Browse All Posts (1475)

ssinghkalra shows how to remove long-lived Terraform secrets in CI by switching GitHub Actions and Azure DevOps pipelines to OIDC-based Workload Identity Federation with Microsoft Entra ID, including recommended identity/RBAC scoping, remote state hardening, common error fixes, and a low-risk migration plan.

sameenamohammed explains how to implement Enterprise Policy as Code (EPAC) to automate Azure governance at scale, using Azure Policy definitions/initiatives stored in a repo and deployed through an Azure DevOps pipeline with managed identity for secure, repeatable compliance enforcement.

The Microsoft Defender Security Research Team breaks down CVE-2026-31431 (“Copy Fail”), a high-severity Linux kernel local privilege escalation that can lead to root access and container escape in cloud and Kubernetes environments, and provides mitigation steps plus Microsoft Defender XDR detection and hunting guidance.

Allison announces the June 1, 2026 deprecation of GPT-5.2 and GPT-5.2-Codex across GitHub Copilot experiences, and outlines the replacement models plus the admin steps needed to ensure the alternatives are available via Copilot model policies.

chandanAggarwal announces GA support in Advanced Container Networking Services (ACNS) for AKS for on-node container network metrics filtering plus container network log filtering and 30-second flow log aggregation, aimed at reducing observability noise and Log Analytics ingestion costs while keeping per-flow security verdict and error context.

mosiddi explains how the Agent Governance Toolkit (AGT) “shifts left” governance for AI agents by catching security and compliance violations before runtime, using pre-commit hooks, PR gates, CI checks, and release-time controls like SBOMs, signing, and provenance attestations.

John Edward discusses how GitHub Copilot changes programming education, where it can speed up learning, and where it can undermine fundamentals if students rely on it too heavily. The post outlines practical habits for students and classroom approaches for educators to use Copilot without losing academic rigor.

Ashish Chhabria announces confidential computing support for Azure Event Hubs Dedicated, explaining how hardware-based TEEs protect streaming event data while it’s being processed (data in use) without requiring application changes, and how to combine it with keys, identity, and network controls for defense in depth.

John Maeda shares a practical tip from his SXSW “Design In Tech” report: every generative AI workflow needs a “standing beacon” to keep outputs consistent. He explains why evaluation, guardrails, and a clear standard (a “judge” that can reject bad generations) are essential when iterating on AI-generated work.

Nirav Shah, Rob Lefferts and Jason Roszak announce the general availability of Microsoft Agent 365 and outline new security and governance capabilities for discovering, inventorying, and controlling AI agents across endpoints, SaaS, and cloud platforms, including Defender/Intune-based shadow agent discovery and Entra network controls.

Steve Berg discusses how AMD EPYC hardware underpins Azure Cosmos DB at global scale, and how CPU-level considerations connect to Cosmos DB concepts like Request Units, autoscale, RU pooling, and serverless.

Kirill Gavrylyuk hosts a Cosmos DB Conf 2026 keynote panel with leaders from Vercel, OpenAI, Microsoft, Walmart, and AMD on how modern, high-demand applications are built and scaled on Azure Cosmos DB, and how AI and data platform needs are shaping the next wave of distributed systems.

Andrew Liu explains what happens inside Azure Cosmos DB from provisioning through serving requests at scale, focusing on the service’s internal deployment model, replication approach, partitioning mechanics, and how the serverless Request Unit model works under the covers.

John Savill runs through the 1st May 2026 Azure update, covering new and preview features across AKS networking and troubleshooting, Azure Front Door WAF protections, Elastic SAN improvements, PostgreSQL read replica scaling, and major AI platform changes like Microsoft Agent Framework GA and Prompt flow retirement.

HimanshuYadav explains how to modernize brownfield Terraform codebases by refactoring legacy modules to Azure Verified Modules (AVM) with AI assistance. The post focuses on using tools like GitHub Copilot to draft changes, then relying on disciplined Terraform plan review and policy gates to keep state changes safe.

Ravindra Kumar Vishwakarma explains how GitHub Copilot CLI can run as an Agent Client Protocol (ACP) server, enabling tools, IDEs, and CI/CD systems to connect to Copilot as a backend agent with streaming, sessions, and permissioned tool execution.

Kristen Womack summarizes the April 2026 Azure Developer CLI (azd) releases, focusing on multi-language hooks in azure.yaml, extension framework updates, Copilot-assisted troubleshooting, and a set of security, provisioning, and CI/CD reliability improvements across versions 1.23.14 through 1.24.2.

Rob Bos breaks down five GitHub Copilot and agent extensibility surfaces that create supply-chain and governance gaps in large enterprises, and explains what controls exist today (and where they don’t) across Copilot CLI plugins, APM, gh skill, MCP servers, and VS Code extension registries.

The Visual Studio Code Team summarizes what’s new in VS Code 1.119 (Insiders), including Markdown UX updates and several chat/agent features such as improved codebase context for virtual file systems, attaching browser tabs as context, and Copilot CLI plan mode support.

stclarke summarizes recent Microsoft Security updates, including new Microsoft Defender protections for AI agents in the Agent 365 tooling gateway, a generally available Defender for Cloud + GitHub Advanced Security integration, and a new Microsoft Purview demo for running data security investigations with AI-assisted analysis.