The BlueHat Podcast

By: Microsoft
Listen for free

  • Summary

  • Since 2005, BlueHat has been where the security research community, and Microsoft, come together as peers; to debate, discuss, share, challenge, celebrate and learn. On The BlueHat Podcast, Microsoft and MSRC’s Nic Fillingham and Wendy Zenone will host conversations with researchers and industry leaders, both inside and outside of Microsoft, working to secure the planet’s technology and create a safer world for all.
    ©2024 Microsoft
    Show More Show Less
Show More Show Less
Episodes
  • Refactoring the Windows Kernel with Joe Bialek

    Refactoring the Windows Kernel with Joe Bialek
    Jan 22 2025
    In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by BlueHat 2024 presenter Joe Bialek, a security engineer at Microsoft with over 13 years of experience. Joe shares his fascinating journey from intern to red team pioneer, recounting how he helped establish the Office 365 Red Team and pushed the boundaries of ethical hacking within Microsoft. He discusses his formative years building sneaky hacking tools, navigating the controversial beginnings of red teaming, and transitioning to the Windows Security Team to focus on low-level security and mitigations. Joe reflects on the challenges of internal hacking, the human reactions to being "hacked," and the value of strengthening defenses before external threats arise. In This Episode You Will Learn: How Microsoft is developing tooling to identify and address bad programming patterns Why kernel-related discussions are primarily focused on Windows and driver developers The challenges developers face when reading and writing through pointers in C or C++ Some Questions We Ask: How does working with the Windows kernel impact system security and performance? What sets Windows kernel and driver development apart from other types of development? Why should internal teams test systems for vulnerabilities before external hackers? Resources: View Joe Bialek on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn BlueHat 2024 Session: Pointer Problems – Why We’re Refactoring the Windows Kernel Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks  Discover and follow other Microsoft podcasts at microsoft.com/podcasts The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network.
    Show More Show Less
    47 mins
  • Defending Against NTLM Relay Attacks with Rohit Mothe and George Hughey

    Defending Against NTLM Relay Attacks with Rohit Mothe and George Hughey
    Jan 8 2025
    In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone welcome back George Hughey and Rohit Mothe from the Microsoft Security Response Center (MSRC) to discuss their latest blog post on mitigating NTLM relay attacks by default. George and Rohit explain their roles in vulnerability hunting and delve into NTLM, a 40-year-old authentication protocol, outlining its vulnerabilities and the risks of relay attacks, which function as a type of man-in-the-middle exploit. They highlight Microsoft's move to a "secure by default" approach, ensuring mitigations like channel binding are enabled automatically, providing stronger protections across services like Exchange, Active Directory Certificate Services (ADCS), and LDAP. In This Episode You Will Learn: Steps users can take to enhance security in their environments Why legacy protocols remain a challenge and what the future might hold The challenges and successes of improving authentication security Some Questions We Ask: What is an NTLM relay attack, and how does it work? Can you explain channel binding and its role in preventing NTLM relay attacks? What challenges arise from modernizing authentication in complex environments? Resources: View George Hughey on LinkedIn View Rohit Mothe on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts
    Show More Show Less
    40 mins
  • Navigating AI Safety and Security Challenges with Yonatan Zunger [Encore]

    Navigating AI Safety and Security Challenges with Yonatan Zunger [Encore]
    Dec 25 2024
    Yonatan Zunger, CVP of AI Safety & Security at Microsoft joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Yonatan explains the distinction between generative and predictive AI, noting that while predictive AI excels in classification and recommendation, generative AI focuses on summarizing and role-playing. He highlights how generative AI's ability to process natural language and role-play has vast potential, though its applications are still emerging. He contrasts this with predictive AI's strength in handling large datasets for specific tasks. Yonatan emphasizes the importance of ethical considerations in AI development, stressing the need for continuous safety engineering and diverse perspectives to anticipate and mitigate potential failures. He provides examples of AI's positive and negative uses, illustrating the importance of designing systems that account for various scenarios and potential misuses. In This Episode You Will Learn: How predictive AI anticipates outcomes based on historical data The difficulties and strategies involved in making AI systems safe and secure from misuse How role-playing exercises help developers understand the behavior of AI systems Some Questions We Ask: What distinguishes predictive AI from generative AI? Can generative AI be used to improve decision-making processes? What is the role of unit testing and test cases in policy and AI system development? Resources: View Yonatan Zunger on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts
    Show More Show Less
    54 mins

What listeners say about The BlueHat Podcast

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.

Audible.co.uk reviews

Amazon reviews
No Reviews are Available