Welcome to the Azure Security Podcast, where we discuss topics relating to security, privacy, reliability and compliance on the Microsoft Cloud Platform. Hey everybody, welcome to episode 104. This week's one of those special episodes. We're not going to have any news. It's just myself, Michael, and our guest this week is Nick Fillingham. And we're going to talk about the aftermath of the Blue Hat Conference.
So if you look at episode 103, we also have Nick talking about Blue Hat, which is coming up and now we're talking about Blue Hat as it has happened. So Nick, thank you so much for joining us this week. For those who haven't listened to episode 103, you just want to spend a couple of minutes and introduce yourself. Yeah, Michael, thank you for having me back. I feel very lucky, blessed, special to be your first repeating guest two episodes in a row. So hello, I'm Nick Fillingham.
My accent's a little bit different to Michael Howard's, but it's pretty similar. And I'm the Blue Hat Program Lead here in Redmond, Washington. And I have the privilege, the honor and the fun to help put on the Blue Hat Conference and have been doing that for the last couple of years. Cool. You know how I tell people to tell Australian and New Zealand accents apart? How? So I asked them and I'm very careful how I sort of frame the question actually.
Think of a famous British meal that involves potatoes and a meat from the sea. And then I said, okay, so in Australia... And a meat from the sea? Well, it's like, you know, a thing from the sea. Dolphin. Not dolphin. Fish. So I said, well... You mean, fush? Yeah. So in Australia, they say fish and chips. Fish and chips. Whereas in New Zealand, they say fush and chops. Fush and chops. That's right. So that's the fun part. So now you know. Let's get on to the actual content of this.
So yeah, so Blue Hat was last week. It was in Redmond, Washington. I was the master of ceremonies. Talk about being invited back. I was, yeah, I was invited back to do a different event. I'd done one in Redmond a few weeks prior, an internal conference. So yeah, I was the MC. So as I mentioned, you know, I did the MC job a few weeks ago at a different conference side of Microsoft.
To be honest, I don't want to sound like, you know, big headed or anything, but I've actually got some really, really positive comments about the way I am seated. So I want to just share some thoughts on that. So first of all, I want, not one of these MCs who sort of gets up there and says, you know, welcome, you know, here's Bruce. He's going to talk about blah, blah, blah. Yeah, hey, Bruce. And then when Bruce finishes, like, yeah, hey, thanks, Bruce.
You know, here's Mary. You've got to show some color, right? So I talk, you know, I'll talk about the subject that's coming up. If I know the person, I'll talk about the person a little bit, especially if we've had, you know, some dealings in the past. But yeah, you've got to provide a little bit of color, right? If you're going to be an MC.
So yeah, so the key thing there, I think from my perspective is, you know, if you're going to MC something, you know, research what the talks are, research the person who's presenting if you don't already know them, you'd be amazed how far that goes. But don't just, you know, here's Bruce, here's Mary. No one really appreciates that. Nick, there were a lot of people there, right? There's a lot of people there. Yes, that's right.
We did. So Blue Hat's interesting, I think I mentioned this last episode, but just sort of a quick recap. So Blue Hat started almost 20 years ago, 2005, it was initially just for Microsoft employees to attend, who were sort of in this new and upcoming field of security and cybersecurity. And what they did was they brought some of the best speakers or the most sort of, you know, interesting and also sort of contentious speakers from Black Hat to Microsoft.
And Microsoft, we have blue badges to identify FTEs. And so they bought this sort of subset of presenters to Redmond to have them sort of present their content. And they call that Blue Hat. And then over the years, it's evolved. And now where we find ourselves almost 20 years later is that it is a conference that is for both internal and external attendees, as well as internal and external presenters, which are really hard for a 50-50 balance.
So we want to make sure that if you're an attendee at Blue Hat, and you work for Microsoft, then half the attendees there also work for Microsoft, but the other half don't. They are folks from other companies, other organizations, they're students, but they are not employees of Microsoft. Same with the presenters. We try really hard to have the day one and the day two presenters be split 50-50 as best we can. And then the topic is security research and response.
