Post Content
You write the code. You own the pipeline. Now security is yours too — but it doesn’t have to slow you down. See how Defender for Cloud and GitHub Advanced Security catch vulnerabilities where you already work: your CLI, your repo, your pull request, your cloud. No workflow changes required.
To learn more, please check out these resources:
* https://aka.ms/build26-next-steps
𝗦𝗽𝗲𝗮𝗸𝗲𝗿𝘀:
* James Brotsos
𝗦𝗲𝘀𝘀𝗶𝗼𝗻 𝗜𝗻𝗳𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻:
This is one of many sessions from the Microsoft Build 2026 event. View even more sessions on-demand and learn about Microsoft Build at https://build.microsoft.com
OD841 | English (US) | Responsible AI
Pre-recorded | (300) Advanced
#MSBuild
Chapters:
0:00 – Introduction by James Brotsos and Overview of ‘Ship Fast, Stay Secure’
00:00:42 – Explaining Developer-Security Collaboration Challenges
00:01:14 – Embedding Security into Developer Workflows
00:01:53 – Integration Between Microsoft Defender for Cloud and GitHub Advanced Security
00:02:27 – Demo Introduction and Setup of MDASH Scanner
00:02:52 – Overview of MDASH Multi-Agent AI Scanning Pipeline
00:03:33 – Running MDASH Scan and Discovering Non-Pattern Vulnerabilities
00:04:08 – AI-Assisted Fixing of Vulnerabilities through Copilot
00:05:05 – Developer Review Process in VS Code and Pull Request Security Feedback
00:07:15 – Switching to Security Manager View: Application Security Initiative Dashboard
00:09:16 – Attack Path Analysis: Mapping Code Vulnerabilities to Cloud Risk
00:12:00 – GitHub Integration for Issue Creation and Automated Fix Suggestions
00:13:33 – AI Model Security: Detecting Malicious Pickle Artifacts and Model Risks
00:16:01 – End-to-End AI Security in Pipelines
00:17:15 – Summary of Full AI-Powered Security Lifecycle from Code to Cloud Read More Microsoft Developer
