Since 2005, BlueHat has been where the security research community, and Microsoft, come together as peers; to debate, discuss, share, challenge, celebrate and learn. On The BlueHat Podcast, Microsoft and MSRC’s Nic Fillingham and Wendy Zenone will host conversations with researchers and industry leaders, both inside and outside of Microsoft, working to secure the planet’s technology and create a safer world for all.
…
continue reading
Security Unlocked explores the technology and people powering Microsoft's Security solutions. In each episode, Microsoft Security evangelists Nic Fillingham and Natalia Godyla take a closer look at the latest innovations in threat intelligence, security research, and data science, with a special focus on demystifying artificial intelligence and machine learning. Be sure to listen in and follow us! Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
1
Behind the Scenes and Best Practices for Submitting to MSRC with Jim Hull
38:59
38:59
Play later
Play later
Lists
Like
Liked
38:59
Jim Hull, Program Manager at MSRC joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast to share insights into his role in reviewing vulnerability reports and managing cases. They dive into the submission process, detailing the types of reports accepted by MSRC and what happens after a researcher submits a potential vu…
…
continue reading
1
Guy Arazi on the Art and Science of Variant Hunting
44:01
44:01
Play later
Play later
Lists
Like
Liked
44:01
Guy Arazi, a UK-based security expert at Microsoft, joins Nic Fillingham on this week's episode of The BlueHat Podcast. Guy discusses his journey in security, which began in 2018 when he joined Microsoft, and his current role focusing on online services vulnerabilities within the MSRC (Microsoft Security Response Center). They delve into the concep…
…
continue reading
1
Ryen Macababbad on How Security Can Empower Productivity
40:42
40:42
Play later
Play later
Lists
Like
Liked
40:42
Ryen Macababbad, Principal Security Program Manager at Microsoft joins Nic Fillingham on this week's episode of The BlueHat Podcast. Ryen discusses their career journey, including the return to Microsoft after working in security architecture and customer trust engineering. Ryen shares insights from their time at Hacker Summer Camp 2024 in Las Vega…
…
continue reading
1
Michael Howard on Secure by Design vs Secure by Default
48:14
48:14
Play later
Play later
Lists
Like
Liked
48:14
Michael Howard, Senior Director at Microsoft joins Nic Fillingham on this week's episode of The BlueHat Podcast. Michael shares his journey at Microsoft, starting from his early days in New Zealand as part of a small team of ten. He discusses his extensive career, his contributions to cybersecurity, and his role in the development of essential secu…
…
continue reading
1
Navigating AI Safety and Security Challenges with Yonatan Zunger
53:34
53:34
Play later
Play later
Lists
Like
Liked
53:34
Yonatan Zunger, CVP of AI Safety & Security at Microsoft joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Yonatan explains the distinction between generative and predictive AI, noting that while predictive AI excels in classification and recommendation, generative AI focuses on summarizing and role-playing. He hi…
…
continue reading
1
Craig Nelson on Simulating Attacks with Microsoft’s Red Team
37:49
37:49
Play later
Play later
Lists
Like
Liked
37:49
Craig Nelson, leader of Microsoft's Red Team joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Craig explains how the Red Team simulates attacks on Microsoft's infrastructure to identify vulnerabilities and protect customer data stored in the cloud. He emphasizes the importance of these simulated attacks in prepar…
…
continue reading
1
Unlocking Backdoor AI Poisoning with Dmitrijs Trizna
46:53
46:53
Play later
Play later
Lists
Like
Liked
46:53
Dmitrijs Trizna, Security Researcher at Microsoft joins Nic Fillingham on this week's episode of The BlueHat Podcast. Dmitrijs explains his role at Microsoft, focusing on AI-based cyber threat detection for Kubernetes and Linux platforms. Dmitrijs explores the complex landscape of securing AI systems, focusing on the emerging challenges of Trustwor…
…
continue reading
1
From Morris to Azure: Shawn Hernan’s Three Decades in Security
43:49
43:49
Play later
Play later
Lists
Like
Liked
43:49
Shawn Hernan, Partner Security Engineering Group Manager at Microsoft joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Shawn leads Microsoft Cloud & AI Security Assurance, overseeing an international team of security professionals dedicated to proactively addressing security challenges through vulnerability resea…
