I went to some really good sessions yesterday, among them "the Buzz on Fuzzing" by Hugh Thompson, who had a great definition for what fuzz testing is, which I caught on video and will be posting as an update whenever I have some free time.  I did not catch his excellent description of his first experience with fuzz testing Coke machines on the video, and if can't get him to tell the story for me again today, I may just resort to describing it in text ;-0

 Mike Howard and I are presenting today on Windows Vista security changes in the developer track, so please come to that if you are at the show, and introduce yourself if we haven't met.  Here are the other Microsoft sessions today:

 

Time Speaker and Title Location

8:00 - 8:50 a.m.

The Balanced Scorecard and Information Security
Patrick Hanrion, Sr. Security Consultant, Microsoft Corporation
Bruce Gossard, Marketing Manager for Security, Cisco Systems, Inc.
Paul Niven, President, The Senalosa Group
Steve Kruse, President, Impruve

Gold Room 301

9:10 - 10:20 a.m.

Fundamental Security Changes in Windows Vista
Jeffrey Jones, Directory, Security Technology Unit, Microsoft Corporation
Michael Howard, Senior Security Program Manager, Microsoft Corporation

Gold Room 309

10:40 - 11:50 a.m.

E-mail is Authenticated. Now What?
Craig Spiezle, Director, Online Safety, Microsoft Corporation
Paul Judge, Chief Technology Officer, Secure Computing
Ross Fubini, Senior Director of Engineering, Symantec Messaging & Web Security, Symantec Corporation
Eric Allman, Chief Science Officer & co-founder, Sendmail
Jim Fenton, Distinguished Engineer, Cisco Systems, Inc.

Gold Room 306

10:40 - 11:50 a.m.

Network Access Control Panel -- Industry Giants Debate the Future
Khaja Ahmed, Architect - Windows Networking Security, Microsoft Corporation
Lawrence Orans, Research Director, Gartner, Inc.
Steve Hanna, Distinguished Engineer, Juniper Networks
Russell Rice, Director Product Management, Cisco Systems, Inc.

Green Room 103

10:40 - 11:50 a.m.

The Rise in Crimeware Continues...
Jeannette Jarvis, Security Group Program Manager, Worldwide Services, Microsoft Corporation
Larry Bridwell, VP of Global Security Strategies, Grisoft, Inc.
Alex Shipp, Imagineer, MessageLabs
Righard Zwienenberg, Chief Research Officer, Norman Data Defense Systems
David Perry, Global Director of Education, Trend Micro, Inc.

Green Room 102

10:40 - 11:50 a.m.

Development of an Organizational Information Security Policy Process Model
Steve Lipner, Senior Director of Security Engineering Strategy, Security Technology Unit, Microsoft Corporation
Dr. Kenneth Knapp, Assistant Professor of Information Systems, United States Air Force Academy

Gold Room 308