Azure Weekly

Issue 568

21st June 2026

An edition that contains more tutorials and thought pieces than announcements. Highlights this week include:

🤖 AI

  • Auto-Generated Rubric Evaluators: Building Context-Aware Evaluators for AI Agents by Shuo Qiu, Sydney Lister, Ilya Matiach, Ali Mahmoudzadeh, Salma Elshafey, José Santos, Vivek Bhadauria, Morteza Ziyadi, April Kwong, Vivek Bhadauria, Morteza Ziyadi, April Kwong · 5 min read The auto-generated rubric evaluator system creates task-specific evaluators that score AI agents' performance against defined criteria, validated across multiple datasets for accuracy and reliability.
  • Benchmarks in Microsoft Foundry (preview): Standardized model and agent quality checks by Ilya Matiach, Morteza Ziyadi, Han Che, José Santos, Ali Mahmoudzadeh, Shuo Qiu, Salma Elshafey, April Kwong, Vivek Bhadauria · 6 min read Benchmarks in Microsoft Foundry let developers run standardized open-source tests on any model deployment or agent, instantly comparing results via a UI or API while distinguishing between overall model performance and specific deployment quality.
  • Intelligent sampling in Microsoft Foundry: the science behind selecting better production traces by Ilya Matiach, Morteza Ziyadi, José Santos, Ali Mahmoudzadeh, Shuo Qiu, Salma Elshafey, April Kwong, Vivek Bhadauria · 13 min read Microsoft Foundry’s intelligent sampling technique uses a MinHash farthest-first algorithm to boost lexical diversity and LLM judge preference by 29% and 78%, respectively, making it ideal for evaluation and fine-tuning workflows that prioritize coverage over mirroring production frequencies.
  • Azure AI Foundry Architecture by Rajkishore Sahoo · 4 min read Azure AI Foundry introduces a centralized Hub for corporate governance and granular Project workspaces that inherit security policies while isolating developer assets, enabling seamless model swaps through a unified catalog with serverless pay-as-you-go or provisioned compute options, and integrates secure data fabrics via identity-dr
  • Azure AI Document Intelligence Tutorial by Rajkishore Sahoo · 6 min read Azure AI Document Intelligence’s v4.0 API introduces optimized deterministic extraction for structured templates, a new Layout Model delivering Markdown outputs ideal for RAG systems, and streamlined prebuilt models for financial documents with automatic check table parsing.
  • A Guided Tour of the New Microsoft Foundry Labs by Vaidyaraman Sambasivam · 6 min read Microsoft Foundry Labs offers hands-on access to cutting-edge AI experiments across six impactful domains, including MAI-Image-2.5 for advanced image generation and Fara 1.5 for computer-vision reasoning, enabling developers to immediately test frontier technologies without lengthy reimplementation delays.
  • Dragon Copilot and Microsoft Marketplace are transforming the way healthcare is delivered by Felipe Ospina · 6 min read Dragon Copilot and integration via Microsoft Marketplace aim to remove friction from overloaded clinical workflows by embedding AI directly into existing tools, addressing capacity constraints and inefficiencies in documentation, administration, and patient care.
  • New in Cowork – the UI refresh and the cost question everyone’s asking by Vesa Nopanen · 9 min read The refreshed Cowork UI in the Microsoft 365 Copilot app introduces a new "/cost" skill that lets users track exactly how many Copilot Credits each task consumes, enhancing transparency and control over usage.
  • Unlocking the next frontier of Local AI on Windows for Telecommunications by OpeSam-Olowu · 10 min read Unlocking next-frontier Local AI on Windows for telecommunications enables customer care agents to respond instantly with richer context, field workflows that continue offline, and privacy-by-default network operations, all leveraging the existing telecom device fleet without new hardware.
  • The Case for an Ontology Layer in Telecoms by Alberto Manuel · 5 min read An ontology layer in telecoms provides a shared semantic framework that translates fragmented, unstructured data into consistent business meanings, enabling AI models to reason across network, IT/OSS/BSS, customer interaction, and external ecosystem datasets while adhering to telecom-specific standards.
  • Azure AI Foundry vs Google Vertex AI by Rajkishore Sahoo · 6 min read Azure AI Foundry focuses on enterprise compliance with a Hub-and-Project hierarchy, while Google Vertex AI emphasizes a pipeline-first ecosystem integrated with GCP data services and offers superior multimodal model capabilities.