…
continue reading
1
MSRC VP Tom Gallagher on 25 Years of Security at Microsoft
31:40
31:40
Play later
Play later
Lists
Like
Liked
31:40
Tom Gallagher, VP of Engineering and head of MSRC, joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. After nearly 25 years at Microsoft, Tom reflects on his early days at the company, where he started as a penetration tester on SharePoint, offering insights into the evolving landscape of cybersecurity since 1999. …
…
continue reading
1
Educating the Future: Aaron Tng's Cybersecurity Blueprint
32:53
32:53
Play later
Play later
Lists
Like
Liked
32:53
Aaron Tng, a Microsoft Student Ambassador and BlueHat Conference Speaker, joins Nic Fillingham on this week's episode of The BlueHat Podcast. Aaron shares how his curiosity during the pandemic in 2020, sparked by the surge in cyber-attacks, propelled him into the world of cybersecurity. Through dedicated self-learning and leveraging resources like …
…
continue reading
Dor Dali, Head of Security Research at Cyolo, joins Nic Fillingham on this week's episode of The BlueHat Podcast. They delve into Dor's journey into cybersecurity, from pranking friends as a teenager to his professional roles, including his involvement in the Blue Hat conference through GE, where he helped create the Capture The Flag (CTF) challeng…
…
continue reading
1
Beyond the Code: Ethics and AI with Katie Paxton-Fear
43:45
43:45
Play later
Play later
Lists
Like
Liked
43:45
Cyber Security Content Creator, Speaker & Ethical Hacker, Katie Paxton-Fear, joins Nic Fillingham on this week's episode of The BlueHat Podcast. Katie holds a PhD in defense and security AI plus cybersecurity and works as an academic, teaching undergraduate students cybersecurity topics. She also runs a popular YouTube channel focused on bug bounty…
…
continue reading
1
SaaS Exposed: Unmasking Cyber Risks in Cloud Integrations
39:18
39:18
Play later
Play later
Lists
Like
Liked
39:18
Luke Jennings, VP of Research & Development at Push Security joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Luke explains his recent presentation on a new SaaS cyber kill chain, exploring how attackers might target modern organizations heavily reliant on cloud and SaaS services, even when traditional infrastruc…
…
continue reading
1
Decoding Conference Proposals with Lea Snyder
47:57
47:57
Play later
Play later
Lists
Like
Liked
47:57
Lea Snyder, Principal Security Engineer at Microsoft joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Lea is a security leader focused on security strategy and helping organizations mature their security posture and security programs, focusing on areas including IAM, product security, and risk management. Lea exp…
…
continue reading
Dustin Heywood, Hacker, Researcher, and Senior Leader at IBM, joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Dustin provided a live demonstration of cracking NTLM version 1 during his BlueHat presentation, showcasing the process of responding to challenges, using coercion techniques, and ultimately extracting a…
…
continue reading
1
Breaking Bias: Tera Joyce and Tina Zhang-Powell on Celebrating Women in Cybersecurity
51:20
51:20
Play later
Play later
Lists
Like
Liked
51:20
Microsoft Principal Security Engineering, Tera Joyce and Senior Security Program Manager at Microsoft, Tina Zhang-Powell join Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. As we celebrate International Women's Day and Women's History Month, Tina and Tera join the show to discuss the importance of allies in promoting…
…
continue reading
1
Black Voices Matter: The Role of Allyship in Cybersecurity with Devin Price and Derrick Love
58:24
58:24
Play later
Play later
Lists
Like
Liked
58:24
Microsoft Security Technical Program Manager Devin Price and Sr. Program Manager Derrick Love join Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. The discussion delves into the experience of being Black in the cybersecurity field. Derrick and Devin share their thoughts on the representation of Black individuals in te…
…
continue reading
1
No Women; No Problem: Katelyn Falk on Creating an ERG for Women in Security
44:41
44:41
Play later
Play later
Lists
Like
Liked
44:41
Katelyn Falk, Principal Security TPM at Zoom, joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Katelyn is a security technical program manager with 11+ years of experience across IT and security, both cyber and physical, and is also co-founder of Zoom's Women in Security group. Katelyn, Wendy, and Nic discuss the…
