[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"article-wei-shen-me-microsoft-agentic-security-beats-single-model-ai-zh":3,"article-related-wei-shen-me-microsoft-agentic-security-beats-single-model-ai-zh":31,"series-industry-53abbb4e-1456-40bd-8619-9d2608ae8c65":84},{"id":4,"slug":5,"title":6,"content":7,"summary":8,"source":9,"source_url":10,"author":11,"image_url":12,"cover_image":12,"category":13,"language":14,"translated_content":11,"related_article_id":15,"keywords":16,"key_takeaways":23,"views":27,"created_at":28,"published_at":29,"topic_cluster_id":30},"53abbb4e-1456-40bd-8619-9d2608ae8c65","wei-shen-me-microsoft-agentic-security-beats-single-model-ai-zh","為什麼微軟的 agentic 安全模型贏過單一模型 AI","\u003Cp data-speakable=\"summary\">真正有效的 AI 安全研究，靠的是多模型 ag\u003Ca href=\"\u002Fnews\u002Fopenai-forms-4b-unit-enterprise-ai-rollout-zh\">en\u003C\u002Fa>tic 流程，不是單一模型聊天式掃描。\u003C\u002Fp>\u003Cp>微軟這次不是在秀 demo，而是在定義 AI 安全研究該怎麼做：先用多模型流水線做候選發現，再驗證、去重、交叉辯論，最後才把結果當成有效訊號。公司宣稱，MDASH 找到 16 個 Windows 網路與驗證漏洞，其中包含 4 個 Critical 等級的遠端程式碼執行漏洞；在 CyberGym 這個收錄 1,507 個真實漏洞的公開基準上，它拿下 88.45% 的成績。重點不只是分數高，而是它證明了安全研究的勝負手不是一顆更大的模型，而是一套能把懷疑變成證據的系統。\u003C\u002Fp>\u003Ch2>第一個論點\u003C\u002Fh2>\u003Cp>安全工作需要系統，不需要一個會講話的提示詞。微軟描述 MDASH 時明確說，它運行超過 \u003Ca href=\"\u002Fnews\u002Fmicrosoft-spent-over-100b-openai-partnership-zh\">100\u003C\u002Fa> 個專門 \u003Ca href=\"\u002Ftag\u002Fagent\">agent\u003C\u002Fa>，分工涵蓋目標準備、候選路徑掃描、可達性驗證、等價結果去重，以及在可能時進一步證明可利用性。這種流程和真正的漏洞研究高度一致。資深研究員不會看完程式碼就直接宣告 ex\u003Ca href=\"\u002Fnews\u002Fwhy-openai-deployment-company-right-move-zh\">plo\u003C\u002Fa>it 成功，AI 也不該這樣做；從「懷疑」到「證明」之間，差的就是一條可追溯的工作鏈。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778757051225-rreo.png\" alt=\"為什麼微軟的 agentic 安全模型贏過單一模型 AI\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>StorageDrive 的測試把這件事講得更清楚。微軟在一個私有 driver 裡預埋了 21 個漏洞，MDASH 宣稱全部找出，而且是 0 個 false positive。這不是漂亮而已，這是可用。因為在資安團隊裡，誤報不是小問題，它會吃掉 triage 時間、消耗信任，還會把真正高風險的問題埋進噪音裡。能在未見過的程式碼上維持精準度，才有資格進入工程流程。\u003C\u002Fp>\u003Ch2>第二個論點\u003C\u002Fh2>\u003Cp>單一模型不是問題的解法，模型編排才是。微軟的做法很直接：用 frontier model 當重推理引擎，用 distilled model 做高吞吐量掃描，再用另一個 frontier model 當獨立反方。這個架構才是突破點。資安裡，模型彼此不同意不是故障，而是訊號。如果一個模型指出一條攻擊路徑，另一個模型又無法有效反駁，那這個發現就更值得信任。這比起相信「哪個模型講得最像真的」要可靠得多。\u003C\u002Fp>\u003Cp>數據也支持這個判斷。微軟聲稱，MDASH 對 clfs.sys 五年來已確認的 MSRC 案例達到 96% recall，對 tcpip.sys 則是 100%，而且在 CyberGym 上的分數比第二名高出約 5 分。這些不是展示用數字，而是說明多模型流程能跨越真實歷史漏洞，而不是只在玩具題或精心設計的測試裡表現好。對防守方來說，這代表它有機會真正嵌入工程工作流，隨著程式碼、模型與攻擊面變動持續產生價值。\u003C\u002Fp>\u003Ch2>反方可能怎麼說\u003C\u002Fh2>\u003Cp>最強的反對意見很簡單：這仍然是微軟替自己打分。它擁有程式碼、基準故事、驗證管線和發布敘事。私有 codebase 與預埋漏洞，終究不同於外部真實世界那種混亂、敵意、不可控的環境。供應商可以把系統調到最適合自己的場景，卻仍然錯過開源生態、第三方軟體或攻擊者自適應情境裡最重要的 bug。再加上成本問題，100 多個 agent、多模型、插件、證明階段與人工監督，聽起來都比單一模型掃描更貴也更複雜。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778757044797-5xie.png\" alt=\"為什麼微軟的 agentic 安全模型贏過單一模型 AI\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>這個質疑成立，但不足以推翻結論。