Skip to main content

BlueHat Shanghai 2019 Call for Papers is Now Open!

BlueHat Shanghai 2019 We know security experts with diverse skills and experiences are found around the world. This year, the BlueHat Security Conference is coming to Shanghai!

BlueHat Shanghai 2019 will take place on May 29-30 at W Shanghai - The Bund. We want to provide a venue for security researchers to come together to learn and share information, innovations, best practices and actionable items, as well as to engage in a rich conversation about security.

The Call for Papers (CFP) for BlueHat Shanghai 2019 is now open through March 31, 2019. If you would like to speak at the conference, please review the CFP information and submit your talk via While we ask everyone to submit CFP proposals in English, speakers can choose to present in English or Mandarin. Simultaneous interpretation and content translation will be provided in English and Mandarin to all attendees during the conference.

Come to share your new, innovative vulnerability research and start a great conversation with fellow security researchers! Tell us about your experiments, successes, and failures. Here are some possible topics we have in mind. These are meant to be inspirations, not limitations. If you have a good idea, go ahead and submit!

  • Virtualization & Cloud-based research, exploits, and defense
  • New Exploit techniques
  • Emerging Threats and trends
  • Hardware and Firmware security
  • Infrastructure and Internet of Things (IoT) security research, exploits, and defense
  • Machine learning and Security analytics
  • Supply chain security
  • Malware research

We’d also like to take the opportunity to introduce our Content Advisory Board for the BlueHat Shanghai 2019 conference. All submissions will be reviewed by the Content Advisory Board and we aim to achieve a balance of talks that will interest the conference attendees.

BlueHat Shanghai 2019 Content Advisory Board

Ashley Shen @ashley_shen_920

Chi-en (Ashley) Shen is a security researcher at FireEye, where she focuses on threat intelligence research. She specializes in threat hunting, malware analysis, reverse engineering, and targeted attacks research. Prior to FireEye, Ashley helped found Team T5, a threat research security company where she also worked as a threat analyst. To support women in InfoSec, Ashley co-founded “HITCON GIRLS” – the first security community for women in Taiwan. Ashley is a regular speaker at global security conferences, including Black Hat Europe, Black Hat Asia, FIRST, HITB GSEC, CODE BLUE, Troopers, HITCON and VXCON. Ashley regularly serves as a member of the Black Hat Asia review board where she evaluates research for briefings and training.

Asuka Nakajima @AsuNa_jp

Asuka Nakajima is a researcher at the NTT Secure Platform Laboratories. She studied at the Faculty of Environment and Information Studies at the Keio University. Her research interests include reverse engineering, vulnerability discovery and IoT security.

Since 2014, she has been a member of the executive committee of SECCON (SECurity CONtest, the largest CTF organizer in Japan). She is also a founder of “CTF for GIRLS”, the first security community for the woman in Japan.

She has presented at various security conferences and events including PHDays and AIS3(Advanced Information Security Summer School in Taiwan). Asuka also serves as a Regional Review Board member for Black Hat Asia, and is an author of the best seller book called “Cyber Attack” (Bluebacks, 2018, Japan).

Caleb Sima @csima

Caleb recently left a senior security role at CapitalOne, where he spearheaded many of their security initiatives. Prior to CapitalOne, Caleb founded SPI Dynamics and BlueBox security, which were acquired by HP and Lookout. He serves as an advisor, investor, and board member for security companies.

Daniel King @long123king

Daniel is a Microsoft Security Response Center (MSRC) senior security researcher. Currently, he is doing security research on Windows Kernel and Hyper-V components. Before joining Microsoft, he was a member of Tencent Keen Security Lab, a Pwn2Own 2016 winner, and a member of Master of Pwn, where he won Microsoft Nano Server Bounty. He has been a speaker at ZeroNights, CodeBlue, and Ruxcon.

