Security TechCenter

What is BlueHat?

BlueHat is a by-invitation-only Microsoft security conference aimed at bringing Microsoft security professionals and external security researchers together in a relaxed environment to promote the sharing of ideas and social networking. BlueHat is a cutting-edge conference aimed at improving the security of Microsoft products. BlueHat continuously seeks out new and innovative material, highlighting important emergent technologies, techniques, and industry best practices.

Who attends?

The audience consists of a multinational mix of professionals involved on a daily basis with security work including security product vendors, security researchers, security officers, members of security response teams, past BlueHat speakers, and some press.

To the external community, BlueHat is by invitation only―not because there aren't a slew of diverse minds who wouldn't be excellent participants and speakers, but because there is a limited capacity and the BlueHat Planning Team looks to people who are exploring areas we're interested in or who need to be brought together for strategic networking to fill these spots.

Who presents?

While there is an internal Call for Papers, there is no BlueHat external CFP. Speakers are invited to submit papers on a case-by-case basis based on what’s cutting edge and relevant in security and privacy to the current Microsoft threat landscape.

The security research community presenting at Microsoft BlueHat consists of individuals contributing to thought leadership in many security-related areas, to name a few:

  • Vulnerability economy
  • Web application security
  • Mobile/Wireless devices
  • Crimeware
  • Penetration testing and fuzzing
  • Architecture flaws
  • Network design and compromise
  • Reverse engineering
  • Exploit development
  • Intrusion prevention
  • Cryptography
  • Lions and tigers and bears

The BlueHat Archive

You'll find session descriptions, speaker bios, and podcast or video interviews with presenters for previous BlueHat events at the following links:

 

Recent Events

BlueHat v9 took place on October 22-23, 2009 at the Microsoft corporate headquarters. BlueHat v9 consisted of two full days of cutting-edge content from both internal and external security experts, presented in a lecture theater environment. The presentations offered speakers the opportunity to showcase ongoing research and collaborate with peers while highlighting advancements in security products and techniques. Stay tuned to the BlueHat Fall 2009 Sessions page for video interviews and select presentations from the conference which will be posted soon.

BlueHat Training Videos

 Understanding Office Binary File Format

Why wait until the next conference to learn more about security and privacy? In less than 30 minutes, get in-depth technical guidance, including full-screen demos, from this video by the Microsoft Security Response Center Engineering Team. Geared toward security analysts, virus researchers, IDS signature authors, and security professionals, this video covers Microsoft Office file formats and how to write generic detection to help protect customers from Office exploits.

BlueHat Videos

View brief interviews and select sessions from key presenters at past BlueHat Security Briefings.

BlueHat Security Briefings Blog BlueHat Security Briefings Blog
Know thy Enemy
I recently attended BlueHat for the second time and spoke about the SMS vulnerabilities Collin Mulliner and I discovered and exploited this summer. BlueHat is an interesting speaking venue because the audience consists entirely of Microsoft employees... more
Friday, Nov 6
The lighter side of the cloud
Billy Rios here. I’m giving a talk this week along with Nate McFeters entitled, “Sharing the Cloud with Your Enemy.” It’s a fun, realistic talk on security in the cloud. Why cloud computing? Cloud computing, software as a service, infrastructure as... more
Wednesday, Oct 21

Microsoft Security Response Center Ecosystem Strategy Team Blog Microsoft Security Response Center Ecosystem Strategy Team Blog
Announcing BlueHat v9: Through the Looking Glass
Handle:C-Lizzle IRL: Celene Temkin Rank: Program Manager 2 & BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos! BlueHat v9 will take place from... more
Monday, Sep 14
Threat Complexity Requires New Levels of Collaboration
Handle:StoneZ IRL: Adrian Stone Rank: Senior Security Program Manager Lead Likes: Predictive Analytics, Game Theory, Databases, Sports Cars, NFL Football, Direct People Dislikes: Losing, Liars, Posers, No Talent Clowns Handle:k8e IRL: Katie Mo... more
Monday, Jul 27
Page view tracker