Microsoft has introduced a series of security tools and capabilities focused on AI-driven vulnerability discovery, AI agents, and AI models.
The updates include a multi-agent vulnerability discovery system, new controls for managing and securing AI agents, data protection capabilities, and tools designed to identify potentially vulnerable or compromised AI models before deployment.
MDASH targets exploitable vulnerabilities
Microsoft expanded the preview of MDASH, a multi-model agentic vulnerability discovery system that now integrates with Microsoft Defender.
The platform uses more than 100 specialized AI agents and multiple AI models to discover vulnerabilities, validate findings, and assess exploitability in software codebases.
“AI vulnerability discovery has crossed from research curiosity into production-grade defense at enterprise scale, and the durable advantage lies in the agentic system around the model rather than any single model itself,” Microsoft said.
According to the company, the system combines AI analysis with telemetry from more than 100 trillion security signals per day to help identify vulnerabilities that can be exploited in practice.
Defender and GitHub Code Security integration
The company also introduced an integration between Microsoft Defender and GitHub Code Security that adds production context to vulnerabilities discovered in source code.
The integration enriches findings with signals including internet exposure and data sensitivity to support risk-based prioritization.
“Developers can then remediate issues using AI-assisted fixes that are generated, assigned, and validated through GitHub Copilot Autofix and the GitHub Copilot cloud agent,” Microsoft wrote.
Role-based access controls are used to restrict access to vulnerability findings.
New security controls for AI agents
Several new capabilities focus on securing AI agents during development and deployment.
Agent 365 SDK adds observability, access control, and compliance features for AI agents. The Microsoft Execution Container (MXC) SDK provides operating-system-level controls and isolation for agent execution, while Windows 365 for Agents provides isolated, policy-governed cloud environments for running AI agents. These capabilities are currently available in early preview.
Agent 365 is also gaining an Agent Registry designed to help organizations discover and manage AI agents operating within their environments. The registry supports more than 20 types of local agents, including coding agents, AI desktop applications, and local and remote Model Context Protocol (MCP) servers.
Additional capabilities integrate Defender, Entra, and Intune to provide visibility into agent activity and relationships between agents and other systems. Defender also adds tools for investigating agent activity and mapping connections between agents and network resources. These capabilities will be available in preview.
Purview adds data protection for AI Agents
Purview is gaining controls for AI agents, including data exfiltration protections and risk detection for coding agents such as Claude Code, GitHub Copilot, OpenAI Codex, and OpenClaw.
The platform provides visibility into how agents access sensitive data, applies protections to risky prompts, and generates audit logs of agent activity. These capabilities will be available in preview.
Purview data risk signals are also being integrated into the Foundry Control Plane, providing developers with visibility into potential data security risks during agent development. The capability can identify situations where agents expose sensitive information and provide guidance on applying protections before deployment.
Another addition is runtime data loss prevention (DLP) for agent prompts in Foundry. The capability can detect, block, and audit sensitive data before it is processed by an agent. The feature is currently in preview with Agent 365.
Defender AI model scanning
The updates also include Defender AI model scanning, a preview capability designed to inspect AI models before deployment.
The tool supports both platform-native and third-party models and can identify potentially vulnerable or compromised models in registries, workspaces, and CI/CD pipelines.
