{"id":308699,"date":"2016-12-13T09:56:08","date_gmt":"2016-12-13T17:56:08","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/research\/?post_type=msr-project&#038;p=308699"},"modified":"2021-03-24T14:08:40","modified_gmt":"2021-03-24T21:08:40","slug":"project-springfield","status":"publish","type":"msr-project","link":"https:\/\/www.microsoft.com\/en-us\/research\/project\/project-springfield\/","title":{"rendered":"Microsoft Security Risk Detection"},"content":{"rendered":"<p class=\"c-paragraph-3\">The Microsoft Security Risk Detection Service (<abbr>MSRD<\/abbr>) was discontinued effective June 25, 2020. This service from Microsoft Research provided users with a premium software testing experience, searching for vulnerabilities in native code with the power of <abbr>MSR<\/abbr>\u2018s Scalable Automated Guided Execution (<abbr>SAGE<\/abbr>) tool. As the security industry shifts from gate-driven audits by professional testers to automated testing by developers, we\u2019re also shifting our approach to open source. In\u00a0<a class=\"c-hyperlink\" href=\"https:\/\/isocpp.org\/files\/papers\/CppDevSurvey-2020-04-summary.pdf\" target=\"_blank\" rel=\"noopener\"><abbr>ISOCpp<\/abbr>\u2018s 2020 annual survey<\/a>, 37% of developers are now using sanitizers and fuzzing in concert in a continuous deploy setup. Modern fuzzing is driven by open source sanitizers that bake instrumentation and test case generation into software at compile time; Microsoft will adopt this paradigm.<\/p>\n<p class=\"c-paragraph-3\"><abbr>Microsoft Research<\/abbr> has replaced the <abbr>MSRD<\/abbr> fuzzing service with an open source self-hosted developer fuzzing platform for Azure. <a href=\"https:\/\/github.com\/microsoft\/onefuzz\">OneFuzz<\/a> is currently being developed and tested as a partnership with many of Microsoft\u2019s core product teams. This fuzzing platform integrates sanitizers and allow for adaptive, learning fuzz tests built into <abbr>CI<\/abbr>\/CD pipelines that grow over time with software projects. <a href=\"https:\/\/github.com\/microsoft\/onefuzz\">OneFuzz<\/a> was released open source on github in 2020 in collaboration with partners to bring Azure-powered fuzzing to developers everywhere.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Microsoft Security Risk Detection Service (MSRD) was discontinued effective June 25, 2020. This service from Microsoft Research provided users with a premium software testing experience, searching for vulnerabilities in native code with the power of MSR\u2018s Scalable Automated Guided Execution (SAGE) tool. As the security industry shifts from gate-driven audits by professional testers to [&hellip;]<\/p>\n","protected":false},"featured_media":0,"template":"","meta":{"msr-url-field":"","msr-podcast-episode":"","msrModifiedDate":"","msrModifiedDateEnabled":false,"ep_exclude_from_search":false,"footnotes":""},"research-area":[13558],"msr-locale":[268875],"msr-impact-theme":[],"msr-pillar":[],"class_list":["post-308699","msr-project","type-msr-project","status-publish","hentry","msr-research-area-security-privacy-cryptography","msr-locale-en_us","msr-archive-status-active"],"msr_project_start":"2015-01-01","related-publications":[],"related-downloads":[],"related-videos":[],"related-groups":[],"related-events":[],"related-opportunities":[],"related-posts":[],"related-articles":[],"tab-content":[],"slides":[],"related-researchers":[{"type":"user_nicename","display_name":"Cheick Keita","user_id":31409,"people_section":"Group 1","alias":"chkeita"},{"type":"user_nicename","display_name":"Marina Polishchuk","user_id":32810,"people_section":"Group 1","alias":"marinapo"},{"type":"user_nicename","display_name":"Ram Nagaraja","user_id":33333,"people_section":"Group 1","alias":"ramanag"},{"type":"user_nicename","display_name":"William Blum","user_id":34834,"people_section":"Group 1","alias":"wiblum"},{"type":"user_nicename","display_name":"Stas Tishkin","user_id":33726,"people_section":"Group 1","alias":"statis"},{"type":"guest","display_name":"Dave Tamasi","user_id":382757,"people_section":"Group 1","alias":""},{"type":"user_nicename","display_name":"Marc Greisen","user_id":36452,"people_section":"Group 1","alias":"mgreisen"}],"msr_research_lab":[],"msr_impact_theme":[],"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-project\/308699"}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-project"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/types\/msr-project"}],"version-history":[{"count":8,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-project\/308699\/revisions"}],"predecessor-version":[{"id":735904,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-project\/308699\/revisions\/735904"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/media?parent=308699"}],"wp:term":[{"taxonomy":"msr-research-area","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/research-area?post=308699"},{"taxonomy":"msr-locale","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-locale?post=308699"},{"taxonomy":"msr-impact-theme","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-impact-theme?post=308699"},{"taxonomy":"msr-pillar","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/research\/wp-json\/wp\/v2\/msr-pillar?post=308699"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}