Microsoft Security Risk Detection, a new cloud-based tool that leverages artificial intelligence to find bugs and security vulnerabilities in software is now generally available. The new offering first launched in preview last year under the codename Project Springfield, and Microsoft had the ambition to create a "million-dollar bug detector" right from the start.
"The tool is designed to catch the vulnerabilities before the software goes out the door, saving companies the heartache of having to patch a bug, deal with crashes or respond to an attack after it has been released," explained Microsoft in the blog post announcing the news. By using Microsoft Security Risk Detection, companies can avoid hiring security experts to conduct what's called fuzz testing. "We use AI to automate the same reasoning process that you or I would use to find a bug, and we scale it out with the power of the cloud," shared Microsoft Researcher David Molnar.
Microsoft will start offering the tool in late summer through Microsoft Services, and it will be bundled with other fuzzing tools including Microsoft's SAGE risk detection tool. Curious developers can already sign up for the Windows or new Linux preview of Microsoft Security Risk Detection on the dedicated website.