And so the sessions that are being presented, whether they are full 45-minute breakout sessions or whether they are out sort of 15-minute lightning talks that happen during the lunch break, or whether they are conversations in the hall or in the villages, is really around security research and response.
So new research findings, new research techniques, new ways to respond to up and coming sort of research, sorry, discoveries from research, whether that be vulnerabilities or red teaming, blue teaming, et cetera, et cetera. And yeah, we had, let's see, we had, I think over the, it was about 500, 550 people in total each day. That's not the same 550. We have a lot of interest in people that want to attend Blue Hat.
So we have to sort of parcel out our internal folks and sometimes they'll get a day one pass or sometimes they'll get a day two pass. So I think throughout the whole conference, maybe like 7, 5, 800 if you sort of add everyone up. But yeah, it was a great assortment of people. It was a great collection of people, really great representation inside of Microsoft, really great representation from the community and the industry outside of Microsoft.
We had, I think 30 different countries representing. We had people flying in from all over the world. We had people flying in from Africa, from Europe, from Australia, from Japan and South Korea, from China. Really, even though it is a conference that physically and geographically happens on the main campus of Microsoft in Redmond, Washington, it really has a very much a sort of a global flavor.
And there are presenters who come from all over the world as well as attendees, which is always amazing to see as someone helping put on the conference. So the tracks. So on day one, there were two tracks, cloud and identity security and apps and OS security. And day two was threat hunting and Intel and AI and ML security. So I'll actually send a link, a post link on the show notes to the agenda so people can see what was going on. Why were those tracks chosen? Yeah, it's a great question.
I got asked this a few times at Blue Hat. So the content that gets presented at Blue Hat comes from a public call for papers, the CFP. And so we launched this CFP, this call for papers, and we ask anyone, literally anybody can submit to the CFP. You don't have to be, there's no real criteria for proving that you're in the industry or proving that you're a researcher or working for some sort of subset of companies. Anyone can submit.
And so we had over 100 submissions this year, which was fantastic. And then from there, we have a content advisory board, a CAB, which is a group of about 10 folks who help us sort of whittle that down from 100 to 60 and then from 60 sort of down to 40 and then from 40 down to 25 or so that then gets selected as the final talks. And so the tracks that you just mentioned there, they're sort of somewhat organic in the sense that they're a representation of what was selected by the CAB.
We didn't start with the tracks and then look to fill them. What we did is we selected the best sessions or our CAB helped us select the best sessions from all of the submissions through the call for papers. And then from there, we spent time and was like, okay, so how do we group these together in the most sort of logical cohorts to create tracks that then allow attendees to hopefully be able to manage their own time and agenda based on some of those really big sort of topic areas.
So for example, cloud and identity security, it just so happened that we had six sessions. We actually sort of had seven, but we had six sessions that absolutely fit into that cloud and identity security sort of subject matter focus. And so we thought, well, let's put them all in one track.
And so the folks that are at Bluehat that work specifically with a focus on cloud and identity security, whether that's research or response, red team, blue team, et cetera, they will at least know that there is a single track that they can go and sit in and they'll be able to get all that content in a sort of a linear fashion. Same with OS and app security. That's how that track was created.
We had a bunch of submissions that came in and were selected and we were like, oh, look, these are all for essentially on-premise, on-device focused content versus cloud and identity. And then AI and ML sort of became its own thing. We arguably had two... So the track C, threat hunting and Intel, that one was maybe a bit of a stretch in some ways. And the first half of the day was very much threat hunting and Intel focused in its literal sense.
And then we sort of were fitting some other sessions in there in a way that hopefully made sense. But yeah, I mean, that's a very long-winded answer to your question. And the question is, the tracks come about in a somewhat organic fashion based on the papers that are submitted as part of the CFP.
And then once our cab help us select the final selection of papers that we want to be presented at Blue Hat Sessions, we then work out what do we think the best grouping is in order to create tracks that hopefully align to some of the core focus areas for attendees. I'm glad you said that. I'm glad we didn't just say, hey, here are four categories we want from when we're doing the call for papers.
