Microsoft announced MDASH, a multi-model agentic security system developed by its Autonomous Code Security team. The company unveiled the tool on May 12, 2026, to address software vulnerabilities through automated scanning. MDASH represents a shift toward using multiple specialized AI agents rather than single-model approaches for code security.
System deploys over 100 specialized AI agents across different frontier and distilled models
The system deploys more than 100 specialized AI agents across different frontier and distilled models. Microsoft reports that this architecture helped researchers identify 16 new vulnerabilities in Windows networking and authentication components. Four of these findings were critical remote code execution flaws. The tool also achieved a 96 percent recall rate on five years of confirmed cases in clfs.sys and a 100 percent recall rate on cases in tcpip.sys.
MDASH scored 88.45 percent on the public CyberGym benchmark, which includes 1,507 real-world vulnerability reproduction tasks. Microsoft states that this performance places the system at the top of the leaderboard, surpassing Anthropic's Mythos and OpenAI's GPT-5.5. In internal tests on a private driver with 21 planted vulnerabilities, the system found all 21 with zero false positives.
Microsoft is currently offering MDASH through a limited private preview program for interested customers. The availability is global, with the announcement date marking the start of this initial access phase. The company has not yet detailed the specific criteria for broader release or the timeline for general availability beyond this private testing window.



Discussion
0 comments
Log in to join the thread with a thoughtful take, question, or correction.