Microsoft is hosting its sixth BlueHat security conference at its Redmond, Wash. campus this week, giving Microsoft employees a chance to pick the brains of security experts. As such, this is a closed affair for Microsoft staffers only, but what they learn will make its way into all Microsoft products.
This event is called BlueHat v6: The Vuln Behind The Curtain, and runs for two days. One of the main areas of concern will be security around virtualization and process isolation.
Naturally, virtualization is a big concern for Microsoft. With all the rush to virtualize, there hasn't been much emphasis on security in those environments. VMware is making a fortune virtualizing its operating systems on servers. Microsoft's response, Viridian, has been delayed for undisclosed reasons.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=iThere will also be talks on Windows Mobile and automated exploit creation, a talk on the DNS pinning design issue that demonstrates how Internet Explorer can turn into a VPN concentrator and a discussion covering Microsoft Office, Binary Instrumentation, Visualization and the Economics of Security.
Andrew Cushman, Microsoft's director of security outreach, wrote in a blog posting that his goal in running this event is "to expose senior product leaders and front line engineers to the threats and attack tools and methodologies used in the real world" and also "to expose security researchers (and the security community) to Microsoft engineers and business leaders."