Build 2026: Microsoft’s MDASH Update Adds Defender Integration to Improve Vulnerability Detection
The improved accuracy of MDASH helps teams identify and prioritize real vulnerabilities.
Key Takeaways:
- MDASH improves accuracy using multi‑model AI detection.
- The new Microsoft Defender integration simplifies SOC workflows.
- Microsoft is expanding the public preview to more commercial customers.
Microsoft has announced a new update to MDASH that enhances vulnerability detection accuracy and introduces native integration with Microsoft Defender to streamline security operations. The company is also expanding the public preview to a broader group of commercial customers.
The Microsoft Security multi-model agentic scanning harness (MDASH) is an AI‑powered vulnerability detection system designed to improve how security teams find and assess software weaknesses. Instead of relying on a single method, it combines multiple AI models to examine code and systems, which helps identify vulnerabilities that are more likely to be real and exploitable rather than theoretical or low-risk.
The purpose of MDASH is to reduce the time and effort spent investigating false positives and unclear alerts. This service focuses on validated risks to let security teams prioritize fixes more effectively and respond more quickly to potential threats. This approach supports a more streamlined and practical way of managing cybersecurity, which helps organizations strengthen their defenses with clearer, more dependable insights.
MDASH gets smarter with improved detection accuracy
Since its launch, Microsoft has been improving the MDASH service based on early feedback. Consequently, MDASH has shown a noticeable improvement in effectiveness, with its performance rising from about 88.45% to 96.55% in CyberGym evaluations. These tests simulate high-pressure cyberattack situations to assess how well the service can detect, respond to, and control threats.
Microsoft has also introduced a new MDASH integration with Microsoft Defender for customers enrolled in the public preview, which allows security teams to use it within their existing daily workflows. Following early feedback from customers and partners, Microsoft is also expanding access to the preview so more organizations can begin testing the service and provide feedback.
Microsoft’s industry partners have highlighted MDASH as a significant step forward in how vulnerabilities are identified and handled. Security executives from Accenture and Insight noted that it moves beyond traditional rule-based scanning toward more advanced systems that can analyze complex code and support a more modern approach to detecting and fixing security issues.
Rabia has a master's degree in Software Engineering and she has years of experience writing professionally about Microsoft products and other technologies. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on t...
