Security team

The MORSE security team takes a proactive approach to finding bugs

When it comes to a complex issue such as IT security, there are no simple answers. While the effects of hacking run the gamut, from annoying staff – like endless pop-ups on your computer screen – to a large-scale global level – like the gas cuts that crippled the East Coast in 2021 – it makes sense that there is no one-size-fits-all approach to tackling the problem.

It takes more than one angle to manage what has become an increasingly important aspect of technology development. Many organizations simply focus on fixing problems after they arise. But Microsoft is taking a holistic direction in its security measures, spanning the entire spectrum with a team working to stop vulnerabilities before they even appear, eliminating code flaws before they do. reach your computer and the prying keyboards of hackers around the world. For the security team, the thought goes, it’s never an if, but when a problem will arise.

“It’s an eternal game of cat and mouse,” said Justin Campbell, senior security software engineering manager, Microsoft Security. “Things are changing. Windows is not stagnant. There are new things added, new considerations, new technologies and new procedures researched. It’s not just about security, but about how we build our software. There’s still code from 30 years ago that’s just as taken care of as the new items we ship today. It’s a terrific spectrum.

Campbell leads a new 60-plus member global security team called Microsoft Offensive Research & Security Engineering (MORSE), which takes a three-pronged approach to securing code in the operating system. Red, blue, and green teams, each with a different role to play, help MORSE aggressively combat security threats, fix broken code, and prevent problems.

The overlapping work performed by the trio of teams helps develop new technologies that benefit each party, from identifying potential weak points in code to creating new tools for the latest threats to hardening security capabilities that have both short-term and long-term effects.

Many cybersecurity terms have their roots in computer simulations, video games, military exercises, and real-time simulators that many experts have studied to learn the ropes. Thus, red teams try to identify an attack path to breach organizations’ security defenses through real-world attack strategies. Blue teams attempt to defend these attacks and prevent the red team from breaking through existing defenses. Green teams help mitigate high-risk systemic security issues and resolve them at scale by integrating learnings and tools from red and blue teams.