Andrew Cushman here. BlueHat is back in Redmond, as BlueHat v6: The Vuln Behind The Curtain opens September 27th and 28th. Once again we have two days of great security content that covers the spectrum of issues in security. The BlueHat speakers, both leading external security researchers and internal Microsoft engineers, will pierce the security veil of virtualization and process isolation. Plus, we’ve got a couple of talks on Windows Mobile and more about automated exploit creation – this time using Metasploit. There will also be a talk on a DNS pinning design issue that demonstrates how Internet Explorer can turn into a VPN concentrator. All this--and talks on Office, Binary Instrumentation, Visualization and the Economics of Security! And we’re pretty sure there won’t be any visa issues for our invited speakers. :-)
As we reflect back on the 10 years of evolution in security at Microsoft, it’s fascinating to watch the deepening of relationships between Microsoft and the security ecosystem, and consider how these relationships tie into larger, longer term initiatives. Hearing from the people doing cutting edge research helps Microsofties understand the external research community’s focus and motivations, and helps us build better products and offerings.
As I mentioned in my blog entry for BlueHat v5, the goals of BlueHat are:
- To expose senior product leaders and front line engineers to the threats and attack tools and methodologies used in the real world. Take the security threat from the theoretical/intellectual level of, ”I understand what a buffer overflow is”, to “OMG that’s what it’s like.” BlueHat connects with execs and engineers at a visceral level and *really* brings the message home…
- To expose security researchers (and the security community) to Microsoft engineers and business leaders… BlueHat gives us a chance to open up on our home turf and gives the researchers an opportunity to interact with all levels of the organization. They too get to experience first-hand that Microsoft does have smart, passionate engineers that do care about security.
BlueHat is unique and still a closed door conference for MS product teams, but this year we will open up a little – with info about the conference before it starts and with more info made available during the conference. Please check the BlueHat blog for current info and updates.