{"id":60782,"date":"2026-06-02T17:15:18","date_gmt":"2026-06-02T17:15:18","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=147521"},"modified":"2026-06-02T17:15:18","modified_gmt":"2026-06-02T17:15:18","slug":"microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/","title":{"rendered":"Microsoft Build 2026: Securing code, agents, and models across the development lifecycle"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2026\/06\/Security-2.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<aside class=\"table-of-contents-block accordion wp-block-bloginabox-theme-table-of-contents\" id=\"accordion-5ac20f9d-1fdb-4102-8d66-3a372014bbbc\" data-bi-an=\"table-of-contents\"> <button class=\"btn btn-collapse\" type=\"button\" aria-expanded=\"true\" aria-controls=\"accordion-collapse-5ac20f9d-1fdb-4102-8d66-3a372014bbbc\"> <span class=\"table-of-contents-block__label\">In this article<\/span> <span class=\"table-of-contents-block__current\" aria-hidden=\"true\"><\/span> <svg class=\"table-of-contents-block__arrow\" aria-label=\"Toggle arrow\" width=\"18\" height=\"11\" viewBox=\"0 0 18 11\" fill=\"none\"> <path d=\"M15.7761 11L18 8.82043L9 0L0 8.82043L2.22394 11L9 4.35913L15.7761 11Z\" fill=\"currentColor\" \/> <\/svg> <\/button> <span class=\"table-of-contents-block__progress-bar\"><\/span><br \/>\n<\/aside>\n<p class=\"wp-block-paragraph\" id=\"today-developers-and-security-teams-are-caught-in-growing-tension-ai-is-accelerating-development-and-introducing-new-issues-around-insecure-code-opaque-models-data-exposure-and-compliance-add-the-challenges-of-shadow-ai-and-tool-sprawl-and-the-result-is-a-widening-gap-between-innovation-and-control-as-developers-move-faster-security-teams-struggle-to-keep-up-with-visibility-governance-and-oversight-the-resulting-friction-across-the-development-lifecycle-is-forcing-a-tradeoff-between-speed-and-safety-that-doesn-t-need-to-exist-security-needs-to-move-upstream-to-become-part-of-how-developers-actually-work-built-into-their-day-to-day-tools-and-connected-to-the-tools-security-teams-use\">Today, developers and security teams are caught in growing tension. AI is accelerating development and introducing new issues around insecure code, opaque models, data exposure, and compliance. Add the challenges of shadow AI and tool sprawl and the result is a widening gap between innovation and control. As developers move faster, security teams struggle to keep up with visibility, governance, and oversight. The resulting friction across the development lifecycle is forcing a tradeoff between speed and safety that doesn\u2019t need to exist. Security needs to move upstream to become part of how developers actually work: built into their day-to-day tools and connected to the tools security teams use.<\/p>\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/build.microsoft.com\/en-US\/home\" target=\"_blank\" rel=\"noopener noreferrer\">At Microsoft Build 2026<\/a>, we are announcing new security tools and capabilities to give developers clear guidance in real time, scale with the complexity of tasks, and provide security teams with a consistent view across the full lifecycle so innovation can move fast and securely without the business losing control.<strong> <\/strong>Learn more about our solutions to help secure your code, secure your agents, and secure your models.<\/p>\n<h2 class=\"wp-block-heading\" id=\"secure-your-code\">Secure your code<\/h2>\n<p class=\"wp-block-paragraph\">Today\u2019s headlines reflect the tension around the power of AI models and the potential threat they pose when used to find and exploit vulnerabilities. It is forcing a shift as security teams look for solutions to help them safely harness the power of these models. At the same time, developers want to use these same models to efficiently identify real, exploitable risk and remediate it within their flow of work. That\u2019s why we developed the Microsoft Security multi-model agentic scanning harness (codename MDASH) and added native integration between <a href=\"https:\/\/www.microsoft.com\/en-us\/microsoft-365\/microsoft-defender-for-individuals\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Defender<\/a> and GitHub Code Security (part of the former GitHub Advanced Security suite) to help both security and developer teams identify and close gaps early.<\/p>\n<h3 class=\"wp-block-heading\" id=\"discover-and-validate-exploitable-vulnerabilities-with-codename-mdash\">Discover and validate exploitable vulnerabilities with codename MDASH<\/h3>\n<p class=\"wp-block-paragraph\">The new <strong>Microsoft Security multi-model agentic scanning harness (codename MDASH) is available in an expanded preview <\/strong>for eligible organizations and now includes integration with <a href=\"https:\/\/www.microsoft.com\/en-us\/microsoft-365\/microsoft-defender-for-individuals\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Defender<\/a>. This new agentic security system orchestrates a pipeline of more than 100 specialized AI agents using an ensemble of models to discover, validate, and prove exploitability across codebases written in popular programming languages.