The BlueHat Podcast

The BlueHat Podcast

Since 2005, BlueHat has been where the security research community, and Microsoft, come together as peers; to debate, discuss, share, challenge, celebrate and learn. On The BlueHat Podcast, Microsoft and MSRC's Nic Fillingham and Wendy Zenone will host conversations with researchers and industry leaders, both inside and outside of Microsoft, working to secure the planet's technology and create a safer world for all.

Trailer

Recent Episodes

Ep 55 | 6.11.25

Ignore Ram Shankar Siva Kumar’s Previous Directions

In this episode of The BlueHat Podcast, host ⁠Nic Fillingham⁠ and ⁠Wendy Zenone⁠ share ⁠Ram Shankar Siva Kumar’s⁠ dynamic keynote from BlueHat India 2025, where he explores the evolving threat landscape of AI through the lens of the Microsoft AI Red Team. From adversarial machine learning to psychosocial harms and persuasive AI, Ram highlights real-world case studies, including prompt injection, content safety violations, and memory poisoning in AI agents. Ram underscores the urgent need for robust red teaming practices to secure AI systems against traditional security flaws and emerging threats across images, text, audio, and autonomous agents.

Ep 54 | 5.28.25

Protecting AI at the Edge with David Weston

In this episode of The BlueHat Podcast, host ⁠Nic Fillingham⁠ and ⁠Wendy Zenone⁠ share ⁠David Weston’s⁠ keynote from BlueHat India 2025. David explores the growing role of on-device AI in Windows, the security risks it introduces, and how Microsoft is rethinking architecture to defend against new threats like model tampering, data exfiltration, and AI-powered malware. He also shares insights on innovations like Windows Recall, biometric protection, and the future of secure, agentic operating systems.

Ep 53 | 5.14.25

Hacking at the Weeds with Felix Boulet

In this episode of The BlueHat Podcast, host ⁠Nic Fillingham⁠ and ⁠Wendy Zenone⁠ are joined by ⁠Felix Boulet⁠ fresh off his participation in Zero Day Quest. Felix talks about his unique journey from industrial maintenance to becoming a full-time vulnerability researcher, and how that background fuels his passion for hacking and bug bounty work. He explains his method for finding bugs in Microsoft products—particularly in identity systems—and why identity is such a valuable target for attackers. Felix also shares highlights from the Zero Day Quest event, where he focused on building connections, learning from Microsoft engineers, and experiencing the collaborative side of the security community.

Ep 52 | 4.30.25

Evolutions in Hacking with Marco Ivaldi

In this episode of The BlueHat Podcast, host ⁠Nic Fillingham⁠ and ⁠Wendy Zenone⁠ are joined by ⁠Marco Ivaldi⁠, co-founder and technical director of HN Security, a boutique company specializing in offensive security services, shares his journey from hacking as a teenager in the '80s to becoming a key figure in the security research community. With nearly three decades of experience in cybersecurity, Marco digs into the ongoing challenges, particularly in Active Directory and password security, highlighting vulnerabilities that continue to pose significant risks today. He recounts his unexpected path into bug bounty hunting, including his involvement in Microsoft's Zero Day Quest and his passion for auditing real-time operating systems like Azure RTOS.

Ep 51 | 4.16.25

From Facebook-phished to MVR Top 5 with Dhiral Patel

In this episode of The BlueHat Podcast, host Nic Fillingham and Wendy Zenone are joined by Dhiral Patel, Senior Security Engineer at ZoomInfo and one of MSRC’s Most Valuable Researchers (MVR). Dhiral shares how a hacked Facebook account sparked his passion for ethical hacking. From web development to penetration testing, Dhiral has become a top bug hunter, landing multiple spots on the MSRC leaderboards. Dhiral reflects on his early MSRC submissions and lessons learned. He also discusses the importance of mastering web security basics, practicing on platforms like TryHackMe and Hack the Box, and staying connected with the bug bounty community.

Load More
The BlueHat Podcast
Host(s)
Nic Fillingham
Wendy Zenone
Nic Fillingham is a Senior Program Manager at Microsoft in the MSRC organization leading the BlueHat program. Originally from Australia, Nic has worked at Microsoft for almost 20 years across multiple continents, brands, and products. Nic created and co-hosted the Security Unlocked podcast and is passionate about promoting the work of security researchers and responders across the industry.
Wendy Zenone is a Senior Program Manager at Microsoft in the MSRC organization leading the STRIKE program. Wendy started her career through an all-women engineering boot camp after quitting her job while still having kids at home. She has worked at top tech companies like Facebook, Netflix, Salesforce, and now at Microsoft, focusing on various areas such as application security, bug bounty, corporate security, third-party risk management, privacy, and security training and awareness.
Schedule: Biweekly
Credits: Producer is Rob Petrillo. Production Manager is Max Solomon, and our Audio Engineer (and magician) is none other than The Great Rich Cerbini.
Creator: Microsoft
Microsoft logo