Browse All Security Content (372)

Vineela-Suri walks through an event-driven pipeline where Terraform drift alerts trigger Azure SRE Agent via an authenticated HTTP endpoint, so the agent can correlate drift with Azure telemetry, classify severity, recommend safe remediation, notify Microsoft Teams, and even open a GitHub PR.

Sreekanth_Thirthala announces a public preview feature for Azure API Center: a plugin marketplace endpoint that lets developers discover and install AI plugins (including MCP servers and skills) from tools like Claude Code and GitHub Copilot CLI, while keeping enterprise governance and auth intact.

cindywang explains how GitHub Copilot agents can modernize legacy Java and .NET code inside Docker Sandbox microVMs, keeping host filesystem paths consistent while avoiding risky Docker socket mounts and tightening egress controls during dependency upgrades.

Allison announces `gh skill`, a new GitHub CLI command for discovering, installing, updating, and publishing portable “agent skills” for AI coding agents (including GitHub Copilot), with a focus on version pinning and supply-chain integrity.

Aviram Shemesh and Jennifer Rutzer explain how to build a cryptographic inventory and run an ongoing cryptographic posture management lifecycle, using Microsoft Security tooling (like Defender and GitHub Advanced Security), Azure services (like Key Vault and Network Watcher), and partner CPM solutions to improve quantum-safe readiness.

Allison announces new GitHub improvements: a rule insights dashboard to visualize repository ruleset evaluations (successes, failures, bypasses) and a unified filter bar across alert dismissal and bypass request pages for code scanning, Dependabot, and secret scanning.

NaufalPrawironegoro explains how to bring on-prem and multi-cloud SQL Server instances under Azure management with Azure Arc, covering onboarding (agent + PowerShell), unified Azure Portal visibility, best-practices assessments via Log Analytics, policy-based governance, monitoring, and common troubleshooting scenarios.

Microsoft Threat Intelligence and the Microsoft Defender Security Research Team break down a Sapphire Sleet macOS intrusion chain that relies on social engineering and user-initiated AppleScript execution, and provide Defender detections, KQL hunting queries, and IOCs to help security teams spot and stop similar activity.

PrabhKaur (co-authored with Avneesh Kaushik) lays out an architecture-focused checklist for building AI agents in Microsoft Foundry with security, observability, least privilege, continuous validation, and human accountability built in from the start.

Allison outlines what changed in CodeQL 2.25.2 for GitHub code scanning, including Kotlin 2.3.20 support, multiple query accuracy tweaks (notably for C#), and updated security-severity scores for issues like XSS and log injection across several languages.

simonjj shares an Azure Developer CLI template that deploys Google’s Gemma 4 (via Ollama) onto Azure Container Apps serverless GPU with an OpenAI-compatible endpoint, protected by an Nginx basic-auth proxy, plus steps to verify the API and wire it into the OpenCode terminal coding agent for private, in-subscription prompting.

Phillip Misner and Stephen Finnigan explain how incident response changes for AI systems: non-determinism and high-volume output shift triage, containment, telemetry needs, and remediation verification, while many IR fundamentals (ownership, escalation, and communication) still apply.

Laura Jiang announces two Azure DevOps Advanced Security updates: CodeQL default setup to enable org-wide code scanning without per-repo pipeline configuration, and a combined alerts experience (with security campaigns) to triage and coordinate remediation across all repositories.

Marc de Droog demonstrates Azure Virtual Network TAP (VTAP) by mirroring full VM NIC traffic (including payload) to a destination VM and inspecting the VXLAN-encapsulated packets in Wireshark.

David Sanchez lays out a practical DevOps playbook for teams adopting AI coding agents (including GitHub Copilot Cloud Agent), focusing on readiness prerequisites, human–agent collaboration patterns, pipeline changes, governance, and security controls needed to keep quality and accountability intact as non-human contributors scale up.

In this community post, nishantmv breaks down a production-grade Azure serverless architecture for an enterprise facility-management IoT platform, covering a multi-provider telemetry pipeline, template-driven device modeling, an event-driven rule engine, and the security/resilience hardening that made it ready for production.

Allison announces that Dependabot and code scanning can now use OpenID Connect (OIDC) for organization-level access to private registries, reducing reliance on long-lived secrets and enabling short-lived, dynamically issued credentials.

Allison announces new GitHub features that surface deployment and runtime context in repository properties and security alert pages, helping teams automate policy enforcement and prioritize Dependabot and code scanning alerts based on real production risk.

Rahul Bhandari (MSFT) and Tara Overfield summarize the April 2026 .NET and .NET Framework servicing releases, including the updated versions, links to release notes and installers, and the list of security CVEs addressed across supported .NET and .NET Framework versions.

Gloridel Morales announces April patches for Azure DevOps Server, summarizing key fixes (pull request completion reliability, safer sign-out redirect validation, and GitHub Enterprise Server PAT connection) and showing how to verify the patch is installed.