{"id":"https://openalex.org/W3043314744","doi":"https://doi.org/10.1109/vl/hcc50065.2020.9127203","title":"A Case Study of Software Security Red Teams at Microsoft","display_name":"A Case Study of Software Security Red Teams at Microsoft","publication_year":2020,"publication_date":"2020-07-16","ids":{"openalex":"https://openalex.org/W3043314744","doi":"https://doi.org/10.1109/vl/hcc50065.2020.9127203","mag":"3043314744"},"language":"en","primary_location":{"id":"doi:10.1109/vl/hcc50065.2020.9127203","is_oa":false,"landing_page_url":"https://doi.org/10.1109/vl/hcc50065.2020.9127203","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5020005323","display_name":"Justin Smith","orcid":"https://orcid.org/0000-0001-6987-5196"},"institutions":[{"id":"https://openalex.org/I184759092","display_name":"Lafayette College","ror":"https://ror.org/036n0x007","country_code":"US","type":"education","lineage":["https://openalex.org/I184759092"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Justin Smith","raw_affiliation_strings":["Lafayette College"],"affiliations":[{"raw_affiliation_string":"Lafayette College","institution_ids":["https://openalex.org/I184759092"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022487152","display_name":"Christopher Theisen","orcid":null},"institutions":[{"id":"https://openalex.org/I184759092","display_name":"Lafayette College","ror":"https://ror.org/036n0x007","country_code":"US","type":"education","lineage":["https://openalex.org/I184759092"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Christopher Theisen","raw_affiliation_strings":["Lafayette College"],"affiliations":[{"raw_affiliation_string":"Lafayette College","institution_ids":["https://openalex.org/I184759092"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5060033622","display_name":"Titus Barik","orcid":"https://orcid.org/0000-0002-4877-0739"},"institutions":[{"id":"https://openalex.org/I4210164937","display_name":"Microsoft Research (United Kingdom)","ror":"https://ror.org/05k87vq12","country_code":"GB","type":"company","lineage":["https://openalex.org/I1290206253","https://openalex.org/I4210164937"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Titus Barik","raw_affiliation_strings":["Microsoft"],"affiliations":[{"raw_affiliation_string":"Microsoft","institution_ids":["https://openalex.org/I4210164937"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5020005323"],"corresponding_institution_ids":["https://openalex.org/I184759092"],"apc_list":null,"apc_paid":null,"fwci":1.3345,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.8599839,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"10"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9958999752998352,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/offensive","display_name":"Offensive","score":0.7639561295509338},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.6281006932258606},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6109663248062134},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5003993511199951},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.48450133204460144},{"id":"https://openalex.org/keywords/agile-software-development","display_name":"Agile software development","score":0.4695722758769989},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.45657894015312195},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.44776779413223267},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.3801823854446411},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.35368669033050537},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.3275117874145508},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.309728741645813},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.3000991940498352},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.27174437046051025},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.13389256596565247}],"concepts":[{"id":"https://openalex.org/C176856949","wikidata":"https://www.wikidata.org/wiki/Q2001676","display_name":"Offensive","level":2,"score":0.7639561295509338},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.6281006932258606},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6109663248062134},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5003993511199951},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.48450133204460144},{"id":"https://openalex.org/C14185376","wikidata":"https://www.wikidata.org/wiki/Q30232","display_name":"Agile software