Browse All Posts (389)
Daniel Roth rounds up the key .NET sessions from Microsoft Build 2026, highlighting what’s new in .NET 11 and C# (including union types), plus sessions on agentic web apps, AI building blocks for .NET, .NET MAUI on-device AI, and tooling like dotnetup.
Allison announces general availability of IP allow list enforcement for GitHub Enterprise Cloud Enterprise Managed Users (EMUs), extending enterprise network access policies to repositories owned under EMU user namespaces and covering web, Git, and API access.
Soo Stahl and Bhuvan Shah announce Enterprise Live Migrations (ELM), a limited public preview for moving repositories from Azure Repos to GitHub Enterprise Cloud with continuous synchronization and a short, scheduled cutover window (typically under 30 minutes).
Johnson Shi provides an operational guide to running a geo-replicated Azure Container Registry (ACR) for high availability, explaining how global endpoints, regional endpoints, and dedicated data endpoints behave during incidents, throttling, and DNS changes, with concrete Azure CLI steps for setup, routing control, and troubleshooting.
Microsoft Threat Intelligence and the Microsoft Defender Security Research Team break down recent phishing and malvertising campaigns that abuse popular AI brands (including ChatGPT, Claude, DeepSeek, and Microsoft Copilot) as lures, and provide concrete mitigation steps using Microsoft Defender, Entra ID, and related security controls.
Natalie Guevara answers common beginner GitHub questions, including how to set up SSH keys, create personal access tokens (fine-grained and classic), resolve merge conflicts, undo commits, sync forks, and review pull requests—plus a quick look at using GitHub Copilot for code review in PRs.
Sharlkaur introduces a preview workflow for AI-authored Power BI reports in Microsoft Fabric, using Skills for Fabric and the Power BI authoring plugin optimized for GitHub Copilot CLI. The post shows how agents can generate PBIR-based reports from prompts, iterate using screenshots, and publish to Fabric as part of an end-to-end agentic analytics flow.
GitHub engineers answer common beginner questions, including how to authenticate to GitHub with SSH keys or a personal access token (PAT), when to merge vs rebase, how to resolve merge conflicts, how to sync a fork, and how to review a pull request.
Matt Bierner and Reynald Adolphe walk through recent improvements to the Markdown preview experience in Visual Studio Code, focused on reviewing documentation changes more effectively and catching broken links and references while editing.
shashankamalladi announces General Availability of Network Security Perimeter (NSP) support for Azure Service Bus, including availability in Azure Government regions. The post explains how NSP provides a centralized security boundary with default-deny communication, explicit inbound/outbound rules, and diagnostic logging for audit and compliance.
John Savill explains how Microsoft Entra ID’s passkey registration campaign works, why passkeys are useful, and how the campaign “nudges” users to register. He also covers the policy prerequisites and the key behaviors that determine when users see registration prompts.
John Savill's Technical Training gives a quick overview of a passkey registration campaign in Microsoft Entra ID, focusing on driving user enrollment for passwordless, phishing-resistant authentication.
Visual Studio Code hosts the final Agents League challenge, where experts build business-ready knowledge agents integrated with Microsoft 365 and authored in Copilot Studio, and the audience is sent into a last sprint before the hackathon closes on June 14.
Visual Studio Code hosts an Agents League session where experts demonstrate building reasoning-based AI agents with Microsoft Foundry, focused on solving complex problems and helping participants apply the approach in their hackathon submissions.
Visual Studio Code kicks off the Agents League hackathon with a creative app-building battle, where experts demonstrate AI-assisted development using GitHub Copilot and share ideas participants can apply in their own submissions.
jordanselig announces a public preview feature that lets Azure App Service expose an existing REST API as a Model Context Protocol (MCP) server using only an OpenAPI spec. The post covers how the platform generates MCP tools, how to configure it, and what to consider for authentication and safe exposure.
shiv_narayanan announces general availability of SharePoint and OneDrive Shortcuts in Microsoft Fabric OneLake, explaining how Fabric can reference Microsoft 365 files in place, optionally transform supported formats into Delta tables, and use Entra ID-based identities for production authentication and scale.
John Edward outlines practical ALM and environment strategy guidance for Microsoft Copilot Studio, focusing on how to run copilots like enterprise applications with multi-environment setups, solution-based development, source control, CI/CD pipelines, configuration management, governance, and ongoing monitoring.
Sally Dabbah explains how to turn Synapse/ADF/Microsoft Fabric pipeline failures into structured, queryable telemetry by sending standardized failure events into Azure Monitor Log Analytics via the Logs Ingestion API and a Data Collection Rule, enabling KQL-based analysis, alerting, and reliability reporting across environments and datasets.
Hidde de Smet compares the GitHub Copilot App and the VS Code Agents Window, focusing on how each surface supports agent-first workflows: isolated sessions, worktrees, review/CI loops, and customization via MCP and instruction files. It includes a practical “which one should you use?” decision guide for day-to-day development vs delegated work.
This week in ML, Microsoft Fabric moved closer to an agent-ready analytics platform, with new ways to ship backends into Fabric, ground agents in governed context, and model relationships directly on OneLake. Rayfin positions Fabric as a default deployment target for data-powered apps, while Fabric IQ (now GA) and its ontology support aim to standardize how agents request context with permissions and auditability built in. Graph in Fabric (GA) adds GQL-based relationship querying, and the Fabric Operations agent plus Fabric Skills show how Microsoft wants teams to monitor, automate, and code against Fabric with guardrails instead of one-off scripts.
anandranjan explains a practical AKS pattern for keeping secret values out of YAML and CI/CD by using Azure Key Vault with the Secrets Store CSI Driver and AKS Workload Identity. It covers the identity flow, required AKS/Azure setup, workload onboarding YAML, and common troubleshooting points around federation, labels, mounts, and permissions.
