Microsoft's security agents

I think Microsoft has the right idea with their security agents. This could help the urgent "vibe code exploits" problem. From Axios:

Microsoft said Monday it will soon roll out 11 new AI agents for its security-focused Copilot aimed at offloading some of the most repetitive tasks that bog down cybersecurity teams.

Why it matters: Microsoft is the latest major vendor to embed autonomous AI agents directly into its security suite in an effort to reduce burnout for cyber pros and boost efficiency through AI-powered automation....

Starting next month, Microsoft will make six of its own new agents and five agents from partner companies available for preview in Security Copilot — which is already integrated into all of Microsoft's security tools.

• Each agent focuses on a different task: One specifically combs through potential phishing emails. Another can craft notification letters to send to different regulators after a data breach.
• Customers can configure each agent's level of access and autonomy, including whether the agent acts under its own identity (with a unique username and password) or as an extension of a human account.
• Each agent also has a map of its thinking so human users can review their decisions — and even override or correct their selections.

This could also pose a threat to code agent startups such as Cursor and Windsurf, as well as text-to-product interfaces like Lovable and Bolt.

Microsoft has a world class cybersecurity division. If they productize their cybersecurity expertise and bundle that into their coding agent (Github Copilot), then people who are serious about vibe coding responsibly will be compelled to switch.

This is one specific way in which Cursor, even though it was the fastest startup in history to reach $100M ARR, could be under threat as a business.