Something Old, Something New, True Blue

This year marks the tenth BlueHat at Microsoft, and my sixth round in participating in the event that has been so instrumental in keeping Microsoft developers and executives in touch with the pulse of security research outside Microsoft, and serves as one of the key crossroads for the exchange of ideas from our internal security experts to the outside world. It is this bi-directional exchange of ideas that not only enriches our security knowledge and awareness, but helps to showcase our expertise to the external security research community.  But this is old news. Good news, but old. πŸ˜‰

So what is new?  One major change for our team this time around is that I now have the honor of leading the team that organizes BlueHat.  I officially stepped into the role of head of security community outreach and strategy at the beginning of September, taking on not only the BlueHat planning team, and overseeing all of TwC Security’s worldwide security conference sponsorship, but also I now run the program I founded in 2008: Microsoft Vulnerability Research (MSVR).  

The security community outreach team at Microsoft has a challenging job – act as bi-directional liaisons between external and internal people whose passion is security.  For some, that passion is focused on attack, and for us, it is focused on defense.   We need to understand attacks in order to be good defenders, and so our relationships with the external security community are vital to keeping us aware of current and emerging trends in threats.  The work of the team is most visible at BlueHat, but it continues throughout the year at established and emerging security conferences around the world.

The expanded scope of the security community outreach team to include MSVR will allow us to not only help shape how Microsoft engages with the security research community, but also to help usher in the next evolutionary step in Windows platform security, as we continue to expand our own security research to include finding, reporting, and helping to resolve more third party vulnerabilities that affect our customers. 

So look for more news this year from MSVR, more innovations in security community outreach, and more cowbell in everything we do.  As this year’s BlueHat comes to a close, my further work as leader of this team begins in earnest.  I am excited for this next chapter in Microsoft’s security history where our team will get to pen a few more lines in an already impressive novel.  As always, we welcome input from the security community, including security researchers, partners, and customers.  You can find me on Twitter, and coming soon to a security conference near you!

*Postings are provided “AS IS” with no warranties, and confers no rights.*