Vulnerability disclosure, cloudy clouds, and million dollar shopping trips. This industry sucks. And is awesome. Our beloved security industry is a complicated beast. Companies are collaborating with researchers more now than they have ever, but it’s still easy to walk away feeling frustrated by an encounter with an otherwise seemingly responsive vendor. Microsoft’s Technical Fellow Jeffrey Snover and Security Architect Lee Holmes share their unique perspectives on this relationship and shed some light the corporate behaviors that might otherwise feel out of touch, and share their perspectives on getting on a solid path to more secure systems. This collaboration is making the world a safer place, however, and we now find ourselves at the cusp of another major industry shift. What does security look like in a world that’s becoming increasingly cloud-connected? With the vast majority of cloud capacity coming from two companies in Seattle, what chance do you possibly have to keep yourself secure? In addition to the torrid pace of change in our industry, there’s still a lot of regular ol’ security going on. New threats, new exploits, an ever changing attack surface. How do you keep YOUR companies secure in a world like this? It’s tempting to throw your hands up, get a money order for a million dollars, and just go shopping at RSA. That may eventually be part of the solution but it rarely the most effective path forward. So what is?