Security News > 2023 > November > Microsoft pins hopes on AI once again – this time to patch up Swiss cheese security
Microsoft has made fresh commitments to harden the security of its software and cloud services after a year in which numerous members of the global infosec community criticized the company's tech defenses.
The long and short of it is that Microsoft is pushing the big AI button a few more times, more deeply embedding the tech throughout its security operations and products.
An update of its software engineering practices is also on the horizon which again hinges on AI. Microsoft has been in the front carriage of the AI hype train this year, and executives are refusing to climb down.
These measures are intended to reinforce what Microsoft calls the next stage of its Security Development Lifecycle, the full details of which can be read in the email sent to Microsoft's security staff from Charlie Bell, EVP of Microsoft Security.
Henry's comments came shortly after a very public spat between Microsoft and Amit Yoran of security shop Tenable after the CEO branded Microsoft's handling of its vulnerability reports "Grossly irresponsible, if not blatantly negligent."
Despite the issues Microsoft has experienced with security this year, experts who spoke to The Register welcomed the news, seemingly acknowledging that flaws are always likely to be found in tech, especially when a company has so many lines to code to maintain.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/11/03/microsoft_secure_future_initiative/
Related news
- Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast (source)
- Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security (source)
- Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws (source)
- Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes (source)
- Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities (source)
- Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day (source)
- Two-Thirds of Security Leaders Consider Banning AI-Generated Code, Report Finds (source)
- Security leaders consider banning AI coding due to security risks (source)
- Digital Maturity Key to AI Success in Australian Cyber Security (source)
- HackerOne: Nearly Half of Security Professionals Believe AI Is Risky (source)