<\/p>\n<p class=\"wp-block-paragraph\">This approach is unique in the industry. Our multi-model agentic scanning harness uses a configurable panel of models, ranging from state-of-the-art (SOTA) models as the heavy reasoners,&nbsp;to more cost-effective models for high-volume operations. This allows us to trade speed, recall, and cost, and minimize dependency on any specific model.<\/p>\n<p class=\"wp-block-paragraph\">The combination of multiple models,&nbsp;hundreds&nbsp;of agents, and&nbsp;over 100 trillion signals a day helps&nbsp;identify&nbsp;real risk&nbsp;over&nbsp;theoretical noise, to help teams focus on what can be exploited.&nbsp;The strategic implication is clear: AI vulnerability discovery has crossed from research curiosity into production-grade defense at enterprise scale, and the durable advantage lies in the agentic system around the model rather than any single model itself.\u202f<a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2026\/05\/12\/defense-at-ai-speed-microsofts-new-multi-model-agentic-security-system-tops-leading-industry-benchmark\/#how-capable-is-codename-mdash\" target=\"_blank\" rel=\"noopener noreferrer\">MDASH<\/a> recently jumped roughly 10%&nbsp;in less than three weeks&nbsp;to a new&nbsp;CyberGym&nbsp;industry benchmark score of 96.55%.<\/p>\n<p class=\"wp-block-paragraph\">\u201cAt Accenture, we\u2019re always looking toward the next frontier in protecting our clients and our enterprise. What Microsoft is building with MDASH reflects a meaningful shift from reactive, rule-based scanning to agentic systems that can reason across complex codebases like a skilled security researcher,\u201d\u202fsays Kris Burkhardt, Chief Information Security Officer at Accenture. Accenture is one of a&nbsp;select group of&nbsp;<a href=\"https:\/\/aka.ms\/MDASHengagedpartners\" target=\"_blank\" rel=\"noreferrer noopener\">Security&nbsp;partners and&nbsp;Microsoft Intelligent Security Association (MISA)&nbsp;members<\/a>&nbsp;that are&nbsp;engaged in the preview to shape MDASH and accelerate&nbsp;agentic&nbsp;AI vulnerability discovery.<\/p>\n<p class=\"wp-block-paragraph\">Our partner engagements reflect a shared focus on moving from reactive detection to proactive identification of exploitable risk. \u201cWe\u2019re&nbsp;seeing cyber threats evolve rapidly, with AI accelerating both the scale and sophistication of attacks.&nbsp;Microsoft\u2019s investment in MDASH reflects a strong commitment to helping organizations stay ahead of this curve. Based on our early discussions and exposure to the innovation, we see strong potential for MDASH to simplify and strengthen SecOps, helping organizations operate with greater resilience and confidence,\u201d&nbsp;says&nbsp;Morgan Adamski, Principal&nbsp;and&nbsp;Deputy Platform Leader&nbsp;of&nbsp;Cyber, Data, and Tech Risk&nbsp;at&nbsp;PwC US.<\/p>\n<p class=\"wp-block-paragraph\">Together, we are partnering across the industry to use leading models paired with our platforms and expertise to deliver protection at scale. Together, we are partnering across the industry to use leading models&nbsp;paired with our platforms and&nbsp;expertise&nbsp;to&nbsp;deliver&nbsp;protection at scale.&nbsp;\u201cWe\u2019re excited to work with Microsoft on MDASH because it addresses one of the most pressing challenges our customers face: reducing the time between discovering&nbsp;a vulnerability&nbsp;and taking meaningful action. Microsoft\u2019s role as a trusted security vendor matters here\u2014customers need innovation, but they also need confidence, governance, and a partner they can rely on. Our early experience with MDASH has been encouraging, and we see real opportunity for it to help organizations modernize how they approach vulnerability discovery and remediation,\u201d&nbsp;says&nbsp;Jason Rader, Insight CISO.&nbsp;&nbsp;<\/p>\n<p class=\"wp-block-paragraph\">Reach out to your <a href=\"https:\/\/info.microsoft.com\/ww-landing-security-generic-contact-me.html?culture=en-us&amp;country=us\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft account representative<\/a> for more information on the expanded preview of codename MDASH.<\/p>\n<h3 class=\"wp-block-heading\" id=\"prioritize-and-remediate-code-vulnerabilities-with-microsoft-defender-and-github-code-security\">Prioritize and remediate code vulnerabilities with Microsoft Defender and GitHub Code Security<\/h3>\n<p class=\"wp-block-paragraph\">While codename MDASH identifies and validates what\u2019s truly exploitable, the <a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/defender-for-cloud\/github-advanced-security-overview\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>integration between Microsoft Defender and GitHub Code Security<\/strong><\/a> (part of the former GitHub Advanced Security suite), now generally available, brings runtime context into development and security workflows so that teams can prioritize and address risks early minimizing the impact to human resources. Vulnerabilities discovered in code are automatically enriched with real production signals, such as internet exposure and data sensitivity to inform prioritization. Developers can then remediate issues using AI-assisted fixes that are generated, assigned, and validated through GitHub Copilot Autofix and the GitHub Copilot cloud agent.