The BlueHat Podcast

Raul Rojas, Principal Security Compliance Manager at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Raul manages and leads a team of information security professionals across application security, incident response, remediation, security data science & engineering. Raul discusses the importance of AI in various fields, such as healthcare, finance, and cybersecurity, the impact AI will have on privacy, and the need for regulations and governance frameworks to ensure responsible AI development and deployment.   In This Episode You Will Learn:     How the field of AI and machine learning in security is evolving The value of integrating security principles and seeking input from the security community  Why the security community needs to develop new tools and processes for  AI and Data.   Some Questions We Ask:     Can you share an example of a successful project transition from research to production? Are there already existing fundamentals in machine learning and AI security? What are the potential risks of attackers manipulating AI and machine learning models?  Resources:   View Raul Rojas on LinkedIn View Nic Fillingham on LinkedIn View Wendy Zenone on LinkedIn  Send us feedback: bluehat@microsoft.com Follow us on Twitter: @MSFTBlueHat  Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Dan Tentler, Executive Founder and CTO of Phobos Group, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Dan has a wealth of defensive and adversarial knowledge and a strong background in systems, networking, architecture, and wireless networks. Dan discusses his time at BlueHat 2023, why you should put everything behind a VPN, and how a typo and Jeff Goldblum's movie Hideaway helped create his current online handle.     In This Episode You Will Learn:     Why it's important to hold onto old techniques and knowledge  The premise and thoughts behind Dan’s 2023 BlueHat presentation How people can still protect themselves with old security tools  Some Questions We Ask:     How did your security career start and grow into speaking at BlueHat 2023? What tools and techniques were available in the beginning of your career?  What were some big takeaways from your presentation at BlueHat?    Resources:    View Nic Fillingham on LinkedIn View Wendy Zenone on LinkedIn  Send us feedback: bluehat@microsoft.com Follow us on Twitter: @MSFTBlueHat  Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Cameron Vincent, a security researcher at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Cameron has been one of the top researchers for both Microsoft and Google programs numerous times. He now works on the V&M team within the MSRC side, dealing with security issues internally. Cameron discusses with Nic and Wendy the importance of understanding your role and responsibilities in the workplace, the first bug he ever submitted, and his time presenting at BlueHat 2023.   In This Episode You Will Learn:     The benefits of face-to-face communication and how to balance it with technology. Why you should build a supportive culture of communication How to get involved in the world of bug bounty hunting  Some Questions We Ask:     How do you manage and deal with stress and burnout from your work? What are some practical ways to provide feedback to team members? How can we improve communication in a remote work environment?   Resources:   Follow Cameron Vincent on Twitter Watch Cameron speak at BlueHat 2023  View Nic Fillingham on LinkedIn View Wendy Zenone on LinkedIn Send us feedback: bluehat@microsoft.comFollow us on Twitter: @MSFTBlueHat Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

James Forshaw, a security researcher at Google's Project Zero, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. James has been involved with computer hardware and software security for over ten years and has been listed as the number one researcher for MSRC, as well as being a Pwn2Own and Microsoft Mitigation Bypass bounty winner. James is also the author of the book "Attacking Network Protocols" which is available from NoStarch Press. James discusses going after logic-based bugs, his time at BlueHat 2023, and how creativity and intuition help him while hunting for new bugs.     In This Episode You Will Learn:     Values and benefits of writing your own tooling Why James decided on a high-level, call-to-action presentation for BlueHat 2023 The inspiration behind his new book “Attacking Network Protocols”  Some Questions We Ask:     Is there a sequence of events you follow when hunting for a logic vulnerability? When should someone consider writing their own tools? What advantages come to mind when writing your tooling for a new project?   Resources:   Watch James Forshaw at BlueHat 2023  View James Forshaw on LinkedIn View Nic Fillingham on LinkedIn View Wendy Zenone on LinkedIn Send us feedback: bluehat@microsoft.comFollow us on Twitter: @MSFTBlueHatDiscover and follow other Microsoft podcasts at microsoft.com/podcasts  

David Weston, Vice President of Enterprise and OS Security at Microsoft, joins Nic Fillingham on this week's episode of The BlueHat Podcast. With over twenty years of experience in the industry, David has a deep knowledge of cybersecurity best practices and has been recognized as a thought leader. In addition to his work in cybersecurity, David also advocates for diversity and inclusion in the tech industry. He has been actively involved in initiatives to promote diversity in cybersecurity and has spoken about the need for greater diversity in the industry. David discusses with Nic the importance of having a comprehensive cybersecurity strategy, the value of creating a culture of cybersecurity within organizations, and why we need regular software updates and investing in cybersecurity tools.    In This Episode You Will Learn:     How organizations can create a culture of cybersecurity among their employees The most effective ways to train employees on cybersecurity best practices Tools and technologies that organizations can use to protect themselves  Some Questions We Ask:     How can organizations overcome some of their biggest challenges in security?  Can you share some common mistakes that organizations make regarding cybersecurity? How do you see the cybersecurity landscape evolving in the coming years?   Resources:    View David Weston on LinkedIn View Nic Fillingham on LinkedIn View Wendy Zenone on LinkedIn Send us feedback: bluehat@microsoft.comFollow us on Twitter: @MSFTBlueHatDiscover and follow other Microsoft podcasts at microsoft.com/podcasts  

Get ready for The BlueHat Podcast - A new security research-focused podcast from Microsoft featuring conversations with security researchers and industry leaders, both inside and outside of Microsoft.