In this post, Michael Fanning gives us a short history on standards (think Julius Caesar), how consensus on something very small can enable something very large, and how all of it relates to the design of the ‘Static Analysis Results Interchange Format’ (SARIF).
The faster we iterate on refining secure development practices, the faster our developers can address security pain points, and the better we protect our customers. In this post, Bryan Sullivan walks through key learnings from the 1ES Security team.
We believe that we can only solve the problem of inaccessible software by shifting accessibility left into the software design and development cycle. In this post, Mark Reay describes how our open-source offering, Accessibility Insights, can help.
If a security tool catches a critical vulnerability, but also reports 99 other findings that turn out to be false positives, developers are going to ignore everything that the tool reports and then miss the important issues. Bryan Sullivan talks through how you can hone your tooling to separate the signal from the noise.
Microsoft has over 100,000 software engineers working on software projects of all sizes. Keeping those engineering teams productive while meeting their ever-increasing scale demands is a big challenge. Read about the One Engineering System (1ES) initiative in this inaugural post on the Engineering@Microsoft blog.