MSRC Ecosystem Strategy Team

Helping to secure the planet

MSRC Ecosystem Strategy Team

  • May You Live in Interesting Times

    Handle: StoneZ IRL: Adrian Stone Rank: Senior Security Program Manager Lead Likes: Predictive Analytics, Game Theory, Databases, Sports Cars, NFL Football, Direct People Dislikes: Losing, Liars, Posers, No Talent Clowns It was two years...
  • Security through Collaboration: Microsoft Active Protections Program

    Handle: Cap'n Steve IRL: Steve Adegbite Rank: Senior Security Program Manager Lead Likes: Reverse Engineering an obscene amount of code and ripping it up on a snowboard Dislikes: Not much but if you hear me growl…run Yut!!! Nothing like...
  • Does Microsoft Change My Automatic Updates Settings?

    As a follow on to the WGA and Security Updates post by Dustin Childs, I wanted to address another common question we get regarding both security and non-security updates that customers receive from Microsoft through Windows Update or Microsoft Update. Customers sometimes feel that somehow the settings they chose in the update console have been changed. Most commonly, customers who have set the client to notify them before installing updates are now getting updates automatically without prompting.

  • Announcing the BlueHat Security Forum: EU Edition

    Hey folks! I know this is typically the time of year when birds are chirping, the rain is supposed to be letting up, and those of you in the BlueHat network who are normally invited to attend the Spring BlueHat conference are asking yourselves, "Why did MSRC start doing the con only once a year?" The answer, of course, is pretty simple and complicated at the same time. Today marks the beginning of the next evolution of the BlueHat Security Briefings, with the launch of the BlueHat Security Forum taking place at the Microsoft Executive Briefing Center in Brussels, Belgium.

  • BlueHat Security Forum: Buenos Aires Edition

     Hey Everyone!

    What speaks English, Portuguese and Spanish, has a hundred set of eyes, and battles in the defense of good against evil on a daily basis? No, it’s not the mythological Chupacabra ;-)—it’s the BlueHat Security Forum: Buenos Aires Edition. With the Forum ~5 weeks away I’m pleased to share the speaker line up and content details for what is sure to be a an eventful security briefing.

  • BlueHat Security Forum: Buenos Aires Edition--Shipping!

    I’m here at the second edition of the BlueHat Security Forum, this time in Buenos Aires. So far it is shaping up to be an immensely successful event. We started the day off with a welcome announcement from Hernán Rincón, president of Microsoft Latin America, and have more technical insights to come, some scary and some more reassuring, in the typical BlueHat fashion.

  • Threats in a Blender, and Other Raisons d'être

    Handle: k8e IRL: Katie Moussouris Rank: Senior Security Program Manager Likes: Cool vulns (responsibly disclosed of course), girls with soldering irons, Spanish tapas, quantum teleportation Dislikes: Rudeness, socks-n-sandals, licorice ...
  • One Month Analysis: Exploitability Index

    Handle: Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns...
  • Hack in the Box, and beyond…

    Marhaban! Maarten Van Horenbeeck here from the Microsoft Security Response Center (MSRC). This is the first time I have blogged here on EcoStrat. As a Security Program Manager with MSRC, one of the roles I have is to work with security researchers, and this often involves attending security conferences to meet with you. Two weeks ago, a couple of us in Trustworthy Computing (TwC) attended the Hack in the Box (HITB) security conference in hot and sizzling Dubai, United Arab Emirates.

  • Predicting the Future - Microsoft Launches an “Exploitability Index”

    Handle: Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns...
  • Hacker Olympics: a shout-out from Vancouver, BC!

    CanSecWest is probably one of the most interesting conferences for the Microsoft Security Response Center (MSRC) team to attend. A leisurely two-and-a-half hour drive from our corporate headquarters it’s organized in the multi-cultural Canadian hub of Vancouver. Easy air connections to Europe, Asia, and anywhere in North America make it a yearly melting pot for capable security researchers from all over the world.