  • Revolutionizing Document Intelligence: Scaling Construction Industries with AI-Driven Extraction by Gaurav Bhardwaj · 8 min read This article shows how Azure AI services-Content Understanding, Foundry, Blob Storage, and OpenAI-are used to automate extraction from construction drawings, boosting productivity by enabling digital threads that reduce manual handoffs and improve project coordination.
  • A Practical, Technical Guide to Bringing AI Into Everyday Nonprofit Workflows by Tiffiany · 4 min read Microsoft Copilot for Microsoft 365 embeds AI directly into everyday tools like Word, Excel, Outlook, Teams, and PowerPoint, enabling nonprofits to automate knowledge work efficiently without needing new systems or specialized AI teams.
  • Copilot Cowork is now generally available by Vesa Nopanen · 6 min read Copilot Cowork’s general availability introduces usage-based billing with a grace period for Frontier users and three credit tiers-light ($1-$3), medium ($4-$7), and heavy (>$7)-plus the option to commit to P3 credits for discounts, reflecting its cloud
  • The Hidden Boundaries of Modern AI by Hazem Ali · 41 min read The article explains that AI models process inputs as encoded tensors rather than human-readable text, highlighting the critical distinction between how humans perceive prompts and how models actually interpret them.
  • Azure OpenAI Architecture: The Decisions That Actually Matter (Part 3) by Lucia Casucci · 13 min read Azure OpenAI’s architecture emphasizes GenAIOps practices-evaluation pipelines, full-stack observability, Model Router patterns, and prompt governance-to turn continuous model upgrades into routine operations rather than emergency events.
  • How to Score a User Simulator: Introducing USR-8 by José Santos, Shuo Qiu, Morteza Ziyadi · 13 min read USR-8 introduces an Eight-Metric User Simulation Rubric that separates simulator behavior from style, revealing failure modes hidden by composite scores and showing that most "good" simulators rely on prompt policy rather than orchestration code.
  • Build an Automated SLA Risk Agent with Routines in Microsoft Foundry by Laura Verghote · 6 min read This tutorial demonstrates how to build an automated SLA risk agent in Microsoft Foundry using Routines, which analyzes ticket data with Azure AI Search and surfaces potential SLA breaches daily.
  • Detecting Python Vulnerabilities with GraphCodeBERT by Anas Elhaag · 24 min read Detecting Python Vulnerabilities with GraphCodeBERT introduces CSI, a novel tool that uses code structure understanding instead of regex pattern matching to achieve an F1 score over 90% in identifying real vulnerabilities, addressing the limitations of existing tools like Bandit which rely on token patterns and often miss subtle security issues
  • All Agents Report Back to Me: Monitoring AI Agents with Chat by Elton Stoneman · 10 min read The article introduces a self-hosted Rocket.Chat chat server that lets AI agents post status updates via a custom skill, providing a unified monitoring portal with secure internal access for humans while keeping agent data private.
  • Building ShadowQuest: A Multi-Agent RPG by Sharda Kaur · 5 min read ShadowQuest showcases how specialized AI agents collaborate using Foundry IQ and GPT-4.1 to deliver immersive, context-aware responses in a multiplayer fantasy RPG built for the Agents League Hackathon.
  • Agents That Test Agents: A Cloud-Native Skill-Eval Harness on Foundry Hosted Agents by Kinfey Lo · 6 min read azure_skill_eval provides a cloud‑native harness on Foundry Hosted Agents to rigorously test skills like edu-video-script across multiple models and scenarios, using deterministic validators, an LLM judge for structured scoring, and an adversarial attacker agent to ensure robustness under varied prompts.
  • Gamifying World Improvement: A Reasoning-Agent RPG on Microsoft Foundry by Princeps · 6 min read The new reasoning‑agent RPG on Microsoft Foundry demonstrates how a multi‑agent system with live judges can validate complex world‑building tasks by requiring human approval at verification points, showcasing an architecture where each step, from company analysis to worker factory creation, is logged and reusable.
  • Cross-Region Model Connectivity Options in Microsoft Foundry: Supported Patterns and Tradeoffs by rayankhoury · 11 min read The article details three cross-region model connectivity patterns in Microsoft Foundry-direct connections, Azure API Management gateways, and VNet-secured APIM variants-explaining their use cases, tradeoffs, and a detailed VNet-secured implementation for enterprise deployments.