development","level":2,"score":0.4695722758769989},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.45657894015312195},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.44776779413223267},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.3801823854446411},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.35368669033050537},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.3275117874145508},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.309728741645813},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.3000991940498352},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.27174437046051025},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.13389256596565247},{"id":"https://openalex.org/C42475967","wikidata":"https://www.wikidata.org/wiki/Q194292","display_name":"Operations research","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/vl/hcc50065.2020.9127203","is_oa":false,"landing_page_url":"https://doi.org/10.1109/vl/hcc50065.2020.9127203","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2020 IEEE Symposium on Visual Languages and Human-Centric Computing (VL/HCC)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.7400000095367432}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":40,"referenced_works":["https://openalex.org/W19133612","https://openalex.org/W175562627","https://openalex.org/W1109422923","https://openalex.org/W1558936785","https://openalex.org/W1685057348","https://openalex.org/W1919636199","https://openalex.org/W1934945143","https://openalex.org/W1969785126","https://openalex.org/W1971845200","https://openalex.org/W1979290264","https://openalex.org/W1993978434","https://openalex.org/W2003325641","https://openalex.org/W2019672983","https://openalex.org/W2057366964","https://openalex.org/W2065890363","https://openalex.org/W2088489410","https://openalex.org/W2091494072","https://openalex.org/W2092681734","https://openalex.org/W2098569569","https://openalex.org/W2101446126","https://openalex.org/W2113147897","https://openalex.org/W2141373759","https://openalex.org/W2143280167","https://openalex.org/W2149236908","https://openalex.org/W2293921399","https://openalex.org/W2294992695","https://openalex.org/W2342850280","https://openalex.org/W2513442265","https://openalex.org/W2552408584","https://openalex.org/W2588952840","https://openalex.org/W2740295334","https://openalex.org/W2760313715","https://openalex.org/W2774627648","https://openalex.org/W2794659749","https://openalex.org/W2796056969","https://openalex.org/W2972278312","https://openalex.org/W3102446060","https://openalex.org/W3122167728","https://openalex.org/W6600791612","https://openalex.org/W6627389111"],"related_works":["https://openalex.org/W2097628364","https://openalex.org/W2120086576","https://openalex.org/W2395987867","https://openalex.org/W3208699506","https://openalex.org/W2032098076","https://openalex.org/W2293678011","https://openalex.org/W2164920192","https://openalex.org/W2293554594","https://openalex.org/W829110844","https://openalex.org/W2187486724"],"abstract_inverted_index":{"The":[0,150],"modern":[1],"software":[2,66,87,127,134],"security":[3,52,67,88,99,107,128,168],"adversary":[4],"employs":[5],"persistent":[6],"and":[7,26,62,117,147,160,172],"evasive":[8],"attack":[9],"techniques,":[10],"for":[11,24],"example-using":[12],"zero-day":[13],"exploits":[14],"that":[15,86],"have":[16,90,138],"not":[17],"been":[18],"disclosed":[19],"publicly-to":[20],"target":[21],"high-profile":[22],"companies":[23],"political":[25],"economic":[27],"espionage":[28],"or":[29,34,54],"to":[30,122,157,164],"exfiltrate":[31],"sensitive":[32],"data":[33],"intellectual":[35],"property.":[36],"To":[37,57],"combat":[38],"these":[39],"threats,":[40],"large":[41],"organizations":[42],"are":[43,109,130,155],"adopting":[44],"an":[45],"emerging":[46],"practice":[47],"of":[48,65,152],"staffing":[49],"full-time":[50],"offensive":[51,167],"teams,":[53,71],"red":[55,70,80],"teams.":[56],"understand":[58,165],"the":[59,94],"workflows,":[60],"culture,":[61],"day-to-day":[63],"practices":[64],"engineers":[68,89,108,129],"in":[69,93,114,131,142,177],"we":[72],"conducted":[73],"17":[74],"interviews":[75],"with":[76,174],"informants":[77],"across":[78],"five":[79],"teams":[81,169,176],"within":[82],"Microsoft.":[83],"We":[84],"found":[85],"substantial":[91],"impact":[92],"organization":[95],"as":[96],"they":[97,136,144],"harden":[98],"practices,":[100],"drawing":[101],"from":[102],"their":[103,115,178],"diverse":[104],"backgrounds.":[105],"Software":[106],"both":[110],"agile":[111],"yet":[112],"specialized":[113],"activities,":[116],"closely":[118],"emulate":[119],"malicious":[120],"adversaries-subject":[121],"some":[123,132],"reasonable":[124],"constraints.":[125],"Although":[126],"respects":[133],"engineers,":[135],"also":[137],"several":[139],"consequential":[140],"differences":[141],"how":[143,166],"write,":[145],"maintain,":[146],"distribute":[148],"software.":[149],"results":[151],"this":[153],"work":[154],"applicable":[156],"practitioners,":[158],"researchers,":[159],"toolsmiths":[161],"who":[162],"wish":[163],"operate,":[170],"situate,":[171],"collaborate":[173],"partner":[175],"organization.":[179]},"counts_by_year":[{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}