David Molnar, Senior Researcher, Microsoft
Advances in automatic reasoning, combined with the shift to cloud services, have changed the software security lifecycle. As we develop software, deploy it into our production systems, look for bugs in that software, and seek to understand these bugs, new techniques help us augment our human abilities with reasoning that can scale up to make decisions in seconds and scale across a wide range of problems. Cloud services that bundle together the data, compute, and specialized talent required for these augmentations make it possible to deploy these techniques across an organization. I will illustrate with examples from different phases of the software security lifecycle, including the "Project Springfield" bug finding service at Microsoft. Finally I will show how the trend toward cloud infrastructure will enable deeper impact on how we manage security for code we build, code we buy, or code we transform.
David Molnar is a senior researcher at Microsoft AI and Research, where he leads the incubation of "Project Springfield." Project Springfield combines pioneering "whitebox fuzzing" technology with cloud scale to help people find serious security issues in software across their organization. Prior to Microsoft, David earned a Ph.D. in computer science at University of California, Berkeley, working with David Wagner. David’s work on privacy for radio frequency identification earned the "Test of Time" award from the ACM Computer and Communications Security conference in 2014, and his current work focuses on software security.
Enigma is a registered trademark of the USENIX Association.