As We May Code presented at enigma 2017

by David Molnar,

Summary : Advances in automatic reasoning, combined with the shift to cloud services, have changed the software security lifecycle. As we develop software, deploy it into our production systems, look for bugs in that software, and seek to understand these bugs, new techniques help us augment our human abilities with reasoning that can scale up to make decisions in seconds and scale across a wide range of problems. Cloud services that bundle together the data, compute, and specialized talent required for these augmentations make it possible to deploy these techniques across an organization. I will illustrate with examples from different phases of the software security lifecycle, including the "Project Springfield" bug finding service at Microsoft. Finally I will show how the trend toward cloud infrastructure will enable deeper impact on how we manage security for code we build, code we buy, or code we transform.