Skip to main content

Announcing the BlueHat v18 Schedule

Where did the summer go? This year the BlueHat Security Conference moved forward in the schedule to late September. Next year it will settle into a steady orbit of early October moving forward. With that change in schedule, it is hard to believe that it is time to reveal the schedule for BlueHat v18. We had nearly one hundred fifty submissions spanning the gamut of security topics and presenters. That made for some tough choices for the content advisory board and a schedule that will leave wishing you could be in multiple talks at the same time. On behalf of the content advisory board, I want to thank everyone who submitted a paper for consideration. There were a lot of great ideas, but we could not put all of them on stage for this instance of BlueHat. We look forward to continuing the security conversation with you in the future.

Microsoft is proud to announce the schedule for the BlueHat v18 Security Conference.

Wednesday, September 26, 2018 | General Audience
TRACK Time Speaker Company Talk Subject
KEYNOTE 9:00 – 9:50 AM Chris Deibler Twitch Surviving Cynicism and Building Happy Security Teams
Track 1 – On the Frontier 10:00 – 10:50 AM Tim MalcomVetter Walmart “If we win, we lose”
11:00 – 11:50 AM Karen Easterbrook

Brian LaMacchia

Microsoft Record Now, Decrypt Later: Future Quantum Computers Are A Present Threat
Track 1 – Mitigating Attack Classes 1:00 – 1:50 PM Arshan Dabirsiaghi

Matt Austin

Contrast Security DEP for the Application Layer – Time for AppSec to Grow Up
2:00 – 2:50 PM Mingbo Zhang

Saman Zonouz

Rutgers University A mitigation for kernel TOCTOU vulnerabilities
3:30 – 4:00 PM Yunhai Zhang NSFOCUS Mitigation Bypass: The Past, Present, and Future
4:10 – 5:00 PM Jordan Rabet Microsoft Hardening Hyper-V Through Offensive Security Research
Track 2 – It is all about the Data 10:00 – 10:50 AM Matti Neustadt Storie

Alex Harmon

Chris Mills

Microsoft The Law of Unintended Consequences: GDPR Impact on Cybersecurity Readiness and Response
11:00 – 11:50 AM Gabriel Kirkpatrick Microsoft Securely Handling Data in Marginalized Communities
Track 2 – Observations in the Wild 1:00 – 1:50 PM Fabio Assolini Kaspersky Lab Shoot first, ask later: strategies to defend the most phished country in the world
2:00 – 2:50 PM Luke Jennings Countercept Memory Resident Implants – Code Injection is Alive and Well
3:30 – 4:00 PM Elia Florio Microsoft Software Supply Chain attacks in 2018: predictions vs reality
4:10 – 5:00 PM Dana Baril

Alan Chan

Microsoft May I see your credentials, please?
Track 3 – Secure Development 10:00 – 10:50 AM Everett Maus Microsoft Go Build A Tool: Best Practices for Building a Robust & Effective Developer Security Tooling
11:00 – 11:50 AM David Hurley

Bryan Jeffrey

Naveed Ahmad

Microsoft Improving Security Posture through Increased Agility with Measurable Effectiveness at Scale
Track 3 – Towards a Better Ecosystem 1:00 – 1:50 PM Mechele Gruhn Microsoft MSRC Listens
2:00 – 2:50 PM Bobby O’Brien

Jan Neutze

Ginny Badanes

Microsoft Cybersecurity for the Defense of Democracy
3:30 – 4:00 PM Emily Schecter Google Evolving Chrome’s Security Indicators
4:10 – 5:00 PM Brian Gorenc Trend Micro Modern Day Entomology – Examining the Inner Workings of the Bug Bazaar
Thursday, September 27, 2018 | General Audience
TRACK Time Speaker Company Talk Subject
Track 1 – The Battle on the Box 9:00 – 9:50 AM Anthony LAOU HINE TSUEI

Peter Hlavaty

Tencent WSL reloaded: let’s try to do better fuzzing
10:00 – 10:50 AM Zhuo Ma Tencent Massive Scale USB Device Driver Fuzz WITHOUT device
11:00 – 11:50 AM Matt Oh Microsoft Return of the kernel rootkit malware (on Windows 10)
Track 1 – Machine Learning & AI In Practice 1:00 – 1:50 PM Geoff McDonald

