The BlueHat Podcast
Since 2005, BlueHat has been where the security research community, and Microsoft, come together as peers; to debate, discuss, share, challenge, celebrate and learn. On The BlueHat Podcast, Microsoft and MSRC’s Nic Fillingham and Wendy Zenone will host conversations with researchers and industry leaders, both inside and outside of Microsoft, working to secure the planet’s technology and create a safer world for all.
Episodes
July 9, 2025 • 39 mins
In this episode of The BlueHat Podcast, host Nic Fillingham is joined by George Hughey from Microsoft who returns to discuss his Blue Hat India talk on variant hunting, explaining how MSRC uses submission data from hacking competitions like Pwn2Own and Tianfu Cup to uncover additional security vulnerabilities in Windows. George shares how incentives in competitions differ from bug bounty programs, how tools like CodeQL assist varia...
Mark as Played
June 25, 2025 • 42 mins
In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Mike Macelletti from Microsoft’s MSRC Vulnerabilities and Mitigations team to explore Redirection Guard, a powerful mitigation designed to tackle a long-standing class of file path redirection vulnerabilities in Windows. Mike shares how his interest in security began, the journey behind developing Redirection Guard, and how it's helping reduc...
Mark as Played
June 11, 2025 • 39 mins
In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone share Ram Shankar Siva Kumar’s dynamic keynote from BlueHat India 2025, where he explores the evolving threat landscape of AI through the lens of the Microsoft AI Red Team. From adversarial machine learning to psychosocial harms and persuasive AI, Ram highlights real-world case studies, including prompt injection, content safety violations, and memory pois...
Mark as Played
May 28, 2025 • 39 mins
In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone share David Weston’s keynote from BlueHat India 2025. David explores the growing role of on-device AI in Windows, the security risks it introduces, and how Microsoft is rethinking architecture to defend against new threats like model tampering, data exfiltration, and AI-powered malware. He also shares insights on innovations like Windows Recall, biometric ...
Mark as Played
May 14, 2025 • 33 mins
In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Felix Boulet fresh off his participation in Zero Day Quest. Felix talks about his unique journey from industrial maintenance to becoming a full-time vulnerability researcher, and how that background fuels his passion for hacking and bug bounty work. He explains his method for finding bugs in Microsoft products—particularly in identity systems...
Mark as Played
April 30, 2025 • 49 mins
In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Marco Ivaldi, co-founder and technical director of HN Security, a boutique company specializing in offensive security services, shares his journey from hacking as a teenager in the '80s to becoming a key figure in the security research community. With nearly three decades of experience in cybersecurity, Marco digs into the ongoing challenges,...
Mark as Played
April 16, 2025 • 41 mins
In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Dhiral Patel, Senior Security Engineer at ZoomInfo and one of MSRC’s Most Valuable Researchers (MVR). Dhiral shares how a hacked Facebook account sparked his passion for ethical hacking. From web development to penetration testing, Dhiral has become a top bug hunter, landing multiple spots on the MSRC leaderboards. Dhiral reflects on his earl...
Mark as Played
April 2, 2025 • 35 mins
In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by security researcher Tobias Diehl, a top contributor to the Microsoft Security Research Center (MSRC) leaderboards and a Most Valuable Researcher. Tobias shares his journey from IT support to uncovering vulnerabilities in Microsoft products. He discusses his participation in the upcoming Zero Day Quest hacking challenge and breaks down a recen...
Mark as Played
March 19, 2025 • 38 mins
In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Brad Schlintz, independent security researcher and bug bounty hunter. Brad shares how he transitioned from a decade-long career as a software engineer to hacking Microsoft products while traveling the world with his wife. He recounts his early days tinkering with RuneScape bots, his experience working in SharePoint and Azure at Microsoft, and...
Mark as Played
March 5, 2025 • 46 mins
In this episode of The BlueHat Podcast, Nic and Wendy are joined by seasoned security researcher, and CTO of Morphisec, Michael Gorelik. Michael discusses his approach to security research, which often begins by exploring PoCs released by other researcher groups and continues through to the release and validation of – sometimes multiple rounds of – fixes. Michael also provides an overview of this BlueHat 2024 presentation from last...
Mark as Played
February 19, 2025 • 43 mins
In this episode of The BlueHat Podcast, host Nic Fillingham is joined by Scott Gorlick, Security Architect for Power Platform at Microsoft. Scott shares his unconventional journey into cybersecurity, from managing a KFC to driving big rigs before landing in tech. He dives into security research in Copilot Studio, discussing how AI models interact with security frameworks and how researchers can approach testing these systems. We al...