I'm very glad it's not just, here's the categories, please apply knowing these categories are in mind. It makes so much more sense to just take all the papers and then say, okay, where does it make sense to have the categories and have the tracks? I like that idea. And I actually agree with all four tracks. Based on being 2024, I think the tracks make absolute sense to me.
If you look at the Cloud and Identity stuff, I think it's great looking at some of the issues with OAuth 2 and the way people use OAuth 2 because everyone's building in the Cloud and OAuth 2 is the fundamental authorization mechanism for accessing resources in the Cloud. It reminds me a little bit of back in the days, in the late 90s, when we had X.509 issues when people weren't doing certificates correctly. And it reminds me a little bit of that just 20 something years later.
So I want to go through just some of the papers real fast. So I was actually also emceeing the app and OS security track. The first one was on Decom research, which is Distributed Comm, which is our object model in Windows. And that was really good to see because just talking about some areas where there may be concerns. So let's see if we can work those issues out.
Next one was on some CVEs, so some actual vulnerabilities and how the person actually found them or the researchers found them, which I thought was really, really cool. My favorite one of the three was pointer problems, which is basically how we're refactoring parts of the Windows kernel to work around pointer concerns. I kind of joked before the... And the nerds will appreciate this, but I said pointers are completely fine. The problems only begin when you dereference them.
And apparently I got some groans from the audience because it's a bit of a security dad joke, but anyway, that is what it is. So yeah, those two made absolute sense. The threat Intel one I found interesting because you kind of got to understand. If you're building software, you've kind of got to understand the threats. You've got to understand what you're up against.
And I think that's really important, but there's also another aspect to that, which is just the whole Intel side of it, which is not software development, which is understanding what's going on in the marketplace and in the industry so that you can feed some of that information into the organization.
And hopefully some of that data also finds its way to not just people administering systems, but also people who are building and developing and maintaining systems so they can update their environments accordingly and their codes and their designs accordingly. In fact, that's now what I'm working on at Microsoft.
That's why I moved into the Mystic team is to do exactly that is to focus on not just, you know, what's the correct way of building secure software, but what's the best way of building secure software and knowing what the real threats are out there. And so now I have access to that threat Intel, which is really, really, really cool. Hey, we also had some lightning talks in the middle, which were a lot of fun. We did.
The lightning talks are 15 minutes each or maximum of 15 minutes and they are very quick turn. The goal is, you know, we give about 90 minutes total for the lunch break. So folks get to stretch their legs, grab some food, and then they come back to this particular room in the Microsoft conference center called Kodiak. And that's where the lightning talks are. And we had five each day. We had five lightning talks back to back.
And the lightning talks are, you know, that's something else that our cab, our content advisory board selects for us. And they're looking for, you know, bite size content, really, you know, 15 minutes in some ways isn't a lot of time. So what are some sort of topics that can be adequately covered or maybe perhaps brought up, right? And the lightning talk is also sort of posing a question or an idea or a new thought to the community and to the audience.
And yeah, we had fantastic lightning talks on each day, on day one, looking at some analysis of online scams and some of the techniques and frameworks that they use, a personal story or sort of more of a human focus story for someone sort of, you know, going through their security engineering journey and how that relates to how they go about building tools. We had a very fun session from David Cross and Svetlana from Oracle where they talked about the synergy between red and blue teams.
They even had costumes and props and it was a ton of fun. Well, I mean, David was wearing his red suit. I'm like, are you like being paid to wear that or something? David and I have known each other for a long time. He and I worked in Windows together. He worked on PKI, like smart cards and that sort of stuff back in the day. And someone paying you to wear that is like, no, I'm wearing red because I'm representing the red team and Svetlana was wearing a blue dress. It was incredible.
And David probably gets maybe the prize for the best dressed blue hat attendee across the entire conference too. So shout out to Mr. Cross there. And then just sort of quickly wrapping up on lightning talks, you know, talked about sort of lessons learned from scaling open source at Microsoft and then we had Eve, Eve Yunan from Cisco Talos talking about entitlements on Mac OS.
