Microsoft Defender for Cloud Apps is a Cloud Access Security Broker (CASB) solution that delivers comprehensive security for Software as a Service (SaaS) applications across your organization. This security platform provides visibility into shadow IT, threat protection, data loss prevention capabilities, and security posture management for cloud-based applications. The tool integrates with Microsoft Defender XDR to offer extended detection and response across the full attack chain. Recent updates include March 2026 changes to Secure Score category calculations that reclassify some recommendations from the Cloud apps category to Identity, more accurately reflecting where controls apply without changing the overall Secure Score.

Source

Microsoft announced several new Defender features at the RSA Conference 2026, most of which are in preview and have minimal technical documentation. The primary additions include AI-powered triage agents in Security Copilot that automatically classify security alerts, a new dashboard that consolidates identity-related security events, automated hardening actions based on attack predictions, and voice-call monitoring in Microsoft Teams.

Source

At RSA Conference 2026, Microsoft announced a comprehensive set of updates to Microsoft Sentinel, its cloud-native Security Information and Event Management (SIEM) platform. The announcements focus on AI-driven automation, simplified multi-tenant management, and enhanced data integration capabilities designed to help security operations centers (SOCs) operate more efficiently at scale.

Source

Microsoft Defender for Endpoint now includes an effective settings feature, generally available as of March 2026, that shows which security configurations are actually enforced on a device.

Source

The Defender deployment tool for Windows now ships as a single .exe with the onboarding package baked in, with configurable expiry dates, a required portal key to activate it, and onboarding event logs visible in the device timeline — replacing the old script/blob approach. The previous tool gave no clear status feedback, leaving admins unable to tell if onboarding was in progress or had failed.

Source

Microsoft Defender for Endpoint has received a set of new features and enhancements in February 2026, covering live response management, configuration visibility, vulnerability reporting, and predictive threat mitigation. These updates span endpoints running Windows, macOS, Linux, Android, and iOS. This article covers the most significant additions to the Defender portal and their operational impact on security teams.

Source

Library management is a new feature in Microsoft Defender for Endpoint that provides security operations teams with a centralized interface for uploading, organizing, and reviewing scripts and files before a live response session begins. Previously, analysts had to upload tools during an active investigation, which delayed response times. The feature is now generally available for enterprise customers and integrates with Microsoft Security Copilot for automated script analysis.

Source

OpenClaw, previously known as Clawdbot and briefly as Moltbot, is a free, open‑source personal AI agent that runs locally on your computer, enabling you to automate any task a human can perform on a computer. It gained rapid popularity, accumulating 100,000 GitHub stars in record time, along with tens of thousands of forks as it went viral. OpenClaw skills pose severe security risks because they are unvetted modules that may contain hidden, malicious instructions for the agent's model. These harmful instructions could result in API key leaks, data theft, credential compromise, and system breaches due to malicious code execution. This guide covers OpenClaw skill structure, known security incidents, and step-by-step instructions for scanning agent skills with the Cisco AI Skill Scanner. The Cisco AI Skill Scanner provides comprehensive security analysis of OpenClaw agent skills before installation, detecting malware, data exfiltration, and prompt-injection vulnerabilities.

Source