BlueHat Special, Aisle 8…


Celene Temkin

BlueHat Project Manager

Culinary warfare, BlueHat hackers and responsible disclosure

Acts of hubris, MySpace, orange mocha Frappaccinos!

Hopefully by now you’ve seen the lead in to BlueHat v8 blog post, the official announcement post, and perused the spiffy, revamped BlueHat page. I’m truly amazed to see how the content has shaped up as we approach the final countdown to BlueHat v8: C3P0wned on October 16-17. It’s thrilling to see what was once a little hacker con turn into a platform to educate developers and execs with an end-to-end story. Day one of BlueHat will focus on security issues facing the ecosystem while Day two leverages the Security Development Lifecycle (SDL) to discuss the full cycle of proactive security and “baking security in,” so to speak.

BlueHat is first and foremost about educating all the Microsoft “cooks in the kitchen” so we can better understand the security space and ship more secure products. This time, Microsoft will share some of that education with the world. The BlueHat team will post publicly, for the first time ever, a day of BlueHat content. You can also count on speaker video interview podcasts, anecdotes and archives to be on the site as well.

This is the fifth BlueHat I’ve had the pleasure of being a part of. I can’t help but get nostalgic, as I’ve seen the con continue to grow and pick up momentum. Microsoft and the ecosystem continue to endure some pretty significant threats, such as the recent DNS issue, ActiveX issues, etc. In addition, issues including blended threats and other vulnerabilities that affect multiple vendors demonstrate that complex threats are increasing. Understanding these trends give us a strategic call to action. We can leverage BlueHat to bring vendors, researchers, ISV’s, CERT’s (and others) together to understand complex issues and to create recipes for collaboration. It’s not just Microsoft working with other vendors on issues, but Microsoft working with the overall security community to meet these challenges.

Even other companies are taking the time to create BlueHat-like conferences and events at their own facilities to help their own employees sharpen their security skills. The good folks at eBay host Red Team eBay where their security team members can meet and exchange ideas with industry experts. It’s beyond encouraging to witness other companies leading with their best foot forward in creating a melting pot of security information exchange.

I can’t wait for BlueHat v8 and I encourage you all to follow the virtual trail on the BlueHat Blog and SDL Blog leading up to and during the event.

-Celene Temkin

*Postings are provided “AS IS” with no warranties, and confers no rights.*