With many developers and large organizations churning out frequent updates to existing software, or releasing new applications altogether; finding potential bugs and security vulnerabilities has become a rather problematic and time-consuming process. Traditionally, companies would employ security experts to root out these issues; but with a new patch out almost every week, it has become near impossible to detect all of the problems that may arise.
Microsoft just released an AI-powered tool called Security Risk Detection, which augments the current testing protocols in-house, offering developers a way to find problems they might have missed before the program goes live in a corporate environment, or on any app store. According to Microsoft, this allows companies to pro-actively address - or at least prepare for - it with a contingency plan if there are any future issues with the software; instead of having to solve the problem and potential customer complaints after the fact.
Microsoft describes it as follows:
Microsoft Security Risk Detection, previously known as Project Springfield, is a cloud-based tool that developers can use to look for bugs and other security vulnerabilities in the software they are preparing to release or use. The tool is designed to catch the vulnerabilities before the software goes out the door, saving companies the heartache of having to patch a bug, deal with crashes or respond to an attack after it has been released.
Companies like DocuSign have already deployed the technology during a limited testing phase, and according to its Director of Software Security, John Heasman, it has a low tendency to output so-called 'false positives', which is rare in the industry. The developer built the software tool that allows companies to have customers securely sign contracts and other sensitive documentation, from anywhere in the world.
This isn't the first time Microsoft has employed the help of artificial intelligence in its security systems. Earlier this year the firm announced that Windows 10 will use AI based in the cloud, to detect and root out possible threats within the system, protecting its users. Beyond that, Microsoft has been working on new technologies to shrink down AI hardware so it can be embedded within devices, which won't require access to the internet for the most part.
Source: Microsoft Blog