Microsoft Goes Public With Its Hacker Conference

SAN FRANCISCO -- Microsoft is going public with some of the hacking information recently discussed at its BlueHat Security Briefings event. On Thursday, just days after the end of its third BlueHat conference, the software vendor posted the first blog entries at a new Web site. Microsoft is also promising to publish more details on the secretive invitation-only event.

The Web site will include Microsoft staffers' "reflections on BlueHat 3" as well as photos, podcasts, and video interviews with some of the presenters, said security program manager Kymberlee Price in a blog posting. "We sincerely hope that our BlueHat 3 speakers (and BlueHat 1 & 2 speakers) will post their comments to the site as well and share their BlueHat experience," she wrote.

Presentations given during the latest conference, held March 8 through 10 on Microsoft's Redmond, Washington, campus, covered topics such as "exploiting Web applications" and "breaking into database systems," according to the Web site.

Designed to Improve Communication

Microsoft started the BlueHat briefings a year ago to begin dialogue between the company's security team and external security researchers, many of whom have been critical of the company's approach to security. A handful of outside researchers spend a few days at BlueHat discussing Microsoft's vulnerabilities with several hundred of the company's engineers and executives.

There were more than 650 attendees at BlueHat 3, which was also broadcast to Microsoft employees worldwide, according to Alexander Kornbrust, a business director at Red-Database-Security GmbH in Neunkirchen, Germany, who attended the event.

The BlueHat name is a play on the Black Hat conferences, which have occasionally been criticized by IT vendors. The "Blue" part comes from the color of the badges that Microsoft staffers wear on campus.