Moustafa Saleh

Microsoft Badly behaving scripts: Meet AMSI script behavior instrumentation and machine learning
2:00 – 2:50 PM Jugal Parikh

Holly Stewart

Microsoft Protecting the Protector, Hardening machine learning defenses against adversarial attacks
3:30 – 4:00 PM Naveed Azeemi Ahmad

Samuel Crisanto

Microsoft Crafting synthetic attack examples from past cyber-attacks for applying Supervised Machine Learning in Cyber Defense.
4:10 – 5:00 PM Abhishek Singh

Aditya Joshi

Microsoft Linear Time Shellcode Detection Using State Machines and Operand Analysis on the Runtime
Track 2 – Exploiting Hardware Safeguards 9:00 – 9:50 AM Andrea Allievi Microsoft Retpoline – the Anti-spectre type 2 Mitigation in Windows
10:00 – 10:50 AM Jean-Ian Boutin

Frédéric Vachon

ESET Corporation First STRONTIUM UEFI Rootkit Unveiled
11:00 – 11:50 AM Olle Segerdahl

Pasi Saarinen

F-Secure An ice-cold Boot to break BitLocker
Track 2 – Cloud 1:00 – 1:50 PM Zisis Sialveras Census Labs Straight Outta VMware: Modern exploitation of the SVGA device for guest-to-host escapes
2:00 – 2:50 PM Ross Bevington Microsoft The Matrix has you – protecting Linux using deception
3:30 – 4:00 PM Mathias Scherman Microsoft Malicious User Profiling Using a Deep Neural Net
4:10 – 5:00 PM Jiangping Xu Microsoft Scaling Security Scanning
Track 3 – Behind the Attacks 9:00 – 9:50 AM Christiaan Beek

Jay Rosenberg

McAfee & Intezer Labs The Hitchhiker’s Guide to North Korea’s Malware Galaxy
10:00 – 10:50 AM Matthieu Faou ESET Corporation A Turla Gift: Popping calc.exe by sending an email
11:00 – 11:50 AM Francisco Donoso Randori Killsuit: The Equation Group’s Swiss Army Knife for Persistence, Evasion, and Data Exfil
Track 3 – Front Line with Threat Intelligence 1:00 – 1:50 PM Kyle Wilhoit Palo Alto Networks False Flag Foibles: Imitating Nation State Actors and Criminals to Befuddle Media and Researchers
2:00 – 2:50 PM Jagadeesh Parameswaran

Rahul Sachan

Microsoft Tales from the SOC: Real-world Attacks Seen Through Azure ATP and Windows Defender ATP
3:30 – 4:00 PM Adam Weidemann

Ben Koehl

Microsoft MSTIC Threat Intelligence Year In Review
4:10 – 5:00 PM Dave Hartley

William Knowles

MWR InfoSecurity Overt Command & Control: The Art of Blending In

Planning for the conference is well underway. The addition of a workshop day gives participants a chance to mingle and learn together. We are excited to offer a Blackhoodie Reverse Engineering Workshop as part of that day (more here: Other workshops include threat intelligence workshop and capture the flag competition.

We continue of theme journey through the looking glass as we debut the King of Hearts (sneak a peek here: For external community members this is an invite-only conference. The initial round of external invites will go out later today with details on how to register and the timeframe for response. The registration site is live for external participants.

Keep watching here for more updates as we get closer to the event.

About BlueHat

BlueHat v18 is a three-day security conference for general audiences. This year that will include two days of conference talks across three tracks and a workshop day. It will be held September 25-27, 2018 at the Microsoft Conference Center here in Redmond. This year will expect over one thousand people in person. The conference is open to invited external guests and Microsoft employees and contingent staff. More details on logistics and about the conference will be posted throughout the summer and fall here on the BlueHat blog. Check back to get the latest here. We look forward to hearing from you and meeting you again in September.

Phillip Misner,

Principal Security Group Manager, MSRC

How satisfied are you with the MSRC Blog?


Feedback * (required)

Your detailed feedback helps us improve your experience. Please enter between 10 and 2,000 characters.

Thank you for your feedback!

We'll review your input and work on improving the site.