Build 2026: Microsoft's MDASH exits preview with 100+ specialized threat-hunting AI agents

['Last month, Microsoft introduced MDASH, its Microsoft Security multi-model agentic scanning harness. Despite the unfortunate name, this was a big swing, designed to reduce security alerts from constant noise to those that directly cause exploitable vulnerabilities.', 'The big news today coming from Build 2026 is that Microsoft is folding the MDASH capability into a full enterprise security control plane, connecting Defender, GitHub Code Security, Agent 365, and Purview. According to Microsoft\'s chief security architect Aleš Holeček, "AI vulnerability discovery has crossed from research curiosity into production-grade defense at enterprise scale, and the durable advantage lies in the agentic system around the model rather than any single model itself."', 'One of the big problems in security automation is the signal-to-noise ratio.

When we let an algorithm or an AI loose on a network or a codebase, the automated tool often turns up hundreds, if not thousands, of red flags. While it\'s likely true that all the worrisome implementation details a security scanner finds may be problematic, they\'re not all worthy of a five-alarm response. MDASH (officially "Codename MDASH") is essentially an agentic AI system that performs triage on vulnerabilities.', 'Rather than overwhelming mitigation teams with constant vulnerability findings, MDASH "prioritizes real, actionable risks over noisy findings to help teams focus on what can be exploited." Holeček said, "This new agentic security system orchestrates a pipeline of more than 100 specialized AI agents using an ensemble of models to discover, validate, and prove exploitability across codebases written in popular programming languages." Microsoft says MDASH recently reached a CyberGym benchmark score of 96.55%, up from an earlier 88.45% in its original announcement last month.', 'The company says that progress in AI depends on more than breakthrough capabilities.

It depends on whether organizations can trust the systems they are building and deploying. The implication, of course, is that systems built on and with Microsoft infrastructure can foster that trust. This is how Holeček describes it: "[Trust] is the common thread across the innovations announced at Build 2026 and the principle guiding our approach.

Because the future of AI will belong not just to those who move fastest, but to those who can innovate with trust."', 'Kris Burkhardt, Chief Information Security Officer at Accenture says, "What Microsoft is building with MDASH reflects a meaningful shift from reactive, rule-based scanning to agentic systems that can reason across complex codebases like a skilled security researcher." Morgan Adamski, Principal and Deputy Platform Leader of Cyber, Data, and Tech Risk at PwC US, sees strong potential for MDASH to simplify and strengthen SecOps, helping organizations operate with greater resilience and confidence.']