Microsoft's Justin Campbell on offensive security research

January 8th, 2022  |  27 mins 16 secs

memory safety, microsoft, secure coding, shift-left, windows, zero-days

Justin Campbell leads Microsoft’s Offensive Research and Security Engineering (MORSE) team. He joins the show to talk about his team's discovery of a SolarWinds in-the-wild zero-day, the never-ending stream of memory safety vulnerabilities, the evolving 'shift-left' mindset and Redmond's ongoing work to reduce attack surfaces.

Microsoft's David Weston on the surge in firmware attacks

April 6th, 2021  |  33 mins 6 secs

bios, eclypsium, firmware, iot, microsoft, security updates, uefi, windows os

Microsoft's David Weston joins Ryan on the show to discuss a new report that shows 83% of organizations have been hit by a firmware attack in the last two years.

As businesses continue to under-invest in resources to prevent firmware attacks, Weston warns about the inevitability of advanced attacks at the 'invisible' layer, the absence of skills and tools to find malicious activity in firmware, the nightmare of navigating the patching treadmill, and exciting tech innovation in the space.

David Weston, Principal Security Engineering Manager, Microsoft

June 24th, 2018  |  46 mins 23 secs

exploits, microsoft, mitigations, windows

David Weston manages the Windows Device and Offensive Security Research teams at Microsoft. He joins the podcast to talk about how proactive red-team exercises push major mitigations to Microsoft's products and the current state of security in the Windows ecosystem.