Microsoft folds MDASH into enterprise security control plane, launches expands preview with 100+ AI agents

On June 2, 2026 at Build, Microsoft announced it is folding Codename MDASH into a broader enterprise security control plane and opening an expanded preview to eligible organizations. The company emphasized integrations with Microsoft Defender and developer security tools as part of the rollout. MDASH is presented as an agentic scanning system that runs a pipeline of over 100 specialized AI agents to discover, validate and demonstrate exploitability across codebases — a shift meant to surface actionable issues rather than the noisy findings typical of many automated scanners.

This change matters to enterprise security and development teams seeking higher — signal vulnerability triage and smoother remediation workflows. Technically, MDASH orchestrates many specialist agents to run targeted checks across code written in popular programming languages, aiming to validate not only the presence of bugs but whether they can be exploited in practice. Microsoft framed the product around exploitability: agents attempt to produce proof of exploit or meaningful evidence that a finding represents an actionable risk, rather than flagging every potential weakness. The company positions that focus as reducing alert noise and helping teams prioritize fixes that materially improve security posture.

Microsoft also emphasized that MDASH is built around an ensemble model approach and an agentic system rather than a single model. Chief security architect Aleš Holeček said, "AI vulnerability discovery has crossed from research curiosity into production — grade defense at enterprise scale, and the durable advantage lies in the agentic system around the model rather than any single model itself. components can be swapped when needed.

Beyond scanning, Microsoft positioned MDASH as part of a broader push to secure the AI development lifecycle — from code and agents to prompts, data and models — and to feed validated findings into existing security and developer workflows. The company said MDASH now links vulnerability findings into Defender, GitHub Code Security, Agent 365 and Purview. Microsoft also reported measured gains on a CyberGym benchmark, improving from 88.45% in an earlier preview to 96.55% in the latest tests. The orchestration of specialist agents and model ensembles is intended to give security teams pragmatic, evidence — backed information for prioritizing patches and remediation work rather than producing higher volumes of low-action alerts.