What is BlueHat?BlueHat is a twice a year, by-invitation-only Microsoft security conference aimed at bringing Microsoft security professionals and external security researchers together in a relaxed environment to promote the sharing of ideas and social networking. BlueHat is a cutting-edge conference aimed at improving the security of Microsoft products. BlueHat continuously seeks out new and innovative material, highlighting important emergent technologies, techniques, and industry best practices. Who attends?The audience consists of a multinational mix of professionals involved on a daily basis with security work including security product vendors, security researchers, security officers, members of security response teams, past BlueHat speakers, and some press. BlueHat is free to participants, but by invitation only ― not because there aren't a slew of diverse minds who wouldn't be excellent participants and speakers, but because there is a limited capacity and the BlueHat Planning Team looks to people who are exploring areas we're interested in or who need to be brought together for strategic networking to fill these spots. Who presents?While there is an internal Call for Papers, there is no BlueHat external CFP. Speakers are invited to submit papers on a case-by-case basis based on what’s cutting edge and relevant in security and privacy to the current Microsoft threat landscape. The security research community presenting at Microsoft BlueHat consists of individuals contributing to thought leadership in many security-related areas, to name a few: - Vulnerability economy
- Web application security
- Mobile/Wireless devices
- Crimeware
- Penetration testing and fuzzing
- Architecture flaws
- Network design and compromise
- Reverse engineering
- Exploit development
- Intrusion prevention
- Cryptography
- Lions and tigers and bears
The BlueHat ArchiveYou'll find session descriptions, speaker bios, and podcast or video interviews with presenters for previous BlueHat events at the following links: | BlueHat Interviews
View brief interviews from key presenters at the spring 2008 BlueHat Security Briefings. Move your mouse pointer over the images to see details about each video. Click an item to view. After launching a video, click “.jpg "Full-screen button image") ” to view full-screen.
TARGETED FUZZING
The sniper
Normal fuzzing is like shooting a machine gun in the dark and having no idea where the target is. You might hit the target a number of times, but you also miss an awful lot, and it takes a lot of rounds. Using targeted fuzzing, on... moreThursday, August 14, 2008 12:40:00 PM
THE BUSINESS OF PUTTING US OUT OF BUSINESSLet me tell you about a great business plan I ran into recently. It’s not the traditional “we’re all going to make millions” operation, but it has some characteristics you’ll relate to if you have ever tried to pitch a startup idea to a VC …
This is... moreFriday, August 01, 2008 12:04:00 PM
The Valley Between Black & BlueI affectionately call this time between summer conferences, the black and blue phase, where I wear security like a Hypercolor t-shirt, changing colors depending on where we are in our conference shipping and planning cycles. We just shipped a s... moreThursday, August 21, 2008 10:05:00 AM
Leaving Las Vegas: A Black Hat SaluteWhat can I say? Once again, Black Hat did not disappoint. And that’s not just post-party speak. The conversations were good, the input was invaluable, and the support for the new programs we launched—well, it’s been overwhelming. The vibe in the MSRC... moreFriday, August 08, 2008 2:00:00 AM
|