So really, you know, five very different topics, but some really sort of fascinating perspectives that are offered, some interesting questions that were sort of posed and little nuggets of sort of food for thought, which is what the goal is for lightning talks. I think an important point there is sometimes you don't need to cover the entire topic, right? You just want to get people thinking about things. Oh, I didn't even know that there were entitlements in Mac OS. How can I use those?
And then you just start doing a little bit digging, a bit more digging yourself. So yeah, I love these sort of very small bite sized content because again, people in the audience are smart people. They can go to the ones that are of interest to them and then learn a little bit of something and then take that away and perhaps even learn, you know, learn even more down the track. Yeah, should I quickly talk through the day two lightning talks?
Yeah. So we had Brett Hawkins from IBM who talked about detecting Microsoft Intune lateral movement, which was great. We had Vivek Vinod Sharma from Microsoft talking about AI rag muffins. We often get some fun puns in the session titles. Then we had a really interesting talk from Tom Williams from True Zero Technologies talking about sort of ransomware and I think his title was Turning the Tide Against Cyber Extortion. That was a really interesting talk.
Aobami Alotunji from Microsoft talked about safe chat AI, so enhancing sort of awareness of cybersecurity issues using AI bots and AI chat bots. And then we finished off with firmware security, you know, coming from Nitin Saad from, or Saad from Google and I just, I thought these were all fantastic lighting talks. What was really interesting, someone asked me at the conference, wasn't there a hardware track or an IoT track? And it was a great question.
And the simple, simple answer was we actually didn't really get any submissions for those topics. We got one. We got one, right? Because that was on day one. It was when the levy breaks, exposing critical flaws in Wi-Fi camera ecosystems. You're absolutely right. So what I meant is that we didn't get enough to create a single track. I think I misspoke there. The question I was like, why is there not a track for hardware based security or IoT security?
And yes, the answer to that question is that we just didn't get enough submissions for that to be a standalone track. And so I just think that's a sort of interesting call out, right? That the tracks that we had and the topics that we had are a reflection of what gets submitted to us.
And so that's one thing that we also need to be on the lookout for when we're running the Blue Hat Conference is how are we actually advertising to the industry, to the community that the Colf papers is open and that we want this really broad cross section. And we want to make sure that the IoT researchers and the hardware security researchers are aware and submitting to us so that we do get a sort of a broader cross section.
Just sort of a fascinating observation from when you look at the schedule, if you think something's missing, it could just be simply that at that moment in time, that portion, that segment of the community of the industry didn't sort of submit. And that's not a bad thing. It's just a fascinating sort of snapshot in time of what's going on in cybersecurity. By the way, that the session that I just mentioned was absolutely terrifying. And it's actually kind of funny.
It was almost like, you know, 1999 call them want their vulnerabilities back. You know, it's the same silly mistakes that we saw 20 something years ago, but being done, you know, down in cameras and so on. But yeah, the day two stuff was interesting. The AI track was fascinating, mainly because the three topics were quite different. First one was about red teaming AI, which is really, really cool.
You're thinking about how you can sort of break AI or more accurately, probably, you know, large language models. Next one was about hallucination. And then the last one was breaking LLM applications, which is all about prompt injection, sort of exploitation and the latest research in that area, which is very somewhat related, but quite different topics. But you know, very pertinent for people who are building systems based on LLMs. That was good to say.
And then in the afternoon, we also had on the threat hunting and Intel track, we had that patterns in the shadows, which is scaling threat hunting and intelligence, which is incredibly important. The afternoon, my favorite one in the afternoon was actually was Mystic, which is the team I'm in, threat intelligence year in review. The reason why I liked that session so much is because it really brings to focus the risks and the threats that we have to mitigate.
A lot of people don't realize what we're up against. And that was a very refreshing, if not terrifying talk as well. Yeah, so shout out to Rachel Giacobuzzi, who presented that. That was a really highly reviewed and highly rated session. I might jump in Michael here and just sort of say that all pretty much every single session from Blue Hat was recorded. Well, they all were recorded, excuse me. And every single one of them will be published on our Blue Hat YouTube channel.
If that's okay, I can maybe ask you to put the link in the show notes for when this episode goes live. Depending on when you're listening to this, hopefully those recordings will be ready to go. And yeah, there were, I know at any time during Blue Hat, attendees were having to choose one track over the other. So I think attendees will probably want to go and watch some of the sessions that they weren't able to see because it was happening in a competing track.