<\/p>\n<p class=\"wp-block-paragraph\">To support responsible, coordinated disclosure of findings that represent both real and potential vulnerabilities, role-based access controls ensure that only authorized individuals can view and act on them. Together, the production signal enrichment, AI-assisted remediation, and secure handling of findings within a single workflow help security and developer teams focus on real risk and enable teams to act quickly.<\/p>\n<h2 class=\"wp-block-heading\" id=\"secure-your-agents\">Secure your agents<\/h2>\n<p class=\"wp-block-paragraph\">Agents are quickly becoming a new layer of the application stack. As developers build agents and move them into production, they need the tools to ship fast without sacrificing security, including built-in identity, governance, and safety testing. Security teams have overlapping needs: visibility into what\u2019s running, control over what agents can access, and consistent governance across clouds and endpoints. Microsoft is delivering new solutions to help.<\/p>\n<h3 class=\"wp-block-heading\" id=\"build-secure-agents-from-day-one\">Build secure agents from day one<\/h3>\n<p class=\"wp-block-paragraph\">At <a href=\"https:\/\/build.microsoft.com\/en-US\/home\" target=\"_blank\" rel=\"noopener noreferrer\">Build 2026<\/a>, Microsoft is introducing new capabilities to help developers build secure, enterprise-ready agents by default. With the general availability of the <strong><a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoft-365\/agents-sdk\/agents-sdk-overview\" target=\"_blank\" rel=\"noreferrer noopener\">Agent 365 SDK<\/a><\/strong>, developers can integrate controls directly into their development workflows, bringing observability, access controls, and compliance enforcement into how agents are designed and deployed. This enables teams to build custom agents for any AI platform that are compliant, and enterprise-ready, and compose well with Agent 365.<\/p>\n<p class=\"wp-block-paragraph\">Security extends beyond development and into how agents run. On Windows, the <strong><a href=\"https:\/\/github.com\/microsoft\/mxc\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Execution Container (MXC)<\/a> SDK <\/strong>provides OS-level control over agent execution, giving developers and IT teams the ability to define containment and policy, applied by the OS through isolation technologies such as process and session isolation. <strong><a href=\"https:\/\/learn.microsoft.com\/en-us\/windows-365\/agents\/introduction-windows-365-for-agents\" target=\"_blank\" rel=\"noreferrer noopener\">Windows 365 for Agents<\/a><\/strong>, now generally available, enables you to run any agent in a fully isolated, policy-governed Cloud PC. Native Windows integration with Agent 365 provides a common foundation for observability, security, and governance, including built-in Intune capabilities to set policies that govern agent runtime execution and control how agents operate.<\/p>\n<p class=\"wp-block-paragraph\">These <a href=\"https:\/\/blogs.windows.com\/windowsdeveloper\/?p=57808\" target=\"_blank\" rel=\"noopener noreferrer\">new capabilities<\/a> are now in early preview.<\/p>\n<h3 class=\"wp-block-heading\" id=\"observe-govern-and-secure-agents-at-scale-with-agent-365-now-including-local-agents\">Observe, govern, and secure agents at scale with Agent 365\u2014now including local agents<\/h3>\n<p class=\"wp-block-paragraph\">As agents proliferate across environments, gaining visibility and control over them becomes critical. <a href=\"https:\/\/www.microsoft.com\/en-us\/microsoft-agent-365\" target=\"_blank\" rel=\"noopener noreferrer\">Agent 365<\/a> introduces new capabilities to manage agent sprawl and risk, including an <strong>Agent 365 Agent Registry <\/strong>that surfaces unmanaged local agents discovered by <a href=\"https:\/\/www.microsoft.com\/en-us\/microsoft-365\/microsoft-defender-for-individuals\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Microsoft Defender<\/strong><\/a><strong>, <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/microsoft-entra\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Entra<\/a><\/strong>, and <a href=\"https:\/\/www.microsoft.com\/en-ie\/security\/business\/microsoft-intune\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Microsoft<\/strong> <strong>Intune<\/strong><\/a>\u2014all working together. The registry supports more than 20 types of local agents, including coding agents, AI desktop applications, and both local and remote Model Context Protocol (MCP) servers. From there, <strong>Intune<\/strong> policies can be used to block common execution methods for OpenClaw agents.