🔎 Analytics

🖥️ Compute

  • Azure Sets a New Performance Record for LLM Training Benchmark at Extreme Scale by Azin Heidarshenas · 4 min read Azure set a new performance record for LLM training benchmark at extreme scale, achieving just over seven minutes to train Llama 3.1 405B across 8,192 GPUs using fifth-generation NVLink and Azure’s 100 GB/s MRC networking fabric.
  • Azure Function App — Queue-Based Architecture for Long-Running Sync Jobs by James Dumont · 5 min read Azure Functions can handle long-running sync jobs by using a queue to decouple the HTTP trigger from execution, allowing workloads that exceed Azure’s 230-second HTTP timeout to run without caller timeouts while benefiting from automatic retry and robust authentication.
  • SAP HANA On Azure by Rajkishore Sahoo · 6 min read Azure offers two optimized compute options for SAP HANA-E-Series VMs starting at 160 GiB RAM and M-Series up to 30 TiB RAM-with large instances supporting up to 24 TB single-node capacity and multi-node frameworks reaching 120 TB, ensuring high performance for enterprise workloads
  • Windows Server vNext Insider Preview Build 29602 and QMR by James van den Berg · 2 min read Quick Machine Recovery (QMR) in Windows Server vNext Insider Preview Build 29602 automates boot-critical failure recovery using cloud-assisted diagnostics and automated fixes, significantly reducing downtime and operational overhead for enterprise environments.
  • Stop Overpaying for Azure Virtual Machines and Start Saving Today by Travis Roberts · 4 min read Stop Overpaying for Azure Virtual Machines and Start Saving Today by using B-Series VMs for burstable workloads, leveraging Spot VM pricing for deep discounts with interruption tolerance, selecting cost-effective regions, enabling auto-shutdown for idle dev/test environments, committing to Azure Savings Plans for predictable reductions on consistent
  • The Platform Era Expands: MDEP at InfoComm 2026 by yoabar · 5 min read MDEP expands as an enterprise-grade operating system, enabling partners to focus on differentiation with native Microsoft integrations, seamless operations at scale, and support for a growing range of devices.

🚢 Containers

  • What’s new with Microsoft in open source and Kubernetes at Open Source Summit and KubeCon India by Sean McKenna · 6 min read Microsoft unveiled new open-source tools and Azure Kubernetes Service enhancements aimed at improving operational reliability for AI workloads, including general availability of Azure Container Linux, preview of Azure Linux 4.0, and features like reversible upgrades, multi-cluster governance, and GPU efficiency boosts.
  • Accelerating AKS troubleshooting with the Azure Copilot Observability Agent by Yair Gil · 5 min read The Azure Copilot Observability Agent in Azure Monitor accelerates AKS troubleshooting by weaving together telemetry from multiple sources-metrics, logs, traces, and configuration changes-to help teams quickly identify and resolve complex issues across workloads, platform components, and infrastructure.
  • Closing the loop on container security: From code to runtime in the AI era by mahersko · 6 min read Microsoft Defender for Cloud now integrates continuous container security across code development and runtime operations on Azure, AWS, and GCP, using AI to detect vulnerabilities in real time and link findings directly to source repositories and running pods.
  • Azure Container Linux for AKS: Flatcar Grows Up by Richard Hooper · 1 min read Azure Container Linux for AKS now offers enhanced stability and additional features, making it a more robust choice for cloud-native workloads after transitioning from preview status.
  • AKS vs EKS by Rajkishore Sahoo · 8 min read AKS offers a free tier with no baseline control plane cost but lacks an SLA, while EKS provides 99.95% uptime SLA at $0.10 per hour per cluster across three AZs for high availability.
  • Scaling AKS Workloads on Custom Metrics with KEDA and Azure Managed Prometheus by Kasun Rajapakse · 1 min read This article demonstrates how to use Kubernetes Event Driven Autoscaling (KEDA) with Azure Managed Prometheus to automatically scale AKS workloads based on custom metrics like HTTP request rates.

