Microsoft goes public with Blue Hat security conference
Posts blog, Web site on usually secretive event
IDG News Service - Microsoft Corp. is going public with some of the hacking information discussed at its Blue Hat Security Briefings event. Just days after the end of its third Blue Hat conference, the software vendor today posted the first blog entries at a new Web site. Microsoft is also promising to publish more details on the secretive invitation-only event.
The Web site will include Microsoft staffer's "reflections on BlueHat 3" as well as photos, podcasts and video interviews with some of the presenters, said Security Program Manager Kymberlee Price in a blog posting. "We sincerely hope that our BlueHat 3 speakers (and BlueHat 1 & 2 speakers) will post their comments to the site as well and share their BlueHat experience," she wrote.
Presentations given during the latest conference, held last week on Microsoft's campus in Redmond, Wash., covered topics such as "exploiting Web applications" and "breaking into database systems," according to the Web site.
Microsoft started the Blue Hat briefings a year ago to begin a dialogue between the company's security team and external security researchers, many of whom have been critical of the company's approach to security. A handful of outside security researchers spent a few days at Blue Hat discussing Microsoft's security vulnerabilities with several hundred of the company's engineers and executives.
There were more than 650 attendees at Blue Hat 3, which was also broadcast to Microsoft employees worldwide, according to Alexander Kornbrust, a business director at Red-Database-Security GmbH in Neunkirchen, Germany, who attended the event.
One Microsoft blogger praised the open dialogue at the event.
"Everything was fair game," wrote SQL Server engineer Brad Sarsfield in a blog posting. "Hearing senior executives say things like, 'I want the people responsible for those features in my office early next week; I want to get to the bottom of this' was at least one measure of success from my point of view for the event."
The Blue Hat name is a play on the Black Hat conferences, which have occasionally been criticized by IT vendors. The "blue" part comes from the color of badges that Microsoft staffers wear on campus.
Last year, Black Hat organizers were sued by Cisco Systems Inc. after a conference presenter disclosed vulnerabilities in the company's Internetworking Operating System router software. That lawsuit was eventually settled with Black Hat agreeing not to further disseminate the presentation.
Microsoft's site will not have the kind of controversial material that has popped up at Black Hat. "All researchers at the BlueHat are responsible," Kornbrust said.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Gartner Report: A Guide to Gartner's Enterprise Mobile Security Self-Assessment Gartner introduces a model and a Toolkit intended to help mobility and security IT leaders assess their enterprise mobility programs from a security...
- Gartner Report: Containing Mobile Security Risks With the 80/20 Rule IT planners can deliver better mobile protection with higher user satisfaction by segmenting users into risk groups before committing to specific management or...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts