Weekly Security Roundup: AI Risk Triage, Identity, and Cloud Defense

Security this week focused on expanding AI-powered risk management, cloud identity, operational automation, and transparent, developer-first practices.

AI-Powered Application Security and Risk Prioritization

AI-driven tools like Cycode’s Exploitability Agent, Black Duck’s AI-powered IDE vulnerability scanning, and ArmorCode’s context-aware fixes link risk detection to business value and developer-friendly remediation. The result is a new normal for proactive, AI-augmented security operations.

• Cycode Adds AI Agent to Assess Exploitability of Application Vulnerabilities

Strengthening Cloud, Hybrid, and Multicloud Security Posture

Microsoft Defender Experts now provides 24/7 cloud/on-prem monitoring with 3rd-party telemetry, improved incident correlation, and flexible pricing—unifying identity-driven defense highlighted last week.

• Expanded Protection with Microsoft Defender Experts: Enhanced Coverage and 24/7 Threat Hunting

Advancing Identity and Access Control

Public previews for Entra Group SOA Conversion and Face Check automate policy-driven group management and high-assurance user verification, modernizing onboarding and maximizing compliance.

• New Tools for Hybrid Access and Identity Verification in Microsoft Entra ID Governance

AI-Driven Security Automation and SOC Operations

Microsoft’s Phishing Triage Agent, handling over 90% of user-reported emails autonomously, exemplifies generative AI’s transformative role in rapid, explainable incident response.

• Announcing Public Preview of the Phishing Triage Agent in Microsoft Defender

Data Governance and Secure AI Integration

Purview’s real-time DLP and audit for AI tools (including Copilot/Azure OpenAI/Gemini) means enterprise-sensitive data governance is now seamless, code-light, and mandatory for AI adoption.

• AI Data Governance Made Easy: How Microsoft Purview Tackles GenAI Risks and Builds Trust

Securing Developer Workflows and Supply Chains

Azure DevOps bakes in dependency scanning with Advanced Security, and endpoint protection guides for Azure Bot Service/Teams enforce JWT validation and access control, matching last week’s “secure-by-default” emphasis.

• Automate Open-Source Dependency Scanning in Azure DevOps with Advanced Security

Community Engagement and Proactive Security

GitHub’s Secure Code Game and Microsoft’s $17M Bounty Program incentivize responsible disclosure, while Secure Future Initiative patterns deliver actionable security playbooks for developers and teams.

• AI Security Challenges in GitHub's Secure Code Game Season 3

Configuration, Testing, & Migration

Microsoft details best practices for Exchange Online Direct Send security, TLS 1.1 deprecation in Fabric, and JWT endpoint test automation, maintaining practical and compliant ecosystem configurations.

• What is Direct Send and How to Secure It in Exchange Online

Evolution of Authentication

Passwordless sign-in and strong MFA further bridge traditional and cloud-first identity, supported by features like Cloud Kerberos Trust, supporting secure, hybrid deployments.

• Passwordless Sign-On and MFA in Microsoft Hybrid Environments This week further cements the evolution of security as AI-powered, automation-focused, and deeply developer- and operations-integrated, shaping the future of resilient, compliant cloud and application ecosystems.