Browse All Security Content (579)

Rick Strahl walks through an edge-case but practical .NET Framework/WPF tool that packages a static documentation website into a single Windows EXE, then unpacks and renders it offline using WebView2. He covers the packaging approach, ILRepack-based single-file builds, embedding native dependencies, and the SmartScreen/code-signing trade-offs.

John Savill rounds up a week of Azure platform changes and retirements, spanning compute/storage updates, database and identity improvements, monitoring changes, and several developer-facing AI items including GitHub Copilot Agent Mode in SSMS and Azure AI Foundry agent licensing and model availability.

John Savill gives a fast-paced rundown of key announcements from Microsoft Build 2026, highlighting notable platform updates across Azure, AI, and identity/security topics such as Entra and passkeys.

Allison announces GitHub Enterprise Server (GHES) 3.21 general availability, highlighting updates for enterprise admins including organization custom properties for targeting rulesets, GitHub Projects hierarchy view, a new REST API version with breaking changes, GitHub Actions workflow page performance improvements, secret scanning governance updates, and multi-disk storage configuration.

Allison announces an update to GitHub Actions where pull requests opened by github-actions[bot] can run CI/CD workflows after a user with write access approves them, reducing the risk of merging untested bot changes while keeping a security gate for workflows that can access sensitive data.

Natalie Guevara explains how GitHub improved secret scanning alert quality by adding LLM-based contextual verification, reducing false positives while keeping detection coverage. The post breaks down where verification fits in the pipeline, what “better context” means in practice, and the measured impact on customer-confirmed false positive alerts.

Allison announces that GitHub Agentic Workflows can now authenticate using GitHub Actions’ built-in GITHUB_TOKEN instead of a personal access token, reducing the risk of long-lived credentials and enabling organization-level billing for Copilot CLI usage in agentic workflows.

Laura Jiang announces Copilot Autofix in limited private preview for GitHub Advanced Security for Azure DevOps, which generates suggested fixes for supported CodeQL alerts and turns them into pull requests. The post explains what’s covered in preview, how the workflow fits into existing review gates, and how usage is billed via Azure.

analyticanna introduces Rayfin (Preview), an open-source SDK and CLI for turning content like markdown into shareable, hosted sites deployed as first-class items in Microsoft Fabric, with stable URLs, workspace-based access control, and data captured into a SQL database in Fabric for use across OneLake workloads.

Mahesh Sundaram announces a public preview in Azure Monitor that lets platform teams collect Azure resource platform logs at scale using Data Collection Rules (DCRs), replacing per-resource diagnostic settings with a centralized, policy-driven model that supports governance, cost control, and modern identity-based access.

Aaron Merrill announces a preview feature in Microsoft Fabric’s OneLake catalog that lets admins assign, edit, and remove workspace role memberships across multiple workspaces from the Secure tab, helping teams standardize access controls and reduce drift as Fabric estates scale.

Mehrnoosh Sameki, Sandeep Atluri, Minsoo Thigpen and Abby Palia introduce ASSERT, an open-source framework that turns natural-language behavior requirements into executable evaluation pipelines for AI models and agents, generating taxonomies, stratified test cases, traces, and scored results that teams can inspect and iterate on.

Heather Poulsen outlines a governance-first blueprint for building scalable agentic AI systems, focusing on how to embed consistent controls and quality checks across user interactions, agent orchestration, integrations, data, and models so systems can scale without losing trust and oversight.

Heather Poulsen shares an event session overview on designing Azure AI Landing Zones as a production-ready foundation for deploying AI applications and AI agents at scale, with guardrails for networking, identity, security, governance, and cost control using Microsoft’s recommended architecture frameworks.

Thomas Maurer explains how LAPS for Azure Arc extends Windows LAPS so teams can centrally audit and enforce local admin password rotation across Azure VMs and Arc-enabled servers, with Azure Policy-based compliance reporting that works in hybrid and regulated environments.

Allison announces incremental CodeQL analysis for Go and C/C++ pull request scans, plus incremental support in the CodeQL CLI, with measured speedups across thousands of repositories and details on when the feature is enabled by default.

Allison announces an experimental public preview feature in GitHub Copilot CLI: a /security-review command that reviews local code changes for common vulnerability classes and returns severity- and confidence-scored findings plus actionable fixes directly in the terminal.

The Microsoft Foundry Team announces Claude Fable 5 (Anthropic) is now available in Microsoft Foundry, and explains how it’s used to power autonomous agents in Foundry Agent Service and GitHub Copilot, with an emphasis on enterprise guardrails, governance controls, and token-based pricing.

Natalie Guevara explains how to define and run custom agents in GitHub Copilot CLI so repeated terminal tasks become consistent, reviewable workflows. The article shows how agent profiles live in your repo, and includes practical examples for security audits, IaC compliance checks, release notes drafting, and incident response.

