Friday, September 10, 2010
BlueHat v10 is on the horizon and I’m happy to be able to announce the lineup. This year we’ll be hosting our annual conference on October 13-15 at the Microsoft campus here in Redmond and, with the success of last year’s con, we’re working overtime to make it the most robust, top-notch BlueHat yet.
Thursday, July 29, 2010
Intro Matt Watchinski here, Senior Director, Sourcefire Vulnerability Research Team (VRT). It’s that time of year again. The mercury is soaring above 100F, and I am crammed onto a “flying bus” heading out to Las Vegas to attend this year’s iteration of the Black Hat and DEF CON conferences. Something about this tradition always leads me to reflect on how the security space has evolved over the years.
Wednesday, July 28, 2010
Handle: StoneZ IRL: Adrian Stone Rank: Senior Security Program Manager Lead Likes: Predictive Analytics, Game Theory, Databases, Sports Cars, NFL Football, Direct People Dislikes: Losing, Liars, Posers, No Talent Clowns It was two years ago at Black Hat that my colleague Katie Moussouris announced the launch of the Microsoft Vulnerability Research (MSVR) program.
Wednesday, July 28, 2010
Hey there, I’m pleased to announce that the BlueHat team has partnered with the dynamic Microsoft Security Response Center (MSRC) Engineering duo of Andrew Roths and Fermin J. Serna on a training video previewing the new release, version 2.0, of the Enhanced Mitigation Experience Toolkit (EMET). This training video is currently live on the BlueHat site and available for consumption on your own viewing timetable.
Wednesday, July 21, 2010
Today on the [MSRC blog,](«http://blogs.technet.com/b/msrc/archive/2010/07/22/announcing-coordinated-vulnerability-disclosure.aspx> >) Matt Thomlinson, General Manager of Trustworthy Computing Security, announced our new philosophy on Coordinated Vulnerability Disclosure. I wanted to provide some context and history on how this came about. This post is about changing the way we at Microsoft talk about some familiar disclosure concepts, and is meant as an introduction to how Microsoft would like to engage with researchers.
Friday, May 21, 2010
Hi, this is Tom Gallagher from the Office Trustworthy Computing team. At Blue Hat v9, David Conger and I presented some of the security engineering work that we were doing to help ensure the security of Office 2010. We don’t want a single bug in our parsing code to allow arbitrary code to harm a customer’s machine by doing things like installing a rootkit.
Tuesday, May 18, 2010
Handle: Cap’n Steve IRL: Steve Adegbite Rank: Senior Security Program Manager Lead Likes: Reverse Engineering an obscene amount of code and ripping it up on a snowboard Dislikes: Not much but if you hear me growl…run G’day Mate! I have always wanted to say that. I am here at the AusCERT 2010 conference in the beautiful Gold coast, Australia.
Thursday, April 15, 2010
Mark Curphey here. I run the Subscriptions Engineering Team in Server & Tools Online, where we build complex customer facing web sites like MSDN and TechNet, supporting millions of users. For the last 15 years, I have always held security roles, most recently heading up the Information Security Tools team here at Microsoft, where we were best known for building static code analysis tools and web protection libraries for managed code.
Monday, April 12, 2010
Handle: Jman IRL: Jerry Bryant Rank: Group Manager, Response Communications Likes: Quad lattes, geek toys, responsible disclosure Dislikes: Tomatoes, slow drivers (frontgaters) As a follow on to the WGA and Security Updates post by Dustin Childs, I wanted to address another common question we get regarding both security and non-security updates that customers receive from Microsoft through Windows Update or Microsoft Update.
Monday, April 05, 2010
Handle: C-Lizzle IRL: Celene Temkin Rank: Program Manager 2 & BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! Hey Everyone, As I’m sure you are all well aware by now, the second installment of the BlueHat Security Forum: Buenos Argentina Edition shipped on March 18, 2010, and was a resounding success.