🗄️ Databases

🛠️ Developer tools

  • Public Preview: New project templates and template gallery for Azure Functions in VS Code by The Azure Updates Team · 1 min read The Azure Functions VS Code extension’s new public preview introduces a redesigned, visually rich template gallery that lets developers quickly find and configure projects through search and filters, streamlining the creation process.
  • Microsoft Highlights Visual Studio Live! Event Lineup and Longtime Developer Community Role by David Ramel · 1 min read Visual Studio Live! has been a staple event for over a decade, with this year's 2026 series featuring keynotes in Microsoft headquarters, San Diego, and Orlando.
  • Behind the Longevity of Visual Studio Live!: The People, the Craft, and the Community by Tina Stenderup · 4 min read Visual Studio Live! persists by fostering deep community connections, evolving content to match platform shifts while maintaining enterprise relevance, and prioritizing credibility through measured technology coverage and interactive attendee engagement.
  • Distributed Test Runs in the Aspire Community Toolkit by Aaron Powell · 5 min read The Aspire Community Toolkit optimized its extensive test suite in GitHub Actions by using matrix strategies and smart selection to reduce CI runtimes from hours to minutes while maintaining cross-platform coverage.
  • Getting more from each token: How Copilot improves context handling and model routing by Mario Rodriguez · 7 min read GitHub Copilot enhances token efficiency by caching prompts, deferring tool definitions, and using Auto to select the optimal model for tasks like explanations, edits, or multi-file changes without developer intervention.
  • What are git worktrees, and why should I use them? by Mario Rodriguez · 4 min read Git worktrees let developers create parallel branches without stashing or context switching, streamlining workflow for AI-assisted and highly concurrent development projects, though they require managing dependency copies and proper folder cleanup.
  • GitHub Copilot CLI for Beginners: Overview of common slash commands by Mario Rodriguez · 3 min read Slash commands in GitHub Copilot CLI let beginners quickly switch models, monitor token usage, manage session context, and navigate projects-all from the terminal for efficient coding assistance.
  • Make Visual Studio look the way you want by Mads Kristensen · 3 min read Visual Studio 2026 introduces a Theme colors options page allowing users to customize any Fluent color token directly within the IDE, providing granular control over accent colors, hover states, and other visual elements without needing extensions or restarting the application.
  • Windows Subsystem for Linux 3 gives developers a compelling reason to stick with Microsoft - here's why by Steven Vaughan-Nichols · 1 min read WSL 3 enhances the Windows experience for developers by reducing friction in deploying and managing Linux-based AI, containerized applications, and development environments.
  • Neovim Clipboard on WSL: The One-Liner Fix by Frank Boucher · 1 min read This article provides a one-liner fix for Neovim clipboard issues on Windows Subsystem for Linux by installing the win32yank executable, which enables seamless copy-paste between Neovim and Windows applications.
  • Software development and AI by Damien Bod · 5 min read Software developers of the future need deep domain expertise to efficiently integrate AI tools, as merely improving speed or output quality without understanding the subject matter can degrade product value and teamwork effectiveness.
  • Migrating Agentic Code Python -> C# Part 1 by Jesse Liberty · 3 min read Migrating Agentic Code from Python to C# Part 1 demonstrates how to translate a multi-agent application for generating blog posts, including sample files and test outputs showing successful conversion with approved draft results.
  • Migrating Agentic Code Python -> C# Part 2 by Jesse Liberty · 1 min read This article continues a migration series, detailing how to bring Python configuration files into C# code and set up OpenAI and Tavily APIs for an agentic application, while introducing a new ResearchState class to manage workflow state.
  • Creating a multi-agent application – Part 5 (final) by Jesse Liberty · 1 min read This final part of the multi-agent application series demonstrates how to use LangGraph's StateGraph class to define workflows, including conditional edges that loop between agents based on review outcomes, enabling dynamic collaboration among research, authoring, and reviewing roles.

