BlueHat
BlueHat or Blue Hat or Blue-Hat is a term used to refer to outside computer security consulting firms that are employed to bug test a system prior to its launch, looking for exploits so they can be closed. In particular, Microsoft uses the term to refer to the computer security professionals they invited to find the vulnerability of their products such as Windows.[1][2][3]
Blue Hat Microsoft Hacker Conference
An event that is intended to open communication between Microsoft engineers and hackers is called Blue Hat Microsoft Hacker Conference. The event has led to both mutual understanding as well as the occasional confrontation. Microsoft developers were visibly uncomfortable when Metasploit was demonstrated.[4]
Blue Hats and FedRAMP
On September 5, 2012 Homeland Security Consultants received Third Party Assessment Organization (3PAO) accreditation from the Federal Risk and Authorization Management Program (FedRAMP)[5]to provide security assessment and continuous monitoring for cloud products and services. Homeland Security Consultants leveraged members of the Blue Hat community to develop the penetration test plan used for the winning 3PAO FedRAMP Conformance Package.[6] Currently, Blue Hats are incorporated in Homeland Security Consultants FedRAMP Security Assessment team to provide various services to assess the security of Cloud Service Providers (CSPs).
See also
- Hacker culture
- Hacker ethic
- Legion of Doom
- Chaos Computer Club
- Cult of the Dead Cow
- Collusion Syndicate
- l0pht
References
- ↑ "Blue hat hacker Definition". PC Magazine Encyclopedia. Retrieved 31 May 2010.
A security professional invited by Microsoft to find vulnerabilities in Windows.
- ↑ Fried, Ina (June 15, 2005). ""Blue Hat" summit meant to reveal ways of the other side". Microsoft meets the hackers. CNET News. Retrieved 31 May 2010.
- ↑ Markoff, John (October 17, 2005). "At Microsoft, Interlopers Sound Off on Security". New York Times. Retrieved 31 May 2010.
- ↑ cNet news - Microsoft Meets the Hackers - Ina Fried (staff writer)
- ↑ FedScoop - GSA names new FedRAMP 3PAO - David Stegon (staff writer)
- ↑ GSA.gov - FedRAMP 3PAO Requirements - FedRAMP Program Management Office (PMO)