“Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win”
– John Lambert
The mission of the New Security Ventures (NSV) team is to empower defenders with next-generation security technologies.
Microsoft delivers code and compute that empower the world, and NSV works to ensure the trustworthiness of that technology. We transform research ideas into scalable prototypes, open-source projects, and new production capabilities.
Our team is currently focused on the following ventures:
Project Freta – A prototype exploration of automated memory introspection: trusted sensing of threats to power the future of automated cloud defense.
Previous projects include:
Fuzzing for Developers – An open-source, self-hosted developer fuzzing platform for Azure, built in partnership with core product teams at Microsoft. This fuzzing platform is designed to leverage and work with developer tools like sanitizers. It integrates with CI/CD pipelines to enable continuous fuzzing that can grow and adapt with software projects. Available on Github (opens in new tab).
REST API Fuzzing – Work to expand the reach of Microsoft Research’s RESTler, a stateful REST API fuzzer, to developers everywhere.
Microsoft Security Risk Detection (MSRD) – The first «fuzzing-as-a-service» offering, launched in 2015, MSRD looked to enable Microsoft customers to leverage fuzzing tools such as SAGE in an automated fashion.