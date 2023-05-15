Since 2005, BlueHat has been where the security research community, and Microsoft, come together as peers; - to debate, discuss, share, challenge, celebrat... More
Cameron Vincent on Both Sides of Bug Hunting
Cameron Vincent on Both Sides of Bug Hunting

Cameron Vincent, a security researcher at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Cameron has been one of the top researchers for both Microsoft and Google programs numerous times. He now works on the V&M team within the MSRC side, dealing with security issues internally. Cameron discusses with Nic and Wendy the importance of understanding your role and responsibilities in the workplace, the first bug he ever submitted, and his time presenting at BlueHat 2023. In This Episode You Will Learn: The benefits of face-to-face communication and how to balance it with technology. Why you should build a supportive culture of communication How to get involved in the world of bug bounty hunting Some Questions We Ask: How do you manage and deal with stress and burnout from your work? What are some practical ways to provide feedback to team members? How can we improve communication in a remote work environment?
5/17/2023
40:55
James Forshaw on Writing Your Own Tools
James Forshaw on Writing Your Own Tools

James Forshaw, a security researcher at Google's Project Zero, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. James has been involved with computer hardware and software security for over ten years and has been listed as the number one researcher for MSRC, as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. James is also the author of the book "Attacking Network Protocols" which is available from NoStarch Press. James discusses going after logic-based bugs, his time at BlueHat 2023, and how creativity and intuition help him while hunting for new bugs. In This Episode You Will Learn: Values and benefits of writing your own tooling Why James decided on a high-level, call-to-action presentation for BlueHat 2023 The inspiration behind his new book "Attacking Network Protocols" Some Questions We Ask: Is there a sequence of events you follow when hunting for a logic vulnerability? When should someone consider writing their own tools? What advantages come to mind when writing your tooling for a new project?
5/17/2023
47:11
David Weston on the Importance of Security Research
David Weston on the Importance of Security Research

David Weston, Vice President of Enterprise and OS Security at Microsoft, joins Nic Fillingham on this week's episode of The BlueHat Podcast. With over twenty years of experience in the industry, David has a deep knowledge of cybersecurity best practices and has been recognized as a thought leader. In addition to his work in cybersecurity, David also advocates for diversity and inclusion in the tech industry. He has been actively involved in initiatives to promote diversity in cybersecurity and has spoken about the need for greater diversity in the industry. David discusses with Nic the importance of having a comprehensive cybersecurity strategy, the value of creating a culture of cybersecurity within organizations, and why we need regular software updates and investing in cybersecurity tools. In This Episode You Will Learn: How organizations can create a culture of cybersecurity among their employees The most effective ways to train employees on cybersecurity best practices Tools and technologies that organizations can use to protect themselves Some Questions We Ask: How can organizations overcome some of their biggest challenges in security? Can you share some common mistakes that organizations make regarding cybersecurity? How do you see the cybersecurity landscape evolving in the coming years?
5/17/2023
41:25
The BlueHat Podcast
The BlueHat Podcast

Get ready for The BlueHat Podcast - A new security research-focused podcast from Microsoft featuring conversations with security researchers and industry leaders, both inside and outside of Microsoft.
