Security Conference Engagement

Coordinated Vulnerability Disclosure: Bringing Balance to the Force

Today on the MSRC blog, Matt Thomlinson, General Manager of Trustworthy Computing Security, announced our new philosophy on Coordinated Vulnerability Disclosure. I wanted to provide some context and history on how this came about. This post is about changing the way we at Microsoft talk about some familiar disclosure concepts, and is meant as an introduction …

Coordinated Vulnerability Disclosure: Bringing Balance to the Force Read More »

Software Security == People && Process && Technology

Mark Curphey here. I run the Subscriptions Engineering Team in Server & Tools Online, where we build complex customer facing web sites like MSDN and TechNet, supporting millions of users. For the last 15 years, I have always held security roles, most recently heading up the Information Security Tools team here at Microsoft, where we …

Software Security == People && Process && Technology Read More »

Thank you Buenos Aires!

Handle:C-Lizzle IRL: Celene Temkin Rank: Program Manager 2 & BlueHat Project Manager Likes: Culinary warfare, BlueHat hackers and responsible disclosure Dislikes: Acts of hubris, MySpace, orange mocha Frappaccinos!   Hey Everyone, As I’m sure you are all well aware by now, the second installment of the BlueHat Security Forum: Buenos Argentina Edition shipped on March …

Thank you Buenos Aires! Read More »

Hacker Olympics: a shout-out from Vancouver, BC!

Handle:Cluster IRL: Maarten Van Horenbeeck Rank: Senior Program Manager Likes: Slicing covert channels, foraging in remote memory pools, and setting off page faults Dislikes: The crackling sound of crypto breaking, warm vodka martni Handle:Mando Picker IRL: Dustin Childs Rank: Security Program Manager Likes: Protecting customers, working with security researchers, second Tuesdays, bourbon, mandolins Dislikes: Using …

Hacker Olympics: a shout-out from Vancouver, BC! Read More »

Heya! Hola and Olá!

It was pretty fun sitting in the panel that kicked-off the first BlueHat Security Forum in Latin America and we are almost half-way through our day here in Buenos Aires.  (Check out Mike Reavey’s EcoStrat Blog post for details about the panel.) It is always great to see old friends from the ecosystem and meet …

Heya! Hola and Olá! Read More »

BlueHat Security Forum: Buenos Aires Edition–Shipping!

Handle:Silver Surfer IRL: Mike Reavey Rank: Director, MSRC Likes: Warm weather, Battlestar Galactica, and responsibly reported vulnerabilities Dislikes: Rain, Rain without end, Clouds with potential for rain, reality TV, and unpatched vulns I’m here at the second edition of the BlueHat Security Forum, this time in Buenos Aires. So far it is shaping up to …

BlueHat Security Forum: Buenos Aires Edition–Shipping! Read More »

Numbers, Big Numbers, at the RSA Conference 2010

Handle:Cluster IRL: Maarten Van Horenbeeck Rank: Senior Program Manager Likes: Slicing covert channels, foraging in remote memory pools, and setting off page faults Dislikes: The crackling sound of crypto breaking, warm vodka martni San Francisco has always been a somewhat odd but pleasant outpost with an appeal that attracts people from all over. It was …

Numbers, Big Numbers, at the RSA Conference 2010 Read More »

Snowpacalypse Now (I love the smell of briefings in the morning)

Handle:Avatar IRL: Karl Hanmore Rank: Senior Security Strategist (aka Sergeant Grunt) Likes: Getting the job done, bringing the fight to the bad guys, good single malt whiskey Dislikes: Cowards, talkers not doers, red tape, humidity Handle:Mando Picker IRL: Dustin Childs Rank: Security Program Manager Likes: Protecting customers, working with security researchers, second Tuesdays, bourbon, mandolins …

Snowpacalypse Now (I love the smell of briefings in the morning) Read More »