Billy (BK) Rios had already made quite a name for himself in the hacker community before he started making major headlines over his warnings of a critical URI flaw in Windows. It took Microsoft months to acknowledge the vulnerability, but somewhere along the line someone in Redmond was impressed enough with Rios’ skills that he was offered a job.
Security blogger Ryan Naraine writes in his Zero Day blog that Rios — formerly a senior security consultant for VeriSign and a penetration tester for Ernst & Young’s Advanced Security Center — has been hired as a security engineer.
It’s a smart move on Microsoft’s part. Better to have a prolific vulnerability finder penetrating your products from the inside than having him out there finding problems independently and making big headlines that are usually not very flattering for the software giant.
Microsoft also deserves credit here because the hiring shows it is deadly serious about making its products more secure.