Microsoft Intros New Agentic AI Security Multi-Model Defense System

A new multi-model agentic AI security system built by Microsoft's Autonomous Code Security team helped researchers find 16 new vulnerabilities across the Windows networking and authentication stack, the company anounced in a recent security blog post.

The Redmond-based company is hedging its future security operations centers on the use of coordinated AI agents to assist its workers carrying out conventional security operations. 

Microsoft said its internal system, codenamed MDASH (Microsoft Security multi-model agentic scanning harness), helped researchers discover 16 previously unknown vulnerabilities across Windows networking and authentication components, including four critical remote code execution flaws.

Unlike traditional AI security tools that rely on a single model, the software giant said, "MDASH coordinates more than 100 specialized AI agents running across multiple frontiers and distilled models."

Microsoft said the system achieved industry-leading benchmark results, including an 88.45 percent score on the CyberGym benchmark, which covers more than 1,500 real-world vulnerabilities.

MDASH offers insight into Microsoft's broader push toward what it calls "agentic security," where autonomous AI systems increasingly assist — and in some cases, automate — threat detection, investigation, and remediation.

Researchers from Team Atlanta, the group that won $20 million in DARPA's AI Cyber Challenge, helped create MDASH. Microsoft is positioning research into MDASH as part of an overarching approach to turn AI-powered vulnerability research into scalable, production-grade security engineering.

Taesoo Kim, Microsoft's vice president of agentic security, noted that the system is designed to analyze code autonomously, debate exploitability, validate findings and generate proof-of-concept exploits.

This exercise illustrated Microsoft's positioning of AI not just as a productivity tool for defenders, but as a core operational layer for identifying and mitigating vulnerabilities before attackers can exploit them.

For more information, read the Microsoft blog.

Featured

  • digital data protection and cyber security

    White House Launches New AI Security Framework

    President Donald Trump has issued a new executive order aimed at maintaining United States AI leadership while addressing the security risks posed by increasingly powerful AI systems.

  • workshop participants discuss sustainability in open science and research

    Open Source: Advancing Our Digital Commons

    IT leaders are recognizing the benefits of a return to open strategies. CT asked Jack Suess, VP of IT and CIO at UMBC, for his views on returning to the digital commons of open source.

  • Student classroom scene with diverse learners attentively engaging in lecture, using laptops

    The AI Literacy Gap No One Expected

    While Gen Z may be advanced at generating quick outputs or using free LLMs for surface-level tasks, they need to develop critical thinking, communication, and analysis skills.

  • Digital Network of User Profiles and Data Connections

    Microsoft, RSA Make Identity Security Push in the Age of AI

    Two of the bigger authentication announcements to come out of the recent RSA Conference both point in the same direction: Organizations need a more flexible, unified approach to identity security, especially as AI agents start acting alongside human workers.