And then obviously the folks couldn't make it in person. We hope they go and watch those videos and they ask any questions or reach out to the presenters through the information that we'll have there probably in the individual session recording notes.
Another thing, if I could jump in again, just ahead of your next question, Michael, one thing that we saw a lot of at Blue Hat this year, which was so awesome and I really hope we get to see more of is we had dual presenters for sessions where one of the presenters was a non-Microsoft researcher or a non-Microsoft spokesperson and then combined with a Microsoft.
So essentially there was about four sessions where it was, I'll say external as in non-Microsoft presenter and a Microsoft presenter sort of co-presenting on that topic. And what they were essentially doing is the external person that doesn't work for Microsoft was saying, hey, I did some research and I found a thing. And then the Microsoft person would then sort of come on and say, and then let me tell you the other side of the story.
Let me tell you the sort of the coin of here's what happened when that research or when those findings were submitted to us and how we went about not just fixing them, but how we then went about potentially doing some sort of more longer term work, whether it's to try and try and mitigate a complete class or sort of do some other sort of variant hunting or just how sort of processes change and evolve based on that.
And those sessions were absolutely fantastic to see that sort of both sides of the coin or two sides of the coin yin yang. I really hope that we get more and more of that at BlueHat because I think it's quite a unique thing that we can do at a conference like BlueHat. And I just love seeing that and I think the audience liked it as well. Yeah, I mean, so one thing we haven't covered are the two keynotes. So one was outside of Microsoft, one was inside of Microsoft.
So the first one day one was Chris Weisople. So I've known Chris for probably 25 years, thereabouts. He set up a company called Veracode back in the day before he actually started Veracode. He and I presented a conference together. I can't remember what it was, probably about 20 something years ago. And he demonstrated some static analysis in Java that he was working on. And that code eventually became the starting point for Veracode.
And I talked about some internal tools that we had at Microsoft called Prefix and Prefast. Prefast is actually in the Visual C++ compiler when you do slash analyze that actually invokes Prefast which is the name of the tool under the covers. But yeah, he did a magnificent job sort of walking down memory lane starting in the late 1990s when he was part of the loft, loft heavy industries out of Boston, talking about issues that they'd found in Windows and reporting it.
And you know, the fact that there was a bit of a bit of tension back then and how things have changed over the years. He did an absolutely magnificent job. To me it was a bit of a, it really was a trip down memory lane. And in fact, we had a really, really good chat. And to, I mean, I've really got a hat tip Chris for this one. He emailed me through you, right? Remember when he was asking about talking to, so we'll name names because it's all public.
Yeah. So a long, long, long, long, long time ago, there were issues in SMB, which was known as CIFS back then. And one of the guys who was involved in that is a guy called Paul Leach. And Paul was a senior architect working in Windows security on protocols. And there was a discussion held, I believe at Black Hat one year. And Chris wanted to make sure that he spoke to Paul. So I hooked him up with Paul to make sure that what he was going to talk about, about that event was actually accurate.
A lot of people would just go with the hearsay, right? And not actually verify that it was correct. But no, Chris went the extra 15 miles to make sure and confirm with Paul that what was said was actually said and what was actually covered was actually covered rather than just the hearsay. So, you know, hat tip to Chris for doing that. It made the, it made the presentation a lot more enjoyable because it was more accurate, which is, which is really good to say.
And then on the second day we had Amanda Silver, corporate VP in the developer division, talking about some of the SFI stuff that we're doing, secure future initiative stuff and the importance of the, you know, this kind of work that we're all doing. Anything else you want to add to that? No, no, that's great.
And I think, you know, I'll come back to one of the things I said at the top of the episode is that one of the goals we have, and we work really hard with Blue Hat is to try and find and keep that balance between internal presenters, whether they're keynote presenters, breakout sessions, lightning talks, and external. And when you hear external, we just mean people don't work for Microsoft. And we try and make sure that balance happens in the attendees as well.
