Announcing BlueHat v11: We fight for the user!

It seems like we only just had BlueHat v10, but already BlueHat v11 is less than a month away. Our schedule is ready, the banners are printed, and now seems like a great time to give some more detail on what’s coming up.

As you probably know already, BlueHat is an invitation-only conference where security experts get to mingle with Microsoft’s own security team and core product groups. I attended v10 as an outsider to Microsoft, but to see it come together from the inside has been even more gratifying. It is amazing to be part of the engine that brings these people together and helps us develop more secure products, allows us to build stronger relationships with the security community, and lets our development teams get a few precious moments of sunlight.

BlueHat v11 will take place on Microsoft’s Redmond campus on the 3rd and 4th of November, and this year our focus is a field that’s seen a lot of expansion in the last twelve months, and not just for Microsoft: web apps and the cloud. We’ll also explore the current threat landscape, taking in tales of real-world attacks by determined adversaries from world-class experts in national defense and corporate anti-espionage. As criminals and adversaries refine their attacks, we are once again bringing some of the sharpest minds in security together to help us shore up our defenses, as we come together as a community to fight for the user.

Here’s a quick overview of the speakers we have lined up over the two days. Full details for the conference and schedule are available on the BlueHat web site.

Day 1: Thursday,
November 3rd – BlueHat v11

We will begin the first day of BlueHat v11 with Andrew Cushman of Microsoft, who will give a short presentation on his experience with BlueHat over the years. Then there will be an exclusive conversation with Shawn Henry of the FBI. Mark Raeburn, CEO of Context, will share insights on current and evolving threats from his experience as an ethical hacker-for-hire, as well as a first-responder to actual compromises. The morning sessions will conclude with Mark Oram, Principal Security Program Manager at Microsoft, and a special session on what Microsoft is doing to fight for the user.

The afternoon track will be dedicated to Web Application Security. Jeremiah Grossman, former speaker at BlueHat, will give an overview of the current state of Web Application Security and provide some statistical data on website compromises. Then Mario Heiderich will present the up-to-date talk on cross-site scripting attacks and mitigations, especially in HTML5 implementations. Finally, we will conclude with a presentation from Joe McCray on Web Application Firewalls, their drawbacks and the importance of designing secure web applications that don’t make security assumptions.

Day 2: Friday,
November 4th – BlueHat v11

Day two will kick off with David Treadwell, Director of Cloud Services at Microsoft, presenting an overview from his perspective on Cloud Security. Rich Lundeen, Jesse Ou, and Travis Rhoades of Microsoft will give an informative presentation on new (and not so new) web application attacks that can also be exploited if the backend systems are cloud based. Jared Pfost, formerly of Microsoft, will share some insights on the value of security. As companies are driving towards the ease and ubiquity of the cloud, it is vital to understand the security implications involved regarding financialsdata security, and the required effort to ensure that your company is investing its security resources in the best place possible. John Walton of Microsoft will conclude this track with an innovative approach to thinking about cloud security. John’s talk abandons the “Get it right the first time” attitude when thinking about a security implementation, opting instead for exploring and addressing the implementation with the assumption that your system is already breached — that you are already vulnerable. This talk will challenge you to think of what YOU will do next.

The final track of BlueHat Redmond v.11 will investigate the sometimes surprising deployment context of Microsoft’s products and services, as well as present some interesting ways users can be compromised. Alex Plaskett, a researcher at MWR in the UK, will share research that he and his team have performed on the Windows Phone platform and how it compares to other mobile platform security models, while taking a closer look at what types of vulnerabilities are introduced by OEM software. Matias Brutti of IOActive will present data on the interactions between the platform, the applications, and the app stores — the security trifecta that puts mobile devices and users potentially at risk. Moxie Marlinspike will conclude BlueHat with his insights on SSL and the Certificate Authority system and potential directions of authentication and authorization systems that could help to create a more robust model moving forward.

Noelle Murata
Security Program Manager, MSRC