<\/p>\n<p class=\"wp-block-paragraph\">Security teams also need the ability to defend against emerging threats without slowing developer productivity. Microsoft <strong>Defender<\/strong>, <strong>Entra<\/strong>, and <strong>Intune<\/strong> work together to provide the visibility, runtime protections, and context needed to manage agent risk without slowing developer productivity. <strong>Defender<\/strong> enables analysts to investigate agent activity using advanced hunting and provides an exposure graph that helps teams understand how agents are connected across the network. Preview of these capabilities coming soon.<\/p>\n<p class=\"wp-block-paragraph\">Protecting data is foundational to securing agents at scale. <strong><a href=\"https:\/\/www.microsoft.com\/en-ie\/security\/business\/microsoft-purview\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Purview<\/a><\/strong> controls to prevent data exfiltration, Data Security Posture Management risk discovery, and agentic risk detection for coding agents Claude Code, GitHub Copilot, OpenAI Codex, and OpenClaw. This enables visibility on how local agents access sensitive data, runtime protections for risky prompts, and insights into unsafe agent behaviors. <a href=\"https:\/\/www.microsoft.com\/en-ie\/security\/business\/risk-management\/microsoft-purview-audit\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Purview Audit<\/a> also logs all agent activity for full traceability. Preview of these capabilities coming soon.<\/p>\n<h2 class=\"wp-block-heading\" id=\"trust-agents-with-your-data\">Trust agents with your data<\/h2>\n<p class=\"wp-block-paragraph\">Developers also need direct, real-time insight into <strong>data security posture and risk signals<\/strong> associated with the agents they build. With <strong>Purview data risk signals embedded in the Foundry Control Plane,<\/strong> generally available, these signals provide guidance to developers on where to enforce protections before sensitive data is exposed. For example, Purview flags in real time when an agent surfaces sensitive financial data during testing and guides developers to mask or restrict access before deployment.<\/p>\n<p class=\"wp-block-paragraph\">To further reduce risk, <strong>Purview<\/strong> introduces<strong> runtime data loss prevention (DLP) for agent prompts<\/strong> <strong>in Foundry<\/strong>, in preview with Agent 365. This capability detects, blocks, and audits sensitive data before it is processed by the agent, ensuring that sensitive information never reaches AI models.<\/p>\n<h2 class=\"wp-block-heading\" id=\"secure-your-models\">Secure your models<\/h2>\n<p class=\"wp-block-paragraph\">Before AI reaches production, teams need to verify that the models they depend on are safe. Now developers can <strong>inspect model artifacts, whether platform-native or bring-your-own, with <\/strong><a href=\"https:\/\/learn.microsoft.com\/en-us\/azure\/defender-for-cloud\/ai-model-security?pivots=defender-portal\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>Defender AI model scanning<\/strong><\/a>, in preview. To help close gaps early model Defender AI model scanning detects and blocks potentially vulnerable or compromised models across registries, workspaces, and CI\/CD pipelines to verify model integrity before deployment.<\/p>\n<h2 class=\"wp-block-heading\" id=\"trust-starts-with-security\">Trust starts with security<\/h2>\n<p class=\"wp-block-paragraph\">There should never be a choice between innovation and safety.<\/p>\n<p class=\"wp-block-paragraph\">The capabilities announced today span the full development lifecycle: discovering what\u2019s exploitable, governing what\u2019s running, protecting the data AI depends on, and verifying that agents behave as intended before they reach production. Microsoft security is embedded directly into the platforms and workflows developers already use, supporting innovation across <a href=\"https:\/\/azure.microsoft.com\/en-us\/products\/ai-foundry\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Foundry<\/a>, <a href=\"https:\/\/www.microsoft.com\/en-us\/microsoft-365-copilot\/microsoft-copilot-studio\" target=\"_blank\" rel=\"noreferrer noopener\">Copilot Studio<\/a>, GitHub, and open-source frameworks, and bringing discovery and governance to shadow AI.<\/p>\n<p class=\"wp-block-paragraph\">But real progress in AI depends on more than breakthrough capabilities\u2014it depends on whether organizations can trust the systems they are building and deploying. That is the common thread across the innovations announced at <a href=\"https:\/\/build.microsoft.com\/en-US\/home\" target=\"_blank\" rel=\"noopener noreferrer\">Build 2026<\/a> and the principle guiding our approach. Because the future of AI will belong not just to those who move fastest, but to those who can innovate with trust.<\/p>\n<p class=\"wp-block-paragraph\">To learn more about Microsoft Security solutions, visit our <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\" target=\"_blank\" rel=\"noreferrer noopener\">website.