BlueHat

BlueHat or Blue Hat or Blue-Hat is a term used to refer to outside computer security consulting firms that are employed to bug test a system prior to its launch, looking for exploits so they can be closed. In particular, Microsoft uses the term to refer to the computer security professionals they invited to find the vulnerability of their products such as Windows.^[1][2][3]

Blue Hat Microsoft Hacker Conference

An event that is intended to open communication between Microsoft engineers and hackers is called Blue Hat Microsoft Hacker Conference. The event has led to both mutual understanding as well as the occasional confrontation. Microsoft developers were visibly uncomfortable when Metasploit was demonstrated.^[4]

Blue Hats and FedRAMP

On September 5, 2012 Homeland Security Consultants received Third Party Assessment Organization (3PAO) accreditation from the Federal Risk and Authorization Management Program (FedRAMP)^[5]to provide security assessment and continuous monitoring for cloud products and services. Homeland Security Consultants leveraged members of the Blue Hat community to develop the penetration test plan used for the winning 3PAO FedRAMP Conformance Package.^[6] Currently, Blue Hats are incorporated in Homeland Security Consultants FedRAMP Security Assessment team to provide various services to assess the security of Cloud Service Providers (CSPs).

See also

• Hacker culture
• Hacker ethic
• Legion of Doom
• Chaos Computer Club
• Cult of the Dead Cow
• Collusion Syndicate
• l0pht

References

External links

• Microsoft's BlueHat Security Briefings
• BlueHat Security Briefings Blog
• BlueHat Security
• Homeland Security Consultants
• FedRAMP