Featured Microsoft Speakers and Sessions

Behind the Speculative Curtain: The True Story of Fighting Meltdown and Spectre

Eric Doerr, Viresh Ramdatmisier, Matt Linton

It's January 2nd, 2018. Your phone buzzes. You've been working for more than 6 months to fight a new class of hardware vulnerabilities with a number of other companies. You *had* seven days until planned disclosure, but the incoming text tells you that there has been a leak and disclosure is now less than 24 hours away. You aren't ready…what do you do?

View details

Wrangling the Ghost – The Inside Story to Addressing Speculative Execution Side Channel Vulnerabilities

Matt Miller & Anders Fogh

In this presentation, we will describe Microsoft's approach to researching and mitigating speculative execution side channel vulnerabilities. This approach involved bringing experts from across Microsoft, hiring an industry expert to accelerate our understanding of the issues, and collaborating across the industry in a way not done previously.

View details

A Dive into Hyper-V Architecture & Vulnerabilities

Joe Bialek & Nico Joly

Research into this cutting-edge area is not only interesting, it is extremely profitable. Microsoft offers a bug bounty program with rewards up to $250,000 USD for vulnerabilities in Hyper-V. To make your bounty hunting efforts easier, we will outline how Hyper-V works with a focus on the information you, as a security researcher, need to find vulnerabilities.

View details

Hardening Hyper-V through Offensive Security Research

Jordan Rabet

Virtualization technology is fast becoming the backbone of the security strategy for modern computing platforms. Hyper-V, Microsoft's virtualization stack, is no exception and is therefore held to a high security standard, as is demonstrated by its $250,000 public bug bounty program. In this talk, we will relate how Microsoft's Offensive Security Research (OSR) team did just that with Hyper-V by discovering CVE-2017-0075, developing relevant and novel exploitation techniques to exploit it, and finally contributing learnings to Hyper-V hardening efforts. The presentation will detail every step of this process in great detail, culminating in a live Hyper-Pwning demonstration.

View details

Watch Microsoft sessions from RSA 2018

Learn about the latest trends in the cyberthreat landscape—and how built-in tools such as machine learning can help you strengthen security.

Learn more

Back To Top