Microsoft rolls out cloud-based fuzzing tool

By

"Project Springfield" comes alive.

Microsoft has released a software bug finding tool that the company says will help developers identify flaws and vulnerabilities before software under development is released.

Microsoft rolls out cloud-based fuzzing tool

Code-named "Project Springfield", the tool was announced as a preview in September last year.

It performs what is known as fuzzing, which involves entering large amounts of random data into a software system to see if this causes unexpected behaviour or crashes that can be exploited for attacks.

Microsoft said companies would usually hire security experts to conduct fuzz testing, if they did it all.

"As the sheer volume of software that companies create and use has increased, it’s gotten harder to keep up with the dizzying pace of testing so much software – but more important than ever to keep systems safe from attackers," the company said.

Microsoft's Security Risk Detection (MSRD) tool uses artificial intelligence to automate the reasoning process that security experts use to find bugs, and augments this with cloud-based scaling.

MSRD lets developers test their software in a virtual machine, along with a program that runs through different fuzzing scenarios, to find potential bugs. Results are accessible via a web-based portal.

The new tool has its origin in Microsoft's Scalable, Automated, Guided Execution (SAGE pdf) whitebox fuzzer, which the company has used since the mid-2000s to test several products including Windows 7 prior to release.

A preview of MSRD for Linux is also available for coders who program across multiple platforms.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

Log In

  |  Forgot your password?