
The AI & Security Insights Show - We'll be back!
Show notes
If any of our listeners are in Vegas for Blackhat or DefCon, come say hello. We may have a prize.
Words of Wisdom:
“Immediately pay what you owe to vendors, workers and contractors. They will go out of their way to work with you first the next time”
Security Insights - Foresight - Hindsight – July 2026 Edition
General
* Securing our future: July 2026 progress report on Microsoft’s Secure Future Initiative | Microsoft Security Blog
* Least privilege for AI agents: Identity, access, and tool binding | Microsoft Security Blog
* Unpacking the AsyncAPI npm supply chain compromise | Microsoft Security Blog
AI Security
* AI brands as bait: How threat actors are using the AI hype in social engineering | Microsoft Security Blog
* Beyond the benchmark: Advancing security at AI speed | Microsoft Security Blog
Agent365
* Least privilege for AI agents: Identity, access, and tool binding | Microsoft Security Blog
* Agent 365 Registry, local discovery, and runtime protection | Microsoft Learn
Azure Security & Defender for Cloud News
* What’s new in Defender for Cloud features (July 2026) | Microsoft Learn
Threat Intelligence
* Unpacking the AsyncAPI npm supply chain compromise | Microsoft Security Blog
* GigaWiper: Anatomy of a destructive backdoor | Microsoft Security Blog
Microsoft Entra
* Microsoft Entra ID security updates: Passkeys as default | Microsoft Security Blog
Device Management & Protection (Intune)
* What’s new in Microsoft Intune (July 2026) | Microsoft Learn
Defender XDR & Sentinel
* Monthly news – July 2026 | Microsoft Defender XDR Blog
* Sentinel Graph tools and custom detection rules as code | Microsoft Learn
* Defender XDR + Sentinel unified operations | Microsoft Learn
Copilot for Security
* Security Copilot agentic capabilities | Microsoft Learn
Purview – Compliance & Governance
* Purview data protection for AI agents | Microsoft Learn
* Purview for Agent 365 | Microsoft Learn
Non Microsoft Security News
* Polymarket supply chain compromise and theft → Podcast
* FBI Kali365 phishing warnings → Podcast
* AI-discovered vulnerabilities in summer campaigns → Podcast
* GitHub researcher bans and anti-tech trends → Podcast
AI for the Masses (from “AI Security OPS”)
* LiteLLM supply chain risks → AI Security Ops
* Model ablation and safety bypasses → AI Security Ops
* Embedding space attacks → AI Security Ops
* Open-weight models and harness risks → AI Security Ops
* Agent pentesting and bug bounties → AI Security Ops
Featured Resources & Deep Dives
* Defender XDR deployment guide
* Advanced hunting best practices
What’s New in Defender (July 2026)
* What’s new in Microsoft Defender XDR | Microsoft Learn
* Local AI agent discovery + runtime protection
* Sentinel Graph + custom detection as code
* July Patch Tuesday follow-up
Daily Defender Dispatch – July 16, 2026
Daily Defender Dispatch: Least-Privilege Agents, AsyncAPI Breach, and Graph Tools
Least Privilege for AI AgentsNew guidance on identity, access, and tool binding for secure agentic AI.Takeaway: Review Agent 365 policies for least-privilege enforcement.
AsyncAPI npm Supply Chain CompromiseThreat actors weaponized trusted CI/CD workflows.Takeaway: Audit open-source dependencies in AI pipelines.
Sentinel Graph & Custom DetectionsEnhanced graph tools and custom detection rules as code now in preview.Takeaway: Test graph reasoning for faster investigations.
Non-MS HighlightsPolymarket breach and AI supply chain risks.Takeaway: Strengthen third-party AI vendor reviews.
AI for the MassesLiteLLM and model ablation attacks.
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com