Browse All Posts (142)
Microsoft Developer walks through setting up Azure DevOps Pipelines for SQL projects created from SSMS Database DevOps or the VS Code SQL database projects extension, including build, code analysis, and iterative deployments to Azure SQL Database with security basics like firewall rules and passwordless auth.
Natalie Guevara explains how GitHub reduced 20,000+ secret scanning alerts across 15,000 repositories to zero by separating noise from real risk, validating whether credentials were still live, and building repeatable remediation and ownership workflows that scale across teams.
Gali Reznick and coauthors announce preview support for Workspace Outbound Access Protection (OAP) across key Real-Time Intelligence experiences in Microsoft Fabric, explaining what outbound paths are allowed or blocked and how admins can reduce data exfiltration risk with workspace-level rules.
Fokko at Work demos what’s new for GitHub Copilot in Visual Studio Code 1.127, focusing on agent and chat workflow improvements like session organization, UI banners, review feedback in the editor gutter, and tools for troubleshooting agent behavior, plus visibility into subagent credits and plan/policy limitations.
daisami walks through adding production-grade auditing and telemetry to AI agents using Microsoft’s Agent Governance Toolkit (AGT) in a .NET (C#) sample. It shows how to append governance events to Azure Blob Storage, export OpenTelemetry metrics/traces to Application Insights, and apply default-deny policies with practical security guidance for log sanitization.
yairgil introduces Dynamic Thresholds (Preview) for query-based metric alerts in Azure Monitor, showing how Azure can learn per-time-series baselines for Prometheus and OpenTelemetry metrics. The post includes PromQL examples for AKS CPU anomaly detection and p95 latency regression alerting, plus practical query design tips to reduce noisy alerts.
GitHub shares a “Rubber Duck Thursday” update video highlighting what’s new and where to follow ongoing GitHub announcements across its official channels.
aakarshdhawan walks through how to enable Microsoft Entra ID B2B guest access for Power Apps (Canvas and Model-driven) that use Microsoft Dataverse, including the tenant invitation flow, environment access, licensing requirements, and Dataverse security roles needed to validate least-privilege access for external users.
Allison announces general availability of GitHub Issue fields, adding structured, typed metadata (like priority, effort, and dates) across repositories and projects. The update also adds MCP server access for AI tools, plus a new 100-entry limit for edit history on issues and pull requests.
Authorised Territory demonstrates how to build a web-search tool and wire it into a .NET Agent Framework agent, using SearXNG for search and a locally running LLM via Ollama, with the supporting services hosted in Docker Desktop.
Gloridel Morales explains how the September 2026 removal of NTLM support from Git’s libcurl will break HTTPS Git operations against Azure DevOps Server for environments that still rely on NTLM (often via silent SPNEGO fallback). The post shows how to detect NTLM usage and what to change to avoid outages.
Allison explains how enterprise admins can make GitHub Copilot’s auto model selection the default for new conversations by setting `model` to `auto` in enterprise managed settings, while still allowing users to switch models per conversation.
Allison announces the full retirement of GitHub Models on July 30, 2026, including the shutdown of the playground, model catalog, inference API, and BYOK endpoints, plus planned brownouts ahead of the cutoff date.
Allison announces general availability of enterprise managed-settings.json for GitHub Enterprise Cloud, letting admins centrally enforce Copilot client configuration (like allowed marketplaces, enabled plugins, and model selection) via a file stored in a .github-private repo and applied to VS Code and Copilot CLI.
Allison announces an update to GitHub secret scanning: validity checks are now available for Asana, IBM, and MessageBird credentials, helping teams quickly determine whether a detected leaked secret is still active and needs immediate rotation.
Allison announces a public preview feature for GitHub Secret Protection that scans all public content on github.com for leaked secrets and attributes findings back to an enterprise, including leaks that happen outside enterprise-owned repositories.
Allison announces a new Copilot CLI plugin for the Microsoft C++ Language Server, including a setup skill that generates and maintains compile_commands.json for better C++ semantic features across CMake, MSBuild, and custom build systems.
Allison announces general availability of Kimi K2.7 Code in GitHub Copilot, the first open-weight model offered in the Copilot model picker, including where it’s available, how it rolls out across plans, and what admins need to enable for Business and Enterprise.
Allison announces general availability of Copilot vision, which lets developers attach images and PDFs to GitHub Copilot Chat prompts so Copilot can reason about visual context alongside code, across VS Code, github.com, and the Copilot CLI.
Allison announces a public preview feature for Copilot CLI and the GitHub Copilot SDK that lets you cap AI credit usage per session, helping teams control spend during interactive work and unattended scripted runs.
