Cloudy with a Chance of Insights | A Microsoft Cloud (Azure, M365) Show for Architects & Engineers

This fortnight the capability conversation takes a back seat to a more awkward one. Cyrus opens on governance, with Anthropic's new Fable 5 model and the reported decision by Microsoft to stop its own staff using it over the data retention terms attached. It is a tidy example of an AI safety choice turning straight into an enterprise governance headache, and the cost and retention profile means the smartest model on the shelf is not always the one you can actually use.
He then walks through the June refresh of the Microsoft Cybersecurity Reference Architecture, now sitting inside the Security Adoption Framework, with data finally treated as a pillar in its own right, plus the Entra and Intune changes that will have help desks busy around the July 6 conditional access deadline.
David brings his most eclectic set of links yet and ties them to one thread: the model is good enough now, but are we? He gets into HVE Core and its research, plan, implement workflow, the CAIRA composable reference architecture that pairs with it, a sharp piece on scoping security assessments for attack paths rather than org charts, and intent driven specification development as a reply to the spec first orthodoxy. The argument lands somewhere uncomfortable, which is that most of the work now falls to us and most of us are not doing it yet.
Richard closes on two Build items. The GitHub Copilot app and its parallel worktree sessions, which behave like five developers on five branches at once, and Project Solara, Microsoft's agent first device platform running on a fork of Android. He looks at Solara through a management and identity lens rather than as a gadget, and asks what an endpoint where an agent acts for the user does to an identity model that quietly assumes a person is there.
Links
Microsoft Cybersecurity Reference Architecture and Security Adoption Framework
HVE Core (Hyper Velocity Engineering)
CAIRA (Composable AI Reference Architecture)
msicons.com architecture icon library
Project Solara at Microsoft Build
Socials
X/Twitter
Bluesky
LinkedIn
Facebook
Threads
Music
Music: Null Invocation, Monochrome Pulse

Richard and David are back together this week, and David has been saving things up. The episode starts with a practical conversation about how both hosts actually manage content discovery, which turns into an honest account of what Richard's Knowledge Hub app does and where it still falls short.
David's segment covers a lot of ground but lands in a consistent place. The MCP release candidate gets the most technical treatment, including a walkthrough of what stateless protocol core actually means in architectural terms and why the previous session-pinning behaviour was a genuine infrastructure problem. He follows that with Azure Container Apps Express, positioned as an agent-first runtime that addresses a real friction point in large organisations, and the AI Red Teaming Agent in Microsoft Foundry, which David uses as a way into one of the more important security concepts for agentic systems: indirect prompt injection. The ZoomIt segment wraps it all together, partly because Mark Russinovich's demo went spectacularly wrong on camera and they kept it all in, and partly because David uses it to pull a connecting thread through everything he covered.
Richard's soapbox landed mid-conversation, prompted by a Microsoft podcast he'd been listening to that week. The argument: the AI adoption conversation is presenting as fresh insight something that was said word for word about Microsoft 365 in 2017. Same language, same frameworks, same metrics. Richard also covers the Copilot Credit Pre-Purchase Plan, which he discovered the night before recording, including the commercial architecture behind it and the ACD stacking question that the documentation does not answer.
The episode closes with computer-using agents going generally available in Copilot Studio, a brief cross-industry tour including Google's shutdown of Project Mariner, the Perplexity/Amazon court case, and what to expect from Build 2026.
Links
MCP 2026-07-28 Release Candidate
Azure Container Apps Express (Microsoft Learn)
AI Red Teaming Agent in Azure AI Foundry
Microsoft 2026 Work Trend Index
Windows 365 and Azure Virtual Desktop expanding access
Modern Azure Resilience with Mark Russinovich
EventLogExpert on GitHub
ZoomIt (Sysinternals)
Mark and Scott Learn
Microsoft Copilot Credit Pre-Purchase Plan
Microsoft Agent Factory
Copilot Studio computer-using agents GA
Microsoft Build 2026
Find us
X/Twitter
Bluesky
LinkedIn
Facebook
Threads
Music
Null Invocation, Monochrome Pulse

David is away this week, so it is just Richard and Cyrus. The episode ended up covering more ground than planned, and a couple of conversations went in directions that were not on the outline and were probably better for it.
Richard opens with harness engineering, the concept he thinks explains why AI agent projects look so good in the demo and fall apart in production, then moves on to Agent 365 going generally available and what it does and does not actually provide. Cyrus has a segment on Defender antivirus and Intune that reframes a question most security teams are asking in a way that is, in Richard's view, considerably more useful. And there is an unplanned conversation about vibe coding and SonarCloud that produced a finding neither of them had expected.
Links
Harness Engineering (Red Hat Developer, April 2026)
Microsoft Agent 365 GA
Microsoft 365 E7 and Agent 365 GA
Copilot Flex Routing (Microsoft Learn)
IBM Bob GA (IBM Newsroom, April 2026)
IBM Bob product page
Find us
X/Twitter
Bluesky
LinkedIn
Facebook
Threads
Music
Null Invocation, Monochrome Pulse

**THANKS FOR EVERYONE WHO NOTICED THE AUDIO GLITCH. THIS HAS NOW BEEN RESOLVED**

This week, David pulls a thread across six seemingly unrelated Microsoft GitHub repos and lands on a question the industry keeps skipping: whether the systems we're asking AI to reason about are actually readable enough for that reasoning to mean anything. It's a more durable framing than the usual "what can AI do for you" conversation, and it connects to everything from security posture to delivery backlogs to architectural fragility.
Cyrus covers a run of Microsoft security and identity updates. Entra license usage insights hitting GA, cross-tenant security group sync, Global Secure Access B2B support for AVD and Windows 365, macOS recovery lock, Defender promotional email handling, new advanced hunting tables, incident graph filtering, and Sentinel repositories reaching GA. He also highlights Chrome's rollout of device-bound session credentials, a hardware-backed fix to browser token theft that has been trivially exploitable for over a decade.
Richard covers a Microsoft Research paper on red teaming networks of AI agents. Over a hundred autonomous agents interacting through forums and messages, and four failure modes that only emerge when agents interact at scale: propagation, amplification, trust capture, and proxy chain invisibility. The researchers also observed emergent defences, with a small number of agents spontaneously developing security-conscious behaviour.
The episode closes with GitHub's shift from premium request units to token-based AI credits from June, and a shared comparison of what happens when agentic coding tools decide to ignore you.

This week Richard, David, and Cyrus cover agent governance, Copilot adoption pressures, AI memory architecture, and a prototyping workflow that bypassed design tools entirely. David walks through two tools from Merrill Fernando for querying Microsoft Graph via MCP, Microsoft's open source Agent Governance Toolkit and its response to the OWASP agentic AI top ten, and MemPalace, an AI memory project with an unexpected connection to The Fifth Element.
Richard looks at what the Copilot adoption numbers mean going into Microsoft's Q3 earnings, shares a prototyping workflow that produced a high-fidelity demo using GitHub Copilot and Claude instead of PowerPoint or Visio, and notes the Sentinel portal migration deadline has moved again to March 2027. Cyrus covers the security updates at pace, closing with a striking data point: 61% of C-suite leaders surveyed say their AI model assets or data have already been compromised.
Blog
The Microsoft Cloud Blog
YouTube
Cloudy with a Chance of Insights - YouTube
Soicials
Twitter / X
BlueSky
LinkedIn
Threads
Facebook

Music
Null Invocation: Monochrome Pulse
Monochrome Pulse on Soundcloud

For all the links to the articles etc, please visit the companion blog site.
The Microsoft Cloud Blog