Skip to main content
MSRC

Community-based Defense

Welcome to the second stage of BlueHat!

Thursday, October 24, 2019

We’ve finished two incredible days of security trainings at the Living Computer Museum in Seattle. Now it’s time for the second part of BlueHat: the briefings at ShowBox SoDo. We’ve got a big day planned, so head on down. Please join us for breakfast (we have doughnuts! and bacon! and cereal!

Microsoft Identity Bounty Improvements

Wednesday, October 23, 2019

Microsoft is continually improving our existing bounty programs. Today we’re happy to share the latest updates to the Microsoft Identity Bounty. Originally launched in July 2018, the Microsoft Identity bounty program has helped build a partnership with the security research community to improve the security of customer and enterprise identity solutions across Azure, Windows, and OpenID standards.

Introducing the ElectionGuard Bounty program

Friday, October 18, 2019

Today we are launching the [ElectionGuard Bounty program](«http://www.microsoft.com/msrc/bounty-electionguard> >). In May 2019, we announced the release of ElectionGuard, a free open-source SDK to make voting more secure, transparent, and accessible. ElectionGuard enables end-to-end verification of elections, open results to third-party organizations for secure validation, and allows individual voters to confirm their votes were correctly counted.

Meet the BlueHat Content Advisory Board

Wednesday, September 18, 2019

We couldn’t do BlueHat without the Content Advisory Board, the brain trust reviewing submissions to the CFP. Representing both Microsoft and other parts of security community, the CAB applies their industry and speaker experience to create the BlueHat agenda that’s the right mix of topics and perspectives. We really appreciate the time these people take to review every submission and find the right talks.

Calling all breakers & builders: BlueHat Seattle registration is open!

Monday, September 16, 2019

@TODO: Exciting changes are coming to BlueHat Seattle 2019! If you’d like to attend this premier security conference, we have good news for you: registration for BlueHat Seattle is now open and we hope you register. Wait, isn’t BlueHat invitation-only? It is…but if we haven’t sent you an invitation, we encourage you to request a seat.

Acquiring a VHD to Investigate

Tuesday, September 03, 2019

In a previous post we described some of the differences between on-premises/physical forensics and cyber investigations and those performed in the cloud, and how this can make cloud forensics challenging. That blog post described a method of creating and maintaining a VM image which can be distributed to multiple regions, allowing you to deploy this pre-prepared machine to be used in an investigation in a matter of minutes.

BlueHat Seattle 2019 Call for Papers is Now Open!

Tuesday, September 03, 2019

2019 has seen a phenomenal BlueHatIL in February followed by a wildly successful BlueHat Shanghai in May… now it’s time to come back home for BlueHat Seattle! 2 days of hands-on technical training (October 22-23, 2019) 2 days of conference talks from industry-leading security researchers and cyber defenders (October 24-25, 2019) great creative spaces ready to spark thought-provoking conversations and collaborative partnerships The Call for Papers (CFP) for BlueHat Seattle 2019 is now open through September 20, 2019.

Scalable infrastructure for investigations and incident response

Friday, August 30, 2019

Traditional computer forensics and cyber investigations are as relevant in the cloud as they are in on-premise environments, but the methods in which to access and perform such investigations differ. This post will describe some of the challenges of bringing on-premises forensics techniques to the cloud and show one solution to overcome these challenges, using Azure functionality.

Announcing the Microsoft Edge Insider Bounty

Tuesday, August 20, 2019

This week, we released the first Beta preview of the next version of Microsoft Edge. Alongside this, Microsoft is excited to announce the launch of the Microsoft Edge Insider Bounty Program. We welcome researchers to seek out and disclose any high impact vulnerabilities they may find in the next version of Microsoft Edge, based on Chromium, and offer rewards up to US$30,000 for eligible vulnerabilities in Dev and Beta channels.