A new generation of frontier AI models is reshaping the cybersecurity landscape, reducing the time organisations have, to prepare for AI-powered cyberattacks. In response to this rapidly evolving threat environment, Microsoft has announced a new multi-model, AI-driven vulnerability discovery system embedded with more than 100 individual agents. Codenamed MDASH, this technology provides a harness for defenders to use multiple increasingly powerful models combined with agent reasoning and marks a significant step forward in how organisations identify and respond to security risks in the age of advanced AI.
MDASH was initially developed to leverage multiple third-party AI models to achieve security tasks and protect Microsoft code. It is an agentic security system that is now being made available to others in a private usage programme. This approach reflects a broader industry shift toward AI-driven, collaborative security models at scale.
AI acceleration reshapes the cyber threat landscape
Microsoft has identified five areas where advanced frontier models are disproportionately advantaged compared to traditional defenders – patching, open-source software, custom code created by an organisation, systems publicly exposed and baseline security hygiene.
The rapid advancement of AI capabilities has accelerated the cyber threat landscape ahead of expectations. AI models today, are increasingly becoming as capable as advanced human skills in identifying security weaknesses with accuracy and depth. This will greatly reduce the barrier of entry for sophisticated attacks at scale. As a result, traditional, manual security processes are no longer sufficient.
“Organisations can no longer rely on legacy approaches to security alone,” says Kerissa Varma, Microsoft’s Chief Security Advisor for Africa. “In a world where vulnerabilities can be discovered and exploited at scale, manual processes simply cannot keep up. The need for modern, cloud-based infrastructure and AI-driven defence has become urgent. Organisations must act now to modernise their infrastructure, adopt AI-enabled tools, and move towards more secure cloud environments where security protections can be applied broadly and at speed.”
This urgency is echoed in findings from Boston Consulting Group’s (BCG) report, AI Is Raising the Stakes in Cybersecurity, which highlights a widening gap between threat exposure and defensive readiness across the continent. Nearly 60% of African companies report having experienced AI-enabled cyberattacks in the past year, yet only half are prioritising the use of AI to strengthen their defences. Just 29% have implemented advanced AI-driven cybersecurity tools, while only 3% report a significant increase in cybersecurity budgets in response to AI-driven threats.
Microsoft’s latest Digital Defence Report highlights AI as a growing force multiplier for threat actors, enabling them to scale operations, personalise phishing campaigns, and evade detection with greater precision – contributing to AI-enabled phishing emails being 4.5 times more likely to be clicked than traditional attempts.
In South Africa, these global trends are amplified by the country’s expanding digital footprint and its strategic importance across sectors such as financial services, energy and telecommunications. Organisations operating in these environments, particularly those managing distributed workforces and more complex IT estates, face growing exposure to cyber risk. Combined with budget constraints and skills shortages seen across parts of Africa, this reinforces the need for faster, AI-driven security approaches and stronger baseline cyber hygiene.
Expanding AI-powered security to strengthen detection and response
As part of its continued investment in securing its platforms, Microsoft is expanding the use of AI-driven security research to identify vulnerabilities earlier and at greater scale. These AI-assisted findings are now being integrated into Microsoft’s regular Patch Tuesday releases, with the volume of AI-identified vulnerabilities increasing steadily month-on-month.
“We expect this trend to continue,” says Varma. “While this strengthens protection overall, it also means organisations need to be able to apply updates quickly.”
Organisations operating on modern cloud platforms benefit from more automated patching and built-in protections, while organisations managing on-premises environments should evaluate how quickly they can deploy critical updates.
Advancing security with multi-model AI
Unlike single-model approaches, MDASH, which was built by Microsoft’s Autonomous Code Security team, orchestrates more than 100 specialised AI agents across a mix of frontier and distilled models to discover, validate, and prove exploitable bugs end-to-end.
Microsoft’s approach is deliberately not tied to one AI vendor or one model. Instead, the company’s multi-model system selects the best model for the specific security task.
“Cost will be an important consideration as businesses look to scale AI securely and sustainably,” says Varma. “The good news is that some of the most cost-effective models are exceptionally effective at specific security tasks – it’s about using the right tool for the right job.”
MDASH can discover, validate, prioritise and help remediate vulnerabilities across organisations’ IT environments. It is already in use by Microsoft’s security engineering teams and has now entered a limited private preview, with a number of South African customers currently being onboarded into the programme.
This approach is showing strong industry results. MDASH recently topped the CyberGym AI security benchmark, outperforming single-model systems and demonstrating the effectiveness of coordinated, multi-model AI in real-world scenarios.
Enabling organisations to strengthen their security posture
Cybersecurity challenges are compounded by a workforce shortage. According to BCG’s report, 82% of African organisations cite difficulty in hiring AI-cybersecurity talent, underscoring the growing skills and capability gap.
Microsoft has expanded its cybersecurity skills campaign to South Africa to close the cybersecurity skills gap and through Ikamva Digital, it is delivering industry‑aligned learning across all 50 TVET colleges, equipping youth with in-demand skills, including cybersecurity capabilities for roles such as security analyst and IT administrator, to meet the rising need for digital safety and risk management professionals.
Building both talent pipelines and awareness is only one part of the equation. Organisations also need practical tools and guidance to translate skills into effective security outcomes at scale.
To support organisations on this journey, Microsoft has widened access to practical security guidance through its Secure Now initiative. This capability provides actionable recommendations to address key areas of risk, regardless of whether organisations use Microsoft security solutions, helping to strengthen baseline security hygiene across the ecosystem.
This work builds on Microsoft’s broader Secure Future Initiative, which places security at the centre of everything the company designs, builds and operates, ensuring that advances in AI are matched by equally strong safeguards and protections across its platforms and services.
A call to action for South African organisations
As AI continues to reshape both the threat landscape and the tools available to defend against it, Microsoft is encouraging organisations to focus on the foundations of resilience including modern cloud-based infrastructure, timely patching, strong security hygiene, and the use of AI to strengthen defence.
“The conversation should not be about access to a single model,” says Varma. “It’s about building a comprehensive, resilient security strategy with the right capabilities in place today.”
With MDASH and broader initiatives like Secure Now, Microsoft remains committed to supporting organisations in navigating the evolving cyber landscape, helping them move from reactive defence to proactive, AI-driven security.