And you know, it's kind of, it's tricky. It's tricky to do that, to find that balance. You know, we, Blue Hat is, as I said earlier, sort of physically located. We know we do it on the Microsoft campus in Redmond, Washington. And like Michael, you know, for example, you don't live in Redmond, Washington. So to get you there, you need to get on a plane and, you know, fly and, you know, you need to rearrange your, you know, a couple of days and your family life and all that kind of stuff.
And so, you know, it's challenging to create that balance, but it's really important for us. And I, you know, I'm not sure if we're at the end of the episode yet, but certainly one of the questions that I want to pose to your audiences is really just about how we can, you know, how are we doing on finding and keeping that balance and what can we do to do better next time? But maybe I'm jumping ahead. Are we at final thought? No, not yet. We're going to have a couple of minutes. No more rapid.
It's all good. Actually, it's even worse than that because I actually just got back from a diving trip with my wife to Maui on the Sunday night. And then I had to hop on a plane to Redmond on Monday, which meant that all my diving gear, when I got back from Redmond was waiting for me to hose down and clean and put away. My wife's like, no, you're putting your own diving gear away. So anyway, you didn't do it before you got on the plane? No, I mean, I'd done some of it. I did the important stuff.
I did the regulator and the BCD, but things like my mask and my fins and my dive knife and that sort of stuff, I didn't do. Did you throw those in the dishwasher? Yeah, the dishwasher. I have the dog lick them. All right. So what are the benefits of Blue Hat? I mean, from my perspective, I see two major benefits. One is obviously learning, right? I'm a big fan of learning. You've got to keep learning in this industry.
Otherwise, you're going to, I don't know, give you, I reckon if you don't learn something new in every six months or so, you're going to get behind very, very quickly. That's obviously number one. And number two is just a straight networking. It really was magnificent catching up with so many people.
I already shared this with you, but the day after I got back, when I was in Redmond, so after I got back from Redmond, there were 123 LinkedIn invitations from people who bumped into that Blue Hat, which is great to see. So I have a rule on LinkedIn, which is if I've never met you or I don't know you, I don't accept the invitation. But these are all people that I've met. So obviously, you know, learning and then just networking. It's amazing how much you can learn from other people.
I mean, absolutely. You know, I think learning is priority one. And coming back to the original intent of Blue Hat, where it was external perspectives for an internal audience, obviously that's evolved, but it's so important. And one of the things we do at Blue Hat is we ensure that we're bringing in presenters and speakers and viewpoints that might be a little hard to hear or might be a little bit of a challenge to hear.
If you're an engineer working on a Microsoft product and there are vulnerabilities being discovered in your product and the immense scale and real estate of Microsoft Digital Footprint means that pretty much every product is going to have some sort of vulnerability or issue that's found with it at some point.
That can be challenged, but it's so important because we need to ensure that folks, no one is sort of stuck in sort of a digital echo chamber where they think that their work is flawless and everything they're doing is sort of perfect.
So part of it is ensuring that we're bringing in those external perspectives and external ideas and viewpoints to maybe have sometimes some uncomfortable conversations or to push conversations and discussions in the right direction around evolution and around sort of breaking out of stale behaviors or sort of methodologies. That's a big part of it.
So learning, yes, but also learning where it is bringing in new and interesting and different and sometimes a little bit sort of challenging perspectives, especially if that's external folks coming and telling us where we need to do things differently and do them better. And when I say we, obviously Microsoft.
It's also an opportunity for us, for Microsoft, to present out on stuff that we've been working on and stuff that we've been evolving and how that can benefit not just customers, but also the industry. So there's a sort of knowledge sharing in both directions is sort of a really big part of it. And then, yeah, community building and networking is such a massive part of it as well too, especially coming out of COVID.
I think the cybersecurity industry, folks can sometimes sort of be maybe, I don't want to say insular. It was very easy when COVID and work from home and lockdown happened for everyone to get extra insular. And so having opportunities to be in person and meet with folks in your industry that are dealing with the same things that you are or thinking about the same things that you are or just interested in those topics.
