The world of artificial intelligence is evolving at breakneck speed. For developers and enterprises racing to stay ahead, open-source AI frameworks have become indispensable. Among these, LangChain has emerged as a standout, recently surpassing the OpenAI SDK in monthly downloads on PyPI—a clear signal of its growing influence in the AI community.

According to the LangChain Interrupt 2025 Keynote, LangChain’s Python downloads have consistently outpaced those of OpenAI since November 2024, with the trend continuing through April 2025. This shift highlights not just a change in developer preference but a broader industry movement toward flexible, open-source solutions for building next-generation AI applications.

Why LangChain? Building Better, Faster AI Apps

LangChain offers a robust framework for developing AI applications, supporting multi-agent architectures and seamless integration with a wide range of Large Language Models (LLMs) and vector stores. Its extensive ecosystem—featuring official provider integrations and a vibrant community of third-party contributors—provides developers with the building blocks they need to innovate rapidly.

Key Advantages of LangChain:

• Multi-Agent Architectures: Easily build complex, collaborative AI systems.
• Broad LLM Integration: Connect with leading models and data stores from across the industry.
• Community-Driven Innovation: Leverage a rich network of open-source tools and integrations.

However, with great power comes great responsibility. The very features that make LangChain so attractive—its open ecosystem and partner integrations—also introduce new security considerations.

Security in the Spotlight: Microsoft’s Secure Future Initiative (SFI)

Recognizing the critical importance of security in today’s AI landscape, Microsoft launched the Secure Future Initiative (SFI) last year. This initiative is designed to strengthen the security of Microsoft’s products, protect customers, and set new standards for the industry, including open-source projects.

As part of SFI, Microsoft has been actively reviewing popular open-source AI frameworks. Earlier this year, Microsoft’s security team conducted a thorough audit of LangChain and its associated packages, including langchain-community and langchain-experimental. While these packages are optional, their widespread use, especially by developers who may not be fully aware of the distinctions between core, community, and experimental components, can expose applications to potential risks.

Addressing AI Security Risks: Lessons from Microsoft and LangChain

Microsoft’s AI Security Guidance identifies two primary risks for LLM-driven applications:

• Information Leakage: Sensitive data can be unintentionally exposed to unauthorized parties, potentially leading to data breaches.
• Privilege Escalation: Users may gain higher access levels than intended, enabling unauthorized actions.

Given the dynamic nature of agentic workflows, where code execution, evaluation, and data processing are common, these risks are particularly relevant for LangChain-based applications.

A Collaborative Approach to Safer AI Development

Microsoft has taken a proactive stance, working closely with LangChain to address these security concerns.

When we examined LangChain and its associated projects, we identified several areas for security improvement to address before using it in our production systems. Microsoft is committed to making Azure the most secure place for running AI workloads, and our Developer Relations team is working with LangChain to improve security and make it easier for organizations to use safely

Michael Scovetta, Microsoft Principal Security Assurance Manager

Over the past year and a half we’ve taken steps to make LangChain enterprise ready. Step one in this was rearchitecting the ecosystem to make packages like langchain-community and langchain-experimental optional and separate packages. As a next step, we’re excited to work with Microsoft to support more enterprises in their journey to leverage AI safely and effectively.

Harrison Chase, LangChain Co-Founder and CEO“

Strengthening the Ecosystem: Microsoft’s Ongoing Support

Microsoft is providing engineering resources, continuous integration tools, and workflows to help LangChain detect and prevent insecure code from being merged into the project. Through the Alpha-Omega initiative, Microsoft is also supporting improvements to LangChain’s documentation, helping organizations better understand and avoid potential security pitfalls.

A major milestone in this partnership is the creation of the LangChain-Azure mono-repo, a collaborative effort to make Azure the most secure platform for building AI applications with LangChain.

Getting Started: LangChain and Azure AI

For developers eager to explore the combined power of LangChain and Azure, getting started is straightforward:

1. Install the Azure AI Package for Python:

pip install langchain-azure-ai

2. Use Azure AI Models in Your LangChain Application:

from langchain_azure_ai.chat_models import AzureAIChatCompletionsModel
from langchain_core.messages import HumanMessage, SystemMessage

model = AzureAIChatCompletionsModel(
    endpoint="https://{your-resource-name}.services.ai.azure.com/models",
    credential="your-api-key",
    model="deepseek/DeepSeek-R1-0528"
)

messages = [
    HumanMessage(content="Translate the following from English into Italian: 'hi!'")
]

message_stream = model.stream(messages)
print("".join(chunk.content for chunk in message_stream))

3. For JavaScript Developers

Install the new langchain-azure-js package to access Azure AI Foundry within LangChain.

4. For Java Developers

Check out the updated, community-driven LangChain4J package.

Looking Ahead: A Model for Secure, Open-Source AI Development

The collaboration between Microsoft and LangChain sets a new standard for secure, open-source AI development. By combining the flexibility of LangChain with the robust security and scalability of Azure, developers can confidently build and deploy AI applications that are both innovative and safe.

As the AI industry continues to evolve, partnerships like this will be essential in ensuring that open-source frameworks remain secure, reliable, and ready for enterprise adoption.

Key Takeaways

• LangChain has surpassed OpenAI SDK in Python downloads, signaling a shift in developer preference.
• Microsoft’s Secure Future Initiative is driving improvements in AI security, including open-source projects like LangChain.
• Collaboration between Microsoft and LangChain is addressing critical security risks and enhancing enterprise readiness.
• Developers can now leverage Azure’s secure infrastructure and AI models within LangChain applications.