It’s BlueHat week

October 13, 2008

This week Microsoft are holding their semi-annual internal security conference which they call BlueHat.  It’s invite only for external people, and space for internal people runs out very quickly, so all-in-all it’s a good event – lots of people to talk to, and great presenters talking about current topics from both inside and outside MSFT.

Around BlackHat time I was talking to Jeremiah Grossman about the whole WAF issue and we though it would be a good topic to present somewhere – the pros and cons of WAFs vs traditional software development (or the “penetrate and patch” approach to security if you want to be mean!).  There was a lot of FUD (and some nasty posts) spilling around, and the idea was to have a face off between different stake-holders or opinions. I wasn’t sure where the best place to put such a talk would go (I had some ideas) but JG wanted to submit it to BlueHat.

So, I’m pleased to say that I’m going to be talking on the last slot of the con – Panel Discussion – WAF vs. SDL Shootout.  Jeremiah unfortunately can’t make it (he’ll be laying on a beach in Maui – slacker), but I’m sure we’ll have a really good panel.  I’ll write more about it, and the other talks I’ll be going to, in later posts.

I’m really excited about going.  There’s tons of people that I want to meet, and now that I live in Seattle myself I’m wanting to “plug in” to the security community that is up here more.  If anyone that is attending BlueHat, reads this post, and wants to chat then by all means send me an email or just grab me at the con.  For anyone else that is in the Seattle area but wont be at BlueHat, I’m hoping to get out and meet more people, so please don’t thing you are out of the look – ping me (see the contact page, or use my work email which should be too hard to work out) and we’ll certainly hook up – I’ve tried (unsuccessfully I might add) to drop as much work-related activities for this week just so I can do more people-networking.

Posted in Industry, Misc, Security