And it's so important to create opportunities for folks to get together and meet each other and have conversations and have fun. Networking just doesn't mean that you're sharing your LinkedIn history and what you're doing day to day. A lot of it's about also identifying other fun things that help to create community. So some of the villages that we run at Blue Hat, we have a lockpicking village, which is one of the most popular villages.
There's always tables full of people with padlocks and those awesome see-through learning locks where you can see all the pins and you can learn how to pick a lock and there's challenges and there's sticker trading and people are collecting pins. Fun is also a big part of how you create and sort of maintain community. So I totally agree with you on sort of learning and knowledge sharing and then the networking community building, I think are probably the two big reasons why we run Blue Hat.
So I think one of the things that, currently if I'm wrong here, but gaming security was one of the, in the village and apparently that's the first time we've had that, is that right? That's right. Yeah, we're really excited to have, so Microsoft made an acquisition of Activision, Blizzard, King.
I think those are the three sort of large brands, but Activision was sort of the big one and yeah, that team reached out to us and said, hey, we've attended Blue Hat in the past, but we'd love to get sort of more involved and we were like, let's do a gaming security village. And I think that we're inundated with folks that wanted to chat with them and talk about gaming security and we're hoping to do more with them in future Blue Hats.
But yeah, gaming security was a new one and I think folks were really excited to see that and hopefully we'll get more gaming security stuff in the future. Yeah, a big part of that is obviously cheating. You don't want people cheating in games. So yeah, it was good to see how they really could chat with a whole bunch of people.
A whole bunch of people I actually knew, they were actually ex-Microsoft people who had joined Activision and then found themselves back in Microsoft again after the acquisition. So that was really, really funny. But yeah, the lockpick village was really, really busy. I saw a lot of people, they had a whole bunch of tables and a lot of people were learning how to pick locks. A lot of people were really amazed how easy it is to pick most locks that we take for granted as air quotes being secure.
But yeah. All right, let's bring this episode to an end. As you know, Nick, because you're only on a few weeks ago, one thing we always ask our guests if you had just one little sort of one final thought to leave our listeners with, what would it be? So I have two questions for folks.
Question one is, if you only learnt of Blue Hat through listening to either the episode today or last episode, but it sounds like something you would want to be involved in or potentially attend or submit a paper for, but you hadn't heard of it, tell us how you learn of these kind of things so that we can do a better job of promoting Blue Hat and making sure that more people in the community are aware of it.
So I'd love to know, how do you learn of these kind of conferences and events and what should we consider for how we advertise Blue Hat in the future? And then if you were at Blue Hat or were following along with Blue Hat and you have specific sort of feedback on what you liked or what you think we could do differently, please also reach out.
I think the best way to do it is send an email to bluehat, B-L-U-E-H-A-T, bluehat at microsoft.com and myself and some other folks on the team will get your mail. Yeah, how can we better promote Blue Hat so more people in the community know about it? How can we better advertise the call for papers so we make sure we're getting a much more broad and deep representation across all the topics and viewpoints in the industry? And then yeah, just any other feedback that folks have on the conference.
We really take all of that stuff very, very seriously and when we go into our sort of planning and review phases and stages, we spend a lot of time looking at the feedback that we get from the community both inside Microsoft and out and it's really, really important. So that's my final thought is thank you everyone that came to Blue Hat. Thank you everyone that submitted to the call for papers. Thank you everyone that applied to attend. Please let us know how we can do better.
And if you love something too, it's always nice to hear what folks responded well to. Bluehatatmicrosoft.com. Magnificent. All right. Well, with that, let's bring this episode to an end. Again, Nick, thanks for coming on the podcast. I know you're a busy boy, so I appreciate you taking the time. And to all our listeners out there, we hope you found that this abuse, oh, by the way, Blue Hat is free. It is free. So with that, it is free. That's right.
So with that, let's bring this episode to an end. So all our listeners out there, thank you so much for listening. Again, we hope you found this episode of use. Stay safe and we'll see you next time. Thanks for listening to the Azure Security Podcast. You can find show notes and other resources at our website, azsecuritypodcast.net. If you have any questions, please find us on Twitter at Azure Setpod. The music is from ccmixtor.com and licensed under the Creative Commons license.