Event details

Agent 365--generally available May 1, 2026--is a control plane that empowers IT admins, Security Operations analysts, Identity and Network Security admins, and Data Security & Compliance admins to ob...
Emily_Perina
Updated Apr 22, 2026
Nathalia_Borges's avatar
Nathalia_Borges
Icon for Microsoft rankMicrosoft
May 12, 2026

risky agent is one whose behavior—especially the data it generates or accesses—indicates a higher likelihood of sensitive data exposure or policy violations. IRM determines this by analyzing signals from agent activity (e.g., responses, data access, sharing) against policy-defined indicators and behavioral baselines, then aggregating those signals into a risk score and assigning a risk level to the agent.

arinkomins's avatar
arinkomins
Iron Contributor
May 12, 2026

Is there any documentation which details this out now?  So you must have IRM configured to have this piece work?  What are the policy-defined indicators?

As a follow-on, should risky behavior be detected, do you have plans to notify the AI administrator?