Learn from Mozilla

The Day Millions of Certificates
Went Up in Flames

In 2020, a CAA bug at Let's Encrypt led to the revocation of approximately 3 million SSL certificates, including one used by Mozilla for Firefox Add-ons. With Incident Drill, your team can practice responding to similar high-stakes security incidents before they happen, ensuring a swift and effective resolution.

Mozilla | 2020 | Outage (Security)
Practice This Scenario

The Peril of Unexpected Revocations

Certificate revocations can cripple services. A seemingly small bug, like the CAA issue, can have a massive blast radius. Teams need to be prepared to react swiftly, understand the root cause, and implement mitigation strategies to minimize downtime and impact on users.

PREPARE YOUR TEAM

Simulate, Learn, and Conquer with Incident Drill

Incident Drill provides realistic incident simulations based on real-world events like the Mozilla Let's Encrypt revocation. Teams can practice their response, hone their communication skills, and improve their understanding of certificate management and security protocols in a safe, controlled environment.

🔑

Realistic Simulations

Experience the pressure of a real incident.

💬

Collaborative Response

Practice teamwork and communication.

🔎

Root Cause Analysis

Deep dive into the underlying causes.

🛡️

Mitigation Strategies

Develop effective solutions to minimize impact.

📈

Post-Incident Review

Learn from mistakes and improve future responses.

📊

Performance Metrics

Track and analyze team performance.

WHY TEAMS PRACTICE THIS

Prepare Your Team for Certificate Chaos

  • Reduced Downtime
  • Improved Security Posture
  • Faster Incident Resolution
  • Enhanced Team Collaboration
  • Better Understanding of Certificate Management
  • Increased Confidence in Incident Response
Jan 2020
CAA Bug Discovered
Mar 4, 2020
Let's Encrypt revokes ~3M certificates
Mar 5, 2020
Mozilla forgets to exclude Firefox Add-on certificate
Brief Outage
Add-on Signing Broken (Again)
Mar 5, 2020
Issue Resolved Add-on certificate re-issued

How It Works

1

Step 1: Simulate

Run a realistic incident simulation based on the Mozilla Let's Encrypt scenario.

2

Step 2: Respond

Your team works together to identify the problem and implement mitigation strategies.

3

Step 3: Analyze

Conduct a thorough post-incident review to understand the root cause and identify areas for improvement.

4

Step 4: Improve

Implement changes to prevent similar incidents from happening in the future.

EXPLORE MORE

Related Incidents

Mozilla Firefox Add-on Outage AWS DynamoDB Outage AWS us-east-1 Outage

Ready to Level Up Your Incident Response?

Join the Incident Drill waitlist and be among the first to access our powerful simulation platform. Prepare your team for anything!

Get Early Access
Founding client discounts Shape the roadmap Direct founder support

Join the Incident Drill waitlist

Drop your email and we'll reach out with private beta invites and roadmap updates.