THE PROMPT for Microsoft Security - Issue #70
AI so smart it triages alerts while I’m still hunting for the coffee pot
Things from Me
Happy Friday everyone!
I’ve been deep in the trenches lately building practical tools that actually move the needle for Microsoft Security practitioners. I’m excited to share two brand-new, ready-to-use (or ready-to-fork) projects I just open-sourced:
I Built an AI SOC Analyst for Microsoft Sentinel and Defender XDR - A fully functional AI-powered analyst that triages, investigates, and documents incidents in your environment. Check it out and deploy it yourself: → Read the full post & get the code
GHASTriage: A One-Command Security Audit for Your GitHub Portfolio - Run a single command and get a comprehensive security posture report across all your repos — secrets scanning, misconfigs, dependency risks, and more. Perfect for individuals and teams who want to stay ahead of supply-chain threats. → Try GHASTriage now
Last week I had the privilege of speaking at MMSMOA 2026 in five sessions, covering Microsoft Purview, Sentinel, and a heavy emphasis on AI Agents across the security stack. The energy in the room was fantastic, and one of the organizers, Kent Agerlund, put together an excellent roundup of the key security numbers and insights from the event. Highly recommended read:
→ MMS 2026 MOA: Let the Numbers Do the Talking
If you’re working with Microsoft Security tools and want to level up with AI, automation, and practical solutions, you’re in the right place. Let’s dive into this week’s prompts, insights, and actionable guidance.
Talk soon.
-Rod
Things that are Related
Are AI Agents Changing the SOC? - A new wave of SaaS vendors is selling the same story: deploy our AI and your SOC runs itself. Tier 1 replaced. Tier 2 automated away. Tier 3 handled by agents that never sleep. That is not how this works. Not today, and not in any production SOC I have seen or built.
Defense at AI speed: Microsoft’s new multi-model agentic security system finds 16 new vulnerabilities - Today Microsoft announced a major step forward in AI-powered cyber defense: our new agentic security system helped researchers find 16 new vulnerabilities across the Windows networking and authentication stack—including four Critical remote code execution flaws in components such as the Windows kernel TCP/IP stack and the IKEv2 service. They used the new Microsoft Security multi-model agentic scanning harness (codename MDASH) which was built by Microsoft’s Autonomous Code Security team. Unlike single-model approaches, the harness orchestrates more than 100 specialized AI agents across an ensemble of frontier and distilled models to discover, debate, and prove exploitable bugs end-to-end.
Building the Solution Teams Need to Secure AI Against Prompt Injection - AI is being deployed faster than it is being secured. Threats like prompt injection remain difficult to mitigate in practice, leaving real-world systems exposed. To address this, we built a prompt injection testing platform powered by Microsoft Foundry.
When prompts become shells: RCE vulnerabilities in AI agent framework - AI agents have fundamentally changed the threat model of AI model-based applications. By equipping these models with plugins (also called tools), your agents no longer just generate text; they now read files, search connected databases, run scripts, and perform other tasks to actively operate on your network. Because of this, vulnerabilities in the AI layer are no longer just a content issue and are an execution risk. If an attacker can control the parameters passed into these plugins via prompt injection, the agent may be driven to perform actions beyond its intended use.
Defending consumer web properties against modern DDoS attacks - If you own, create, or maintain online services and web portals, you’re probably aware of the dramatic upswing in DDoS attacks on your domains. AI has democratized tooling not just for us but for threat actors as well. DDoS in this era has extended from simple bandwidth saturation to sophisticated, application-layer abuse. Defending against this activity now requires system-level design, beyond just the typical network-level filtering. As botnets continue to expand their footprint and evade identification, it is important for us to take a step back, assess the situation, and take a defense-in-depth approach to increase our resilience against this class of disruption.
Expect bigger Patch Tuesdays going forward as AI accelerates the discovery of vulnerabilities - The work of finding and fixing vulnerabilities continues to get faster, broader, and more rigorous across the industry. Customers should expect this to be reflected in the size of a given Patch Tuesday, and at times in how updates are delivered.
Things to Watch/Listen To
Microsoft Sentinel Things
Extending Sentinel Data Integration: Azure Blob Storage Support for CCF Connectors - Explore a new data ingestion pattern for Microsoft Sentinel connectors, leveraging Azure Blob Storage to enable resilient, scalable pipelines that support high‑volume data streaming and modern security operations.
Sentinel Foundry - MCP Server (Preview) (Github Community Release) - I’ve been cooking something that a lot of people in SOC have been struggling with — especially on the engineering side of Microsoft Sentinel. Thanks to the Microsoft Security team for shaping the capabilities of Sentinel even better with Sentinel Data Lake & Modern SecOps.
Sentinel-As-Code: Wave 3 - Wave 2 closed with one specific promise: end-to-end Pester tests wired in as a PR gate, with branch protection on main so nothing merged without a green run. Wave 3 lands that gate, plus a handful of other things that took shape alongside it.
Defender for Endpoint Things
How Microsoft Defender used predictive shielding to proactively disrupt a ransomware attack - Modern ransomware attacks are increasingly designed to blend in with normal IT operations, using trusted administrative tools to quietly weaken defenses and distribute malicious payloads at scale. In a recent real‑world incident, a human‑operated ransomware actor attempted to do exactly that by abusing Group Policy Objects (GPOs) to target hundreds of devices, but Microsoft Defender detected the attack and proactively hardened those devices before GPOs were deployed.
Defender for Cloud Things
When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps - AI and agentic application deployments on cloud-native platforms are increasing, and they often prioritize speed over secure configuration. Our observations from aggregated and anonymized Microsoft Defender for Cloud signals showed cases where AI services were publicly exposed with weak or missing authentication, creating exploitable misconfigurations that attackers actively abused. These issues enabled low-effort, high-impact outcomes such as remote code execution, credential theft, and access to sensitive internal tools and data.
Defender XDR Things
Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise - In recent years, many sophisticated intrusions have increasingly avoided using noisy exploits, obvious malware, or custom tooling, instead leveraging systems that organizations already trust within their environments. By operating through legitimate and trusted administrative mechanisms, threat actors could more easily blend seamlessly into routine operations and remain undetected.
Microsoft Entra Things
Secure the moments attackers target: onboarding, access requests, and account recovery - Learn how Face Check supports high assurance identity verification for onboarding, access requests, and account recovery.