Skip to main content
  1. Home
  2. Computing
  3. News

Microsoft's Project Springfield enables automated security testing in the cloud

By

Developers keen to test their newly created software against some of the more common exploits out there now have a new avenue to do so. Announced at Microsoft’s Ignite Conference this week, the software giant debuted Project Springfield, a platform which can throw simple attack vectors at application binaries to test them for a number of security flaws.

Although automated testing is a relatively common method of testing the security of a piece of software, Microsoft is coining a new type of exploit hunting for its new platform. “Whitebox fuzzing,” as it is called, is said to combine different testing methods from traditional whiteboxing and fuzzing, hence the name.

Recommended Videos

It uses similar varied inputs at different levels of the code base to simulate attacks and test for potential weaknesses, all the while using machine learning to refine the input process so that it more intelligently tests the software over and over, according to Ars Technica. This is more likely to mirror a human tester or a potential hacker who would try to deliberately break the system.

Related: 
Best new movies to stream on Netflix, Hulu, Prime Video, HBO Max, and more

The big advantage being that it is remote, so no local access is required and the tests and be repeated and altered time and again for much more thorough testing.

This is a process that Microsoft has been using internally for some time now. The basis for Project Springfield, known as SAGE, was first used to test different aspects of Windows 7 prior to its release. It ultimately discovered as much as a third of all pre-release bugs discovered by fuzzing tools, despite being used as a last line of defense after all other automated testing was complete.

Now that sort of system is available to developers through a easy-to-use user interface and it is available through the Azure Cloud platform, so it is easily accessible. Linux support is planned for the future, but for now Windows binaries are the only ones that it will work with.

Available on a limited preview, Microsoft is openly looking for clients who are interested in using the service to test its popularity and viability on a wider set of binaries.

Jon Martindale
Jon Martindale
Evergreen writer
Jon Martindale is a freelance evergreen writer and occasional section coordinator, covering how to guides, best-of lists, and…
Topics

Editors’ Recommendations

Microsoft is bringing ChatGPT to your browser, and you can test it out right now
Microsoft's redesigned Bing search engine.

Microsoft CEO Satya Nadella confirmed in a private briefing with the press that a ChatGPT-powered version of the Edge browser and Bing search engine is available now. The overhauled search and web browsing experience is designed for natural-language questions, replacing critical aspects of the browser with AI tools.

That might sound familiar. Google and other search engines have been leveraging AI for several years to compile search results, but Microsoft's take is different. It's "your AI copilot for the web," offering up new search, answer, chat, and create functions.

Read more
Microsoft Edge gets hit with the same serious security bug that plagued Chrome
The Microsoft Edge browser is open on a Surface Book 2 in tablet mode.

Microsoft just released an Edge browser update that patches a dangerous flaw that could allow a cleverly designed attack to execute arbitrary code. While every security update should be installed promptly, this one is a bit more urgent because the attack is "in the wild" already, meaning that hackers are already taking advantage of this vulnerability to breach security.

Designated CVE-2022-2294, this vulnerability was actually a flaw with the Chromium project, the open-source code that Google's Chrome browser is built upon. Microsoft uses the same base code for the Edge browser, meaning bugs that affect one often plague the other. Google patched the same bug recently and has been keeping quiet about details of the attack to allow others to make similar fixes, since Chromium is quite a popular codebase.

Read more
Microsoft Edge vs. Google Chrome: Performance, design, security, and more
Microsoft Edge browser on a computer screen.

Google Chrome remains the king of the web browsers, with around 65% share of the desktop browser market as of December 2024. Microsoft's Edge browser, which uses the Chromium open-source engine, is in a lower spot around 14%. Since Microsoft Edge was included as the default Windows browser, it has been given a slight -- well -- edge.

Which browser should you use? The two share a lot of similarities, but some key differences make one the clear winner.
Design

Read more