As AI continues to accelerate cyber risk globally, Microsoft has announced a new multi-model, AI-driven vulnerability discovery system — codenamed MDASH and embedded with more than 100 individual agents — and is now onboarding South African customers into the programme.
MDASH provides a harness for defenders to use multiple increasingly powerful models combined with agent reasoning, marking a step forward in how organizations identify and respond to security risks in the age of advanced AI. It was initially developed to leverage multiple third-party AI models to protect Microsoft code, and is now being made available to others in a private usage programme — reflecting a broader industry shift toward AI-driven, collaborative security models at scale.
Microsoft has identified five areas where advanced frontier models are disproportionately advantaged compared with traditional defenders: patching, open-source software, custom code created by an organization, publicly exposed systems and baseline security hygiene. The rapid advancement of AI capabilities has accelerated the cyber threat landscape ahead of expectations, with AI models increasingly as capable as advanced human experts in identifying security weaknesses — greatly reducing the barrier of entry for sophisticated attacks at scale.
“Organisations can no longer rely on legacy approaches to security alone,” said Kerissa Varma, Microsoft’s chief security advisor for Africa. “In a world where vulnerabilities can be discovered and exploited at scale, manual processes simply cannot keep up. The need for modern, cloud-based infrastructure and AI-driven defence has become urgent. Organisations must act now to modernise their infrastructure, adopt AI-enabled tools, and move towards more secure cloud environments where security protections can be applied broadly and at speed.”
The urgency is echoed in Boston Consulting Group’s report “AI Is Raising the Stakes in Cybersecurity,” which highlights a widening gap between threat exposure and defensive readiness across the continent. Nearly 60% of African companies report having experienced AI-enabled cyberattacks in the past year, yet only half are prioritizing the use of AI to strengthen their defences. Just 29% have implemented advanced AI-driven cybersecurity tools, while only 3% report a significant increase in cybersecurity budgets in response to AI-driven threats.
Microsoft’s latest Digital Defence Report highlights AI as a growing force multiplier for threat actors — enabling them to scale operations, personalize phishing campaigns and evade detection with greater precision, with AI-enabled phishing emails being 4.5 times more likely to be clicked than traditional attempts. In South Africa, these global trends are amplified by the country’s expanding digital footprint and its strategic importance across sectors such as financial services, energy and telecommunications. Combined with budget constraints and skills shortages seen across parts of Africa, this reinforces the need for faster, AI-driven security approaches and stronger baseline cyber hygiene.
As part of its continued investment in securing its platforms, Microsoft is expanding the use of AI-driven security research to identify vulnerabilities earlier and at greater scale. These AI-assisted findings are now being integrated into Microsoft’s regular Patch Tuesday releases, with the volume of AI-identified vulnerabilities increasing steadily month-on-month. “We expect this trend to continue,” Varma said. “While this strengthens protection overall, it also means organisations need to be able to apply updates quickly.” Organizations on modern cloud platforms benefit from more automated patching and built-in protections, while those managing on-premises environments should evaluate how quickly they can deploy critical updates.
Unlike single-model approaches, MDASH — built by Microsoft’s Autonomous Code Security team — orchestrates more than 100 specialized AI agents across a mix of frontier and distilled models to discover, validate and prove exploitable bugs end-to-end. The approach is deliberately not tied to one AI vendor or model, instead selecting the best model for the specific security task. “Cost will be an important consideration as businesses look to scale AI securely and sustainably,” Varma said. “The good news is that some of the most cost-effective models are exceptionally effective at specific security tasks — it’s about using the right tool for the right job.”
MDASH can discover, validate, prioritize and help remediate vulnerabilities across IT environments. It is already in use by Microsoft’s security engineering teams and has entered a limited private preview, with a number of South African customers currently being onboarded. The system recently topped the CyberGym AI security benchmark, outperforming single-model systems and demonstrating the effectiveness of coordinated, multi-model AI in real-world scenarios.
The cybersecurity challenge is compounded by a workforce shortage. According to BCG’s report, 82% of African organizations cite difficulty hiring AI-cybersecurity talent, underscoring the growing skills gap. Microsoft has expanded its cybersecurity skills campaign to South Africa, and through Ikamva Digital it is delivering industry-aligned learning across all 50 TVET colleges — equipping youth with in-demand skills, including cybersecurity capabilities for roles such as security analyst and IT administrator.
To support organizations further, Microsoft has widened access to practical security guidance through its Secure Now initiative, which provides actionable recommendations to address key areas of risk regardless of whether organizations use Microsoft security solutions. This builds on Microsoft’s broader Secure Future Initiative, which places security at the centre of everything the company designs, builds and operates.
As AI continues to reshape both the threat landscape and the tools available to defend against it, Microsoft is encouraging organizations to focus on the foundations of resilience — modern cloud-based infrastructure, timely patching, strong security hygiene and the use of AI to strengthen defence. “The conversation should not be about access to a single model,” Varma said. “It’s about building a comprehensive, resilient security strategy with the right capabilities in place today.”
