Microsoft Unveils MDASH: 100 AI Agents for Vulnerability Detection

Microsoft has introduced an updated version of its MDASH (Microsoft Security multi-model agentic scanning harness) platform, now available in expanded preview for enterprise clients. The solution combines over 100 specialized AI agents capable of analyzing vulnerabilities in code, data, and models, as well as assessing their potential exploitation in real-world conditions.

The primary goal of MDASH is to reduce "noise" in security reports. Instead of hundreds or thousands of alerts, the system highlights only those vulnerabilities that could be genuinely exploited by attackers. According to Ales Holecek, Microsoft’s Chief Security Architect, the platform uses a combination of AI models: high-precision models for complex tasks and more cost-effective ones for bulk operations, enabling a flexible balance between speed, accuracy, and cost.

Integration with Microsoft Defender and GitHub Code Security provides end-to-end security control throughout the development lifecycle. Vulnerabilities in code are automatically enriched with contextual data from the operational environment, including internet exposure and data sensitivity. Developers receive remediation recommendations via GitHub Copilot Autofix, while AI agents assist in validating and deploying patches.

Microsoft positions MDASH as a cornerstone of its strategy to ensure security in the AI era. The company emphasizes that trust in systems will be a critical factor for the future of technology. According to Microsoft, the platform has already achieved a 96.55% score on the CyberGym benchmark, outperforming initial results by 8 percentage points.

Experts note that the shift from traditional scanners to AI-powered agent systems could significantly enhance the efficiency of security teams. As Chris Burkhardt, Accenture’s Director of Information Security, stated, such solutions enable the analysis of complex codebases with the precision of an experienced security researcher.