Browse All Security Content (423)
stclarke summarizes recent Microsoft Security updates, including new Microsoft Defender protections for AI agents in the Agent 365 tooling gateway, a generally available Defender for Cloud + GitHub Advanced Security integration, and a new Microsoft Purview demo for running data security investigations with AI-assisted analysis.
despindola announces general availability of prefix-scoped access for User Delegation SAS in Azure Blob Storage, letting you scope SAS tokens to a virtual directory (prefix) within a container. The post explains why this helps least-privilege access and includes REST API and .NET SDK examples plus required parameters like sr=d and sdd.
Microsoft Threat Intelligence and Microsoft Defender Security Research Team summarizes Q1 2026 email threat trends, including the scale of phishing, the surge in QR code and CAPTCHA-gated campaigns, and how the Tycoon2FA disruption shifted attacker infrastructure. It also lists concrete Defender/EOP mitigations and relevant detections.
Microsoft Fabric Blog summarizes the April 2026 Fabric release, covering platform UX updates, VS Code-based workspace and notebook workflows, notebook retry policies, MLflow-based MLOps improvements, Data Warehouse enhancements like COPY INTO for JSONL, and Real-Time Intelligence updates including Eventstream observability and Eventhouse remote MCP.
Pooja Pradhan outlines an Azure-focused approach to move from drift detection to diagnosis by combining IaC signals (Terraform/Bicep), Azure Resource Graph, and Activity Logs, then using an AI model to generate a human-readable root cause analysis with impact and recommended remediation steps.
Valini Sunthwal describes a multi-repo Azure platform that uses Terraform, versioned releases, and daily reconciliation to detect and recover from infrastructure drift across many subscriptions. The post breaks down repo boundaries, pipeline design, drift detection tiers, and security practices like OIDC, Key Vault, and private endpoints.
PrabalDeb lays out a practical reference architecture for running diffusion model workloads on Azure Kubernetes Service (AKS), focusing on GPU/CPU lane separation, dispatch and autoscaling options (Kubernetes-native vs Service Bus + KEDA), secure ingress and identity, durable storage for outputs and model caches, and end-to-end observability for both apps and GPU hardware.
Jack Batzner shows how to add a governance layer to MCP-based AI agents in .NET using the Agent Governance Toolkit, including policy-driven tool-call authorization, security scanning of tool definitions, response sanitization to reduce prompt-injection risk, and built-in audit/telemetry via OpenTelemetry.
McKenna Barlow explains that starting in .NET 11 Preview 4 and Visual Studio 18.8, VSTest will stop shipping a transitive Newtonsoft.Json dependency, switching to System.Text.Json (and JSONite on .NET Framework). The post outlines who might break, what errors to expect, and the typical one-line fix.
prabhattomar explains how to build a Kubernetes-native DBaaS-style SQL platform using Crossplane to provision Azure Database for PostgreSQL Flexible Server, including private networking, DNS-based read/write endpoints, and an active-passive multi-region HA/DR approach with replica promotion and Traffic Manager routing.
skundapura outlines a phased approach to migrate file-based application logging from Splunk to Azure Application Insights on VMs, using Azure Monitor Agent and Log Analytics, then mapping alerts and optionally adding SDK instrumentation for deeper traces and metrics with security and PHI considerations.
VaidhyaP introduces AG-UI (Agent–User Interface), a protocol for connecting AI agents to rich frontends with streaming events, declarative UI proposals, shared state updates, and human-in-the-loop approvals, plus practical security guidance like Azure AD protection and Key Vault-backed secrets.
Samarpitaa explains where Azure AI Foundry IQ fits (and doesn’t) for enterprise agent knowledge access, then shows a reference approach for querying Foundry IQ knowledge bases directly via the Azure AI Search Python SDK with permission-aware retrieval and citations.
Shah_Viral explains how to build an enterprise “knowledge copilot” on Azure using Foundry IQ knowledge bases and Azure AI Search agentic retrieval, including C#/.NET setup, MCP-based agent connection, and key trade-offs around preview maturity, cost, latency, and security controls like ACLs and Purview labels.
Sergey Menshykh announces A2A Protocol v1.0 support in Microsoft Agent Framework for .NET, showing how to discover and call remote A2A agents, stream responses, and host your own agents as A2A endpoints in ASP.NET Core with updated v1 hosting APIs and migration notes from v0.3.
singhshub shows how to integrate HashiCorp Vault with Terraform so secrets (like Azure VM admin credentials) are fetched at runtime instead of being stored in .tf files, variable files, or pipeline variables, including KV v2 policy paths, auth options, and state protection guidance.
JennyF explains how Microsoft’s 1ES team uses agentic AI (including GitHub Copilot CLI) plus “skills” and “agent signals” to speed up CVE remediation and compliance work across many repositories, while keeping humans in the loop for review, validation, and deployment.
Alexis Wales explains how GitHub validated, fixed, and investigated a critical remote code execution issue in the git push pipeline, including what caused the injection, how GitHub confirmed no exploitation on github.com, and what GitHub Enterprise Server admins should patch and review.
LuisFilipe explains how Azure Blob Storage SFTP users should handle Microsoft’s host key change, including when it impacts SSH key-based authentication, how to pre-update trusted host keys, and how to identify SFTP usage via Azure Resource Graph and Log Analytics queries.
vsriramdas explains how to use Microsoft PyRIT to red-team agentic AI systems, then shows how to wrap PyRIT with a YAML-driven CLI so you can run repeatable scans in CI/CD and gate releases based on OWASP LLM Top 10-aligned findings.