Explore Curated Marketplace Resources
Good morning, afternoon, evening community! I wanted to introduce myself; I am Stephanie, a pug and plant lover, and a leader in Marketplace FastTrack at Microsoft. I am here to help you streamline your Marketplace journey through curated self-serve resources to help you go further, faster. Reach out if you have any questions, feedback, or need help to publish an offer or win an imminent deal. đ Looking for a guide on publishing and transacting on the Azure Marketplace? Explore the Marketplace Playbook. âď¸ Need to simplify SaaS offer creation? Use the open-source code on Git Hub for SaaS Accelerator. đĽ Want to learn how flexible billing can unlock new deal structures? Learn more about Flexible Billing. Use Mastering the Marketplace videos and labs to upskill end-to-end. đ¸ Bringing an off-Marketplace renewal or renewing a Marketplace offer? Donât forget the agency fee discount. đ¤ Have you tried the App Advisor or Partner Center AI Assistant? Weâd love your feedback!
Discover what's new with GPT-4.1 on Azure OpenAI
The latest evolution in generative AI is hereâGPT-4.1, along with 4.1-mini and 4.1-nano, is now available on Microsoft Azure OpenAI Service and GitHub. With major upgrades in coding, instruction following, and long-context processing, GPT-4.1 is designed to help developers build smarter, faster, and more customized AI solutions. Plus, fine-tuning support is rolling out soon, making it even easier to tailor the models to your business needs. đ Learn more and explore the new features, performance benchmarks, and how to get started with GPT-4.1 today. Announcing the GPT-4.1 model series for Azure AI Foundry and GitHub developersA new era of AI reasoning has arrived
Weâre excited to share that the latest o-series models â o3 and o4-mini â are now available in the Azure OpenAI Service via Azure AI Foundry and GitHub! These new models unlock powerful capabilities in reasoning, safety, and multimodal AI â including: Enhanced reasoning & safety with deliberative alignment Vision support to analyze and understand visual data Multiple API options with reasoning summaries Parallel tool calling for advanced agentic solutions New audio models for transcriptions and customizable text-to-speech Whether you're building intelligent apps or exploring AI-driven innovation, these models are built to take your ideas further, faster. Learn more to get started!Exciting update: New Advanced Package benefit for ISV Success participants!
We are delighted to share yet another exciting benefit for our ISV Success program participants. In our ongoing commitment to support ISVs, we are introducing a new Advanced Package Benefit that could significantly enhance your development projects. NEW â Advanced Package Benefit - $25,000 USD ISV Success participants with an Azure, Security, or Industry AI certified software designation may now be eligible for additional Azure Sponsorship, providing another $25,000 USD, totaling an impressive $50,000 USD when combined with the Expanded and Core benefits packages. This substantial sponsorship aims to help you maximize the potential of Azure and drive innovation in your projects. Determine your eligibility To find out if you qualify for this advanced benefit, please reach out to your Build and Publish Engagement Manager. They will assist you in understanding the eligibility criteria and guide you through the process of applying for this additional Azure Sponsorship. At ISV Success, we are dedicated to offering valuable resources and support to help you achieve your development goals. Don't miss out on this exceptional opportunity to enhance your productivity and bring your projects to life with the power of Azure. To learn more about the ISV Success offering, go to https://www.microsoft.com/en-us/isv/isv-successStrengthening the software development company supply chain with DevSecOps practices
As cyber threats grow in complexity and frequency, embedding security into the product design lifecycle is no longer optionalâitâs essential. In the Microsoft Security for ISV series, our fourth session, âStrengthen the software development company supply chain with DevSecOps practices,â provides inâdepth insights into how software development companies can build robust, secure, and resilient applications while accelerating development processes. By integrating security into every phaseâfrom design to productionâsoftware development companies can protect customer data, ensure compliance, and build lasting trust. Understanding the Evolving Threat Landscape According to GitGuardianâs 2024 report, public GitHub repositories saw an alarming surge in hardcoded secrets â with nearly 24 million new secrets (23,770,171) added last