Blog

OpenAI has introduced Aardvark, an advanced agentic security researcher powered by GPT-5, marking a leap forward in AI-driven cybersecurity. Currently in private beta, Aardvark allows security teams to intelligently detect, validate, and remediate vulnerabilities at scale. OpenAI highlighted that thousands of new security vulnerabilities are discovered in both enterprise and open-source code every year. These…

What is Maester? Maester is an open-source framework designed to help Microsoft 365 and Entra administrators continuously validate the security and configuration of their environments, before things break. I spoke with Merill Fernando about how Maester came to be and how it is used today by thousands of enterprises to maintain effective security configurations across…

Microsoft is giving organizations a new way to measure their AI progress with the Benchmarks feature in the Copilot Dashboard within Viva Insights. This tool lets leaders compare their Copilot adoption and engagement rates against anonymized data from other companies. Microsoft notes that many organizations using Microsoft 365 Copilot struggle to assess how well they…

Quick summary:Microsoft Copilot Studio is a low-code AI platform that lets businesses create and customize copilots — intelligent assistants that integrate with Microsoft 365, Azure, and Power Platform. It helps organizations automate workflows, connect data, and deliver conversational AI experiences for both customers and employees. What is Microsoft Copilot Studio? Microsoft Copilot Studio is an…

Microsoft has introduced a new auto-archiving feature for Exchange Online customers. The latest update brings smart, threshold-based archiving that automatically manages mailbox storage before it reaches capacity. What is the problem with traditional time-based archiving? A key drawback of relying solely on time-based archiving in Exchange Online is that it only moves emails to the…

Privileged access workstations are used, as the name suggests, with privileged accounts, like users in the Domain Admins group, to manage sensitive resources in your environment such as Active Directory (AD) domain controllers (DCs). If an attacker is able to get access to a privileged account, they can move laterally throughout your network, escalate privileges,…

Security researchers have warned about a new attack campaign that targets Microsoft’s Remote Desktop Protocol (RDP) services. Nearly 2,000 malicious IPs have specifically hit RD Web Access and RDP Web Client authentication portals in recent days. Threat intelligence firm GreyNoise detected a significant increase in RDP scans from around 2,000 IP addresses on August 21….

Microsoft has launched the Phishing Triage Agent in public preview, seamlessly integrated into Microsoft Defender as part of its expansive Security Copilot initiative. Designed to automate and speed up the analysis of user-reported phishing emails, the agent aims to reduce response times and lighten the load on security teams. The launch of Microsoft’s new Phishing…

Microsoft has announced plans to reduce the Delicensing Resiliency threshold from 10,000 to 5,000 non-trial Exchange Online licenses. This update gives mid-sized enterprises stronger safeguards against accidental mailbox disruptions. The Delicensing Resiliency feature in Exchange Online is designed to protect organizations from accidental or unintended removal of mailbox licenses, which can disrupt email access and…

Microsoft has announced an Extended Security Update program for Exchange 2016 and 2019, as well as Skype for Business 2015 and 2019. This program will let organizations that aren’t yet ready to upgrade to the Subscription Editions continue to receive security updates for these older products after they reach end of support on October 14,…

One of the most interesting and important things coming in Windows 11 25H2 is the way Microsoft is rethinking how security tools interact with the operating system—especially antivirus and Endpoint Detection and Response (EDR) software. The current problem: Security tools get deep Windows kernel access Right now, most security tools—think CrowdStrike, Bitdefender, and others—need to…

Microsoft has announced that the hotpatching feature is now available for Windows 11 version 24H2 ARM64 devices. This feature allows security updates to be applied to a system without requiring a reboot. Microsoft introduced hotpatching support for x64 devices with Intel and AMD in April 2025. It works by directly updating the code in a…