Is called Microsoft's Project Springfield, and it is an online platform for security, based on the detection of bugs in the software and based on the cloud. But after the version released for the Windows operating system, a previous version of a version oriented to Linux also appears. With the Microsoft Risk Detection tool you will help developers to carry out security tests and thanks to artificial intelligence it will detect vulnerabilities that compromise the security of software projects.
In general, audits are entrusted to third parties once the software has been released, but the project is intended to spot these security issues early that the product is released and has already affected hundreds or thousands of users. So patches can be applied before major ills. Honestly, I totally don't know the project, and I don't really know how it works or if it's good or bad, I haven't been able to observe that version for Linux either.
But what the sources seem to indicate is that it works with a AI who will ask the developer or developers questions about the new software. The questions are specific to try to focus on critical areas and to detect vulnerabilities that can be exploited by malicious attackers. Apparently, the false positives that this tool throws are quite low, so most of the alerts are real.
It is not something new, the trial version was already launched last year, but it has not been until now when it seems that Microsoft is willing to bring it to homes through Microsoft Services at the end of summer and what interests us the most, that sample for Linux support, which is always welcome, as it will attract more interest on the platform.