Most people know the age-old adage, “Don’t judge a book by its cover.” I can still see my grandmother wagging her finger at me when I was younger as she said it. But what if it's not the book cover we’re judging, but the title? And what if it’s not a book we’re analyzing, but instead a security bug? The times have changed, and age-old adages don’t always translate well in the digital landscape. In this case, we’re using machine learning (ML) to identify and “judge” security bugs based solely on their titles.  And, believe it or not, it works! (Sorry, Grandma!)  Mayana Pereira, Data Scientist at Microsoft, joins hosts Nic Fillingham and Natalia Godyla to dig into the endeavors that are saving security experts’ time. Mayana explains how data science and security teams have come together to explore ways that ML can help software developers identify and classify security bugs more efficiently. A task that, without machine learning, has traditionally provided false positives or led developers to overlook misclassified critical security vulnerabilities.    In This Episode, You Will Learn: • How data science and ML can improve security protocols and identify and classify bugs for software developers  • How to determine the appropriate amount of data needed to create an accurate ML training model  • The techniques used to classify bugs based simply on their title    Some Questions We Ask: • What questions need to be asked in order to obtain the right data to train a security model?  • How does Microsoft utilize the outputs of these data-driven security models?   • What is AI for Good and how is it using AI to foster positive change in protecting children, data and privacy online?    Resources:    Microsoft Digital Defense Report  https://www.microsoft.com/en-us/security/business/security-intelligence-report    Article: “Identifying Security Bug Reports Based Solely on Report Titles and Noisy Data”  https://docs.microsoft.com/en-us/security/engineering/identifying-security-bug-reports    Mayana’s LinkedIn  https://www.linkedin.com/in/mayana-pereira-2aa284b0    Nic’s LinkedIn     https://www.linkedin.com/in/nicfill/          Natalia’s LinkedIn     https://www.linkedin.com/in/nataliagodyla/          Microsoft Security Blog:      https://www.microsoft.com/security/blog/  See acast.com/privacy for privacy and opt-out information.