4 issues in large-scale unstructured data migrations and how Komprise in Azure Marketplace can help
In this guest blog post, Darren Cunningham, vice president of marketing at Komprise, discusses large-scale unstructured data migrations, common issues with using free tools to achieve them, how an analytics-first approach can help, and the benefits of Komprise in Azure Marketplace.
AI is evolving fast - are you keeping up?
Azure AI Foundry is helping businesses not just ride the AI wave but shape it. From cutting-edge AI agents to game-changing efficiency tools, Microsoft is empowering organizations to push the AI curve. 🔹 Automate workflows with AI agents 🔹 Unlock enterprise knowledge with Azure AI Agent Service 🔹 Optimize performance with NVIDIA-powered efficiency Don’t just adapt—lead. Discover the latest innovations transforming AI into a competitive advantage. Read on to learn more: https://aka.ms/WhatsNewinAzureAIFoundryMarch2025Start coding in minutes with the Quick-start Development Toolkit
The timeline from an idea for an app to coding is longer than most software development companies would like. Understanding the problem is only the first step in deciding what tools can be used to develop and how to code. And, with a dizzying array of development tools and approaches, time can be lost in consideration before anything is ever built. To help solve this problem, use the Quick-start Development Toolkit — collected actionable resources centered around best practice development patterns — that help software companies get targeted code packages to streamline their app development for AI, Copilot, and agents, AWS to Azure multi-cloud replication, or apps integrating Security. How does it work? As companies brainstorm apps to develop, they often know about the business benefits and purpose, the scenarios where the app would be valuable. What they might not have (without several dev cycles) is the general architecture of that app design and a quick way for their developers to iterate with code, seeing if it’s the right approach. As a result, their time to market may be slower and — when developing apps — this can be costly. With the Quick-start Development Toolkit, we’ve brought together the combined knowledge of experts at Microsoft to provide the foundations of getting developers working with applicable code within minutes: Reference solution architecture: to show how components are used and interact, Click-to-deploy reference code: cloud-ready templates get you coding in minutes, How-to articles: for context to help understand products, patterns, and tips to deploy. These streamlined resources help you and your team get ideas off the drawing board and into a tangible prototype within minutes, saving your team valuable dev cycles. Having access to these should cut time and effort from your dev cycles, helping you stay at the forefront of app development. We look forward to seeing your apps in market! Visit the Quick-start Development Toolkit to boost your code cadence today.
Looking for ISVs with managed app experience
Hi dear ISVs! Together with an ISV in the Netherlands we are planning a commercial marketplace managed app deployment. We are looking for ISVs out there who are willing to share their experiences with us. In particular we would like to learn how you are taking care of lifecycle management of your stateful deployments. How to provide a new version of your software without losing the customer's data.New blog series for ISVs replicating apps from AWS to Azure
For ISVs who are either considering or in the process of replicating their apps from AWS to Azure, the marketplace community blog now has a series of blog posts that dives deep into the advantages of doing so: ▪️ Embracing the multicloud advantage: a guide to replicating your app from AWS to Azure ▪️ Replicate your apps to Azure: A multicloud advantage for ISVs ▪️ Unlocking the multicloud advantage: AWS to Azure service comparisons ▪️ Securing the multicloud advantage: AWS to Azure security model comparison Access all of the posts above using this link.Strengthening the software development company supply chain with DevSecOps practices
As cyber threats grow in complexity and frequency, embedding security into the product design lifecycle is no longer optional—it’s essential. In the Microsoft Security for ISV series, our fourth session, “Strengthen the software development company supply chain with DevSecOps practices,” provides in‐depth insights into how software development companies can build robust, secure, and resilient applications while accelerating development processes. By integrating security into every phase—from design to production—software development companies can protect customer data, ensure compliance, and build lasting trust. Understanding the Evolving Threat Landscape According to GitGuardian’s 2024 report, public GitHub repositories saw an alarming surge in hardcoded secrets — with nearly 24 million new secrets (23,770,171) added last year. This represents a 25% increase compared to the previous year and highlights a troubling trend: long-lived plaintext credentials such as API keys, passwords, and authentication tokens continue to proliferate in open-source projects. Despite GitHub’s efforts to filter out known credential patterns during the push process, the rise in generic secrets—which can include common usernames, unstructured passwords, or basic auth strings—remains largely unmitigated, providing attackers of any skill level with an easy entry point and the ability to move laterally within systems. Key Security Strategies for Software Development Companies Embedding Security Throughout the Software Development Lifecycle The evolution of DevSecOps is transforming how organizations approach application security. Michael Friedrich, Cloud Solution Architect at Microsoft, underscored two