This article can also be found in the Premium Editorial Download "Information Security magazine: Identity crisis solved: Tips from a top identity management expert."
Download it now to read this article plus other related content.
The fourth anniversary of its Trustworthy Computing Initiative is marked with mixed reviews from users.
Microsoft is known for a lot of things, but humility isn't one of them.
So, in 2003, when the company decided to launch an event where it welcomed some of its biggest critics--hackers and independent experts--to discuss security, it caught some by surprise.
It wasn't an easy event to get going, explains George Stathakopoulos, Microsoft's general manager of product security. The company had been caught in an embarrassing cycle where it was continually responding to bug reports found by this community.
"There was no communication between the two; we weren't building relationships," Stathakopoulos says. Because of this, the Microsoft security team wasn't sure anyone would attend its so-called Blue Hat Summit. They waited nervously right up until the party began. Then invitees started showing up--in droves.
"There was tension," recalls Stathakopoulos, "and then the drinks started, and the sea of people started their heated discussions."
Microsoft had turned a corner.
This was first published in May 2006