year. This represents a 25% increase compared to the previous year and highlights a troubling trend: long-lived plaintext credentials such as API keys, passwords, and authentication tokens continue to proliferate in open-source projects. Despite GitHubâs efforts to filter out known credential patterns during the push process, the rise in generic secretsâwhich can include common usernames, unstructured passwords, or basic auth stringsâremains largely unmitigated, providing attackers of any skill level with an easy entry point and the ability to move laterally within systems. Key Security Strategies for Software Development Companies Embedding Security Throughout the Software Development Lifecycle The evolution of DevSecOps is transforming how organizations approach application security. Michael Friedrich, Cloud Solution Architect at Microsoft, underscored two primary challenges: Growing code bases often come with increased vulnerabilities Developers need intuitive security tooling that doesnât disrupt productivity DevSecOps is all about âshifting security leftâ by integrating security practices throughout developmentâas code is written, built, and deployedâinstead of addressing vulnerabilities only after production. This approach not only saves time and resources but also reduces the likelihood of exploiting application-level vulnerabilities. Key strategies include: Early threat modelling to identify and mitigate risks before deployment Collaborative workflows that bring together developers and security teams Continuous scanning methods (static analysis, secret scanning, dependency review) to catch issues early For a deeper dive, explore Microsoftâs Secure Development Lifecycle guide (https://www.microsoft.com/en-us/securityengineering/sdl). Integrating GitHub Advanced Security and Microsoft Defender for Cloud GitHub and Microsoft work in unison for a unified secure development experience. GitHub Advanced Security is embedded directly into the developer workflow to detect vulnerabilities through advanced code scanning (powered by CodeQL), secret scanning, and dependency checks. The integration means that security alerts are provided as developers codeânot as an afterthoughtâwhich speeds up remediation and reduces production issues. In parallel, Microsoft Defender for Cloud (formerly Defender CSPM) offers a cloud security posture management solution that: Pinpoints and prioritizes risks with a context-aware engine Provides actionable, recommendation-driven insights for DevOps environments Delivers continuous scanning across multi-cloud environments and CI/CD pipelines Learn more about Microsoft Defender for Cloud at https://docs.microsoft.com/en-us/azure/defender-for-cloud and enhance your cloud security posture. The Secure Future Initiative: Secure by Design, Default, and Operations Microsoftâs âSecure Future Initiativeâ (SFI) is comprehensive framework ensures that security is embedded into every stage of product development and operations through three core principles: Secure by Design Incorporate security during the planning and architecture phases Protect identities and secrets from the start with strong key rotation, hardware security modules, and no hard-coded secrets Secure by Default Enforce robust security configurations so that protection is on by default (for example, MFA enforcement and least privilege access) Secure Operations Establish continuous monitoring protocols, rapid incident response, and centralized security logs Use tools like Microsoft Sentinel for real-time threat analytics These foundational elements ensure that as software development companies develop and scale innovative solutionsâincluding those leveraging artificial intelligenceâsecurity remains a steadfast pillar. For additional guidance on Secure Future Initiative, visit https://www.microsoft.com/en-us/trust-center/security/secure-future-initiative Strengthening the Software Development Company Supply Chain with Modern DevSecOps Practices Modern software supply chains often include third-party dependencies, open-source libraries, and automated pipelines. Traditional security measures canât keep pace with todayâs integrated development models. Therefore, itâs critical to: Employ code signing and package verification for third-party components Adopt continuous security scanning using solutions like GitHubâs secret scanning with push protection Integrate Microsoft Defender for DevOps for comprehensive visibility from code to cloud For more on secure supply chain strategies, check out the Secure Supply Chain Consumption Framework (https://www.microsoft.com/en-us/securityengineering/opensource) Real-World Insights from BuildKite and the Role of DevSecOps Guest speaker Ken Thompson, VP of Product