Microsoft is detailing how it handles bugs in its software and services using machine learning models. “47,000 developers generate nearly 30,000 bugs a month,” explains Scott Christiansen, a senior security program manager at Microsoft. The software maker tracks these bugs across GitHub and AzureDevOps repositories, but it’s a lot of issues to track with just traditional labeling and prioritization.
Microsoft is now using nearly 20 years of historical data across 13 million work items and bugs to create a machine-learning model that can separate security and non-security bugs 99 percent of the time. It’s a model that’s designed to help developers accurately identify and prioritize critical security issues that need fixing.