…
continue reading
1
Harnessing the Power of Community in Cybersecurity with Darren Spruell
42:22
42:22
Play later
Play later
Lists
Like
Liked
42:22
Leading Threat Intelligence at InQuest, Darren Spruell joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Darren explains InQuest's focus on Deep File Inspection® technology to identify malicious traits in files and talks about their role in serving public and private sector companies. Darren shares his cybersecuri…
…
continue reading
1
Canary (Tokens) in the Code Mine with Casey Smith
37:23
37:23
Play later
Play later
Lists
Like
Liked
37:23
Thinkst Canary, Cyber Security Researcher Casey Smith joins Nic Fillingham on this week's episode of The BlueHat Podcast. Nic and Casey discuss his background in security, his experience presenting at Blue Hat, and his session on building a Canary token to monitor Windows process execution. The Canary token project is an open-source initiative that…
…
continue reading
1
Mastering the Bug Hunt: Insights and Ethics with Nestori Syynimaa
39:44
39:44
Play later
Play later
Lists
Like
Liked
39:44
Senior Principal Security Researcher Nestori Syynimaa joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Nestori is an ICT professional with a strong practical and academic background. Since April 2021, Nestori has worked as a Senior Principal Security Researcher at Secureworks' Counter Threat Unit. Before joining …
…
continue reading
1
Service Principles in the Spotlight: Insights from Microsoft’s Security Experts
43:55
43:55
Play later
Play later
Lists
Like
Liked
43:55
Senior Data Scientist Emily Yale and Senior Threat Hunt Analyst at Microsoft Chris Bukavich join Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Chris focuses on incident response, investigation, and detection of major incidents, while Emily works on developing and improving detections for Microsoft's internal securit…
…
continue reading
1
Kaileigh McCrea: Navigating the Privacy Maze: Insights from the Yandex Controversy
45:36
45:36
Play later
Play later
Lists
Like
Liked
45:36
Kaileigh McCrea, Lead Privacy Engineer at Confiant, joins Wendy Zenone on this week's episode of The BlueHat Podcast. Kaileigh explains her journey into privacy engineering, the ever-evolving nature of privacy regulations, and the challenges of defining protected data. Wendy and Kaileigh also delve into Yandex's extensive reach, connections to the …
…
continue reading
1
Deprecating NTLM is Easy and Other Lies We Tell Ourselves with Steve Syfuhs
43:34
43:34
Play later
Play later
Lists
Like
Liked
43:34
Steve Syfuhs, Principal Software Engineer at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Steve has spent the last decade building secure systems and is working at Microsoft as a Principal Developer. In this episode, Steve, Nic, and Wendy discuss how continually improving hardware allows for faster…
…
continue reading
1
BlueHat Oct 23 Day 1 Keynote: John Lambert
49:27
49:27
Play later
Play later
Lists
Like
Liked
49:27
In this week’s special episode, we bring you the BlueHat Oct 23, day 1 keynote delivered by John Lambert, Microsoft Corporate Vice President and Security Fellow. In his BlueHat Oct day 1 keynote, John discusses the importance of incidents in the security field, strategies for finding security incidents, and the importance of looking beyond traditio…
…
continue reading
1
Bluehat Oct 23 Preview with Jessica Payne
41:26
41:26
Play later
Play later
Lists
Like
Liked
41:26
Microsoft Threat Intelligence Analyst Jessica Payne joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Nic, Wendy, and Jessica discuss Jessica's background in cybersecurity, her journey to Microsoft, her passion for making security more accessible, and the importance of diversity in the field. Jessica also emphasiz…
…
continue reading
1
Sherrod DeGrippo on Why She Loves Cyber Crime
40:51
40:51
Play later
Play later
Lists
Like
Liked
40:51
Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft and Host of The Microsoft Threat Intelligence Podcast, joins Nic Fillingham on this week's episode of The BlueHat Podcast. Sherrod is a frequently cited threat intelligence expert in media, including televised appearances on the BBC news and commentary in the Wall Street Journa…
…
continue reading
1
Deciphering Privacy in the Age of AI: An Expert Discussion
42:43
42:43
Play later
Play later
Lists
Like
Liked
42:43
