Microsoft's Blue Hat Conference

SecureThroughObscure writes "ZDNet Zero-Day security blogger Nate McFeters got an exclusive look at the Microsoft Blue Hat conference. This is an invite-only conference that few media get to attend, but apparently McFeters was brought in with co-worker Rob Carter to talk about some vulnerabilities they had discovered with a few product security teams in attendence, and was also asked to do a guest blog posting about the conference at the Microsoft Blue Hat blog. McFeters also included several pictures of the conference and after conference events."

WTH

[bobwrit]

An invite-only confrence where they test how well their product does? You'll get skewered data that we all know their going to use to bash Linux and support Windows.

Re:But...

It's a take off of the Black Hat security conference, which is a vendor neutral. The terms Black hat and White hat are commonly used to describe the intent of security researchers who are either malicious (Black hat) or ethical (White hat).

Re:But...

[Chokolad]

What users are you talking about? This is conference internal to Microsoft, with speakers invited (mostly) from Black Hat conference. It is limited to full-time employees ("blue badges") hence - BlueHat.

Re:At least they don't clash

[anomalous+cohort]

However, you can bring back those thrilling days of yesteryear with this screen saver.

Why he was invited

[Molesworth]

The summary says "McFeters was brought in with co-worker Rob Carter to talk about some vulnerabilities they had discovered with a few product security teams in attendence" - that makes it sounds like Nate and Rob found vulnerabilities in Microsoft products. If you actually read the guest blog entry, it says:
"Microsoft had Rob Carter [...] and I come in to discuss some recent vulnerabilities that we've discovered with a few third-party vendors with whom Microsoft has tight relationships"

Probably this is referring to Adobe - Nate and Rob have previously reported vulns to them and had them patched.