersection of AI and open source technologies. After studying Classics at The University of Texas at Austin and later teaching English in Japan, he continues to champion career and technical education for his audience.