資安不是比誰最優雅，而是比誰能在不淹沒團隊的前提下找出可利用漏洞。微軟並沒有宣稱 MDASH 能取代人類或所有掃描器，它反而在證明：模型只是其中一部分，真正讓模型有用的是 harness。當系統能在植入漏洞上做到高 recall、0 false positive，還能在實際出貨到數十億用戶的生產 codebase 裡交出 proven findings，額外的複雜度就有其正當性。資安裡，能工作的複雜系統，勝過只會猜的簡單系統。\u003C\u002Fp>\u003Ch2>你能做什麼\u003C\u002Fh2>\u003Cp>如果你是工程師、PM 或創辦人，別再把 AI 資安工具當成「模型好不好」的問題。你該問的是：它怎麼驗證結果、怎麼去重、怎麼證明可利用性、用了哪些 agent、以及模型更新後管線怎麼維持穩定。若你在做這個領域的產品，請學的是操作邏輯，不是行銷話術：把系統做成多階段，把分歧變成訊號，把證明當成終點。MDASH 給出的教訓很直接，AI 資安要變成真實能力，靠的是一支紀律嚴明的研究團隊式系統，不是一個單獨的自動完成功能框。\u003C\u002Fp>","微軟這次站對邊了：真正能找出漏洞的，不是單一模型，而是多模型、可驗證、能證明結果的 agentic 安全系統。","www.microsoft.com","https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fsecurity\u002Fblog\u002F2026\u002F05\u002F12\u002Fdefense-at-ai-speed-microsofts-new-multi-model-agentic-security-system-tops-leading-industry-benchmark\u002F",null,"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778757051225-rreo.png","industry","zh","f290393e-c7dd-4ceb-89ab-20aebeb1f674",[17,18,19,20,21,22],"Microsoft","agentic security","multi-model AI","vulnerability discovery","CyberGym","MDASH",[24,25,26],"單一模型不足以支撐嚴肅的漏洞研究，關鍵在多模型編排與驗證流程。","誤報控制與可證明性，比模型本身的聰明程度更重要。","資安產品應以工作流為核心設計，而不是把模型當成全部。",4,"2026-05-14T11:10:29.509727+00:00","2026-05-14T11:10:29.358+00:00","caa87b65-9bbc-46fe-bba8-4f4158dd2d8b",{"tags":32,"relatedLang":43,"relatedPosts":47},[33,35,37,39,41],{"name":17,"slug":34},"microsoft",{"name":21,"slug":36},"cybergym",{"name":18,"slug":38},"agentic-security",{"name":20,"slug":40},"vulnerability-discovery",{"name":19,"slug":42},"multi-model-ai",{"id":15,"slug":44,"title":45,"language":46},"why-microsoft-agentic-security-beats-single-model-ai-en","Why Microsoft’s agentic security model beats single-model AI","en",[48,54,60,66,72,78],{"id":49,"slug":50,"title":51,"cover_image":52,"image_url":52,"created_at":53,"category":13},"381601ca-ac6d-41db-b8df-2711eadd0ed1","5-republican-quotes-on-federal-fraud-crackdowns-zh","5 個共和黨對聯邦反詐騙的說法","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780560172625-9ek9.png","2026-06-04T08:02:23.403684+00:00",{"id":55,"slug":56,"title":57,"cover_image":58,"image_url":58,"created_at":59,"category":13},"d73870f0-f463-413f-8f4e-0b859ca78c97","ai-fraud-blockchain-finance-defenses-zh","AI 詐騙跑太快，防線怎麼追","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780557487797-7fzf.png","2026-06-04T07:17:34.282107+00:00",{"id":61,"slug":62,"title":63,"cover_image":64,"image_url":64,"created_at":65,"category":13},"c64ecc12-d2bf-419c-938f-407b6ae2d74c","5-blockchain-ai-market-signals-for-buyers-zh","5 個區塊鏈 AI 市場訊號","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780556577201-iu8x.png","2026-06-04T07:02:25.523387+00:00",{"id":67,"slug":68,"title":69,"cover_image":70,"image_url":70,"created_at":71,"category":13},"fd2045a8-4772-4615-981c-eabdfa7f558d","7-ways-to-install-openclaw-zh","7 