Twilio teams with Microsoft to drive enterprise conversational AI
The collaboration will leverage Twilio's customer engagement platform in conjunction with Microsoft Azure AI Foundry, providing enhanced enterprise-grade infrastructure for conversational AI deployment. This partnership is intended to benefit Twilio's developer community, numbering over 10 million, alongside thousands of Microsoft's managed customers seeking to adopt advanced conversational interfaces.
Conversational AI, powered by natural language processing and machine learning, enables machines to interpret and respond to human conversations with increasing sophistication. The technology addresses common business challenges such as limited data precision and integration barriers caused by outdated legacy systems.
Twilio's expertise in communications, data, and AI will be paired with Azure's secure and scalable platform to assist enterprises in integrating conversational AI across various business functions. Specific areas of product development will include multi-channel AI agents for customer service automation, AI tools to assist live agents in contact centres, and solutions that enhance digital engagement between businesses and their clients.
"Every interaction between a business and their customers is an opportunity to build loyalty and trust, and those interactions have been drastically improved by AI," said Inbal Shani, Chief Product Officer at Twilio. "Conversational AI enhances customer engagement by delivering precision for our customers, and rich and dynamic experiences for their consumers."
The partnership will focus on building solutions using both Microsoft Azure AI Foundry and Twilio's engagement platform, which merges communications, contextual data, and AI. These solutions aim to enhance how enterprises automate customer interactions and drive more personalised engagement at scale.
Asha Sharma, Corporate Vice President, Azure AI Platform at Microsoft, commented: "Azure AI Foundry enables customers to confidently scale AI including AI agents across their organisation with our enterprise-grade technologies and best practices that help manage risk, improve accuracy, protect privacy, reinforce transparency, and simplify compliance. Customers will see strong business value with the combination of Azure AI Foundry and Twilio's communications and data capabilities – the critical last mile connection between businesses and customers."
Twilio is also introducing new conversational AI features, including ConversationRelay, which is now generally available. This tool allows developers to build sophisticated voice AI agents, integrating the latest in speech recognition, real-time streaming, and human-like responses. Additional updates include Conversational Intelligence, offering insights drawn from voice calls and message transcripts, which are available for voice communications and in private beta for messaging.
Khozema Shipchandler, Chief Executive Officer at Twilio, spoke on the future of customer engagement: "We are facing the end of customer experience as we know it, and Twilio's heritage in CPaaS, CDP, and AI-powered capabilities has positioned us well for a new era of customer engagement. To be successful, every business needs the right infrastructure: communications channels to connect with customers, contextual data to understand them, and the ability to accelerate it all with AI in a way that's powerful, flexible, and trustworthy."
Twilio has also previewed the next generation of its Customer Engagement Platform, designed to serve as the infrastructure underpinning all customer interactions. The platform will offer modular, interoperable systems that integrate with a range of AI ecosystems and support native large language model (LLM) integrations for greater efficiency.
Additional product enhancements announced include the expansion of communications channels, with upcoming general availability of Rich Communication Services (RCS) and WhatsApp Business Calling, as well as the introduction of a Compliance Toolkit to help businesses adhere to global regulations such as the Telephone Consumer Protection Act (TCPA).
Data residency enhancements were shared, with general availability of EU-based email data storage scheduled for July and SMS data residency in private beta later in 2025. Twilio's Segment Customer Data Platform (CDP) will receive a rearchitected journeys system for real-time, personalised customer engagement, alongside features such as event-triggered journeys, contextual payloads, strengthened observability, and native integrations with Twilio's messaging solutions.
Segment announced two new preferred partnerships with Amplitude and Attribution App, expanding the analytics and marketing attribution options available to users of its CDP.
Customer feedback was also highlighted. Dugan Winkie, Vice President and Head of Commercial Strategy at Cedar, stated: "ConversationRelay has been instrumental in helping us bring Kora, our AI voice assistant, to life. Twilio's real-time voice infrastructure, combined with our own data and AI, allows us to simplify the financial experience and meet patients with the same level of care, personalisation, and empathy they'd expect from a live agent—at scale."
Bob Summers, founder and Chief Executive Officer of Goodcall AI, said: "Being named a Twilio AI Startup Searchlight honoree has super-charged Goodcall's credibility, turning recognition into real revenue growth and an even faster innovation cadence. Twilio's feature-rich, rock-solid platform is the backbone that lets our Voice AI delight customers at scale while we push the boundaries of what conversational automation can do. I'm excited to join the SIGNAL stage to share our journey and inspire developers to build the next wave of voice-first experiences."