🔩 DevOps

  • Configure Azure Pipelines app in ghe.com by Jesse Houwing · 3 min read Configuring Azure Pipelines to work with GitHub Enterprise Managed Users (ghe.com) requires manually installing the Azure Pipelines app in the target GitHub organization via a hidden URL, as there is no direct authorization button available.
  • Introducing GitHub Pre-Purchase Plans: A Simpler Way to Plan Your GitHub Spend by Kyle Ikeda · 3 min read GitHub Pre-Purchase Plans let commercial customers commit upfront to usage-based GitHub services, receiving up to 15% savings and a predictable budget for variable AI-powered development costs.
  • From Error Log to Closed Ticket, Without Leaving Your Terminal by Artem Lovan · 3 min read The Azure Support Ticket MCP tool lets you create and manage support tickets directly from your terminal using natural language, automatically inferring context from resource IDs and offering preview-then-confirm actions to keep changes safe.
  • Accelerating researchers and developers building multilingual AI with a new open dataset by Mario Rodriguez · 4 min read The GitHub Multilingual Repositories Dataset reveals Korean dominates issue texts but Portuguese leads in READMEs, offering over 80 million classification rows to researchers and developers aiming to support multilingual AI projects.
  • ARM MCP Server: A Catalog of 24 PoCs by Joji Varghese · 9 min read The ARM MCP Server provides AI agents with first-class access to Azure infrastructure operations, offering six tools for querying resource graphs, validating queries, executing searches, managing ARM deployments, and monitoring deployment statuses, all executed under the signed-in user's permissions without requiring additional credentials or service principals.
  • Microsoft Build: Bicep as a declarative control plane for any system with an API? by Freek Berson · 3 min read The session demonstrated how Bicep can be extended to act as a declarative control plane, controlling a Zigbee light through Home Assistant via a custom Local Deploy extension, showcasing its potential for managing third-party APIs and edge environments.
  • Introduction to Azure Bicep roleDefinitions() function by Stanislav Zhelyazkov · 1 min read Azure Bicep's roleDefinitions() function simplifies managing Azure RBAC role assignments by clearly distinguishing it from traditional role definition resources, making it easier to handle both built-in and custom roles effectively.

🧬 Hybrid + multicloud

  • Azure Arc Server May 2026 Forum by Aurnov Chattopadhyay · 1 min read The May 2026 Azure Arc Server Forum announced a private preview for Windows Server 2016 ESUs and made Windows Server Hotpatch via Azure Arc available free of charge for Windows Server 2025 instances connected to Azure Arc.
  • Azure Local Multi-Rack Deployments: Scaling Hybrid Infrastructure in the Datacenter by Thomas Maurer · 1 min read Azure Local supports hybrid deployments across single machines, edge clusters, sovereign environments, and large multi-rack datacenter setups while maintaining a consistent Azure experience.