Giovanni Cherubin and Ahmed Salem join Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Giovanni is a Senior Researcher in Machine Learning and Security at Microsoft Research Cambridge, and Ahmed is a researcher in Confidential Computing at the Microsoft Research lab in Cambridge, UK. They're both interested in artific…
…
continue reading
Hyrum Anderson and Ram Shankar join Nic Fillingham and Wendy Zenone on this week’s episode of The BlueHat Podcast. Hyrum Anderson is a distinguished ML Engineer at Robust Intelligence. He received his Ph.D. in Electrical Engineering from the University of Washington, emphasizing signal processing and machine learning. Much of his technical career h…
…
continue reading
1
Fuzzing, Forensics and Flowers with Amanda Rousseau AKA Malware Unicorn
40:49
40:49
Play later
Play later
Lists
Like
Liked
40:49
Amanda Rousseau, Offensive Security Engineer for the Microsoft Offensive Research and Security Engineering Team, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Amanda loves malware; she worked as an Offensive Security Engineer on the Red Team at Facebook, a Malware Researcher at Endgame, and the U.S. Department…
…
continue reading
1
You Are Eye: Why Understanding URIs is Critical to Security with Michael Hendrickx
34:31
34:31
Play later
Play later
Lists
Like
Liked
34:31
Michael Hendrickx, Principal Security Engineering Manager at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Michael works in Azure security at Microsoft and leads a team focused on conducting penetration tests on Azure services. The team draws inspiration from the bug bounty community and external so…
…
continue reading
1
AAAAAAAAAAAAAAA! You Overflowed My Integer! with George Hughey and Rohit Mothe
45:08
45:08
Play later
Play later
Lists
Like
Liked
45:08
Rohit Mothe, Senior Security Researcher at Microsoft, and Windows Security professional George Hughey join Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. In this episode, they discuss integer overflow bugs, how they can be nuanced and often confused with other bug categories, why accurately classifying these bugs is …
…
continue reading
1
Rachel Giacobozzi on the Art of Threat Intelligence Storytelling
37:14
37:14
Play later
Play later
Lists
Like
Liked
37:14
Rachel Giacobozzi, Principal Research Lead at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Rachel explains the importance of creating a cohesive story not only to convey what happened in an attack but also to explain its significance, why we need to start addressing phishing attacks through educati…
…
continue reading
1
Raul Rojas: Navigating the AI-infused Security Landscape
53:06
53:06
Play later
Play later
Lists
Like
Liked
53:06
Raul Rojas, Principal Security Compliance Manager at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Raul manages and leads a team of information security professionals across application security, incident response, remediation, security data science & engineering. Raul discusses the importance of AI…
…
continue reading
1
Dan Tentler on How the Old Ways Still Work
46:46
46:46
Play later
Play later
Lists
Like
Liked
46:46
Dan Tentler, Executive Founder and CTO of Phobos Group, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Dan has a wealth of defensive and adversarial knowledge and a strong background in systems, networking, architecture, and wireless networks. Dan discusses his time at BlueHat 2023, why you should put everythin…
…
continue reading
1
Cameron Vincent on Both Sides of Bug Hunting
40:57
40:57
Play later
Play later
Lists
Like
Liked
40:57
Cameron Vincent, a security researcher at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Cameron has been one of the top researchers for both Microsoft and Google programs numerous times. He now works on the V&M team within the MSRC side, dealing with security issues internally. Cameron discusses wit…
…
continue reading
James Forshaw, a security researcher at Google's Project Zero, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. James has been involved with computer hardware and software security for over ten years and has been listed as the number one researcher for MSRC, as well as being a Pwn2Own and Microsoft Mitigation Byp…
…
continue reading
1
David Weston on the Importance of Security Research
41:27
41:27
Play later
Play later
Lists
Like
Liked
41:27
David Weston, Vice President of Enterprise and OS Security at Microsoft, joins Nic Fillingham on this week's episode of The BlueHat Podcast. With over twenty years of experience in the industry, David has a deep knowledge of cybersecurity best practices and has been recognized as a thought leader. In addition to his work in cybersecurity, David als…