This week, GitHub and Microsoft positioned Copilot as part of an enterprise agent platform, where identity, tool access, policy, observability, and eval loops matter as much as model output. Copilot also moved further into resource management, with model deprecations and replacements, optional Gemini models via admin policy, 1M-token context and reasoning controls, and fully live usage-based billing tied to GitHub AI Credits (plus new cost signals for code review and Actions). Inside GitHub, agentic workflows expanded with richer PR context for Copilot Chat, configurable code review tiers and MCP-backed skills, Azure Repos review previews, and Marketplace-installed agent apps. The rest of the updates fill in the execution and governance layer (CLI scheduling and rubber-duck review, sandboxes, a cloud agent tasks API, the Copilot SDK GA, and tighter enterprise controls across VS Code, JetBrains, Visual Studio, and Eclipse).
This week's AI roundup focuses on Microsoft Foundry's shift from a model catalog to an end-to-end platform for building, operating, and distributing enterprise agents. Build 2026 updates centered on a repeatable operations loop (traces, evaluations, routing, and tuning), production-ready hosted agents with more reliable memory controls, and tool connectivity that scales through Toolboxes and managed MCP servers. On the grounding side, Foundry IQ expanded retrieval and connectors, while Teams and Microsoft 365 Copilot publishing (plus Entra ID-backed A2A endpoints) moved agent deployment closer to where work actually happens.
This week in DevOps, agentic workflows moved from demos to platforms you can standardize, version, and roll out, with new GitHub Copilot and agent app surfaces, deeper PR-integrated review, and APIs that let other systems trigger governed agent tasks. Security teams also got a clearer warning label as prompt injection and a large npm campaign showed how agent tools and CI publishing flows can be abused, reinforcing least privilege, pinning, and explicit approval boundaries. On the operations side, direct OTLP ingestion into Azure Monitor reached GA and agent-focused observability views expanded, making trace-first debugging and cost visibility more practical as AI credits and usage-based billing become day-to-day concerns.
Learn Microsoft AI explains what an AI agent workflow is and why workflows matter when coordinating tasks across multiple agents, people, and external systems.
Authorised Territory demonstrates how to build a .NET Model Context Protocol (MCP) server over HTTP that scans for unsafe tools on startup, using the Microsoft.AgentGovernance.Extensions.ModelContextProtocol NuGet package, and pairs it with a simple .NET console client that connects to the server.
Alex-wdy explains how Azure CLI 2.86.0+ speeds up slow enterprise-scale az login by skipping post-auth subscription enumeration across many tenants and subscriptions. The post introduces --skip-subscription-discovery (and --skip-sub), targeted --subscription on login, and when to use (or avoid) these flags.
GitHub shares highlights from its Open Source Assistive Technology Hackathon, hosted at GitHub HQ in San Francisco with partners including NV Access and accessibility-focused organizations, centered on helping participants build skills and contribute to assistive technology projects.
amolravande explains how to run agent-generated Python safely by combining Agent Governance Toolkit (AGT) policy enforcement with Azure Container Apps Sandboxes, using per-session microVM isolation plus a fail-closed egress proxy to reduce the blast radius of untrusted code.
Allison announces the deprecation of GPT-5.2 and GPT-5.2-Codex across most GitHub Copilot experiences, and points teams to the supported replacement models and the admin settings needed to enable them in Copilot Enterprise.
Allison summarizes what’s new in CodeQL 2.25.6 for GitHub code scanning, including Swift 6.3.2 support, full extractor and data flow coverage for C# 14 and .NET 10, and query improvements that expand sensitive-data detection and reduce false positives across multiple languages.
Allison announces a public preview feature that lets enterprises centrally configure and distribute GitHub Copilot CLI plugins through VS Code 1.122, using a shared settings.json so standardized plugin marketplaces, hooks, and MCP configurations are applied automatically for licensed users.
John Savill runs through a Build-special weekly Azure update, covering a wide set of platform announcements across compute, containers, integration, monitoring, databases, Fabric/Databricks, and Azure AI Foundry—plus security-focused items like confidential computing and Purview agent integrations.
GitHub demonstrates how to extend GitHub Copilot code review using Model Context Protocol (MCP) and custom skills, so reviews can incorporate internal documentation and repository-defined checklists to produce findings aligned with a team’s engineering standards.
Microsoft Defender Security Research Team, Dor Edry and Amit Eliahu break down a prompt-injection pathway in Anthropic’s Claude Code GitHub Action that could leak CI/CD secrets by reading /proc/self/environ, and provide practical hardening guidance for AI-powered GitHub Actions workflows.
Charles Feddersen and Abe Omorogbe explain how AI apps and agents change database design, focusing on reasoning over operational data instead of only transactions. They demo new capabilities across Azure SQL Database, Azure Cosmos DB, and Azure HorizonDB (cloud-native PostgreSQL) to simplify architectures and reduce latency.
Seth Juarez explains how Azure AI Foundry Toolboxes let teams build, discover, and govern tools across multiple AI agents, reducing duplicated integration work around authentication, credentials, and endpoint wiring.
Scott Hanselman hosts a Microsoft Build live “vibe check” where AI-assisted demos are put under scrutiny: what the AI actually built, where the seams are, and whether the result is a clever prototype or something that could hold up in production.
Cassidy Williams joins Scott Hanselman and Mark Russinovich for a live Microsoft Build session where they “vibe check” an AI-assisted demo, digging into what the AI produced versus what required human fixes, and where the seams show up when you push a prototype toward something more real.