Twilio's recent developments reflect ongoing efforts to provide flexible, secure, and intelligent tools to support evolving business needs in customer engagement, personalisation, and compliance.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
4 hours ago
- Techday NZ
ScienceLogic unveils new AI features to boost IT automation & insight
ScienceLogic has announced updates to its suite of solutions, bringing new features to its AI Platform and Skylar AI Suite aimed at enhancing automation, observability, secure government operations, and low-code development for IT teams. The announcement follows recent industry recognition of ScienceLogic's offerings. The company has been named a Visionary in the 2025 Gartner Magic Quadrant for Observability Platforms and a Leader in The Forrester Wave: AIOps Platforms, Q2 2025. These accolades highlight the company's ongoing product development and its approach to agentic AI in support of Autonomic IT environments. "We're focused on delivering purposeful AI that empowers IT teams with the insight and control they need to stay ahead of disruptions," said Michael Nappi, chief product officer at ScienceLogic. "By combining advanced analytics, automation, and secure extensibility, we're helping customers drive better outcomes across hybrid-cloud and mission-critical environments." Among the headline updates is the refinement of the Skylar Analytics solution. ScienceLogic's Skylar Analytics has received industry awards including the AI Breakthrough Award for "Predictive Analytics Platform of the Year" and a Bronze Stevie in the "Artificial Intelligence and Machine Learning Solution" category. ScienceLogic has built on these achievements by enhancing Skylar Analytics in several ways. A core update involves improved data visualisation capabilities. The solution now incorporates Apache Superset dashboards, providing users with a broad set of visualisation tools. These include everything from bar charts to complex geospatial visualisations. The system is designed with an intuitive, no-code interface, so users with varying levels of technical experience can quickly build charts and dashboards to better convey data insights. ScienceLogic has also expanded its data export functions. New Open Database Connectivity (ODBC) integrations are available with Tableau and Microsoft Power BI, enabling business intelligence teams to conduct deep metric analysis. This capability allows organisations to leverage ScienceLogic's data lake using familiar tools and existing expertise. Additional enhancements include a new anomaly detection feature. The updated Device Investigator tool prioritises the scoring of outliers in time series data, displaying these directly to users for prompt awareness of unusual activity. Predictive alerting functionality has also been added, which automatically flags potential issues such as storage exhaustion or network oversubscription before they can escalate. Updates to the Skylar Analytics suite are intended to help IT teams shift from reactive responses to more proactive, insight-driven management of their IT environments. Government and compliance ScienceLogic's Government Cloud has achieved FedRAMP Moderate Authorisation, aligning with over 300 NIST controls. The platform is now listed on the FedRAMP Marketplace and the Department of Defence Information Network Approved Products List (DoDIN APL). These developments are intended to simplify procurement processes for federal agencies and strengthen operational resilience with Zero Trust-aligned dashboards and AI-based decision support. GPU monitoring and AI operations The updated NVIDIA GPU Monitoring ScienceLogic PowerPack (v100) is another feature of note. Targeting high-performance compute environments, including AI training, simulation, and edge computing, the PowerPack offers automated discovery and real-time monitoring of GPU metrics such as utilisation and thermal status. Built-in event policies issue alerts for conditions like overheating or performance degradation, supporting optimal use of expensive GPU systems and workloads. These monitoring capabilities help maintain uptime and manage the complexity of expanding GPU infrastructure. Low-code customisation tools ScienceLogic's Dynamic Application Builder has also been updated, providing a low-code wizard to accelerate the development of custom monitoring tools. The latest version enables developers to configure credentials, retrieve API or CLI payloads, and export data directly to the management platform. Additional features include support for rapid creation of PowerPack-ready components via snippet arguments, JC parsers, and custom headers, as well as improved security and authentication options. Integration with the Low-Code Tools PowerPack enables bulk deployment, with upcoming support for OAuth2 authentication planned. By introducing these enhancements, ScienceLogic is offering IT teams additional resources to monitor, manage, and automate systems according to evolving organisational requirements, with particular emphasis on visualisation, compliance, high-performance infrastructure management, and customisation through low-code development.
