In 2008, people thought we'd lost our minds when we announced three strategic programs: sharing vulnerability information in our products before there was an update (MAPP), finding vulnerabilities in third party products (MSVR), and predicting which vulnerabilities would get reliably exploited in a short timeframe (Exploitability Index). Well, it's 2011 and we haven't stopped coming up with crazy ideas. Come see Katie Moussouris explain what we've been up to. Katie is head of Microsoft's Security Community Outreach and Strategy team.
Katie Moussouris leads the Security Community Outreach and Strategy team at Microsoft. Her team's work encompasses Security Ecosystem Strategy programs such as Microsoft's BlueHat conference and worldwide hacker conference engagement, security researcher outreach, and Microsoft's Vulnerability Disclosure Policies. Katie also founded and runs Microsoft Vulnerability Research, which is responsible for Microsoft's research and reporting of vulnerabilities in 3rd party software. Katie recently was voted the editor of a new draft ISO standard on Vulnerability Handling Processes, following her work over the past 4 years as the lead expert in the US National Body on an ISO draft standard on Vulnerability Disclosure. Prior to working for Microsoft, Katie was a penetration tester for several Fortune 500 companies, as a senior security architect for @stake when it was acquired by Symantec. At Symantec, Katie founded and ran Symantec Vulnerability Research. Katie has spoken at several security conferences including BlackHat USA 2008, Hack In The Box Amsterdam 2011, GOVCERT.NL 2010, RSA2010, SOURCEBoston, Shmoocon, Toorcon Seattle, and she was a keynote speaker at Shakacon in June 2008.