Microsoft enhances its cybersecurity posture

Partager sur facebook
Partager sur twitter
Partager sur linkedin
Partager sur email

Today, cybercriminals and hackers are constantly flooding us with digital attacks and aggressive campaigns around the world.

So it’s no surprise that Windows is beefing up its cybersecurity system.

The company already has a group tasked with tracking down weaknesses in its code (« the red team »), and another that develops mitigation measures (« the blue team »).

However, this format has recently evolved to promote more collaboration and cross-disciplinary work, in hopes of catching even more errors and flaws, even before things start to go south. 

Known as Microsoft Offensive Research & Security Engineering, or Morse, the department combines the Red Team, Blue Team and Green Team, which focuses on finding flaws or weaknesses that the Red Team has found and fixing them in a more systematic way, changing the way things are done within an organization.

An open-source Azure testing framework called OneFuzz allows Microsoft engineers to continually and automatically bombard their code with various unusual scenarios to find bugs that might go unnoticed if the program were used as intended.

When it comes to something as complex as computer security, there are no simple answers. And that’s why Microsoft chooses to take a holistic approach to its security measures, covering the entire spectrum with a team that strives to stop vulnerabilities before they even appear, eliminating flaws in the code before they reach the computer and prying keyboards of hackers around the world. For the security team, it’s never a question of if, but when a problem will occur.

Justin Campbell, principal security software engineering lead, Microsoft Security said:

“It’s a perennial cat and mouse game. Things are evolving. Windows isn’t stagnant. There are new things added, new considerations, new technologies and new procedures researched. That’s not just in security, but how we build our software. There’s still code from 30 years ago that’s in equal consideration with new items we are shipping today. It’s a tremendous spectrum.”

 

By Mélissa Walehiane

Évaluez votre niveau
de conformité

En quelques clics,
lancez sans engagement
et en toute conformité un
audit flash !

Pour recevoir votre audit flash gratuit et sans engagement, merci de bien vouloir remplir ce formulaire :