Techday NZ
4 hours ago
- Techday NZ
SharePoint flaw sparks urgent patch call amid new RCE threat
Cybersecurity experts are urging organisations to take immediate action following the disclosure of a critical vulnerability in Microsoft SharePoint, as highlighted in the latest Patch Tuesday security update. This newly identified issue, designated CVE-2025-49712, is raising alarms given its potential to facilitate remote code execution (RCE) when combined with other known flaws. Saeed Abbasi, Senior Manager of Security Research at Qualys Threat Research Unit, described the vulnerability as a significant threat, especially coming on the heels of last month's "ToolShell" zero-day attacks. Abbasi commented, "This RCE demands authentication but pairs dangerously with known authentication bypasses. Attackers chaining this with prior flaws could achieve full server compromise, and data exfiltration." He added that while there have been no reports of exploitation in the wild so far, experience suggests such gaps can be closed rapidly as threat actors adapt their techniques. Abbasi urged organisations to "prioritise and patch all SharePoint updates, rotate keys, and eliminate internet exposure," stressing that delaying mitigation efforts could trigger both regulatory scrutiny and significant data breaches. "SharePoint's exploit streak isn't over," Abbasi warned, underscoring the need for proactive management of the platform's security posture. The August Patch Tuesday update from Microsoft addressed a total of 107 Common Vulnerabilities and Exposures (CVEs). Of these, 13 were rated critical and 91 as important. Elevation of privilege (EoP) vulnerabilities accounted for 39.3% of the fixes, while remote code execution issues made up 32.7% - a pattern consistent with trends observed in previous months. Satnam Narang, Senior Staff Research Engineer at Tenable, noted that "this month's release highlights an upward trend in post-compromise vulnerabilities over code execution bugs. For the second consecutive month, elevation of privilege vulnerabilities represented the bulk of CVEs patched this month." Narang referred to the patch for CVE-2025-53779, a privilege escalation flaw known as BadSuccessor, describing its immediate impact as limited due to the specific prerequisites needed for exploitation. "An attacker must have at least one domain controller in a domain running Windows Server 2025 in order to achieve domain compromise," he explained, making it a targeted rather than broad-based risk. SharePoint vulnerabilities continued to receive particular attention, with Narang observing, "It might seem like déjà vu because Microsoft patched two more SharePoint vulnerabilities this month: a remote code execution flaw (CVE-2025-49712) and an elevation of privilege bug (CVE-2025-53760). After the chaos that ensued with the exploitation of the ToolShell vulnerabilities, any new SharePoint vulnerabilities understandably raise concerns." Since 2022, Microsoft has patched an average of 21.7 SharePoint vulnerabilities annually, with 2023 seeing a high of 25. With 20 already addressed in the current year, the record may soon be exceeded, according to Narang. Despite this volume of patches, he noted, "only three were exploited in the wild (CVE-2023-29357, CVE-2023-24955, CVE-2024-38094) in addition to the three ToolShell vulnerabilities (CVE-2025-49706, CVE-2025-49704, CVE-2025-53770)," though another, CVE-2025-53771, may also have been exploited based on emerging reports. Security practitioners highlight the recurring threat presented by SharePoint vulnerabilities, which can serve as gateways for lateral movement and deeper network compromise if not promptly addressed. With a rising tally of disclosed flaws and only a handful exploited so far, experts are calling for continued vigilance, patching discipline, and the hardening of exposed enterprise collaboration systems.
