Finding a security vulnerability that nobody else has spotted in your own software is embarrassing. Finding 16 of them, including four critical remote code execution flaws, using an AI system you built yourself, is something else entirely.
That’s what happened when Microsoft ran its new MDASH system against the Windows networking and authentication stack – and all 16 issues were patched in the May 2026 Patch Tuesday updates before anyone outside could exploit them.
MDASH – the Microsoft Security multi-model agentic scanning harness – orchestrates more than 100 specialised AI agents working simultaneously to discover, debate, validate, deduplicate and prove software vulnerabilities. The system is currently in limited private preview, with broader enterprise access expected in June 2026.
What MDASH Actually Does
The multi-agent design is the interesting part. Rather than a single AI model scanning for known vulnerability patterns, MDASH runs a coordinated pipeline: agents discover candidate weaknesses, others challenge and debate the findings, others validate and deduplicate results, and the system only surfaces issues it can prove with working evidence.
According to Microsoft’s own reporting, the system achieved 21 of 21 planted vulnerabilities found with zero false positives on a private test driver, 96% recall against five years of confirmed cases in one Windows component and 100% recall in another, and an 88.45% score on the public CyberGym benchmark.
The zero-false-positive result on planted vulnerabilities is the number that matters most for enterprise adoption. Security teams are drowning in alerts. A system that finds real issues without generating noise is addressing the core operational problem in enterprise cybersecurity today.
More from Cybersecurity
- 74% Of UK Businesses Have Had At Least 3 Identity Breaches This Past Year – Why Aren’t More Of Them Protected?
- Cycode Wants To Secure The Agentic Era – And It’s Just Launched The Product To Prove It
- Lyrie.ai Deploys Real-Time Zero-Day Tracking Across Global Enterprise Infrastructure
- Part 1: Is This The End Of World Password Day? Experts Weigh In
- Experts Comment: Has The AI Race Made The World Less Safe?
- ShinyHunters Just Hacked Rockstar Through A Supplier – Every Business Using Third-Party Software Should Pay Attention
- Is Vibe Coding Safe Or A Cybersecurity Disaster Waiting To Happen?
- Anthropic Is Taking On Cybersecurity With AI, And It Has Brought Apple and Amazon Along For The Ride
Why This Matters For The Cybersecurity Market
The shift being signalled here is from AI as a security tool to AI as a security infrastructure layer.
Traditional vulnerability scanning tools work from known signatures and patterns. MDASH works from reasoning – it doesn’t need to have seen a vulnerability before to identify it. That’s a fundamentally different capability, and it’s one that compounds: the more novel the attack surface, the more useful an agent-based approach becomes versus a pattern-matching one.
For cybersecurity entrepreneurs, the arrival of MDASH as an enterprise product rather than a research project changes the playing field. Microsoft has the distribution, the existing enterprise security relationships and the data from millions of systems to train and refine a system like this at a scale that startups can’t easily match.
The key for cybersecurity founders is finding remaining gaps: narrow domain expertise, speed of deployment, integration with specific tech stacks, or the kind of human-in-the-loop oversight that large organisations will still need around AI-generated vulnerability reports.
What Comes Next
The June enterprise preview will be the first real test of whether MDASH’s benchmark performance translates into operational value at scale.
Benchmarks and internal tests are one thing; the noise and complexity of a live enterprise environment, with proprietary codebases, unusual configurations and legacy dependencies, are another. These 16 Windows vulnerabilities provide a powerful proof of concept, but the enterprise preview will yield more useful data.
For entrepreneurs and managers who have been tracking the enterprise security incidents pile up despite significant investment in existing tools, the underlying premise of MDASH is hard to argue with: if AI agents can find vulnerabilities faster and more reliably than human researchers working with traditional scanners, the question is only how quickly that capability becomes standard. If the June preview delivers, that timeline just got a lot shorter.