Hui Gao @HuihuiG

Hui Gao is the senior manager for Security Research at Palo Alto Networks, Inc., where she leads security research and Cyber Attack detection development for their Next Generation Firewall. She has six years of experience in the information security industry, specializing in web application security, network security, protocol parsing, and vulnerability discovery. She has been featured in the Microsoft Top 100 Security Researchers List since 2016 and ranked 13th in 2018.

Matt Miller @epakskape

Matt Miller is a security engineer working as part of the Microsoft Security Response Center (MSRC). In this role, Matt drives strategy and engineering related to proactive vulnerability defense across Microsoft’s products and services. Prior to joining Microsoft ten years ago, Matt was a core contributor to the Metasploit framework and an editor for the Uninformed journal.

MJ0011 @MJ0011

MJ0011 is the executive director at Qihoo360 and leads the Core Security department. This department includes many famous vulnerability research teams, such as 360Vulcan, 360Alpha, 360 IceSword Lab, 360 C0RE, and 360QEX. He also leads the threat intelligence team at Qihoo360 who has reported many widely exploited Microsoft 0-days in recent years.

Peter Hlavaty @zer0mem

Doing some research, focusing on software security, policy gradients, automatization…coding in rust, and practicing bit of wushu.

Vincent Liu @vinnieliu

Vincent Liu (CISSP) is a managing partner at Bishop Fox, a security consulting firm providing services to the Fortune 500, global financial institutions, and high-tech startups. At Bishop Fox, he oversees firm strategy and client relationships. With nearly two decades of experience, Vincent is an expert in security strategy, red teaming, and product security.

Vincent is regularly cited and interviewed by media such as Al Jazeera, The Information, and NPR, while also writing as a contributing columnist for Dark Reading. He has presented at Microsoft BlueHat and Black Hat, and has co-authored seven books including Hacking Exposed Wireless and Hacking Exposed Web Applications. Vincent sits on the advisory boards of Elevate Security, Mod N Labs, and the University of Advancing Technology in addition to serving as returning faculty at the Practicing Law Institute.

Prior to founding Bishop Fox, Vincent led the Attack and Penetration team for the Global Security unit at Honeywell International. Before that, he was a consultant with the Ernst & Young Advanced Security Centers and an analyst at the National Security Agency.

Yong Chuan Koh @yongchuank

Yong is a security researcher at Star Labs. He likes to discover new vulnerabilities through reverse-engineering, source-code auditing and tools development. He is also keen in learning novel fuzzing and exploitation techniques and dabbles in the occasional malware analysis. His current interest is sandbox security. Yong has previously presented at BlueHat, HITB SecConf, HITB GSec, and REcon.

Zhen Feng @tinkerzf

Feng is the senior security researcher of Keen Lab. He leads the lab browser group and has rich experience in the security of browsers. Together with the Tencent team, he took part in four pwn2own games in 2016 and 2017, and won three Master of Pwn awards. He found the most vulnerabilities used in the browser targets. He now focuses on compiler technology.

Zheng Huang @lovesuae

Zheng Huang is the head of Baidu Security Lab X-Team. He is a prolific finder of vulnerabilities in the browser security area, has contributed a lot of vulnerabilities in Microsoft browsers, Chrome, and Safari. Previously, he mainly focused on malicious URL detection and defense of APT attacks, he is now responsible for the research of autonomous driving security.

We look forward to seeing submissions from you soon!

Sylvie Liu

Security Program Manager

Microsoft Security Response Center (MSRC)

The Microsoft Security Response Center is part of the defender community and on the front line of security response evolution. For more than twenty years, we have been engaged with security researchers working to protect customers and the global online community. For more information, please visit our website at and follow our Twitter page at @msftsecresponse. #MSFTCyberSec, #cybersecurity, #MSCloud, #MSIT, #BlueHat

How satisfied are you with the MSRC Blog?


Feedback * (required)

Your detailed feedback helps us improve your experience. Please enter between 10 and 2,000 characters.

Thank you for your feedback!

We'll review your input and work on improving the site.