Buzz
Microsoft is deploying the Security Risk Detection (SRD) security vulnerability detection tool, cloud-based, designed to detect software vulnerabilities before release or use. Preview version available for Linux users.
With an increasing number of computer vulnerabilities being discovered, however, detection time is slow. By the time detection occurs, malware has already infiltrated the system, as seen in the case of the SMB zero-day vulnerability. With the SMB zero-day vulnerability, hackers gain access and take control of your computer.
Microsoft unveiled the Security Risk Detection (SRD) tool back in September last year, aiming to alleviate users' headaches in handling errors, incidents, and attack responses by automating fuzzing testing techniques.
Fuzzing technique seeks vulnerabilities that attackers can exploit to carry out network attacks or system crashes. Based on the results, developers can use other tools to fix the issues.
When using the SMB protocol, users are at risk of malware attacks on their computer systems. In uncontrollable situations, it's advisable to disable SMB to protect the data inside the computer. We introduced disabling SMB in a previous article.
How does the SRD tool work?
Users log into a secure web portal and install software programs on a virtual machine, along with a 'test driver' program that runs test scenarios and a sample input file, or 'seed file,' to use as a starting point for fuzzing.
The tool employs various methods to continually fuzz the software. SRD utilizes artificial intelligence (AI) to ask a series of 'what if' questions to identify potential security issues and remind users of security concerns. Through a wizard interface, users are prompted with questions that developers can answer without security expertise.
With each run, SRD scans critical areas for vulnerabilities, shared through the web portal. Users can download test cases to generate issues and understand where and when they occur to prioritize and address them. After fixing the issues, they retest to ensure no further errors.
This service is designed for organizations building their own software, modifying off-the-shelf software, or licensing open-source code. SRD doesn't require source code. Users can input any open-source code, according to David Molnar, a senior researcher and project manager at Microsoft.
SRD is equipped with two 'major breakthroughs,' according to Molnar. One is time-travel debugging, allowing users to go back through their software to see where and when errors occurred. And the other is difficulty-solving technology, indicating the direction of vulnerabilities that attackers are hunting for.
SRD supports developers by using artificial intelligence (AI) to automate the similar reasoning process that people use to find and exploit vulnerabilities through the cloud. This tool is intended for teams and users without security experience.
While security experts may not need to use the SRD tool, developers require a tool to address the errors they find, said John Heasman, Director of Software Security at DocuSign, one of the first testers of the tool.
DocuSign has utilized SRD to search for vulnerabilities in software they purchase or license to integrate into their platform, particularly to handle potentially malicious documents uploaded by users.
Heasman also pointed out that DocuSign's in-house program lacks the ability to extend SRD or difficulty-solving technology. 'We have conducted fuzzing techniques, so we recognize the value of testing,' Heasman added.
Microsoft also releases a preview version of SRD for Linux users. Molnar predicts that this SRD tool will continue to expand.
For web administrators, to effectively protect their website, you should block SQL injection attacks on ASP.NET using available command lines. If interested, refer to how to block SQL injection attacks on ASP.NET here.
