BruCON Keynote – It has Not Escaped Our Notice

Last week, I returned from maternity leave to fly to the land of beer and chocolate (Belgium), as the invited opening keynote speaker for BruCON 2012. Keynote speeches I have enjoyed hearing in the past tell stories, and are ideally only deliverable by the exact person giving the speech – which is to say, the… Read more

Listening on All Ports

By now, you may have seen that Microsoft has changed the name of the vulnerability reporting process we follow from “Responsible Disclosure” to “Coordinated Vulnerability Disclosure“.  First, I’d like to thank each and every one of the reviewers, especially those who were willing to be thanked and acknowledged for providing their feedback.  There is a… Read more

Ada Lovelace Day 2010

March 24 is Ada Lovelace Day, an international day of blogging to celebrate the achievements of women in technology and science.  Over 2000 bloggers have been posting their stories of women who inspire them today.  I know too many inspiring women to choose from, which is a great problem to have.  I made the only choice… Read more

ISO What You Did Last Summer

What was meant as a fun little blog post over the weekend about the human element and excitement at ISO meetings spawned quite a reaction among the researcher crowd. I’d like to set a few things straight before Monday morning rolls around and even more people get the wrong idea and get upset when they… Read more

Behind the ISO Curtain

When people ask me what I do at Microsoft, in the style of one of “the Bobs” in Office Space posing the question “What would you say ya do here?”, I point them to things like the SDL, the SDL Pro Network, which I manage, or MSVR, which I founded and is now managed by Adrian… Read more

Partial Disclosure: Was It A Cat I Saw?

Quite often in our industry, two (or five) people can look at the same problem from different angles, and see radically different things.  Rare is the situation that reads the same to everyone, forwards and backwards.  It’s all about perspective.  In my appearance on the ‘Partial Disclosure Dilemma’ Panel at SOURCEBoston this year, I found… Read more

The Partial Disclosure Dilemma Panel at SOURCEBoston

Want to know more about the evolving vulnerability disclosure landscape?  Have a burning question or opinion about who should get to know, how much they get to know, and when they get to know, as it relates to vulnerability details?  Can’t make it to SOURCEBoston to see me and a few security industry friends “hug… Read more