Thursday, May 10, 2007
BlueHat is Microsoft’s own little hacker con. We host it twice a year – the sessions today were all about innovation in security research. What did we learn? That Microsoft cannot solve the security problem, but we can raise the bar substantially to the point where finding bugs in Microsoft products is hard, and building reliable exploits even harder.
Monday, October 23, 2006
Sarah Blankinship here. I’m in the Security Technology Unit (STU), a group responsible for product security at Microsoft. One of the STU’s charters is securing products we have and have not shipped yet. So what is BlueHat? A hacker conference? A way to lure unsuspecting researchers to Microsoft? The /. comments and speculation about our real motivation for hosting hackers at Microsoft are ever entertaining, however BlueHat is about providing a consistent forum for presenting cutting-edge research, for understanding issues that affect both Microsoft and the entire industry, and great way to inform and educate our developer population.
Thursday, June 15, 2006
You asked for it. You got it. In addition to inviting a number of community members this year we also had channel 9 come to BlueHat and they created a video for your viewing pleasure. The 39 minute video contains interviews with the presenters talking about their presentations, background and research.
Thursday, March 30, 2006
BlueHat Hackers? There have been some misconceptions recently around both security researchers we bring in for Blue Hat, and security consulting companies that also help us make our products. I’ve even seen the phrase “Blue hat hackers” thrown around. While it was terribly flattering (and somewhat amusing) to the BlueHat team to see the incredible talented consultants working with us to secure our products referred to as BlueHat Hackers, there really is no such thing.
Tuesday, March 21, 2006
The BlueHat team has been getting a lot of questions from both inside and outside of Microsoft asking if we are going to publicly post video or audio recordings of the BlueHat presentations, or if we are going to hoard the BlueHatty goodness and keep the presentation details all to ourselves… A totally valid question since all of our BlueHat presentations from 2005 and 2006 are fantastic and things any developer or IT Pro could benefit from seeing.
Friday, March 17, 2006
Brad Sarsfield here again. I’d like to share with you my thoughts on David Litchfield’s BlueHatv3 talk. David Litchfield is the Chief Research Scientist at Next Generation Security Software (NGS) and spoke to a 600+ standing room only crowd at Bluehat 3 on March 9th. David took us through his thoughts on the current state of the database security world and talked about his current areas and focus of his research.
Friday, March 17, 2006
Over the next few days we’ll all be writing about the BlueHat sessions… Today I’m excited to have a chance to tell you more about the Exploiting Web Applications presentation made by Caleb Sima, CTO and co-founder of SPI Dynamics at BlueHat 3 on March 9th. (Listen to a podcast interview with Caleb here.
Friday, March 17, 2006
Caleb Sima: Exploiting Web Applications Halvar Flake: BinDiff Analysis HD Moore: How not to deploy ASP.Net applications & Metasploit Alexander Kornbrust: Database Viruses & Rootkits Enjoy, Brad Sarsfield
Thursday, March 16, 2006
The BlueHat blog has been up less than 24 hours, and it was quoted this morning in an article by Robert McMillan on InfoWorld. That article has already hit /. Some of the comments are pretty funny… I can’t wait for the speaker podcasts and channel9 video to go live so people can hear directly from the BlueHat speakers!
Thursday, March 16, 2006
Hi, I’m Brad Sarsfield (bradsa!); I’m the SQL guy here. One of the interesting things about me and my team is that I own the ‘slammer’ component in SQL Server, so by that very nature quite a large part of my job description is to ensure (and I quote) “that never … ever … happens again”.
