Microsoft focuses on improving the security of its programs and services

Microsoft is making great efforts to improve cybersecurity. The company announced a new stage in security – Secure Future Initiative (SFI). According to The Verge, this will be the biggest change in the company’s security since 2004.

With the introduction of SFI, the company will change the way it designs, builds, tests, and uses software and services. The new system is the result of a large number of cyberattacks in recent years, including the Azure hack earlier this year.

Charlie Bell, Microsoft’s head of security, said in an internal memo that they now have three specific engineering advances that they will use to improve the built-in security of products and platforms.

First and foremost, the company will rely on automation and artificial intelligence to identify security risks and vulnerabilities. This includes using CodeQL, GitHub’s code analysis engine, to automate security checks during development.

“We will use CodeQL to perform static and dynamic code analysis, helping our teams find and fix bugs in our code at AI speed and scale,” explains Charlie Bell.

Another important element for Microsot will be to speed up the company’s response to security vulnerabilities. For example, it took the company 90 days to release an update to close an Azure security gap, and they want to cut this time in half.

Besides, improving standard security parameters and strengthening the platforms that protect encryption keys is also an area for improvement.