primary challenges: Growing code bases often come with increased vulnerabilities Developers need intuitive security tooling that doesn’t disrupt productivity DevSecOps is all about “shifting security left” by integrating security practices throughout development—as code is written, built, and deployed—instead of addressing vulnerabilities only after production. This approach not only saves time and resources but also reduces the likelihood of exploiting application-level vulnerabilities. Key strategies include: Early threat modelling to identify and mitigate risks before deployment Collaborative workflows that bring together developers and security teams Continuous scanning methods (static analysis, secret scanning, dependency review) to catch issues early For a deeper dive, explore Microsoft’s Secure Development Lifecycle guide (https://www.microsoft.com/en-us/securityengineering/sdl). Integrating GitHub Advanced Security and Microsoft Defender for Cloud GitHub and Microsoft work in unison for a unified secure development experience. GitHub Advanced Security is embedded directly into the developer workflow to detect vulnerabilities through advanced code scanning (powered by CodeQL), secret scanning, and dependency checks. The integration means that security alerts are provided as developers code—not as an afterthought—which speeds up remediation and reduces production issues. In parallel, Microsoft Defender for Cloud (formerly Defender CSPM) offers a cloud security posture management solution that: Pinpoints and prioritizes risks with a context-aware engine Provides actionable, recommendation-driven insights for DevOps environments Delivers continuous scanning across multi-cloud environments and CI/CD pipelines Learn more about Microsoft Defender for Cloud at https://docs.microsoft.com/en-us/azure/defender-for-cloud and enhance your cloud security posture. The Secure Future Initiative: Secure by Design, Default, and Operations Microsoft’s “Secure Future Initiative” (SFI) is comprehensive framework ensures that security is embedded into every stage of product development and operations through three core principles: Secure by Design Incorporate security during the planning and architecture phases Protect identities and secrets from the start with strong key rotation, hardware security modules, and no hard-coded secrets Secure by Default Enforce robust security configurations so that protection is on by default (for example, MFA enforcement and least privilege access) Secure Operations Establish continuous monitoring protocols, rapid incident response, and centralized security logs Use tools like Microsoft Sentinel for real-time threat analytics These foundational elements ensure that as software development companies develop and scale innovative solutions—including those leveraging artificial intelligence—security remains a steadfast pillar. For additional guidance on Secure Future Initiative, visit https://www.microsoft.com/en-us/trust-center/security/secure-future-initiative Strengthening the Software Development Company Supply Chain with Modern DevSecOps Practices Modern software supply chains often include third-party dependencies, open-source libraries, and automated pipelines. Traditional security measures can’t keep pace with today’s integrated development models. Therefore, it’s critical to: Employ code signing and package verification for third-party components Adopt continuous security scanning using solutions like GitHub’s secret scanning with push protection Integrate Microsoft Defender for DevOps for comprehensive visibility from code to cloud For more on secure supply chain strategies, check out the Secure Supply Chain Consumption Framework (https://www.microsoft.com/en-us/securityengineering/opensource) Real-World Insights from BuildKite and the Role of DevSecOps Guest speaker Ken Thompson, VP of Product at BuildKite, shared practical examples from the front lines of secure continuous integration and delivery. BuildKite’s hybrid model, combining a software-as-a-service control plane with open-source on-premises agents, ensures that sensitive code and secrets never leave a customer’s infrastructure. This design enhances security while enabling: Rapid build times with hyper-parallelized pipelines Integrated security scanning within every build, thereby “shifting left” security Proven practices like the SLSA framework for artifact provenance, which verifies that code and pipelines are built in a trusted manner Ken highlighted examples where Uber have reduced build times from an hour to mere minutes while ensuring every pipeline pass incorporates critical vulnerability scanning. This demonstrates that robust security practices and efficiency can go hand in hand. Taking Action: Strengthening Your Security Posture Today Security is an ongoing journey. By adopting proactive security strategies, embracing DevSecOps practices, and integrating industry-leading tools, software development companies can build resilient, trusted applications that stand up to today’s cyber threats. Action Steps for Software Development Companies: Embed security into every phase of your SDLC Strengthen identity and access with strong MFA, conditional access, and the Zero Trust model Secure secrets using Azure Key Vault and GitHub Advanced Security for automated secret scanning Enhance supply chain security through continuous scanning and vulnerability remediation Monitor your cloud environments with Microsoft Defender for Cloud and Microsoft Sentinel for real-time insights Additional Resources: Microsoft Secure Development Lifecycle – https://www.microsoft.com/en-us/securityengineering/sdl Secure Supply Chain Consumption Framework – https://www.microsoft.com/en-us/securityengineering/opensource Cloud Adoption Framework – https://aka.ms/caf Zero Trust Guidance Center – https://aka.ms/Zero-Trust Start with Security – https://aka.ms/trysecurity SaaS Workload Guidance – https://learn.microsoft.com/en-us/azure/well-architected/saas/ Join ISV Success – https://www.microsoft.com/isvSecure Active Directory service accounts with Silverfort's solution in Azure Marketplace
