Follow ZDNET: Add us as a preferred source on Google.
ZDNET’s key takeaways
- Microsoft is turning AI into a security triage tool.
- Microsoft wants to secure code, agents, data, and models.
- MDASH uses AI agents to cut through scanner noise.
Last month, Microsoft introduced MDASH, its Microsoft Security multi-model agentic scanning harness. Despite the unfortunate name, this was a big swing, designed to reduce security alerts from constant noise to those that directly cause exploitable vulnerabilities.
The big news today coming from Build 2026 is that Microsoft is folding the MDASH capability into a full enterprise security control plane, connecting Defender, GitHub Code Security, Agent 365, and Purview.
Also: Enterprise AI agents are multiplying fast, and Microsoft wants full control of them
According to Microsoft’s chief security architect Aleš Holeček, “AI vulnerability discovery has crossed from research curiosity into production-grade defense at enterprise scale, and the durable advantage lies in the agentic system around the model rather than any single model itself.”
How MDASH changes vulnerability analysis
One of the big problems in security automation is the signal-to-noise ratio. When we let an algorithm or an AI loose on a network or a codebase, the automated tool often turns up hundreds, if not thousands, of red flags.
While it’s likely true that all the worrisome implementation details a security scanner finds may be problematic, they’re not all worthy of a five-alarm response.
Think about how triage works in a war zone. Hundreds of hurt troops arrive in the triage zone. Doctors and nurses take a super-fast look at each and try to ascertain who needs life-saving intervention, who can hold for a while, and who is too far gone to save. They then prioritize giving attention to those who are at serious risk and whom they can save.
Also: Work IQ is Microsoft’s big bet on agent-first enterprise IT, and I have questions
MDASH (officially “Codename MDASH”) is essentially an agentic AI system that performs triage on vulnerabilities. Rather than overwhelming mitigation teams with constant vulnerability findings, MDASH “prioritizes real, actionable risks over noisy findings to help teams focus on what can be exploited.”
Although Microsoft doesn’t specify which models MDASH uses, the company says it uses state-of-the-art models for heavy reasoning and lower-cost models for high-volume operations.
The company says this lets them trade speed, recall, and cost, and minimize dependence on any given model. They also say it makes the system model-agnostic, allowing them to move models when necessary.
Holeček said, “This new agentic security system orchestrates a pipeline of more than 100 specialized AI agents using an ensemble of models to discover, validate, and prove exploitability across codebases written in popular programming languages.”
I’m not a big fan of citing benchmark scores because tools can be built to the benchmark. That said, Microsoft said that MDASH recently reached a CyberGym benchmark score of 96.55%, up from an earlier 88.45% in its original announcement last month.
The bigger picture
Microsoft is using Build 2026 to fold MDASH into a wider enterprise security platform story, rather than continue to discuss MDASH as a private preview.
Redmond announced that MDASH is now in expanded preview for eligible organizations and includes Microsoft Defender integration. This is all a part of Microsoft’s push to secure the full AI development lifecycle across code, agents, prompts, data, and models, and then use that to secure the network itself.
“We’re seeing cyber threats evolve rapidly, with Al accelerating both the scale and sophistication of attacks,” says Morgan Adamski, Principal and Deputy Platform Leader of Cyber, Data, and Tech Risk at PwC US. Adamski continues, “We see strong potential for MDASH to simplify and strengthen SecOps, helping organizations operate with greater resilience and confidence.”
Additionally, Microsoft Defender and GitHub Code Security are being integrated in order to bring runtime context into developer and security workflows so risks can be found, prioritized, and fixed earlier in the lifecycle.
According to Microsoft, “Vulnerabilities discovered in code are automatically enriched with real production signals, such as internet exposure and data sensitivity to inform prioritization. Developers can then remediate issues using Al-assisted fixes that are generated, assigned, and validated through GitHub Copilot autofix and the GitHub Copilot cloud agent.”
Also: Stopping bugs before they ship: The shift to preventative security
Developers can then use GitHub Copilot autofix and the GitHub Copilot cloud agent to generate, assign, and validate fixes. Essentially, this line of tools will help network managers and developers get ahead of some of the worst vulnerabilities while also catching others before they’re initially deployed.
Kris Burkhardt, Chief Information Security Officer at Accenture says, “What Microsoft is building with MDASH reflects a meaningful shift from reactive, rule-based scanning to agentic systems that can reason across complex codebases like a skilled security researcher.”
Microsoft wants to provide the AI security layer
The story coming out of Build is that Microsoft is positioning itself as the security layer for AI-era software development and deployment, especially for Microsoft ecosystem-entrenched companies.
Microsoft says, “There should never be a choice between innovation and safety. The capabilities announced today span the full development lifecycle: discovering what’s exploitable, governing what’s running, protecting the data Al depends on, and verifying that agents behave as intended before they reach production.”
The company makes an interesting claim. Microsoft says that progress in Al depends on more than breakthrough capabilities. It depends on whether organizations can trust the systems they are building and deploying. The implication, of course, is that systems built on and with Microsoft infrastructure can foster that trust.
Also: The patching treadmill: Why traditional application security is no longer enough
This is how Holeček describes it: “[Trust] is the common thread across the innovations announced at Build 2026 and the principle guiding our approach. Because the future of Al will belong not just to those who move fastest, but to those who can innovate with trust.”
To be fair, this is Microsoft, a company with a very long track record of taking big swings, connecting with the ball, and knocking it out of the park. If Microsoft tools can prove exploitability and connect it to remediation, it could reshape enterprise vulnerability management and make organizations substantially more secure.
Also: Beyond the cleanup job: Redefining application security for the modern enterprise
Would your team rather have fewer, higher-confidence security alerts or broader scanning that catches more possible issues? Let us know in the comments below.
You can follow my day-to-day project updates on social media. Be sure to subscribe to my weekly update newsletter, and follow me on Twitter/X at @DavidGewirtz, on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, on Bluesky at @DavidGewirtz.com, and on YouTube at YouTube.com/DavidGewirtzTV.