AmirJafari announces that the Microsoft Fabric data agent API is now public, enabling teams to create, configure, update, and publish Fabric data agents programmatically from their own tools and pipelines. The post explains the management-plane focus, how it fits with Fabric automation, and includes a Python quickstart.
sbaynes introduces SkillOpt, a method for improving AI agent reliability by “training” a natural-language skill file through controlled text edits, validation gating, and feedback from execution trajectories—without updating model weights.
Matthew Leibowitz, David Ortinau, and Gerald Versluis walk through what’s new in SkiaSharp 4 and what the update means for .NET MAUI developers, then share highlights from the .NET MAUI community including MAUI UI July, recent releases, and notable ecosystem contributions.
lily-ma explains how to handle long-running Model Context Protocol (MCP) tool calls on Azure Functions when clients time out, using Durable Functions as a practical pattern today and outlining how the MCP Tasks extension will eventually standardize async tool execution.
Allison announces general availability of browser tools for GitHub Copilot in VS Code, enabling Copilot agents to drive a real browser to navigate and test live web apps, capture page content and console errors, and run scripted flows, with privacy defaults and enterprise controls.
Arvind Shyamsundar explains how to keep costs down without sacrificing performance by using Azure SQL features that help applications scale efficiently as they grow.
Microsoft Security Team summarizes Frost & Sullivan’s 2026 Frost Radar for Cloud/Application Runtime Security and explains the shift from posture-only visibility to runtime risk reduction, highlighting how Defender for Cloud and Defender XDR correlate signals across code, cloud, runtime, and SOC workflows to prioritize exploitable attack paths.
Natalie Guevara outlines six quick GitHub repository settings that materially reduce common attack paths for maintainers, focusing on vulnerability intake, secret leakage prevention, dependency risk, static analysis, and safer merges to the default branch.
John Maeda and Ross Heise wrap up the Cozy AI Kitchen series with a reflective finale on making AI concepts more approachable for developers, revisiting recurring ideas like Semantic Kernel, embeddings, tokens, and “agents,” and sharing what they learned from blending education, storytelling, and hands-on metaphors.
Samantha Kubota reports on the Theodore Roosevelt Presidential Library’s “living library” experience, where AI is used to organize and reconstruct archival documents, enable natural-language search over Roosevelt’s writings, and power an interactive Roosevelt avatar with safety controls for public use.
pallakatos introduces kars, a Kubernetes-native runtime for running AI agents on Azure with a “treat agents as untrusted code” security model: per-agent sandboxes, policy enforced via CRDs, zero credentials in the agent process, and an end-to-end encrypted inter-agent mesh designed for governance at scale on AKS.
Allison announces an update to Copilot CLI where Auto model selection routes each request to an appropriate model based on task needs and real-time reliability signals, with billing tied to the selected model’s multiplier and a discount for paid subscribers using Auto.
GitHub highlights Arnis, an open source project that turns real-world map and elevation data into detailed Minecraft worlds, letting you generate accurate terrain and buildings and tweak settings like scale and spawn points.
Waldek Mastykarz explains why public AI coding benchmarks like SWE-bench often fail to predict how a model will perform in your real developer environment, especially when proprietary code, instruction files, and a complex extension stack are involved. He outlines what benchmarks are good for and how to run small, repeatable evals that match your actual workflows.
Carlotta Castelluccio demonstrates how to build a low-code AI agent in VS Code using the Foundry Toolkit’s Agent Builder, connect it to the Microsoft Learn MCP Server, configure instructions and tools, and then validate the agent’s behavior using GitHub Copilot evaluation.
xujx summarizes recent Microsoft Fabric Eventstream connector updates for Real-Time Intelligence, including GA private network support, GA Kafka and Azure Service Bus connectors, and GA custom CA/mTLS. The post also covers preview features like workspace identity for Event Hubs, richer IoT Hub metadata, Oracle CDC ingestion, and HTTP pagination.
John Edward outlines an end-to-end approach for building a ServiceNow-focused AI assistant in Microsoft Copilot Studio, aimed at ticket auditing, SLA risk monitoring, and engineer performance reporting. The guide covers a layered architecture, ServiceNow REST API integration via Power Platform custom connectors, and practical security considerations for enterprise deployment.
The Visual Studio Code Team highlights early changes in VS Code 1.128 (Insiders), including enterprise policy support for OpenTelemetry settings and updates to AI model configuration and credentials when using Copilot-related agent features.
j_folberth shows how to add fast smoke tests to a GitHub Actions deployment pipeline for Azure AI Foundry hosted agents, using a JSON prompt catalog and a Python runner to validate basic agent behavior (reachability, prompt alignment, threading, refusals, and hallucination resistance) right after deployment.
Lee Stott walks through a full “Multi‑Agent Dev Canvas” scenario for GitHub Copilot Canvas, showing how to decompose work, execute agent flows, validate with in-surface tests, inject failures, and evolve the design live (including GDPR/PII redaction) until the system meets its acceptance criteria.