BlueHat Security Briefings: Fall 2010 Sessions
- Microsoft corporate headquarters
- October 14 - 15, 2010
- Speakers at BlueHat Security Briefings: Fall 2010 Sessions
BlueHat v10: A Security Odyssey
The primary objective of the BlueHat Conference Series is to build bridges between Microsoft developers and executives, key security program partners, and members of the security research community while educating the greater Microsoft population on security threats and mitigations.
This year's conference builds upon the momentum of past events by showcasing how individual strategies can intersect to offer substantial benefits and positive-sum outcomes. We are looking to demystify global and regional security threats, and to create channels for productive information exchange on common threats that affect all the players of the security ecosystem.
BlueHat v10 again brings leading external security researchers to campus to present timely and lively presentations that showcase ongoing research, state-of-the-art hacking tools and techniques, and emerging security threats. Our main themes for BlueHat v10 focus on predators of the security ecosystem, next-generation infrastructure, risks associated with mobile technologies, and the web browser landscape.
- List
- Top Rated
- Most Viewed
- All
-
Nine Trends Affecting the Future of ExploitationJohn Lambert talks about nine trends that will affect exploitation over the next decade. A number of technological, social, and environmental trends will change the world of exploitation as we've known it in the 2000s. This has lessons alike for defense, attack, and customers in the middle. -
Behind the Curtain of Second Tuesdays: Challenges in Software Security ResponseThis presentation discloses some of the challenges seen by the Microsoft Security Response Center (MSRC) in addressing modern vulnerabilities. As SDL weeded out the simple buffer overflow, vulnerabilities have become more complex in nature and thus more challenging to address. The goal of this presentation... -
![Cyber[Crime/War] – Connecting the Dots](http://media.ch9.ms/ch9/f7dc/b79aa76e-e65d-4774-acfc-735535aaf7dc/BH1003_220.jpg)
Cyber[Crime/War] – Connecting the DotsIn this talk we explore the uncharted waters between CyberCrime and CyberWarfare, while mapping out the key players (mostly on the state side) and how past events can be linked to the use of syndicated CyberCrime organizations when carrying out attacks on the opposition. -
Enhanced Mitigation Experience Toolkit 2.0In August 2010 we released the new version of EMET with brand new mitigations and a new user interface experience. Two new mitigations are included in this version: Mandatory ASLR (breaking current ROP exploits relying on DLLs located at predictable addresses) and Export Address Table filtering (EAF)... -
Everybody Be Cool This Is a ROPperyReturn-oriented programming is one of the most advanced attack techniques available today. This talk presents algorithms that allow an attacker to search for and compose gadgets regardless of the underlying architecture using the REIL meta language. We show a return-oriented compiler for the ARM architecture... -
Browser Hacks, Design Flaws, & Opt-In SecurityThere are a number of design flaws that plague browsers, and the challenge in fixing them tends to be the unwillingness to "break the Web." This puts security designers in the position of making security opt-in choices, and few if any developers and users do because they don't know the real...