at BuildKite, shared practical examples from the front lines of secure continuous integration and delivery. BuildKiteâs hybrid model, combining a software-as-a-service control plane with open-source on-premises agents, ensures that sensitive code and secrets never leave a customerâs infrastructure. This design enhances security while enabling: Rapid build times with hyper-parallelized pipelines Integrated security scanning within every build, thereby âshifting leftâ security Proven practices like the SLSA framework for artifact provenance, which verifies that code and pipelines are built in a trusted manner Ken highlighted examples where Uber have reduced build times from an hour to mere minutes while ensuring every pipeline pass incorporates critical vulnerability scanning. This demonstrates that robust security practices and efficiency can go hand in hand. Taking Action: Strengthening Your Security Posture Today Security is an ongoing journey. By adopting proactive security strategies, embracing DevSecOps practices, and integrating industry-leading tools, software development companies can build resilient, trusted applications that stand up to todayâs cyber threats. Action Steps for Software Development Companies: Embed security into every phase of your SDLC Strengthen identity and access with strong MFA, conditional access, and the Zero Trust model Secure secrets using Azure Key Vault and GitHub Advanced Security for automated secret scanning Enhance supply chain security through continuous scanning and vulnerability remediation Monitor your cloud environments with Microsoft Defender for Cloud and Microsoft Sentinel for real-time insights Additional Resources: Microsoft Secure Development Lifecycle â https://www.microsoft.com/en-us/securityengineering/sdl Secure Supply Chain Consumption Framework â https://www.microsoft.com/en-us/securityengineering/opensource Cloud Adoption Framework â https://aka.ms/caf Zero Trust Guidance Center â https://aka.ms/Zero-Trust Start with Security â https://aka.ms/trysecurity SaaS Workload Guidance â https://learn.microsoft.com/en-us/azure/well-architected/saas/ Join ISV Success â https://www.microsoft.com/isv
Building your first AI Agent with Azure AI Agent Service
AI agents are transforming the way developers create intelligent AI applications, and Azure AI Agent Service is leading the charge. At a recent hands-on workshop at the Azure AI Foundry Partner Council, we explored how to build an agent application using Azure AI Agent Service, leveraging its powerful tools and SDKs to simplify AI development. Whether you're an experienced developer or just starting, this blog provides key insights into streamlining AI agent creation and integrating with enterprise systems. In this blog post, weâll summarize the key topics covered during the workshop and highlight how Azure AI Agent Service empowers developers to create scalable, intelligent agents with minimal complexity. Introduction to Azure AI Agent Service The workshop kicked off with an overview of Azure AI Agent Service, explaining how it enables developers to create goal-driven AI agents with advanced reasoning and execution capabilities. Unlike simple chatbots, these agents can integrate with external data sources, automate workflows, and execute complex business processes autonomously. Creating Your First AI Agent Developers were guided through the step-by-step process of building an AI agent using Python and the Azure AI Agent Service SDK. Key concepts covered included: Setting up the development environment Defining tools for the agent Managing conversations with threads Using system prompts to guide AI behavior Function Calling and SQL Queries One of the most exciting demonstrations involved function calling, where AI agents interact with external systems. The session showcased how agents can: Generate and execute SQL queries Retrieve, analyze, and manipulate real-time data Seamlessly integrate with databases for enterprise applications Code Interpreter for Data Visualization To enhance user interactions, the workshop highlighted the code interpreter tool, allowing AI agents to: Write and execute Python code Generate visual representations like pie charts Process CSV files for advanced data analysis Retrieval Augmented Generation (RAG) Developers were introduced to Retrieval Augmented Generation (RAG), a technique that improves AI responses by leveraging external documents. The session covered: Setting up a simple vector store Using file search to provide context-aware responses This technique is valuable for applications where AI agents need to reference structured data to provide accurate, informed answers. Bing Grounding for Competitive Insights A standout feature discussed