<\/a>&nbsp;Bookmark the&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/blog\/\" target=\"_blank\" rel=\"noreferrer noopener\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (<a href=\"https:\/\/www.linkedin.com\/showcase\/microsoft-security\/\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Security<\/a>) and X (<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noreferrer noopener\">@MSFTSecurity<\/a>)&nbsp;for the latest news and updates on cybersecurity. To learn more about how security is built into the Windows platform, explore the <a href=\"https:\/\/learn.microsoft.com\/en-us\/windows\/security\/book\/\" target=\"_blank\" rel=\"noreferrer noopener\">Windows Security book<\/a> and <a href=\"https:\/\/aka.ms\/ws2025securitybook\" target=\"_blank\" rel=\"noreferrer noopener\">Windows Server Security book<\/a>.<\/p>\n<p>READ MORE <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2026\/06\/02\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Discover how Microsoft enables fast, secure AI development with MDASH and new security capabilities.<br \/>\nThe post Microsoft Build 2026: Securing code, agents, and models across the development lifecycle appeared first on Microsoft Security Blog. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":60783,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[276],"tags":[923,11130,6681],"class_list":["post-60782","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-secure","tag-github","tag-microsoft-agent-365","tag-security-strategies"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft Build 2026: Securing code, agents, and models across the development lifecycle 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft Build 2026: Securing code, agents, and models across the development lifecycle 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-02T17:15:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2026\/06\/Security-2.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Microsoft Build 2026: Securing code, agents, and models across the development lifecycle\",\"datePublished\":\"2026-06-02T17:15:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\\\/\"},\"wordCount\":1953,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle.jpg\",\"keywords\":[\"github\",\"Microsoft Agent 365\",\"Security strategies\"],\"articleSection\":[\"Microsoft Secure\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\\\/\",\"name\":\"Microsoft Build 2026: Securing code, agents, and models across the development lifecycle 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle.jpg\",\"datePublished\":\"2026-06-02T17:15:18+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle.jpg\",\"width\":1920,\"height\":1080},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"github\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/github\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Microsoft Build 2026: Securing code, agents, and models across the development lifecycle\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft Build 2026: Securing code, agents, and models across the development lifecycle 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft Build 2026: Securing code, agents, and models across the development lifecycle 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2026-06-02T17:15:18+00:00","og_image":[{"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2026\/06\/Security-2.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Microsoft Build 2026: Securing code, agents, and models across the development lifecycle","datePublished":"2026-06-02T17:15:18+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/"},"wordCount":1953,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/06\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle.jpg","keywords":["github","Microsoft Agent 365","Security strategies"],"articleSection":["Microsoft Secure"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/","url":"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/","name":"Microsoft Build 2026: Securing code, agents, and models across the development lifecycle 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/06\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle.jpg","datePublished":"2026-06-02T17:15:18+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/06\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2026\/06\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle.jpg","width":1920,"height":1080},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-build-2026-securing-code-agents-and-models-across-the-development-lifecycle\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"github","item":"https:\/\/www.threatshub.org\/blog\/tag\/github\/"},{"@type":"ListItem","position":3,"name":"Microsoft Build 2026: Securing code, agents, and models across the development lifecycle"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/60782","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=60782"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/60782\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/60783"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=60782"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=60782"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=60782"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}