The research group of Microsoft built an automated testing solution to reduce security flaws in its Windows x86-based family of software products. The principal researcher at Microsoft Research, Patrice Godefroid said that the testing application – SAGE – short for Scalable, Automated, Guided Execution, has been deployed internally within Microsoft for the last two years. He indicated that software flaws are expensive to chase no matter for Microsoft or its customers. He added SAGE is one way to reduce the number of security patches it issues each month. SAGE attempts to generate only tests exercising unique control paths in the program so as to maximize the opportunity of finding defects.

Source: http://redmondmag.com/articles/2011/07/21/microsoft-credits-sage-for-finding-software-security-flaws.aspx