🎭 Identity

🔌 Integration

  • On the road to .NET 10 Support: Logic Apps Migration from In-Proc to Out-of-Proc hosting model by Wagner Silveira · 3 min read Azure is gradually migrating Logic Apps from in-proc to out-of-proc hosting, with most customers unaffected but those using NuGet-based deployment needing to update their apps before automatic migration occurs.
  • Message pumps fail in the transaction details by Daniel Marbach · 7 min read Message pumps face complex challenges when handling messages that involve database writes, additional message dispatches, failures mid-process, or transitions to different broker systems, requiring careful infrastructure design to manage concurrency, transactions, and error handling effectively.
  • Controlling Tool Access with APIM MCP Gateway by Sam Cogan · 10 min read APIM MCP Gateway provides fine-grained control over individual tools in enterprise MCP servers, enabling centralized authentication, rate limiting, logging, and policy enforcement without modifying the underlying MCP server.
  • Automating Daily MDE Compliance Monitoring Across Azure VMs by Sayan Roy · 10 min read This Azure Logic App automatically detects and alerts on VMs falling out of MDE coverage, notifying owners within 24 hours and providing daily CSV reports to streamline compliance monitoring.

🎓 Learning and Certifications

  • Recent and upcoming Microsoft exam changes – Sunday 21 June 2026 by Jurgen Kevelaers · 1 min read The forthcoming retirement of the AI-900 exam on June 30, 2026, marks a significant shift in Microsoft’s certification landscape, necessitating updated study plans for professionals.
  • Course Retirement: DP-3011 by Ashlee Lyman · 1 min read The retiring DP-3011 course will be replaced by DP-750, which offers a more comprehensive and role-aligned curriculum for mastering production-ready data engineering with Azure Databricks, including advanced topics like Unity Catalog, secure governance, and workload maintenance.
  • Microsoft AI Skills Fest wraps—and the momentum continues by Rick Claus · 3 min read Microsoft AI Skills Fest concluded with over 28 million minutes of free AI learning across 200+ countries, and participants can now claim sweepstakes prizes, Credly badges, and free certification exam vouchers by following the outlined steps.
  • How to Learn Azure from Scratch by Rajkishore Sahoo · 5 min read Learning Azure from scratch involves mastering foundational cloud concepts through the AZ-900 certification, understanding service models like IaaS, PaaS, and SaaS, organizing resources in resource groups and subscriptions, then specializing in Cloud Administration, Data & AI Engineering, or Platform/DevOps roles with targeted certifications.
  • Episode 430: Scouting out Microsoft Scout by Ben Stegink, Scott Hoag · 2 min read Episode 430 explores how Microsoft Scout’s local-first architecture enhances productivity by integrating with MCP workflows, custom skills, and offline automation more effectively than traditional Copilot solutions.
  • AZ-900 Practice Questions by Rajkishore Sahoo · 14 min read This AZ-900 practice guide breaks down the exam into three core domains-cloud concepts, Azure architecture and services, and management governance-with detailed strategies to tackle distractor questions effectively.
  • How to write blog posts with Copilot Cowork by Vesa Nopanen · 8 min read This article details how the author uses Copilot Cowork, particularly with Anthropic’s Claude Fable 5 model, to streamline writing blog posts by preserving context and style across long articles while incorporating real-time tools like Fable for drafts.

⚖️ Management and Governance

🚌 Migration

🌐 Networking

  • Generally Available: ICMP Support for Azure Standard V2 NAT Gateway by The Azure Updates Team · 1 min read Azure has introduced general availability of ICMP support for its Standard V2 NAT Gateway, allowing users to perform outbound ping tests and diagnose connectivity problems more efficiently.
  • Migrating from MSEE Hairpin Routing to AVNM Mesh for Large-Scale VNet-to-VNet Connectivity by Jay Li · 12 min read Migrating from MSEE Hairpin Routing to AVNM Mesh for Large-Scale VNet-to-VNet Connectivity reduces dependency on MSEE, improves latency and bandwidth efficiency, and simplifies management through group-based mesh configurations capable of supporting up to 5,000 VNets and 20,000
  • ICMP Support for Azure StandardV2 NAT Gateway by Malaika Nazim · 3 min read Azure StandardV2 NAT Gateway now supports outbound ICMP ping, enabling workloads to use ping for reachability testing and troubleshooting without additional configuration.
  • Windows Lies Make Application Gateway Certs Harder by Aidan Finn · 5 min read Windows’ aggressive certificate validation can hide incomplete chains, causing Azure Application Gateway to misinterpret TLS handshakes and mark backends as unhealthy when Linux or other clients would succeed.
  • Troubleshoot DNS Issues with PowerShell by Adam Bertram · 1 min read Use PowerShell commands to systematically test DNS name resolution, client settings, cache entries, and network connectivity for a repeatable troubleshooting workflow.
  • Azure Firewall explicit proxy Migration Guide by devanshirastogi · 3 min read The Azure Firewall explicit proxy feature will soon limit PAC files to 256 KB, support single HTTP/HTTPS ports, remove dual-port requirements, and require both a PAC file SAS URL and Managed Identity for security compliance after general availability.

