If any of our listeners are in Vegas for Blackhat or DefCon, come say hello. We may have a prize.

Words of Wisdom:

“Immediately pay what you owe to vendors, workers and contractors. They will go out of their way to work with you first the next time”

* Explore events at Microsoft

Security Insights - Foresight - Hindsight – July 2026 Edition

General

* Securing our future: July 2026 progress report on Microsoft’s Secure Future Initiative | Microsoft Security Blog

* Least privilege for AI agents: Identity, access, and tool binding | Microsoft Security Blog

* Unpacking the AsyncAPI npm supply chain compromise | Microsoft Security Blog

AI Security

* AI brands as bait: How threat actors are using the AI hype in social engineering | Microsoft Security Blog

* Beyond the benchmark: Advancing security at AI speed | Microsoft Security Blog

Agent365

* Least privilege for AI agents: Identity, access, and tool binding | Microsoft Security Blog

* Agent 365 Registry, local discovery, and runtime protection | Microsoft Learn

Azure Security & Defender for Cloud News

* What’s new in Defender for Cloud features (July 2026) | Microsoft Learn

Threat Intelligence

* Unpacking the AsyncAPI npm supply chain compromise | Microsoft Security Blog

* GigaWiper: Anatomy of a destructive backdoor | Microsoft Security Blog

Microsoft Entra

* Microsoft Entra ID security updates: Passkeys as default | Microsoft Security Blog

Device Management & Protection (Intune)

* What’s new in Microsoft Intune (July 2026) | Microsoft Learn

Defender XDR & Sentinel

* Monthly news – July 2026 | Microsoft Defender XDR Blog

* Sentinel Graph tools and custom detection rules as code | Microsoft Learn

* Defender XDR + Sentinel unified operations | Microsoft Learn

Copilot for Security

* Security Copilot agentic capabilities | Microsoft Learn

Purview – Compliance & Governance

* Purview data protection for AI agents | Microsoft Learn

* Purview for Agent 365 | Microsoft Learn

Non Microsoft Security News

* Polymarket supply chain compromise and theft → Podcast

* FBI Kali365 phishing warnings → Podcast

* AI-discovered vulnerabilities in summer campaigns → Podcast

* GitHub researcher bans and anti-tech trends → Podcast

AI for the Masses (from “AI Security OPS”)

* LiteLLM supply chain risks → AI Security Ops

* Model ablation and safety bypasses → AI Security Ops

* Embedding space attacks → AI Security Ops

* Open-weight models and harness risks → AI Security Ops

* Agent pentesting and bug bounties → AI Security Ops

Featured Resources & Deep Dives

* Defender XDR deployment guide

* Advanced hunting best practices

* Sentinel best practices

* Secure Copilot foundation

* Security for AI hub

What’s New in Defender (July 2026)

* What’s new in Microsoft Defender XDR | Microsoft Learn

* Local AI agent discovery + runtime protection

* Sentinel Graph + custom detection as code

* July Patch Tuesday follow-up

Daily Defender Dispatch – July 16, 2026

Daily Defender Dispatch: Least-Privilege Agents, AsyncAPI Breach, and Graph Tools

Least Privilege for AI AgentsNew guidance on identity, access, and tool binding for secure agentic AI.Takeaway: Review Agent 365 policies for least-privilege enforcement.

AsyncAPI npm Supply Chain CompromiseThreat actors weaponized trusted CI/CD workflows.Takeaway: Audit open-source dependencies in AI pipelines.

Sentinel Graph & Custom DetectionsEnhanced graph tools and custom detection rules as code now in preview.Takeaway: Test graph reasoning for faster investigations.

Non-MS HighlightsPolymarket breach and AI supply chain risks.Takeaway: Strengthen third-party AI vendor reviews.

AI for the MassesLiteLLM and model ablation attacks.



This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com

Podden och tillhörande omslagsbild på den här sidan tillhör Rod Trent. Innehållet i podden är skapat av Rod Trent och inte av, eller tillsammans med, Poddtoppen.