Bryan Owen

5-Nov-2011 Insights from BlueHat 11 and preparing for vCampus Live!

Blog Post created by Bryan Owen on Nov 5, 2011

Of the 'community of interest' conferences out there Microsoft's BlueHat feels most like vCampus Live! 


Don't let the spot light on security fool you. It's more about sharing amongst the elite in their disciplines... folks who instinctively push the limits of technology.  Some are expert in finding seams between networked systems while others are masters of reliable system implementation and management.


For the 1st BlueHat in 2005, the idea of inviting external security researchers on campus was quite 'edgy'.  Today it's clear this quest to build bridges between Microsoft developers and executives, key security program partners, and members of the security research community is resulting in more reliable products.


Here are my favorites from this year's conference by category:

  • Most shocking: John Walton, Principal Security Manager, described Microsoft's cyber 'wargaming' approach on the production cloud for Office 365. I doubt we'll see this trend anytime soon for critical infrastructure but it peaked my interest when he started talking about MTTR metrics and findings they would never have identified using a test environment.
  • Most enlightening: Marcus Niemietz and Mario Heiderich both from Ruhr-Univeristy deep dive into click-jacking and XSS defenses. These topics were a big eye opener to the web security initiatives at While HTML5 is bringing a lot of functionality it comes with complexity; these experts suggest it will be very difficult for developers to get security right. Continuing to be very wary of web technology inside the most critical layers of automation systems seems to make sense.
  • Most sobering: Tie. Jeremiah Grossman of WhiteHat Security on recent web vulnerability trends and statistics. On average 230 vulnerabilities per internet website are observed. Banking is a best performer by sector with an average of 30 vulnerabilities per site. Joe McCray of Strategic Security reinforced this message with his entertaining "You Spent All That Money And You Still Got Owned?" presentation from DefCon.

There were many other great presentations and plenty of opportunities to talk to Microsoft developers.


In turning attention to vCampus Live! 2011, I hope we offer a similar vibe for the community of PI System experts. vCampus Live! is a conference where you can really learn about new technology, what works well, and what can be done should function fall short of expectation.


As a performance domain defined by your most knowledgeable people (and conversely your worse practitioner) information sharing is especially important for cyber security. This year our security focus includes presentations from Joel Langill of Joel is passionate about critical infrastructure protection and has many years of practical industrial experience. 


His research will go into detail on how the infamous STUXNET worm spreads; indeed almost all facilities are exposed in similar ways.  In a second session we'll describe important security practices related to network architecture and active directory.  In particular, we'll highlight what hackers call 'pivot attacks', why you should care, and what can be done to mitigate them.


I look forward to seeing you at vCampus Live 2011!