Microsoft hosted members of the hacking and research communities this week for its biannual BlueHat security conference, where the company looks for guidance about the threats that will be coming at them.
"What did we learn?" asked a spokesman for the Microsoft Security Response Center team in a blog. "...That Microsoft cannot solve the security problem, but we can raise the bar substantially to the point where finding bugs in Microsoft products is hard, and building reliable exploits even harder. To reach this lofty goal requires that we learn from the innovators; to spot trends, learn of new attack techniques and vulnerability types so we may add defenses and countermeasures to help turn the tables on attackers and ultimately, protect customers."
BlueHat essentially is Microsoft's very own hacker conference. It's hosted twice a year on the company's Redmond, Wash., campus.
The company is fairly guarded about who is invited to attend the conference and what comes out of it, declining to offer much information about the event.
On Wednesday, the fifth annual two-day event kicked off with presentations being made to Microsoft executives and senior engineering leaders. The event continued Thursday with general sessions for the engineering teams. The sessions focused on Xbox, reverse engineering security patches, and Web applications, said Andrew Cushman, the director of the MSRC, in a blog.
Speakers included Robert "RSnake" Hansen, CEO of SecTheory; David Maynor, a founder and CTO at Errata Security; and Rob Thomas, founder and CEO of Team Cymru, an Internet security think tank.