  • Who Gets It and Who Doesn’t? (Windows Genuine Advantage and Security Updates)

     One of the things I get to do in the Microsoft Security Response Center (MSRC) is talk to our customers and tell them about the process by which Microsoft identifies potential security vulnerabilities in its products, eliminates those vulnerabilities, and provides remediation and information to customers. In other words, I get to explain what I do for a living to anyone who will listen. I really enjoy doing this, because I find out first-hand what is most important to our customers as well as what questions they have about the Microsoft response process.

  • Thank you Buenos Aires!

    Hey Everyone,

    As I’m sure you are all well aware by now, the second installment of the BlueHat Security Forum: Buenos Argentina Edition shipped on March 18, 2010, and was a resounding success. For those of you first hearing about this BlueHat Forum, the event itself was an exclusive, invitation-only gathering of 100 select business decision-makers and security researchers from across Latin America.

  • BlueHat v9 Brings the Looking Glass To You...

    Celene here from the MSRC Ecosystem Strategy Team. BlueHat v9: Through The Looking Glass ended just over a month ago and the success of the con lives on due to the outstanding training and networking between Microsoft employees, external speakers, and guests. I'm happy to say that the speaker video interviews and selected recorded presentations are now live on the BlueHat TechNet Page. As promised, we have posted talks from every track block. The samples available are from the e-crime, cloud, mobile and fuzzing content blocks.

    As you probably know by now, BlueHat is primarily about educating our own Microsoft population so we can better understand how to build more secure products. The more we know about the security ecosystem, the more we at Microsoft can truly comprehend and assess our security reality. Our secondary goals are to build bridges and bring transparency to the security community to facilitate positive information exchanges.

  • Numbers, Big Numbers, at the RSA Conference 2010

     San Francisco has always been a somewhat odd but pleasant outpost with an appeal that attracts people from all over. It was so in the late 1840s, when the prospects of gold lured people to the area, in a short time transforming the small settlement of San Francisco to a boomtown. More recently, many in the IT field have been attracted to San Francisco because of the pleasant weather, even in winter. And last week at the Moscone Center, in the buzzing SoMa neighborhood, was brought to town one of the largest security conferences in the world: RSA.

  • There were dragons. Everywhere.

    Guten Morgen! Joe Hemmerlein hier vom Microsoft Security Response Center (MSRC). I just returned from Germany earlier this month, where I spent some time mingling with security researchers. It's customary that we share a bit of our experience at security conferences right here, on the EcoStrat blog - and this is my first posting.

  • Announcing BlueHat v9: Through the Looking Glass

    BlueHat v9 will take place from October 21 to 23 at the Microsoft campus in Redmond. Last year, we experimented with a day dedicated to attacks and a day dedicated to SDL security mitigations. This year, we will give you the best content out there… we are interweaving talks from internal and external security subject matter experts with themes related to e-crime, mobile security, cloud computing, and fuzzing.

    We kick it off with the BlueHat Executive Sessions on October 21 with condensed versions of the presentations delivered in a deeply technical "Cliff Notes" style. October 22 and 23 are filled with BlueHat General Sessions for our Microsoft IT pro and developer population.

  • Defend the Flag: Roguery Abounds!

    Handle: k8e IRL: Katie Moussouris Rank: Senior Security Program Manager Likes: Cool vulns (responsibly disclosed of course), girls with soldering irons, Spanish tapas, quantum teleportation Dislikes: Rudeness, socks-n-sandals, licorice ...
  • Constants and Change

    Microsoft has been talking about community-based defense for some time now. This week, I want to provide a personal dimension to the campaign, and give an update on recent activities. Curiously, as I started to write this post, a couple of phrases popped up, which despite being somewhat trite, seemed appropriate – "change is constant" and "the more things change the more they stay the same."