種安裝 OpenClaw 的方式","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780550292997-e3fd.png","2026-06-04T05:17:41.00891+00:00",{"id":73,"slug":74,"title":75,"cover_image":76,"image_url":76,"created_at":77,"category":13},"06734645-2e2f-4903-9e47-e6ac889e34b7","game-thread-prompt-turns-nba-chatter-into-template-zh","Game-thread prompt 把聊天變模板","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780547608583-tp2j.png","2026-06-04T04:33:05.772212+00:00",{"id":79,"slug":80,"title":81,"cover_image":82,"image_url":82,"created_at":83,"category":13},"c323ffb6-20c8-468a-9d37-68e801588ee5","5-takeaways-from-spurs-vs-trail-blazers-game-5-zh","5 個 Spurs 對 Trail Blazers Game 5 重點","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1780546677776-oc0j.png","2026-06-04T04:17:25.558061+00:00",[85,90,95,100,105,110,115,120,125,130],{"id":86,"slug":87,"title":88,"created_at":89},"ee073da7-28b3-4752-a319-5a501459fb87","ai-in-2026-what-actually-matters-now-zh","2026 AI 真正重要的事","2026-03-26T07:09:12.008134+00:00",{"id":91,"slug":92,"title":93,"created_at":94},"83bd1795-8548-44c9-9a7e-de50a0923f71","trump-ai-framework-power-speech-state-preemption-zh","川普 AI 框架瞄準電力、言論與州權","2026-03-26T07:12:18.695466+00:00",{"id":96,"slug":97,"title":98,"created_at":99},"ea6be18b-c903-4e54-97b7-5f7447a612e0","nvidia-gtc-2026-big-ai-announcements-zh","NVIDIA GTC 2026 重點拆解","2026-03-26T07:14:26.62638+00:00",{"id":101,"slug":102,"title":103,"created_at":104},"4bcec76f-4c36-4daa-909f-54cd702f7c93","claude-users-spreading-out-and-getting-better-zh","Claude 用戶更分散，也更會用","2026-03-26T07:22:52.325888+00:00",{"id":106,"slug":107,"title":108,"created_at":109},"bd903b15-2473-4178-9789-b7557816e535","openclaw-raises-hard-question-for-ai-models-zh","OpenClaw 逼問 AI 模型價值","2026-03-26T07:24:54.707486+00:00",{"id":111,"slug":112,"title":113,"created_at":114},"eeac6b9e-ad9d-4831-8eec-8bba3f9bca6a","gap-google-gemini-checkout-fashion-search-zh","Gap 把結帳搬進 Gemini","2026-03-26T07:28:23.937768+00:00",{"id":116,"slug":117,"title":118,"created_at":119},"0740e53f-605d-4d57-8601-c10beb126f3c","google-pushes-gemini-transition-to-march-2026-zh","Google 把 Gemini 轉換延到 2026 年 3…","2026-03-26T07:30:12.825269+00:00",{"id":121,"slug":122,"title":123,"created_at":124},"e660d801-2421-4529-8fa9-86b82b066990","metas-llama-4-benchmark-scandal-gets-worse-zh","Meta Llama 4 分數風波又擴大","2026-03-26T07:34:21.156421+00:00",{"id":126,"slug":127,"title":128,"created_at":129},"183f9e7c-e143-40bb-a6d5-67ba84a3a8bc","accenture-mistral-ai-sovereign-enterprise-deal-zh","Accenture 攜手 Mistral AI 賣主權 AI","2026-03-26T07:38:14.818906+00:00",{"id":131,"slug":132,"title":133,"created_at":134},"191d9b1b-768a-478c-978c-dd7431a38149","mistral-ai-faces-its-hardest-year-yet-zh","Mistral AI 迎來最硬的一年","2026-03-26T07:40:23.716374+00:00"]