Techday NZ
2 days ago
- Techday NZ
August Patch Tuesday: Microsoft addressing 111 vulnerabilities
Microsoft is addressing 111 vulnerabilities this August 2025 Patch Tuesday, a volume which is around the recent average. In a neat parallel with last month, Microsoft is aware of public disclosure for a single one of the vulnerabilities published today, and claims no evidence of in-the-wild exploitation. Once again, the lone Patch Tuesday zero-day vulnerability is assessed as only moderate severity at time of publication, which brings Microsoft's lucky streak up to 11 months. Today's release includes the publication of nine critical remote code execution (RCE) vulnerabilities, although Microsoft has only marked one of these as more likely to see exploitation. Eight browser vulnerabilities have already been published separately this month, and are not included in the total. What do attackers want in a Windows context? Domain admin! When do they want it? Now! Today's lone zero-day vulnerability might be just what they need to break through the final layers of protection and swipe the crown jewels. CVE-2025-53779 is an elevation of privilege (EoP) vulnerability in the Windows implementation of Kerberos, which is enabled via abuse of dMSA configuration. The advisory FAQ provides more clues as to the nature of the attack than many comparable Microsoft advisories, but misses a golden opportunity for clarity, since it never sets out what it means by dMSA, leaving us scouring for contextual clues. Ultimately, we can determine from context that today's hot topic is the Delegated Managed Service Account, rather than the Defender Microservices Architecture or some other piece of Microsoft paraphernalia with matching initials. Microsoft's motivation is unimpeachable: the dMSA supports automated rotation of credentials for service accounts, and is specifically designed to prevent credential harvesting using Kerberoasting. Indeed, CISA has described Kerberoasting as one of the most time-efficient ways to elevate privileges and move laterally throughout an organisation's network. The good news here is that successful exploitation of CVE-2025-53779 requires an attacker to have pre-existing control of two attributes of the hopefully well protected dMSA: msds-groupMSAMembership, which determines which users may use credentials for the managed service account, and msds-ManagedAccountPrecededByLink, which contains a list of users on whose behalf the dMSA can act. However, abuse of CVE-2025-53779 is certainly plausible as the final link of a multi-exploit chain which stretches from no access to total pwnage. Finally, it's important to note that Microsoft is only publishing patches for Windows Server 2025, and that's because msds-ManagedAccountPrecededByLink was first implemented in Server 2025. Migrating to newer operating systems sooner rather than later remains good advice, but so is remediation of zero-day vulnerabilities which could give an attacker total control of your estate. The publication of any pre-authentication RCE in Windows will naturally spark discussion. Of course, not all pre-auth RCEs are created equal, and while CVE-2025-50165 has a hefty CVSSv3 base score of 9.8, and is certainly a cause for concern, it is not the worst of the worst, since it presumably isn't wormable. Despite that, a degree of alarm is amply justified, since the advisory FAQ mentions - twice! - that user interaction isn't required. Exploitation is via a malicious JPEG file, which could be delivered within an Office document or other means; perhaps even visiting a website would be sufficient, or receiving an email within Outlook, although the advisory doesn't explicitly confirm or deny these other possible attack routes. The malformed JPEG tricks the Windows Graphics Component into code execution via an untrusted pointer dereference. The context of execution isn't specified, so in the standard spirit of caution, we'll assume SYSTEM. This is hardly a new class of problem: we can cast our minds back a dozen years, for instance, and consider the broadly similar MS13-096. However, the specific flaw underlying CVE-2025-50165 is presumably a recent introduction, since only Windows 11 24H2 and Server 2025 receive patches. Patch this one sooner rather than later, since it could provide a skilled attacker with a valuable foothold from which to launch further attacks, including perhaps even today's CVE-2025-53779. The Windows GDI+ (Graphics Device Interface Plus) is at the centre of how almost all two-dimensional graphics are rendered on Windows assets. CVE-2025-53766 is a critical RCE in how GDI+ interprets metafiles, which are often used to store vector graphics. An attacker can achieve code execution via buffer overflow without privileges or user interaction. As with today's CVE-2025-50165, it's unlikely that this vulnerability could be wormable, but the most alarming path to exploitation involved simply uploading a malicious metafile to a Windows machine running unspecified web services. There is no mention of SharePoint, Exchange, Office, or other non-Windows products in the Security Updates section of the advisory, but that still leaves an essentially limitless potential attack surface; for example, anyone running a custom application offering file uploads could find themselves vulnerable to an attacker wielding a dodgy WMF file. On the bright side, the Preview Pane is not a vector in this case. A patch is available for Server 2008, but not Server 2012, a curious and possibly concerning pattern that we see from time to time with RCEs which affect the full historic range of Windows products. Today is certainly a good day for fans of critical RCE vulnerabilities which target weaknesses in how Windows interprets graphics. Exploitation of CVE-2025-50176, a flaw in the DirectX graphics kernel, could lead to execution in a kernel context. Microsoft considers exploitation more likely, which may be why the advisory doesn't provide a great deal of information about the means of exploitation, beyond a terse statement that type confusion is involved. Type confusion is where the kernel receives a pointer which it expects to be for one type of object, but is in fact for another, which is a bit like asking someone to read out loud from a restaurant menu, but then handing them their secret diary and hoping they won't notice the difference. Most people will not be fooled, but under the right circumstances, anything is possible. There are no significant changes to Microsoft product lifecycles this month. However, October will bring a flurry of changes, including the categorical end of support for non-LTSC versions of Windows 10.
