Microsoft has introduced a groundbreaking artificial intelligence system named Project Ire that can independently analyze, detect, and block malware without any human intervention. This prototype AI agent represents a significant leap forward in cybersecurity by automating what is traditionally a highly manual and expert-driven process—fully reverse engineering software files to assess whether they are malicious.

Project Ire is built through a collaboration among Microsoft Research, Microsoft Defender Research, and Microsoft Discovery & Quantum teams. It uses a combination of advanced language models and a suite of reverse engineering tools, including decompilers and binary analysis frameworks such as Ghidra and angr, to dissect and understand software files even when nothing is known about their origin or purpose.

One of the key innovations of Project Ire is its “Chain of Evidence” system, which creates a transparent, step-by-step audit trail showing exactly how the AI reached its conclusions about a file’s safety or threat level. This increases accountability and allows human security experts to review and verify the AI’s findings, making the system more trustworthy.

During testing, Project Ire demonstrated high precision with a 98% accuracy rate in identifying malicious files while maintaining a low false positive rate. It was notably the first Microsoft reverse engineer, human or AI, to author a conviction case strong enough to justify automatic blocking of an advanced persistent threat (APT) malware, which was subsequently neutralized by Microsoft Defender.

By automating the complex and exhausting task of malware classification, Project Ire aims to reduce analyst burnout and improve the scalability and speed of threat detection. Microsoft's long-term vision is for Project Ire to autonomously detect novel malware directly in memory, enabling faster and more effective defense against evolving cyber threats.

This development heralds a new era in cybersecurity, where AI acts as a powerful shield against malware, strengthening digital safety for organizations and users worldwide.