Handle:
Silver Surfer

IRL:
Mike Reavey

Rank:
Director, MSRC

Likes:
Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities

Dislikes:
Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns

I’m here at the second edition of the BlueHat Security Forum, this time in Buenos Aires. So far it is shaping up to be an immensely successful event. We started the day off with a welcome announcement from Hernán Rincón, president of Microsoft Latin America, and have more technical insights to come, some scary and some more reassuring, in the typical BlueHat fashion.

We have near 100 attendees with us here today from across Latin America. Countries including Brazil, Argentina, Mexico and Peru are represented. Attendees span local and regional business and industry, government, academia, CERTs and security researcher communities. The thematic focus will range from e-crime attacks, the vulnerability economy and the regional threat landscape, cloud security, mobile security, embedded devices, social networks and the web 2.0 community, and last but surely not least, the Microsoft Security Response Center processes and integration of a Security Development Lifecycle.  To learn about out the presenters taking the podium today, check out Celene’s announcement post for a deeper look.

In our continued efforts to evolve BlueHat and keep content innovative and relevant, we’ve taken an idea from our friends at H2HC and kicked off our event by hosting a panel entitled “Hackers and you”. We have invited Ivan Arce, co-founder of Core Security Technologies; Rodrigo Rubira Branco, Hacker to Hacker Conference (H2HC) organizer; local security researcher and previous BlueHat speaker, Manuel Caballero; You Sh0t the Sheriff (YSTS) conference organizer, Luiz Eduardo; Felix ‘FX’ Lindner, head of Recurity Labs and PH-Neutral fame; Damian Hasse, Principal Security Development Manager of the MSRC/MSEC; and Nico Waisman of Immunity to contribute their thoughts around the term “hacker” – what it means to be one, how it differs throughout regions, and how to keep “hackers” part of an effective enterprise security team. The panel was moderated by our own Andrew Cushman, senior director of Trustworthy Computing at Microsoft, and offered a variety of unique insights.  There was a ton of good commentary, Rodrigo mentioned how the security researcher community really drove broad awareness and vendor responsiveness. FX spoke about how understanding a system is the best way for strong defense and highlighted approaches such as the Elevation of Privilege (Eop) card game produced by our SDL team. From the MSRC perspective, Damian shared how he’s made an effort to keep an active “hacker mindset” as part of an effective security team within Microsoft. Ivan closed the commentary by highlighting how BlueHat  provides a platform for seemingly disparate groups of attendees to effectively engage where they may not otherwise have the opportunity to do so with typical formal communication methods. He encouraged all attendees to look to their neighbors in the audience and take advantage of such experiences to seize and create strategic, mutually beneficial opportunities.  

  

We have strategically partnered with Security Week, a Microsoft hosted event put on by the local Microsoft office in the region. This partnership allows us to bring security and privacy information to local IT Pros, BDMs and Policy Makers. So far this Security Week Buenos Aires installment has reached more than 500 people, providing over 40 presentations throughout the course of the week.

If you haven’t seen the recent posts by BlueHat Security Forum members, check out Manuel Caballero and FX’s insights and stay tuned for future updates. Nothing like bringing the legitimate security space of Latin America together and creating a melting pot of new ideas and relationship-bridging! This might even beat the lomo!  J

- Mike

*Postings are provided "AS IS" with no warranties, and confers no rights.*