TL;DR: AI is changing how software gets built and how it gets attacked. CyberOne has been named an MDASH (Microsoft Multi-Model Agentic Scanning Harness) Engaged Partner, joining a select group of Microsoft Security Partners working directly with Microsoft to shape the next generation of AI-powered vulnerability discovery.
Why this Matters Now
The security risks created by AI-assisted development are no longer theoretical, Developers across every sector are using AI-powered coding assistants, autonomous agents and foundation models to accelerate delivery. The gains are real and so is the expanded attack surface that comes with them.
AI-generated code can contain exploitable vulnerabilities introduced at the pace and scale that traditional application security controls were not built to manage. AI agents operate with significant access across development environments, often without the governance frameworks that would apply to a human with the same permissions. The software supply chain now includes AI tooling and model dependencies that most organisations have not yet mapped.
Security leaders know this and the question is no longer whether to act, it is how to act effectively without disrupting the development velocity that AI has enabled.
Microsoft's answer is MDASH, CyberOne's role is to make sure that answer works for you.
CyberOne Named an MDASH Engaged Partner
CyberOne is proud to announce that we have been named an MDASH Engaged Partner, joining a select group of Microsoft Security Elite Partners and Microsoft Intelligent Security Association (MISA) members now engaged directly in MDASH's development.
At Microsoft Build 2026 this week, Satya Nadella's opening keynote placed securing AI-powered development at the centre of Microsoft's strategic direction. MDASH (Multi-Model Agentic Scanning Harness) is the platform driving that vision forward. As an Engaged Partner, CyberOne is working alongside Microsoft and its customers at the forefront of that development.
"Our partnership with Microsoft has always been about translating Microsoft's roadmap into practical outcomes for customers. MDASH is one of the most significant developments in application security we have seen. Being named an Engaged Partner means we can help customers understand what MDASH is, what it changes about their security posture and how to integrate it into the way they already work."
— Ben Harding, Microsoft Alliance Director, CyberOne
What Is MDASH?
MDASH stands for Multi-Model Agentic Scanning Harness, it is not a single AI model. It is an orchestration system, built by Microsoft's Autonomous Code Security team that coordinates more than 100 specialised AI agents working together across the vulnerability discovery lifecycle.
Rather than relying on one powerful model to find vulnerabilities in isolation, MDASH uses a configurable ensemble of models: heavy reasoning models for complex analysis, faster, lighter models manage high-volume scanning tasks. Agents scan source code, debate findings between themselves, validate exploitability and surface only confirmed, actionable risks.
The results speak for themselves, in less than 3 weeks following its initial launch:
- 96.55% CyberGym benchmark score: The leading industry measure for AI vulnerability discovery [Source: Microsoft Security Blog, June 2026]
- 88.45% → 96.55% Improvement in 3 weeks, a roughly 10% jump [Source: TechTimes, June 2026]
- 16 Previously unknown vulnerabilities discovered across Windows networking and authentication components, including four critical remote code execution flaws [Source: CSO Online, May 2026]
- 100% Recall on confirmed MSRC (Microsoft Security Response Centre) cases retrospective testing [Source: Microsoft Security Blog, May 2026]
- Zero False positives when tested against 21 deliberately planted vulnerabilities [Source: Microsoft Security Blog, May 2026]
For context, the CyberGym benchmark is developed by UC Berkeley researchers and measures AI systems against 1,507 real-world vulnerability reproduction tasks drawn from 188 open-source software projects. It is currently the most widely referenced public benchmark in this field.
"What stands out about MDASH is not the benchmark score, it is the architecture behind it. Orchestrating more than 100 specialised agents across a configurable model ensemble is how you build something that scales with enterprise complexity, not against it. That is the kind of capability our customers can actually operationalise."
— Luke Elston, Microsoft Practice Director, CyberOne
What This Means for CyberOne Customers
As an MDASH Engaged Partner, CyberOne is not simply accessing a preview programme, as a Microsoft Security Elite Partner we are working directly with Microsoft to shape how MDASH develops and how it is deployed effectively for enterprise customers.
The organisations that will benefit most are those currently scaling AI-assisted development, running DevSecOps programmes or assessing how to bring continuous vulnerability management into their software delivery pipeline. If that describes your organisation, this is the right time to start the conversation.
CyberOne brings Microsoft Security expertise, the offensive security capability and the practical delivery experience to help you move from awareness to action, understanding what MDASH means for your security posture and how to integrate it into the way you already work.
Ready to Understand What MDASH Means for your Security Posture?
We are working directly with Microsoft on MDASH development. If you want experienced, independent guidance on what this means for your organisation, start the conversation with the CyberOne team today.
