A Case Study of Software Security Red Teams at MicrosoftFull paper
The modern software security adversary employs persistent and evasive attack techniques, for example—using zero-day exploits that have not been disclosed publicly—to target high-profile companies for political and economic espionage or to exfiltrate sensitive data or intellectual property. To combat these threats, large organizations are adopting an emerging practice of staffing full-time offensive security teams, or red teams. To understand the workflows, culture, and day-to-day practices of software security engineers in red teams, we conducted 17 interviews with informants across five red teams within Microsoft. We found that software security engineers have substantial impact in the organization as they harden security practices, drawing from their diverse backgrounds. Software security engineers are both agile yet specialized in their activities, and closely emulate malicious adversaries—subject to some reasonable constraints. Although software security engineers are in some respects software engineers, they also have several consequential differences in how they write, maintain, and distribute software. The results of this work are applicable to practitioners, researchers, and toolsmiths who wish to understand how offensive security teams operate, situate, and collaborate with partner teams in their organization.
Wed 12 AugDisplayed time zone: Pacific Time (US & Canada) change
14:15 - 15:08 | Understanding and Helping DevelopersResearch Papers at Zoom Room Chair(s): Scott Fleming University of Memphis | ||
14:15 15mTalk | Using Hypotheses as a Debugging AidFull paper Research Papers Authorizer link | ||
14:30 15mTalk | Find Unique Usages: Helping Developers Understand Common UsagesFull paper Research Papers Authorizer link Pre-print File Attached | ||
14:45 15mTalk | A Case Study of Software Security Red Teams at MicrosoftFull paper Research Papers Authorizer link | ||
15:00 7mTalk | Refactoring from 9 to 5? What and When Employees and Volunteers Contribute to OSSShort paper Research Papers Luiz Felipe Fronchetti Dias University of São Paulo, Caio Barbosa PUC-RJ, Gustavo Pinto UFPA, Igor Steinmacher Northern Arizona University, Baldoino Fonseca Federal University of Alagoas (UFAL), Márcio Ribeiro Federal University of Alagoas, Brazil, Christoph Treude The University of Adelaide, Daniel Alencar Da Costa University of Otago Authorizer link |