Microsoft has launched MDASH — the Microsoft Security multi-model agentic scanning harness — an autonomous AI system designed to cut through the noise of modern vulnerability management. Initially previewed in May 2026, MDASH was formally integrated into Microsoft’s enterprise product suite at the company’s annual developer conference, Build 2026, which opened June 2nd.

The system’s core purpose is triage: rather than flooding security teams with hundreds or thousands of alerts, MDASH prioritizes only those vulnerabilities with a realistic and demonstrable path to exploitation. It does this through a pipeline of over 100 AI agents working in concert, analyzing entire codebases written in common programming languages to detect, verify, and prove exploitability.

96.5% CyberGym benchmark score (June 2026)
100+ AI agents in the MDASH pipeline

Microsoft has not disclosed which specific underlying models power MDASH, but the architecture reportedly pairs state-of-the-art models for advanced inference tasks with more cost-efficient models for high-volume processing. This design optimizes the balance between speed, recall, and cost — and is intentionally model-agnostic, allowing components to be swapped as better options emerge.

The sustained advantage lies not in a single model, but in the autonomous agent system surrounding it.

— Ales Holecek, Chief Security Architect & Corporate VP, Microsoft

From Preview to Platform

At Build 2026, Microsoft moved MDASH beyond its limited organizational preview by announcing deep integration with four flagship enterprise products:

  • Microsoft Defender
  • GitHub Code Security
  • Agent 365
  • Microsoft Purview

Together, these integrations are positioned as a unified enterprise security control plane covering the full AI development lifecycle — from code and agents through to prompts, data, and deployed models.

The Defender and GitHub Code Security integration is particularly notable: it brings runtime operational context — such as internet exposure and data sensitivity — directly into the development workflow. Vulnerabilities discovered in code are automatically tagged with these real-world signals and used for prioritization. AI-assisted remediation is then generated, assigned, and verified through GitHub Copilot Autofix and the GitHub Copilot cloud agent, enabling developers to address critical flaws before they are ever exploited.

What Microsoft is building with MDASH reflects a critical shift from traditional rule-based passive scanning to autonomous systems capable of inferring complex codebases like a skilled security researcher.

— Kris Burkhardt, CISO, Accenture

A Measurable Performance Leap

Microsoft cited meaningful progress on benchmark performance: MDASH scored 88.45% on the CyberGym benchmark at its initial May announcement and has since improved to 96.5% — a jump of more than 8 percentage points in under a month. While benchmark scores alone don’t capture the full picture of real-world security efficacy, the trajectory suggests rapid iteration.

Microsoft’s Bid to Own the AI Security Layer

The broader ambition telegraphed at Build 2026 is clear: Microsoft wants to become the de facto security layer for software development and deployment in the AI era. The company argues that innovation and security are not in tension — that the features announced cover discovery, runtime management, data protection, and agent behavior verification as one continuous lifecycle.

The future of AI belongs not simply to the fastest movers, but to those who can innovate with trust.

— Ales Holecek, Microsoft

Morgan Adamski, Deputy Platform Leader for Cyber, Data, and Technology Risk at PwC, echoed the market need, noting that AI is simultaneously accelerating attack sophistication and the scale of threats. He described MDASH as having the potential to simplify enterprise security operations significantly, giving organizations greater resilience and operational confidence.

If MDASH delivers on its promise — demonstrating exploitability, automating remediation, and closing the loop between detection and fix — it could meaningfully reshape how organizations prioritize and address software vulnerabilities. The real test, as always, will be performance in production environments against adversaries who are themselves using AI.