🔐 Security

  • June update: What’s new in Security for partners by Jill Armour · 6 min read The June Security partner update highlights new product capabilities across Defender, Sentinel, Purview, and Agent 365, along with expanded go-to-market resources and incentives designed to help partners secure AI workloads and grow repeatable security services.
  • Microsoft Leads a New Era of Software Supply Chain Transparency by Shubhra Sinha · 3 min read Microsoft introduces Signing Transparency (MST), an open-source ledger that records every production build of Azure services in a tamper-evident SCITT standard, enabling customers to independently verify code integrity and audit the software supply chain at any time.
  • AutoJack: How a single page can RCE the host running your AI agent by Microsoft Defender Security Research Team · 15 min read AutoGen Studio’s AutoJack exploit lets untrusted web content within an AI agent bypass localhost protections, enabling remote code execution on the host machine by exploiting missing origin validation, absent authentication for MCP paths, and direct command injection from URL parameters.
  • Microsoft Security Copilot: AI-Driven Security Operations at Greater Scale by edgarus71 · 6 min read Microsoft Security Copilot leverages cloud-scale telemetry and threat intelligence to provide real-time, tailored recommendations that help analysts detect elusive threats, investigate incidents faster with contextual summaries, automate response steps, correlate signals across multiple domains for a unified view, and boost productivity by handling repetitive tasks, resulting in significant efficiency gains
  • New Forrester study shows customers who unified with Microsoft Security benefited from 124% ROI by Vasu Jakkal · 4 min read The Forrester study reveals that unifying with Microsoft Security delivers up to a 124% return on investment over three years through reduced breach likelihood, lower remediation costs, decreased technology spend, avoided headcount growth, and $3.0M in total cost of ownership savings.
  • Detection and automation, reimagined by Mohit Kumar · 14 min read Defender reimagines detection and automation by unifying endpoint, identity, email, cloud app, and Sentinel data into a single KQL experience, enabling richer cross-platform investigations and near-real-time custom detections with native response actions.
  • IT experts weigh in: Advanced Intune capabilities coming to Microsoft 365 E3 and E5 by Lior Bela · 4 min read IT experts from top MVPs explain how new advanced Intune features in Microsoft 365 E3 and E5 enhance security, analytics, and remote help capabilities with practical deployment guidance.
  • ​​Forrester names Microsoft a Leader in the 2026 Extended Detection and Response Platforms Wave™ report by Rob Lefferts · 5 min read Forrester highlights how Microsoft's Frontier approach to XDR, combining AI, people, and continuous defense mechanisms, enables rapid response to sophisticated cyberattacks.
  • Anatomy of the change by Mohit Kumar · 12 min read The new Microsoft Defender platform unifies incident management, correlation, and data investigation into a single experience, reducing manual work and improving response times for SOC teams.
  • Introducing New Additions to Microsoft Sentinel Normalization and ASIM by Derrick Lee · 3 min read Microsoft Sentinel has added new ASIM parsers for Azure Firewall, Key Vault, AWS CloudTrail (EC2, S3, IAM), and over 10 third-party products, along with two new schemas-Asset Entities and AI Agent Events-to enhance cross-source threat detection capabilities.
  • Security Copilot RBAC for Embedded Experience in Unified Security Platform by Santosh Pargi · 8 min read The Security Copilot RBAC model introduces a structured Role-Based Access Control framework to securely enable AI assistance within existing platforms like Defender XDR and Sentinel, ensuring that access is governed by an On-Behalf-Of model tied to the authenticated user's permissions while maintaining least-privilege security postures
