We can’t deny the fact that security vulnerabilities have been an inherent part of Microsoft’s products. However, the software giant has always been open about these issues and warned users about zero-day vulnerabilities in its product line on various occasions.
As a part of its efforts to spot critical bugs in the company’s products, Microsoft engineers have developed a new machine learning system that can differentiate between security and non-security software bugs with 99% precision. Importantly, it also accurately identifies high-priority and critical security flaws 97% of the time. Microsoft’s Senior Security Program Manager, Scott Christiansen explained in a recent blog post:
The process didn’t end once we had a model that worked. To make sure our bug modeling system keeps pace with the ever-evolving products at Microsoft, we conduct automated re-training. The data is still approved by a security expert before the model is retrained, and we continuously monitor the number of bugs generated in production.
For now, the company has deployed the model in production internally, and it seems pretty much effective. Furthermore, the Redmond giant is continuously retraining this AI with data provided by security experts monitoring the software development life cycle.
Interestingly, Microsoft has promised to open-source its machine learning model on GitHub (which the company acquired back in 2019), alongside with some useful examples and important resources for everyone. Considering that developers often need to spend a significant amount of their time to hunt bugs in software development, Microsoft’s AI could be a turning point for the software industry in the near future.
If you are interested in learning more about Microsoft’s AI, do check out the official post to learn more.