In today’s cloud-first world, resilience isn’t optional—it’s mission-critical. The next phase of cloud operations is about simplifying workflows, enhancing control, and removing friction from daily work. At Microsoft Ignite 2025, Azure is redefining resiliency with expanded capabilities to include Infrastructure Resiliency, Data Resiliency, and Cyber Recovery with AI-powered innovations designed to help you maintain uninterrupted business continuity.
Introducing the resiliency agent in Azure Copilot
With natural language guidance and automated actions, we are announcing the preview of the resiliency agent in Azure Copilot which helps you assess your current posture, fix gaps with intelligent automation, and continuously monitor your environment to keep critical workloads safe from disruptions.
Infra Resiliency: Leverage Guided Experiences to Become Zonally Resilient
The new Infrastructure resiliency experiences are designed to keep your critical applications running—even during unexpected zonal outages. These new capabilities empower you to actively assess and improve your architecture and continuously validate your resiliency posture.
Leverage at-scale views across Resources and Service Groups to uncover resiliency blind spots and prioritize remediation. Set resilience targets for your key workloads and invoke the resiliency agent from the operations center in Azure to proactively find resources (like virtual networks or firewalls) that are deployed in only one availability zone and could become single points of failure. Once identified the agent will highlight which resources aren’t zone-resilient and the risks they pose, such as potential downtime or IP address changes during a zone failure, enabling you to prioritize the most crucial gaps first. Then with a click, the agent will generate ready-to-run scripts (or commands) to distribute those resources across zones to address configuration drift and strengthen architecture. This guided automation ensures that even if an entire Azure zone goes down, your application stays up.
You can then validate readiness with built-in failure scenario drill templates (e.g., simulating a full availability zone outage) and proactively test failover behaviors without impacting production using default faults or custom runbooks. Create predefined recovery plans that sequence the failover of your application’s components during test drills or actual failovers and execute them with a single click to automatically fail over workloads to another Availability Zone. Track failover progress in real time, monitor key performance metrics, and export attestation reports for compliance and audit readiness.
By streamlining what used to require multiple tools and significant expertise, you can utilize proactive insights, automated recovery, and continuous validation, to confidently strengthen your architecture, maintain operational continuity, and achieve high availability by design without the usual complexity.
Beyond Infrastructure: Data and Cyber Recovery
The expanded resiliency experiences go beyond infrastructure, bringing in powerful new & existing capabilities that help you stay protected and recover fast, whether it's meeting your RPO and RTO goals through smarter data protection or defending against ransomware with built-in cyber-recovery. At Ignite, we’re excited to showcase new innovations designed to help you strengthen your business continuity strategy and stay ahead of evolving threats.
Data Resiliency: Fortify your Cloud Data with enhanced workload protection & disaster recovery
Never get caught without a backup plan. Azure Backup is evolving toward application-centric recovery, expanding coverage to protect critical cloud-native workloads that power enterprise data apps. As part of this journey, we’re introducing vaulted backups for ADLS Gen2—a native, secure, and managed solution that safeguards data against deletion, corruption, and malicious threats. Additionally, agentless backup for Windows and Linux VMs is now available, offering crash-consistent protection across multiple disks with high-frequency, lightweight backups. This makes it ideal for performance-sensitive workloads such as databases, delivering reliable protection with minimal operational overhead.
And rather than manually checking each service or using separate dashboards for backups and disaster recovery, you can ask the resiliency agent to summarize your backup coverage across both primary and secondary regions. It will report which virtual machines, databases, or other resources are already backed up and replicating, and which ones might need attention. With granular recovery, long-term retention for compliance, and enterprise-grade management through the Resiliency blade in Azure, you can confidently ensure business continuity across your most vital workloads.
As part of our continued investment in resilience and scale, Azure Site Recovery now offers a suite of powerful enhancements to support enterprise-grade disaster recovery. Capacity Guidance now provides alternative VM size recommendations during failovers to improve allocation success in target regions. ASR now supports up to 5x churn (500 MB/s per VM), enabling protection of high IOPS workloads and ensuring robust recovery for data-intensive applications. We’ve also expanded disk support with Premium SSD v2 and Ultra Disks now fully supported, allowing seamless protection of performance-critical workloads across Azure regions. Finally, ASR enables failback from Azure VMs to on-premises Hyper-V even when the original replication used a storage account and the failed-over VM was converted to managed disks, offering greater flexibility and control in hybrid recovery scenarios.
