Why do 47,000 Microsoft developers generate 30,000 errors per month?

According to Scott Christiansen, senior manager of security programs at Microsoft, large volumes of semi-curated data are perfect for machine learning.

Since 2001, Microsoft has collected 13 million work items and errors.

“We use that data to develop a machine learning and process model that correctly distinguishes between security and non-security errors 99 percent of the time and accurately identifies critical, high-priority security errors 97 percent of the time. “Christiansen reported.

It is a machine learning model designed to help developers accurately identify and prioritize critical security issues that need to be addressed.

“Our goal was to build a machine learning system that classifies errors as security / non-security and critical / non-critical with a level of precision as close as possible to that of a security expert,” the Microsoft executive reported.

To accomplish this, Microsoft fed its model with many bugs that are labeled security and others that are not labeled security.

Once the model was trained, you could use what you learned to label data that was not pre-classified.

Software developers daily observe a long list of features and bugs that need to be addressed.

Security professionals try to help by using automated tools to prioritize security errors, but too often, engineers lose time on false positives or lose a critical security vulnerability that has been misclassified.

To address this issue, data science and security teams teamed up to explore how machine learning could help.

“We found that by combining machine learning models with security experts, we can significantly improve the identification and classification of security errors,” said Christiansen.

This story has been published from a cable agency source without modification to the text. Only the owner has been changed.