In this guest blog post from Azure Marketplace partner Silverfort, its Chief Strategy Officer, Ron Rasin, explains how his company helps enterprises prevent cyberattacks by finding, securing, and monitoring service accounts.Exploring Azure AI Agent Service: A developer's guide
The world of AI is evolving rapidly, and at a recent TechConnect at the Azure AI Foundry Partner Council, we explored the game-changing potential of Azure AI Agent Service. This session was packed with insights for AI developers, cloud solution architects, and technical decision-makers eager to push the boundaries of agentic AI. If you're looking to simplify development, deployment, and scaling of enterprise-grade AI agents, this service is a must-know. In this blog post, we’ll summarize key topics covered during the session and provide insights into how Azure AI Agent Service can streamline your AI development process. Whether you're a seasoned developer or just starting, this is an exciting opportunity to learn how AI agents can autonomously execute business processes with minimal human intervention. Introduction to AI Agents The session kicked off by defining AI agents and their capabilities. Unlike traditional chatbots, AI agents are goal-driven and can autonomously execute business processes. They can reason over provided business logic, integrate with external data sources, and orchestrate actions to achieve specific goals. This marks a significant shift from simple conversational AI to intelligent, task-driven agents capable of decision-making and execution. Simplifying Development with Azure AI Agent Service Building AI agents traditionally involve working with frameworks like LangChain and Semantic Kernel and AutoGen which require developers to manage state, context, orchestration, and scaling. Azure AI Agent Service eliminates these complexities by offering a fully managed service with: Out-of-the-box tools for faster development Flexible model selection to fit diverse use cases Enterprise readiness with built-in security and scalability This means developers can focus on business logic rather than infrastructure concerns, accelerating the development cycle significantly. Function Calling and Code Interpreter Tools One of the standouts features of Azure AI Agent Service is function calling, which allows agents to interact with external systems by executing predefined functions. The session showcased how developers can: Define and use function calling to connect AI agents to other systems Utilize the code interpreter tool to enable AI agents to generate data visualizations and perform analysis These tools empower developers to create more dynamic and responsive AI agents that can process and present insights effectively. Extending Agent Knowledge with File Search AI agents are only as good as the information they can access. Azure AI Agent Service includes a file search tool that allows agents to tap into external data sources such as product catalogs, knowledge bases, or proprietary documents. This significantly enhances an agent’s ability to answer complex queries and perform in-depth analysis. Real-Time Information with Bing Search For scenarios that require real-time, up-to-date data, the Bing Search tool is a game-changer. The session demonstrated how this tool enables agents to fetch and analyze current web data for use cases like competitive analysis, market research, and trend monitoring. With seamless Bing Search integration, AI agents can stay relevant and informed in an ever-changing world. The training session wasn’t just about concepts, it was packed with practical demonstrations, live coding examples, and troubleshooting tips. You can watch the full session to help you: Understand the core capabilities of Azure AI Agent Service See live implementation of function calling, file search, and Bing Search tools Learn best practices for deploying scalable and secure AI agents Ready to Explore Further? Don’t miss out on the chance to deep-dive into agentic AI to enhance your AI development skills and streamline agent deployment. Check out the recording of the session to take your AI projects to the next level and unlock the full potential of Azure AI Agent Service! About the Azure AI Foundry Partner Council: The Azure AI Foundry Partner Council is a dynamic and collaborative initiative designed to foster innovation and drive advancements in artificial intelligence. This council brings together a diverse group of industry leaders, technology experts, and strategic partners who are committed to leveraging the power of Azure AI to solve complex business challenges. Through the Azure AI Foundry Partner Council, members are empowered to push the boundaries of what is possible with AI, ultimately driving progress and delivering value to their organizations and customers. Call to Action Learn more about how Azure AI Agent Service: Revolutionizing AI Agent Development and Deployment Start trying Azure AI Agent services in Azure AI Foundry or Start building with the SDK documentation Dive deep into enterprise knowledge extensibility in Azure AI Agent Service Learn how to design, customize and manage AI applications with Azure AI Foundry Learn how to empower data-driven decision making with Microsoft Fabric Watch this recorded breakout session from Ignite 2024 to learn more about how companies are automating key business processes with Azure AI Agent Service Watch this live demo at Ignite 2024 to learn how customers are going beyond chat-based interactions Nominate to join the Azure AI Foundry Council via aipartnerteam@microsoft.com
