What’s new, updated, or recently released in Microsoft Security

Share Link copied to clipboard! CONTENT TYPES News PRODUCTS AND SERVICES Microsoft Defender Microsoft Purview more New capabilities in Microsoft Agent 365; new Microsoft Defender and GitHub integration At Microsoft, security innovations are purpose-built to help every organization protect end-to-end with the speed and scale of AI. Our vision is simple: security should be ambient and autonomous, just like the AI it protects. In a world where AI agents can act autonomously to take action, access data, and interact across systems, every organization should have the confidence that their security posture can scale and keep pace with their AI investments. Microsoft is focused on helping organizations gain visibility into what their agents are doing, governance over what they’re allowed to do, and protection against emerging threats. With an AI-first, end-to-end security platform grounded in Zero Trust for AI, fueled by more than 100 trillion daily threat signals1, and shaped by the Secure Future Initiative, security and IT teams can harden their security posture with protection that is continuous, intelligent, and built for the agentic era. In the Loop is a new series from Microsoft Security that delivers timely news and updates to the global security community. Today’s edition spotlights the latest capabilities designed to help security and IT teams secure their AI agents, secure their foundations, and defend against threats in real time with the powerful combination of agents and experts. New Microsoft Defender capabilities in Agent 365 tooling gateway Detect, block, and investigate threats to AI agents Get started ↗ The Agent 365 tooling gateway gives security teams the visibility and control they need to detect and respond to threats that target agentic workflows. New Microsoft Defender capabilities, now available in preview, enable security teams to detect, block and investigate anomalous behavior of their agents. Near real-time protection leverages webhooks to evaluate the actions an AI agent attempts to detect and block malicious or risky activities before they’re executed. Read more and get started. AI-powered Defender and GitHub solution helps protect from code to runtime GitHub Advanced Security integration Learn more ↗ Microsoft Defender for Cloud integration with GitHub Advanced Security, now generally available, provides unified security visibility across the development lifecycle. This integration automatically maps code changes to production environments, prioritizes security alerts based on real runtime context, and enables coordinated remediation workflows between development and security teams. Teams can track vulnerabilities from source code to deployed applications, focus on the security issues that affect production workloads, and take advantage of AI-powered remediation tools to speed resolution.2 Get started today and watch the video. New demo: Run a data security investigation in Microsoft Purview Data Security Investigations Get started ↗ Step into the role of a data security analyst and see how Microsoft Purview Data Security Investigations helps you identify investigation‑relevant data, analyze it using AI‑powered deep content analysis, and mitigate sensitive data risks—all within a single, integrated solution. Follow the end‑to‑end investigation journey in this hands‑on demo. In the demo, you’ll learn how to: Proactively assess data security risk across your data estate. Reactively investigate data involved in security incidents, such as breaches, leaks, fraud, or bribery. Visualize risk using the data risk graph, which shows correlations between sensitive content, users, and activities. Stay In the Loop Microsoft Security continually ships meaningful innovations across our portfolio and research-driven insights and reports for the security community. In the Loop posts are your reliable source of what’s new across Microsoft Security and what it means for your security strategy. Check back for the next drop and connect with us at Microsoft Build, June 2-3, 2026 in San Francisco, to hear directly from Microsoft Security experts, learn more about today’s releases, and more. To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity. 1Microsoft Digital Defense Report 2025, Safeguarding Trust in the AI Era 2GitHub Advanced Security Integration with Microsoft Defender for Cloud, Microsoft Defender for Cloud | Microsoft Learn Alym Rayani Vice President of Marketing for Microsoft Security Alym Rayani is a Vice President of Marketing for Microsoft Security. Alym focuses on helping customers adopt world class security with teams that span solutions, audience, partner, field, and experiences marketing. Alym joined Microsoft in 2005, initially working on identity in the Windows Server engineering group. Since then, he has held several other marketing, product, and strategy roles in the Microsoft Office/365 and Security organizations. See Alym Rayani posts Related posts May 1 CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments A high-severity Linux vulnerability, “Copy Fail” (CVE-2026-31431), enables root privilege escalation across cloud environments and Kubernetes workloads. May 1 Microsoft Agent 365, now generally available, expands capabilities and integrations ​Today we’re announcing the general availability of Agent 365, plus previews of new capabilities to discover and manage shadow AI agents, including local agents like OpenClaw and Claude Code. April 30 Email threat landscape: Q1 2026 trends and insights In early 2026, email threats increased with a rise in credential phishing, QR code phishing, and CAPTCHA-gated campaigns, highlighted by Microsoft’s disruption of the Tycoon2FA phishing platform which led to a 15% volume decrease and shifts in threat actor tactics.