Explore the intricacies of Microsoft's Vulnerability Research program in this conference talk from Notacon 11. Gain insights into the role of vulnerability finders within vendor organizations as Jeremy Brown and David Seidman delve into the origins, goals, and requirements of MSVR. Learn about the process of reporting vulnerabilities, ensuring quality, and monitoring for potential impacts on Microsoft products. Examine real-world case studies involving LibAVCodec, VMware, and BlackBerry, and discover valuable lessons for running your own MSVR program. Understand best practices for reporting vulnerabilities and get answers to common questions about this critical aspect of cybersecurity.