  • 47 Day Certificates with Todd Gardner by Richard Campbell, Todd Gardner) · 1 min read The upcoming 47-day SSL certificates reflect a shift toward addressing certificate revocation inefficiencies, making automated replacement tools like CertKit crucial for seamless updates.
  • Announcing Public Preview: Agent Identities Asset Connector for Microsoft Sentinel by Krishna Sagar · 4 min read The Agent Identities Asset Connector for Microsoft Sentinel introduces a data model that maps human owners, agent identities, blueprints, and service principals, enabling security teams to answer critical questions about agent ownership, permissions, and governance within the broader identity ecosystem.
  • Transform your security operation with a unified experience in Defender by Mohit Kumar · 6 min read Microsoft is merging Sentinel’s SIEM, XDR, threat intelligence, AI, and automation into Defender by March 31, 2027, to unify security operations, streamline workflows, reduce operational complexity, and prepare teams for an AI-first era of cybersecurity.
  • How Enterprise App Management secures your App Catalog from ingestion to device by Intune Support Team · 6 min read Enterprise App Management secures your app catalog by curating metadata, validating apps through static malware scans and dynamic detonation testing, and inheriting Intune’s trusted Win32 delivery pipeline without requiring new agents or runtimes.
  • Microsoft Defender email security benchmarking: Key insights from one year of data by Jeff Pinkston · 5 min read The year-long benchmarking shows that Microsoft Defender consistently outperforms secure email gateways in pre-delivery threat detection, while integrated cloud email security vendors deliver the most value for filtering promotional and bulk emails, with Defender’s post-delivery remediation capabilities now accounting for an average 96% of
  • Microsoft Defender for Office 365 Plan 1 is now rolling out to Microsoft 365 E3 and Office 365 E3 by Vipul Pandey · 3 min read Microsoft Defender for Office 365 Plan 1 expands built-in security with advanced anti-phishing, Safe Links, Safe Attachments, and enhanced visibility, automatically enabling protections for E3/G3 license holders by August 2026.
  • Beyond the benchmark: Advancing security at AI speed by Taesoo Kim · 13 min read Microsoft’s new MDASH system uses multi-model AI agents to discover and remediate software vulnerabilities across complex platforms like Windows and Azure in real time, expanding human-led security review capabilities beyond traditional benchmarks.
  • Triage vulnerabilities with the Vulnerability Remediation Agent, now in public preview by Intune Support Team · 4 min read The Vulnerability Remediation Agent for Security Copilot in Microsoft Intune now publicly available, automating CVE identification, prioritization based on CVSS scores and impact, and providing step-by-step remediation guidance directly within the Intune admin center.

📦 Storage

💻 Virtual Desktop Infrastructure

  • Get ready for Windows 11, version 26H2 by Jason Leznek · 4 min read Windows 11, version 26H2 introduces a shared servicing model that enables smaller, quicker updates with minimal disruption, enhancing compatibility and reducing deployment complexity for IT organizations managing Windows environments.
  • Scaling High-Performance CAD on Azure Virtual Desktop with NVIDIA RTX PRO 6000 by Sunita AZ0708 · 4 min read The study demonstrates that Siemens NX can run efficiently with up to 30 concurrent users on a single Azure Virtual Desktop host equipped with an NVIDIA RTX PRO 6000, maintaining stable graphics rendering and consistent user experiences across various engineering workloads.

🔗 Web

Get Azure Weekly in your inbox every Sunday

Sign up to receive the email every week and keep on top of all the announcements.

Don't forget to confirm your subscription. We have a double opt-in sign up process to prevent spam.

We will never provide your details to any third parties. We don't spam.

Azure Weekly Logo