Security concept: blue opened padlock on digital background, 3d render
Microsoft found that pairing machine learning models with security experts significantly improves the identification and classification of security bugs.
To cope with the
overwhelming amount of bugs developers create, Microsoft has built a machine
learning model to correctly distinguish and prioritize security-related bugs.
Microsoft developers create about 30,000 bugs a month, but the vast majority are not security-related. However, there are ones that require immediate action, which is why Microsoft is applying machine learning, to reduce the time it takes to identify these bugs.
SEE ALSO: Microsoft Launches $40 Million AI For Health Program
“Too often, engineers
waste time on false positives or miss a critical security vulnerability that
has been misclassified,” said Scott Christiansen and Mayana Pereira in a
company blog post.
“To tackle this problem
data science and security teams came together to explore how machine learning
could help. We discovered that by pairing machine learning models with security
experts, we can significantly improve the identification and classification of
security bugs.”
According to Microsoft,
the model is already highly accurate. It has 99 percent accuracy at distinguishing
between non-security and security bugs, and 97 percent accuracy at identifying
critical security bugs.
To train the model, Microsoft fed it 13 million work items and bugs it has collected since 2001. It then had data scientists and security researchers fine-tune the model until it was able to identify the bugs as accurately as a security expert.
Microsoft will continue
to use security experts to ensure the model does not miss any unfamiliar bugs.
They will also approve all changes or additions data scientists feed into the
model.
It will share the model’s
methodology on Github in the coming months.
David is a technology writer with several years experience covering all aspects of IoT, from technology to networks to security.
Best Practices for Deploying and Scaling Industrial AIArtificial Intelligence (AI) is transforming industrial operations, helping organizations optimize workflows, reduce downtime, and enhance productivity. Different industry verticals leverage AI in unique ways.Link to The Center for Adaptive Edge Intelligence
The Center for Adaptive Edge IntelligenceAdaptive edge intelligence brings real-time decision-making to the point of data creation, whether from sensors, machines, or cameras.Link to The Value of Vehicle Electrification
The Value of Vehicle ElectrificationElectric vehicles (EVs) present automakers with many design, engineering, and manufactu ring challenges.Link to Accelerating Manufacturing Digital Transformation with Industrial Connectivity and IoT
Accelerating Manufacturing Digital Transformation with Industrial Connectivity and IoTDigital transformation is empowering industrial organizations to deliver sustainable innovation, disruption-proof products and services, and continuous operational improvement.Link to Smart Manufacturing for Automotive
Smart Manufacturing for AutomotiveLeading a transportation revolution in autonomous, electric, shared mobility and connectivity with the next generation of design and development tools.Link to Center for Data Pipeline Automation
Center for Data Pipeline AutomationAs businesses become data-driven and rely more heavily on analytics to operate, getting high-quality, trusted data to the right data user at the right time is essential.Link to Center for Automated Integration
Center for Automated IntegrationThe goal of automated integration is to enable applications and systems that were built separately to easily share data and work together, resulting in new capabilities and efficiencies that cut costs, uncover insights, and much more.Link to Continuous Intelligence: Insights
Continuous Intelligence: InsightsDigital transformation requires continuous intelligence (CI). Today’s digital businesses are leveraging this new category of software which includes real-time analytics and insights from a single, cloud-native platform across multiple use cases to speed decision-making, and drive world-class customer experiences.
