Microsoft launches AI agent security stack at Build 2026

Microsoft ↗0.13% unveiled the MXC SDK at Build 2026, an OS-level sandbox that lets Windows enforce runtime constraints on AI agents.windows
MDASH, now in expanded preview, orchestrates over 100 specialized AI agents to identify exploitable code vulnerabilities across enterprises, according to Microsoft.zdnet
Two open-source standards, ASSERT and ACS, offer portable safety controls across any agent framework, with partners including IBM and KPMG.microsoft

Microsoft Unveils AI Agent Security Stack at Build 2026, Including OS-Level Sandbox and Open Governance Standards

Microsoft used its Build 2026 developer conference in San Francisco on June 2 to announce a layered security and governance framework for autonomous AI agents, introducing tools that span code-level vulnerability scanning, OS-level containment, and portable open-source policy standards.

Runtime Containment With MXC

Central to the announcement is the Microsoft Execution Containers (MXC) SDK, a cross-platform, policy-driven execution layer for AI agents running on Windows and Windows Subsystem for Linux. Rather than relying solely on application-level safeguards, MXC lets developers define constraints that Windows enforces at runtime, containing what agents can access and execute without eliminating their productivity value.windows

“Developers define what to constrain in their apps and agents, and Windows enforces those constraints consistently at runtime through MXC,” Microsoft wrote in a Windows Developer Blog post announcing the early preview. The SDK integrates with Agent 365 and Microsoft Entra for identity-based policy controls, with Microsoft Defender telemetry built in.windows

NVIDIA announced same-day support for building AI agents on Windows PCs using tools compatible with the new security primitives.nvidia

MDASH Expands With 100-Plus Specialized Agents

Microsoft also revealed an expanded preview of MDASH, its multi-model agentic vulnerability scanning system first unveiled in May. The tool orchestrates more than 100 specialized AI agents to identify, validate, and verify exploitable flaws across codebases — filtering out noise to surface genuinely actionable risks.zdnet

At Build, Microsoft integrated MDASH into a broader enterprise control framework linking GitHub Security, Microsoft 365, and Purview.windowsforum

Open-Source Governance: ASSERT and ACS

Alongside these platform-specific tools, Microsoft released two open-source projects designed to work across any agent framework. ASSERT (Adaptive Spec-driven Scoring for Evaluation and Regression Testing) converts organizational policies into concrete evaluation scenarios, surfacing safety defects before agents reach production. Agent Control Specification (ACS) provides a portable standard for placing deterministic safety controls at five checkpoints in an agent’s lifecycle — input, LLM, state, tool execution, and output — expressed as versionable YAML policies.microsoft

“Think of ACS as the MCP or A2A of agent safety,” Microsoft wrote, referring to Anthropic’s Model Context Protocol and Google’s Agent2Agent standard. Launch partners include IBM, KPMG, Zscaler, Arize AI, and CrewAI.microsoft

The announcements reflect Microsoft’s bet that as enterprises move AI agents from experimentation to production, security and governance tooling — not just model capability — will determine platform adoption.