Following a string of cybersecurity mishaps at Microsoft over the past few years—such as the massive email server hack of 2021, the widespread breach of U.S. government emails earlier this year, and the 2020 SolarWinds hack—the company has unveiled its new Secure Future Initiative, which aims to improve security during the software development and testing process, according to The Verge.
Microsoft will use automation and artificial intelligence in this endeavor to identify software vulnerabilities while it is still in development. GitHub’s CodeQL code analysis engine will be utilized for security check automation. Additionally, Microsoft Vice Chairman and President Brad Smith announced that the company is creating a “AI-based cyber shield” that would be made available to consumers.
In addition to aiming to cut cloud vulnerability mitigation by half, Microsoft wants to strengthen systems that safeguard encryption keys.
We are migrating identity platforms to secure computing infrastructure that we helped develop in order to remain ahead of malicious actors. According to Microsoft Security Head Charlie Bell, “this architecture encrypts data governing identities not only while it’s in transit and at rest, but also while it’s being processed computationally.”