Mark as Played
February 5, 2025 • 45 mins
In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by Jason Geffner, Principal Security Architect at Microsoft, to discuss his groundbreaking work on scaling and automating Dynamic Application Security Testing (DAST). Following on from his BlueHat 2024 session, and outlined in this MSRC blog post, Jason explains the key differences between DAST, SAST, and IAST, and dives into the challenges of ...
Mark as Played
January 22, 2025 • 47 mins
In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by BlueHat 2024 presenter Joe Bialek, a security engineer at Microsoft with over 13 years of experience. Joe shares his fascinating journey from intern to red team pioneer, recounting how he helped establish the Office 365 Red Team and pushed the boundaries of ethical hacking within Microsoft. He discusses his formative years building sneaky ha...
Mark as Played
January 8, 2025 • 40 mins
In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone welcome back George Hughey and Rohit Mothe from the Microsoft Security Response Center (MSRC) to discuss their latest blog post on mitigating NTLM relay attacks by default. George and Rohit explain their roles in vulnerability hunting and delve into NTLM, a 40-year-old authentication protocol, outlining its vulnerabilities and the risks of relay attacks, ...
Mark as Played
December 25, 2024 • 53 mins
Yonatan Zunger, CVP of AI Safety & Security at Microsoft joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Yonatan explains the distinction between generative and predictive AI, noting that while predictive AI excels in classification and recommendation, generative AI focuses on summarizing and role-playing. He highlights how generative AI's ability to process natural language and role-play has va...
Mark as Played
December 11, 2024 • 49 mins
In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by Johann Rehberger, security expert and Red Team director at Electronic Arts. Johann shares his career journey through roles at Microsoft, Uber, and EA, highlighting his expertise in red teaming and cybersecurity. Johann shares the inspiration behind his book on Red Team strategies and discusses his BlueHat 2024 talk on prompt injection vulner...
Mark as Played
November 27, 2024 • 45 mins
In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone present an insightful address by Corporate Vice President and Head of Product for Microsoft's Developer Division, Amanda Silver. Amanda discusses the importance of securing the software supply chain and Microsoft's efforts to protect the open-source ecosystem. She introduces the Secure Software Supply Chain Consumption Framework (S2C2F), a model for track...
Mark as Played
November 13, 2024 • 47 mins
In episode 41 of The BlueHat Podcast we bring you the BlueHat 2024 day 1 keynote address given by Chris Wysopal, also known as Weld Pond, founder and Chief Security Evangelist at VeraCode, and founding member of the L0pht.
Chris’ talk - A Clash of Cultures Comes Together to Change Software Security - recounts the early days of “hacking” and how the industry evolved to embrace vulnerability discovery and coordinated, responsible...
Mark as Played
October 30, 2024 • 43 mins
In this episode of the Blue Hat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by Arjun Gopalakrishna, a security engineer at Microsoft, to discuss his fascinating journey from software engineer to security leader. Arjun reflects on his 11-year tenure at Microsoft, including how a childhood experience with a computer virus sparked his curiosity in cybersecurity. He talks about his early exposure to security issues while ...
Mark as Played
October 16, 2024 • 35 mins
In this episode of the Blue Hat Podcast, hosts Nic Fillingham and Wendy Zenone interview each other to give listeners insight into their personal and professional backgrounds. Nic recounts his unique career journey, which began with jobs like working as a chicken butcher and selling CDs, before joining Microsoft as an Xbox demo specialist. His career with Microsoft spanned various roles, ultimately leading him to work on the Blue H...
Mark as Played
Popular Podcasts
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
Listen to 'The Bobby Bones Show' by downloading the daily full replay.
The official podcast of comedian Joe Rogan.
Betrayal Weekly is back for a brand new season. Every Thursday, Betrayal Weekly shares first-hand accounts of broken trust, shocking deceptions, and the trail of destruction they leave behind. Hosted by Andrea Gunning, this weekly ongoing series digs into real-life stories of betrayal and the aftermath. From stories of double lives to dark discoveries, these are cautionary tales and accounts of resilience against all odds. From the producers of the critically acclaimed Betrayal series, Betrayal Weekly drops new episodes every Thursday. Please join our Substack for additional exclusive content, curated book recommendations and community discussions. Sign up FREE by clicking this link Beyond Betrayal Substack. Join our community dedicated to truth, resilience and healing. Your voice matters! Be a part of our Betrayal journey on Substack. And make sure to check out Seasons 1-4 of Betrayal, along with Betrayal Weekly Season 1.