For any critical resource that needs failover and failback capabilities, the agent can recommend the next step, like enabling Azure Site Recovery for cross-region replication. By turning on Site Recovery (with the agent’s guidance), you add a second layer of protection: if your primary region suffers an outage, those critical VMs can fail over to a secondary region with minimal downtime. In short, the resiliency agent ensures your data meets your business continuity goals. It helps you balance recovery point objectives (keeping data loss to a minimum with frequent backups) and recovery time objectives (restoring services quickly via failover). Through Copilot’s conversational interface, you can instantly get answers like “Are all my tier-1 workloads protected in a secondary region?” and follow prompts to fill any gaps reducing the need to hunt through multiple tools. The result is a cloud estate that’s not only backed up, but truly disaster-ready.
Cyber Recovery: Safeguard your critical data against Ransomware Attacks
Fortify your backups against cyber threats. Strengthen your organization’s cyber recovery with Azure Backup’s Vault Soft Delete. This feature is enabled by default across all Recovery Services Vaults and ensures that backups remain recoverable for at least 14 days, even in the event of accidental or malicious deletions. It applies comprehensively to vaults, containers, backup items, and recovery points, offering robust protection against ransomware threats.
The resiliency agent in Azure helps guard your backup data and recovery systems so they remain reliable even if attackers strike. It continuously reviews the security posture of your Recovery Services Vaults (where your backups are stored) and other protection settings. If it finds that any backup vault is missing critical safeguards—say, if soft-delete or immutability isn’t enabled—it will alert you and recommend enabling them. Through the Copilot interface, you can simply ask something like “How secure are my backups?” and the agent may respond with a summary like: “4 of 5 backup vaults have soft-delete and immutability on. One vault needs immutability; enable it now?” You can then approve the suggestion, and the agent will automatically apply the setting or provide a script to do so. Through intelligent guidance and recommendations, the resiliency agent ensures your backups are tamper-proof and ready to restore. Therefore, even if a ransomware attack or accidental deletion hits your environment, you’ll have clean, safe backups to recover from. In essence, the agent helps make sure that when trouble comes, your last line of defense, your backup, remains intact and readily available.
Additionally, Azure Backup now also integrates with Microsoft Defender for Cloud (MDC) to enhance the security of Azure VM backups. With a one-time setup via Defender for Servers, Azure Backup automatically assesses the health of recovery points at the time of snapshot creation using Defender signals. This marks a significant step toward proactive threat detection in backups, helping organizations strengthen their overall cyber resilience posture.
Together, data resiliency and cyber recovery form a unified defense strategy that ensures enterprise-grade protection across the full spectrum of threats—from accidental data loss to sophisticated ransomware attacks. By combining deep workload-aware backup and disaster recovery with proactive threat detection and secure retention, Azure empowers organizations to safeguard critical data assets and recover swiftly with confidence. This integrated approach not only meets business continuity goals but also strengthens security posture, delivering resilient-by-default coverage for modern cloud environments.
Next Steps
Azure is reaffirming its commitment to enterprise resilience. Whether it’s a datacenter outage, a cyberattack, or a zonal disaster, your applications and data can keep running and recover swiftly.
Join us at Ignite 2025:
- BRK146: Resiliency & Recovery with Azure Backup and Site Recovery
- BRK148: Architect Resilient Apps with Azure Backup and Reliability Features
- BRK217: Resilience by Design: Secure, Scalable, AI-Ready Cloud with Azure
- BRK178: Architecting for Resiliency on Azure Infrastructure
Connect with Microsoft experts at the Azure Copilot, Operations, and Management expert meet-up booth to get your questions answered.
Additional Resources:
- Learn more about specialized agents across the entire cloud management lifecycle: Introducing Azure Copilot
- Sign up for the preview of Azure Copilot here
- Read about best practices about how to start, get, and stay resilient here
- Explore Resiliency features in Azure and join us in this journey from reactive recovery to proactive resilience here
- Explore new Learn documentation here
Microsoft