Rafia_Aqil outlines a reference architecture for ingesting both streaming and batch data through Microsoft Fabric into Azure Databricks, using OneLake/ADLS and a medallion (Bronze/Silver/Gold) layout. The post breaks down five Fabric-to-Databricks integration paths and calls out security, governance, and monitoring considerations.

brauerblogs announces a two-day “Path to Production for Agents” webinar series (July 27–28) focused on moving agentic AI from prototypes to production, covering governance, landing-zone architecture, AgentOps practices, security risks like prompt injection, and cost/performance optimization with Azure Monitor and Microsoft Foundry.

Allison announces an update to GitHub code scanning that lets organizations keep security coverage on inactive repositories by running scheduled scans when there have been no pushes or pull requests for six months or more.

Allison announces that GitHub’s security validation for third-party coding agents is now generally available, bringing the same automated checks used for the GitHub Copilot cloud agent to agent-generated pull requests.

Mayunk Jain summarizes the Azure App Service announcements from Microsoft Build 2026, including a new “Easy AI experience” with built-in MCP, GA of Isolated v4 for App Service Environments, and Managed Instance improvements for modernizing legacy apps (including IIS) with better diagnostics and deployment workflows.

Jon Galloway recaps Microsoft Build 2026 with the main developer announcements across GitHub Copilot, Microsoft Foundry, Azure, Windows, Visual Studio, and .NET—highlighting agentic workflows, new tooling, governance specs, and a curated set of sessions and hubs to follow up on what shipped.

Allison announces general availability of IP allow list enforcement for GitHub Enterprise Cloud Enterprise Managed Users (EMUs), extending enterprise network access policies to repositories owned under EMU user namespaces and covering web, Git, and API access.

Microsoft Threat Intelligence and the Microsoft Defender Security Research Team break down recent phishing and malvertising campaigns that abuse popular AI brands (including ChatGPT, Claude, DeepSeek, and Microsoft Copilot) as lures, and provide concrete mitigation steps using Microsoft Defender, Entra ID, and related security controls.

Natalie Guevara answers common beginner GitHub questions, including how to set up SSH keys, create personal access tokens (fine-grained and classic), resolve merge conflicts, undo commits, sync forks, and review pull requests—plus a quick look at using GitHub Copilot for code review in PRs.

shashankamalladi announces General Availability of Network Security Perimeter (NSP) support for Azure Service Bus, including availability in Azure Government regions. The post explains how NSP provides a centralized security boundary with default-deny communication, explicit inbound/outbound rules, and diagnostic logging for audit and compliance.

John Savill explains how Microsoft Entra ID’s passkey registration campaign works, why passkeys are useful, and how the campaign “nudges” users to register. He also covers the policy prerequisites and the key behaviors that determine when users see registration prompts.

John Savill's Technical Training gives a quick overview of a passkey registration campaign in Microsoft Entra ID, focusing on driving user enrollment for passwordless, phishing-resistant authentication.

jordanselig announces a public preview feature that lets Azure App Service expose an existing REST API as a Model Context Protocol (MCP) server using only an OpenAPI spec. The post covers how the platform generates MCP tools, how to configure it, and what to consider for authentication and safe exposure.

shiv_narayanan announces general availability of SharePoint and OneDrive Shortcuts in Microsoft Fabric OneLake, explaining how Fabric can reference Microsoft 365 files in place, optionally transform supported formats into Delta tables, and use Entra ID-based identities for production authentication and scale.

John Edward outlines practical ALM and environment strategy guidance for Microsoft Copilot Studio, focusing on how to run copilots like enterprise applications with multi-environment setups, solution-based development, source control, CI/CD pipelines, configuration management, governance, and ongoing monitoring.

anandranjan explains a practical AKS pattern for keeping secret values out of YAML and CI/CD by using Azure Key Vault with the Secrets Store CSI Driver and AKS Workload Identity. It covers the identity flow, required AKS/Azure setup, workload onboarding YAML, and common troubleshooting points around federation, labels, mounts, and permissions.

Authorised Territory demonstrates how to build a .NET Model Context Protocol (MCP) server over HTTP that scans for unsafe tools on startup, using the Microsoft.AgentGovernance.Extensions.ModelContextProtocol NuGet package, and pairs it with a simple .NET console client that connects to the server.

amolravande explains how to run agent-generated Python safely by combining Agent Governance Toolkit (AGT) policy enforcement with Azure Container Apps Sandboxes, using per-session microVM isolation plus a fail-closed egress proxy to reduce the blast radius of untrusted code.

Allison summarizes what’s new in CodeQL 2.25.6 for GitHub code scanning, including Swift 6.3.2 support, full extractor and data flow coverage for C# 14 and .NET 10, and query improvements that expand sensitive-data detection and reduce false positives across multiple languages.

John Savill runs through a Build-special weekly Azure update, covering a wide set of platform announcements across compute, containers, integration, monitoring, databases, Fabric/Databricks, and Azure AI Foundry—plus security-focused items like confidential computing and Purview agent integrations.

Microsoft Defender Security Research Team, Dor Edry and Amit Eliahu break down a prompt-injection pathway in Anthropic’s Claude Code GitHub Action that could leak CI/CD secrets by reading /proc/self/environ, and provide practical hardening guidance for AI-powered GitHub Actions workflows.