MSRC VP Tom Gallagher on 25 Years of Security at Microsoft

Tom Gallagher, VP of Engineering and head of MSRC, joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. After nearly 25 years at Microsoft, Tom reflects on his early days at the company, where he started as a penetration tester on SharePoint, offering insights into the evolving landscape of cybersecurity since 1999. Tom shares a few different experiences from his journey, including auditing a local ISP's security in exchange for a job, and his transition from an intern working on Internet Explorer's rendering engine to key roles in Office and eventually MSRC. Through Tom's experiences, you’ll gain a unique perspective on Microsoft's cybersecurity evolution and the broader industry landscape.  

In This Episode You Will Learn:    

• A Clippy vulnerability that exemplifies the importance of external insights 
• How you can support teams when they find vulnerabilities in their code 
• Tom's experiences attending early Black Hat and DEFCON conferences 

Some Questions We Ask:     

• How does your experience as a bug hunter influence your role at MSRC? 
• Can you elaborate on the process of mitigating vulnerabilities quickly within SFI? 
• Will you explain Trustworthy Computing and its significance in Microsoft's history? 

Resources:  

View Tom Gallagher on LinkedIn      

View Wendy Zenone on LinkedIn 

View Nic Fillingham on LinkedIn 

Related Microsoft Podcasts:  

• Microsoft Threat Intelligence Podcast  
• Afternoon Cyber Tea with Ann Johnson  
• Uncovering Hidden Risks  

Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

Hosted on Acast. See acast.com/privacy for more information.