was Bing Search grounding, which enables AI agents to: Retrieve up-to-date web data Perform competitive product analysis Deliver real-time business insights By integrating Bing Search, AI agents can stay informed with the latest industry trends, making them highly relevant in business environments. About the Azure AI Foundry Partner Council: The Azure AI Foundry Partner Council is a dynamic and collaborative initiative designed to foster innovation and drive advancements in artificial intelligence. This council brings together a diverse group of industry leaders, technology experts, and strategic partners who are committed to leveraging the power of Azure AI to solve complex business challenges. Through the Azure AI Foundry Partner Council, members are empowered to push the boundaries of what is possible with AI, ultimately driving progress and delivering value to their organizations and customers. Call to Action and Resources Leverage this GitHub Repo with Presenter and Proctor Resources Azure AI Agent Service Documentation Fundamentals of AI Agents on Azure Introducing Azure AI Agent Service Blog Post Python Library Workshop Repository Export and Import Agents using Solutions How to use Grounding with Bing Search in Azure AI Agent Service Sample Code for Custom Functions If youâre looking to take your AI development skills to the next level, donât miss this opportunity. Watch the recording today and start building intelligent AI agents with Azure AI Agent Service!New GitHub Copilot benefit for ISV Success Expanded Package
We are thrilled to announce a new benefit for some of our ISV Success participants. As part of our continuous commitment to supporting and empowering ISVs, we are introducing a NEW Expanded Package benefit that can take your development projects to the next level. NEW â Expanded Package benefit ISV Success Expanded Package participants are now potentially eligible for up to $5,000 in Azure credits, exclusively for GitHub Copilot. This incredible opportunity is designed to help you leverage the power of GitHub Copilot, an innovative AI tool that assists developers in writing code faster, with greater efficiency and confidence. How to determine your eligibility To find out if you qualify for this enhanced benefit, please reach out to your Engagement Manager. (To find out who is your assigned ISV Success Engagement Manager, type âwho is my engagement managerâ into the AI-powered assistant on ISV Hub: https://www.microsoft.com/isv/. If you are in Marketplace Rewards, you can email rewards@microsoft.com a member of the Market Rewards team will respond within 1-2 business days.) They will assist you in understanding if you are eligible for criteria and guide you through the process of applying for Expanded Package and these additional GitHub Copilot credits. At ISV Success, we are dedicated to offering valuable resources and support to help you achieve your development goals. Don't miss out on this exceptional opportunity to enhance your productivity and bring your projects to life with the power of GitHub Copilot. Stay tuned for more updates and exciting announcements from ISV Success! Additional Resources: Join ISV Success Review all ISV Success benefits Learn more about expanded benefitsAnother GitHub benefit for ISV Success participants!
I'm excited to share that ISV Success recently announced a new GitHub Copilot benefit! Expanded Package ISVs can now get up to $5,000 in Azure credits, exclusively for GitHub Copilot. This is a wonderful opportunity to help you leverage the power of GitHub Copilot. Learn more: Another GitHub benefit for ISV Success Participants! | Microsoft Community HubTransforming AI Development: Microsoft Azure AI âs new capabilities and tools announced
Microsoft is thrilled to introduce new tools designed to simplify AI app development at GitHub Universe this week. These innovations aim to empower developers with enhanced capabilities, making it easier to build and deploy AI applications and further integrate Microsoft Azure AI services into your favorite dev tools. See how tools like GitHub Copilot for Azure builds upon the Copilot Chat capabilities in VS Code and integrates with tools you already use like GitHub and Visual Studio Code. See the full list of tool and capability announcements made at GitHub Universe that will transform your AI development process. Azure at GitHub Universe: New tools to help simplify AI app development.What's New with GitHub for ISVs: September 2023 Edition
In this new monthly blog series focused on GitHub, we will be sharing product updates, notable reads, and other new resources that can be leveraged by ISVs who are building apps for the commercial marketplace. Check out what was new in September!
