Blog Post

Microsoft Security Community Blog
4 MIN READ

Investigating M365 Copilot Activity with Sentinel & Defender XDR

Safeena Begum Lepakshi's avatar
Aug 14, 2025

As organizations embrace AI-powered tools like Microsoft Copilot, ChatGPT, and other generative assistants, one thing becomes immediately clear: AI is only as trustworthy as the data it can see. These systems are increasingly woven into everyday workstreams, surfacing insights, drafting content, and answering questions based on enterprise data signals. Yet behind the magic lies a new security frontier: making sure AI only accesses the right data, the right way, at the right time.

That’s where Data Security Posture Management (DSPM) comes into play. Data Security Posture Management (DSPM) for AI is a Microsoft Purview capability designed to help organizations discover, secure, and apply compliance controls for AI usage across your enterprise. With personalized recommendations, one-click policies help you protect your data and comply with regulatory requirements and get ahead of questions like:

  • Where is my sensitive data stored and who has access?
  • Are we protecting data from potential oversharing risks
  • Are we protecting sensitive data references in Copilot and agent responses?
  • How to maintain compliance and governance over data accessed by AI
  • Are we empowering users with AI safely and responsibly, backed by security?

In this blog, we will explore how Microsoft Sentinel and Defender XDR can help security teams operationalize DSPM for AI. From capturing Copilot interaction telemetry to building investigations and accelerating response.

To learn more about Data Security Posture Management (DSPM) for AI, please visit DSPM for AI

M365 Copilot activity in the SOC

Getting Started: This advanced hunting table is populated by records from Microsoft Defender for Cloud Apps. If your organization hasn’t deployed the service in Microsoft Defender XDR, queries that use the table aren’t going to work or return any results. To make sure the CloudAppEvents table is populated, make sure to enable Microsoft 365 activities. Follow this article for detailed steps. For more information about how to deploy Defender for Cloud apps in Defender XDR, refer to Deploy supported services.

You can perform Advanced Hunting of Microsoft 365 Copilot data through CloudAppEvents. CloudAppEvents is a powerful table in Microsoft Defender XDRs advanced hunting schema that captures user and admin activities across Microsoft Cloud apps.

To make sure the CloudAppEvents table is populated, follow the steps mentioned in the article here. The CloudAppEvents table contains enriched logs from all SaaS applications connected to Microsoft Defender for Cloud Apps refer to Apps and Services covered by CloudAppEvents

DSPM for AI and CloudAppEvents

Activity Explorer is the central investigative hub in Data Security Posture Management (DSPM) for AI. It surfaces granular telemetry about AI interactions, capturing prompts, responses, user identities, and sensitive information types (SITs) provided you’ve the right permissions/policies enabled. Whether the activity originates from Microsoft Copilot, third-party GenAI apps, or custom enterprise agents, Activity Explorer provides the visibility needed to assess risk and take action. Microsoft Purview’s Data Security Posture Management (DSPM) for AI provides visibility and it’s tightly integrated with Microsoft Sentinel and Defender XDR through the CloudAppEvents table.

The Flow Explained

  1. Event Generation in DSPM for AI
  • Every AI interaction, whether from Copilot, Fabric, or unmanaged apps like DeepSeek is captured in the Microsoft 365 Unified Audit Log.
  • These logs include metadata like user identity, app name, agent name, prompt content, and sensitivity label matches
  1. Ingestion into CloudAppEvents
  • The audit data flows into the CloudAppEventstable within Microsoft Defender XDR if you’ve enabled the app connector. Follow this article for detailed steps.
  • This table is part of the advanced hunting schema and includes telemetry for user and object activities across Microsoft 365 and other cloud apps
  1. Availability in Microsoft Sentinel
  • Because CloudAppEvents is also exposed in Microsoft Sentinel, customers can query AI-related activities using KQL for threat hunting, incident correlation, and compliance investigations.
  • This enables a unified view across Sentinel and XDR without needing a separate connector

 

What You Can Do with CloudAppEvents

  • Advanced Hunting: Use KQL to search for AI interactions that match specific sensitivity labels, user risk scores, or app types.
  • Incident Investigation: Correlate AI activity with alerts from Office 365.
  • Compliance Audits: Track for activity hunting.
  • Custom Dashboards: Visualize AI usage patterns in Power BI or Sentinel dashboards or Workbooks.
Example KQL Query

Best Practice: Build KQL queries that filter by Application == "Microsoft 365 Copilot" and ActionType == " Interactwithcopilot" to surface relevant events.

For eg., A simple query to get started analyzing the interactions of M365 Copilot

CloudAppEvents

| where Application in ("Microsoft 365", "Microsoft 365 Copilot Chat")

| where ActivityType ==  "Interactwithcopilot"

Known Gaps

The CloudAppEvents table, which ingests AI activity from the Microsoft 365 Unified Audit Log, is incredibly useful for activity hunting. It gives you metadata like:

  • Timestamp
  • User identity
  • App and agent name
  • Action type (e.g., AIInteraction)

You won’t see the actual prompt or response from the AI interaction and you won’t get DSPM enrichment like, Sensitivity Information Types (SITs), Policy hits. These records only contain message metadata. Navigate to Purview’s DSPM for AI Activity Explorer to review the prompts and responses.

While CloudAppEvents is great for identifying patterns and correlating activity across users and apps, it doesn’t give you the full picture needed for deep investigation or compliance auditing.

If you need that level of detail, you’ll want to pivot into DSPM for AIs Activity Explorer, where you can inspect the full interaction including prompt, response, and policy context.

 

Acknowledgements:

Special Thanks to Martin Gagné, Principal Group Engineering Manager, for reviewing this blog and providing valuable feedback.

Updated Aug 14, 2025
Version 1.0
No CommentsBe the first to comment