Microsoft is preparing to launch a significant new AI-powered security tool, a multi-model “scanning harness,” with a public preview set for June 2026.
This new tool is essentially a powerful, unified security layer for Microsoft's entire ecosystem. Instead of relying on a single AI model, it uses multiple frontier models working together to scan code, software components, and even other AI models for vulnerabilities. It integrates seamlessly with existing products that many companies already use, such as Microsoft Defender, GitHub, and Security Copilot, creating a single, intelligent defense system.
So, why is this happening now? The timing is driven by a convergence of several key factors. First, the technological groundwork has been laid. Microsoft recently tested powerful models like Anthropic's Mythos, proving its internal readiness. It also just launched a public preview for AI model scanning within Defender for Cloud, which serves as a foundational piece for this new harness. This coincides with a growing sense of urgency in the industry, as competitors like Anthropic are restricting access to their most powerful models due to potential misuse, creating a demand for strong, defensive tools.
Second, this launch perfectly aligns with Microsoft's broader strategic shift toward a multi-model approach. The company has already started incorporating multiple AI models in products like Microsoft 365 Copilot to cross-check and improve results. Applying this same principle to security is a logical and powerful next step.
Finally, the business infrastructure is ready for monetization. Microsoft has strategically prepared its licensing and billing systems. With the new M365 E7 license launching and existing E5 customers receiving Security Compute Unit (SCU) allocations, there's a clear path to turn usage of this new scanning harness directly into revenue. Given Microsoft's massive base of 1.6 million security customers, the financial potential is substantial.
This initiative didn't appear overnight. Its roots trace back to earlier technical integrations announced at events like Ignite 2025 and, more fundamentally, to the hard lessons learned from cyberattacks like the Midnight Blizzard intrusion in 2024. That incident catalyzed a company-wide push to embed stronger, preventative security deep within its development lifecycle, making the productization of a tool like this both credible and necessary.
- Scanning Harness: A term for a system that coordinates multiple tools or models to perform a comprehensive task. In this case, it uses several AI models to conduct security scans.
- Multi-model: An approach that uses multiple different AI models, often having them collaborate or cross-check each other's work to produce a more accurate or robust outcome.
- SCU (Security Compute Units): A consumption-based currency used by Microsoft. Customers use SCUs to pay for usage of security services like Security Copilot, similar to a pay-as-you-go phone plan.