  • Black Hat USA: Hoping what happens in Vegas doesn’t actually stay in Vegas…

    This week our team is preparing to travel to Black Hat USA in Las Vegas Nevada, a hotspot (literally and figuratively), and one of the largest gatherings of security professionals in the world. Black Hat brings together diverse security communities to discuss, debate, deploy, and disseminate security information. It is a week of breaking bread with our friends and rivals, learning from others around the world and bridging the roles of researcher and vendor to raise our security awareness.

    Within Microsoft, we have a community of security defenders.

  • Ahn-young-ha-seh-yo & Kon-ni-chi-wa

    Hi! It's been a while since I've had a chance to blog about all the things we have been doing here. As travelling around to various security events is a big part of our mantra, I’ve been to Tokyo Japan for PacSec and Seoul, South Korea for POC 2009. Both were great conferences and had great security talks.


    PacSec had a lot of the Japanese security scene in attendance (the local powerhouses are pretty sharp and savvy) along with international researchers and past BlueHat speakers, Charlie Miller and Alex Stamos. Take a minute to check out archived presentations from our own Tony Lee introducing the SIRv7 and Jason Shirk discussing fuzzing strategies. But the biggest interest concerned mobile code threats such as malware and how the perimeter defenses are fading away as a viable protection. This seems to be a hot topic everywhere, so hot that the just wrapped-up BlueHat v9 con had an entire track dedicated to mobile security, and in June 2010, at the annual FIRST Conference, how the perimeter defenses are fading away will be the theme for the whole conference.

  • 心の会合: The Gathering


    I guess you are wondering why I said hello in Japanese. I have just recently returned from attending the 21st Forum of Incident Handling and Security Teams (FIRST) annual conference hosted in the awesome city of Kyoto in Japan. The city of Kyoto is beautiful. I was amazed at all the interesting palaces and temples located right in the middle of a modern city. It was truly awesome. What was even more awesome was the 21st FIRST Annual Conference. You have heard us here at Microsoft talk a lot lately about community-based defense initiatives. These initiatives drive the security ecosystem to work in a coordinated fashion to address security issues. This works best by creating a community that is built on trust and common goals. The common goal here is to build coordinated defense from attacks. FIRST is one such trusted, security-focused community. This is one reason why Microsoft supports their efforts. As a community of incident and security response teams, FIRST provides a trusted network to share information and provide coordination efforts that is all member-driven.

  • SOURCE, Not Your Usual Boston Tea Party

    I recently returned from the second iteration of the SOURCE Boston computer security conference, and I must say, it was both an intimate conference of less than 250 folks and a high-caliber gathering. As with other conferences that the Microsoft Security Response Center (MSRC) co-sponsors, we see these forums as opportunities that highlight relevant research and showcase how individual strategies can intersect to offer substantial benefits and positive-sum outcomes.

  • G’day mate, howsitgoing?

     G’day, or should I say howdy, y’all. As the newest member of the Microsoft EcoStrat team, I figured I would do a quick self-introduction before getting down to work. I am a Senior Security Strategist with the Microsoft Security Response Center (MSRC) based in Redmond. Prior to my big move to the USA, I was the Operations Manager of AusCERT in Australia (that’s the place that is famous for kangaroos and Tim Tams, to ensure you didn’t think I meant Austria!) My role here at Microsoft varies, but at the very top of my list is ensuring that Microsoft strengthens its relationship with the global community of national and government Computer Emergency Response Teams (CERTs).

  • CanSecWest: Caution, Community at Play

    CanSecWest, in beautiful Vancouver BC, is one of my favorite conferences each year. It’s a cozy little security con that brings together security researchers from all parts of the security ecosystem.  Like a PhNeutral or a BlueHat, one never quite knows what to expect out of a CanSecWest, but we do know that Microsoft products and engineers will play a prominent role. We’ll be presenting new security innovations and new tools, we’ll be watching Pwn2Own closely for possible hacks, and we’ll be happy to discuss our industry best practices in the hallway track.