…
continue reading
Get ready for The BlueHat Podcast - A new security research-focused podcast from Microsoft featuring conversations with security researchers and industry leaders, both inside and outside of Microsoft. Hosted on Acast. See acast.com/privacy for more information.By Microsoft
…
continue reading
The success of crypto inspired dozens of other cryptocurrencies like Ethereum, Tether, and Dogecoin. Today, people worldwide use cryptocurrencies to buy things, sell things, and make investments. One thing is certain; digital currencies are here to stay, no matter how many times you have to explain what a bitcoin is. Unfortunately, it also created …
…
continue reading
Ransomware attacks have never been so successful. The returns from these attacks are soaring and only becoming easier to conduct. In chapter two of the Microsoft Digital Defense Report, the growing threat of cybercrime is covered in great detail. As we continue to go over the MDDR, it's more apparent than ever that the cybercrime economy and servic…
…
continue reading
Everything is exciting and new when you're a kid, and curiosity inspires many of us to branch out and try new things. For some, that means drawing from our imagination or trying all kinds of sports. And for others it means spending days at the library, checking out books on modem communications, and eventually hacking into the local dial-up communi…
…
continue reading
Disinformation refers to the calculated use of false information to influence others and has been a steadily growing form of information warfare. Unfortunately, disinformation is everywhere these days, often hidden in plain sight. Criminals will also adapt and take advantage of technologies, such as AI and deepfakes, to increase the effectiveness o…
…
continue reading
Microsoft works around the clock to protect their customers, no matter what product they’re using, Microsoft or otherwise. In some instances Microsoft teams up with other companies, creating an all-star cybersecurity team, to handle newly discovered vulnerabilities. It helps everyone stay more secure, and of course, that's the ultimate goal, right?…
…
continue reading
In December 2020, Microsoft began sharing information with the cybersecurity industry on a group of Russia-based hackers who gained access to multiple enterprises through vulnerable software code, stolen passwords, compromised on-premises servers, and minted SAML tokens. In this supply chain attack, hackers could access the SolarWinds code, slip ma…
…
continue reading
We are back, covering more of the 2021 Microsoft Digital Defense Report, and this time we’re taking a deep dive into chapter five on Hybrid Workforce Security and Zero Trust. Zero Trust means precisely what it sounds like, never assuming any device or identity is secure; it's like having major trust issues, but in a professional way. With most busi…
…
continue reading
The way most people operate online these days, what would you even consider private anymore? We are so quick to share details about our job, home, friends, and family without even thinking about how much personal info we're giving away. Privacy and user agreements are a part of almost everyone's life at this point, and what do you know about them? …
…
continue reading
The newfound popularity of the internet in the nineties spurned an obsession with hacking. Unfortunately, most movies believed that it wasn't possible to show real hacking and still be entertaining; hence all the awkward video game graphics and characters living in sketchy basements regularly yelling out, "We're in!" while pounding on their keyboar…
…
continue reading
1
The 2021 Microsoft Digital Defense Report
39:22
39:22
Play later
Play later
Lists
Like
Liked
39:22
Okay, look, we know you plan on reading the entire 2021 MDDR at some point. But you're busy. Life gets in the way. We get it. Who has the time! Well, we've got the time, but that's beside the point, and honestly... fortunate for you. We've read the report front to back and have decided to cover some of it today on the podcast, but you'll still need…
…
continue reading
What would you say is the most personal possession that you own? Most would say their cell phone... unless you still have a few journals from high school. And if you do, this is your reminder that it might be time to let those go. It's become increasingly apparent lately how much info our phones collect from us, from the first app you check in the …
…
continue reading