Microsoft Advances AI-Powered Security with MDASH

This title was summarized by AI from the post below.
View profile for Vasu Jakkal
Vasu Jakkal Vasu Jakkal is an Influencer

Microsoft is advancing how organizations stay ahead of the risks and possibilities AI brings at #MSBuild. Notably, this includes the expanded preview of MDASH, a multi-model agentic scanning system from Microsoft Security. By orchestrating 100+ specialized AI agents, MDASH can find and validate vulnerabilities at scale. More importantly, it cuts through the noise, allowing teams to focus on what truly matters. Now integrated directly into Microsoft Defender for preview users, MDASH brings this intelligence into the day-to-day SOC environment—embedding a human-guided AI harness right where defenders operate. Early momentum is strong, with 10% increased performance in CyberGym testing.  Explore how we’re bringing agentic security and end-to-end protection into the workflow in Aleš Holeček Holecek's blog: https://lnkd.in/g8pKvwqt   

The noise reduction framing resonates with what I see on the engineering side, Vasu. The harder question, from where I sit, is what happens to the humans in that loop once the AI has already triaged and validated. Their contribution shifts from pattern recognition to something closer to audit and sign-off, and most teams weren't built or trained for that version of the job. The gap tends to show up later than anyone expects.

Leadership in today's era is not a slogan to be raised, but a reality that must be embraced. The integration of Artificial Intelligence into cybersecurity is no longer an added advantage; it has become a fundamental standard for excellence. The ability to analyze threats and respond with speed and efficiency is now a critical factor in protecting organizations and strengthening their readiness against increasingly sophisticated challenges. Those who cling to yesterday’s methods will face tomorrow’s challenges unprepared. This is a decisive stage, and there is no room for hesitation. How do you see the future of cybersecurity in the coming years: a balanced partnership between human experts and Artificial Intelligence, or a gradual shift toward greater reliance on intelligent systems?

The next missing layer is not only agent security. It is proof of agent action. If AI agents are going to discover, validate, remediate, call tools, touch data, and influence production workflows, every autonomous action needs an Agent Action Ledger: 1. Agent identity 2. Human/business owner 3. Declared task 4. Allowed data 5. Allowed tools 6. Scope of authority 7. Runtime condition 8. Decision reason 9. Dependency touched 10. Rollback/removal path 11. Evidence status: PROVEN / BOUNDED / UNCERTAIN / FAILED The rule should be simple: No ledger → no production autonomy. Local proof → local permission. Changed mode → new approval. Hidden dependency → no scale. This would turn agent security from monitoring into operational control. It also resolves the real trust problem: Organizations should not trust agents because they are powerful. They should trust only the specific actions whose identity, scope, dependency, evidence and rollback path are proven. Agentic AI does not need only visibility. It needs evidence-gated permission to act.

Diversity and pluralism… far beyond overly simplified understanding of limbic and rational.. empathy and needs of better beyond “abs” breaths and healing/justice… Mirrors and influences beyond sports/arts/governance.. calendars and pins… pie, pi.. stacks and question marks, hockey sticks… J… Streams and pools beyond dissonance and joy… getting work done and helping create lifting modeling amid large scales of counter modeling and healing and justice. Breathe… beyond EMR and CMS and CRM’s… Footsteps and beyond. Hedging… visualizing.. intersections.. various layers of connections and reality of better; courage and kindness beyond skinner boxes and decision economies… attraction and flows away. Physical, mental… emotional… beyond abuse and unintended abuse. Associations and unions… work and balance… advanced better understanding. Kindness is not weakness. LoveEVICTShate. GPOHIEMSOSTS. IRBKWHKPH. FeFe FeWE… MW. II. I. X I. II. K. VV. OO. O.

Orchestrating 100+ specialized AI agents for agentic security and vulnerability scanning at scale is a game-changer for SOC efficiency MDASH's ability to reduce noise while validating real risks directly within Microsoft Defender transforms how teams prioritize threats. #Cybernorse

So many security advances and all accessible in a single dashboard, IT professionals can finally feel good about AI Agents in their ecosystems!

I would love to know whether Microsoft actively uses MDASH to identify vulnerabilities in its own products. I hear the term “Dogfooding” as Microsoft being a software vendor itself, it will be amazing to see how this product is helping and making a difference in developing and shipping safer software for customers.

Calendars… layers and interactions of collabs… working and personal life… there’s a lot to tech and community.

As AI takes on a greater role in security operations, transparency and accountability will become just as important as performance.

Vasu, Strong direction. The open question for multi-agent SOC is what happens when the orchestration layer loses connectivity. 100+ agents is powerful when the pipe is up. The harder problem is autonomous defense that holds when it isn’t. Air-gapped and DDIL is where this gets interesting.

See more comments

To view or add a comment, sign in

Explore content categories