AI Security Ideogram: Practical Controls and Accelerated Response with Microsoft
Overview As organizations scale generative AI, two motions must advance in lockstep: hardening the AI stack (“Security for AI”) and using AI to supercharge SecOps (“AI for Security”). This post is a practical map—covering assets, common attacks, scope, solutions, SKUs, and ownership—to help you ship AI safely and investigate faster. Why both motions matter, at the same time Security for AI (hereafter ‘ Secure AI’ ) guards prompts, models, apps, data, identities, keys, and networks; it adds governance and monitoring around GenAI workloads (including indirect prompt injection from retrieved documents and tools). Agents add complexity because one prompt can trigger multiple actions, increasing the blast radius if not constrained. AI for Security uses Security Copilot with Defender XDR, Microsoft Sentinel, Purview, Entra, and threat intelligence to summarize incidents, generate KQL, correlate signals, and recommend fixtures and betterments. Promptbooks make automations easier, while plugins provide the opportunity to use out of the box as well as custom integrations. SKU: Security Compute Units (SCU). Responsibility: Shared (customer uses; Microsoft operates). The intent of this blog is to cover Secure AI stack and approaches through matrices and mind map. This blog is not intended to cover AI for Security in detail. For AI for Security, refer Microsoft Security Copilot. The Secure AI stack at a glance At a high level, the controls align to the following three layers: AI Usage (SaaS Copilots & prompts) — Purview sensitivity labels/DLP for Copilot and Zero Trust access hardening prevent oversharing and inadvertent data leakage when users interact with GenAI. AI Application (GenAI apps, tools, connectors) — Azure AI Content Safety (Prompt Shields, cross prompt injection detection), policy mediation via API Management, and Defender for Cloud’s AI alerts reduce jailbreaks, XPIA/UPIA, and tool based exfiltration. This layer also includes GenAI agents. AI Platform & Model (foundation models, data, MLOps) — Private Link, Key Vault/Managed HSM, RBAC controlled workspaces and registries (Azure AI Foundry/AML), GitHub Advanced Security, and platform guardrails (Firewall/WAF/DDoS) harden data paths and the software supply chain end-to-end. Let’s understand the potential attacks, vulnerabilities and threats at each layer in more detail: 1) Prompt/Model protection (jailbreak, UPIA/system prompt override, leakage) Scope: GenAI applications (LLM, apps, data) → Azure AI Content Safety (Prompt Shields, content filters), grounded-ness detection, safety evaluations in Azure AI Foundry, and Defender for Cloud AI threat protection. Responsibility: Shared (Customer/Microsoft). SKU: Content Safety & Azure OpenAI consumption; Defender for Cloud – AI Threat Protection. 2) Cross-prompt Injection (XPIA) via documents & tools Strict allow-lists for tools/connectors, Content Safety XPIA detection, API Management policies, and Defender for Cloud contextual alerts reduce indirect prompt injection and data exfiltration. Responsibility: Customer (config) & Microsoft (platform signals). SKU: Content Safety, API Management, Defender for Cloud – AI Threat Protection. 3) Sensitive data loss prevention for Copilots (M365) Use Microsoft Purview (sensitivity labels, auto-labeling, DLP for Copilot) with enterprise data protection and Zero Trust access hardening to prevent PII/IP exfiltration via prompts or Graph grounding. Responsibility: Customer. SKU: M365 E5 Compliance (Purview), Copilot for Microsoft 365. 4) Identity & access for AI services Entra Conditional Access (MFA/device), ID Protection, PIM, managed identities, role based access to Azure AI Foundry/AML, and access reviews mitigate over privilege, token replay, and unauthorized finetuning. Responsibility: Customer. SKU: Entra ID P2. 5) Secrets & keys Protect against key leakage and secrets in code using Azure Key Vault/Managed HSM, rotation policies, Defender for DevOps and GitHub Advanced Security secret scanning. Responsibility: Customer. SKU: Key Vault (Std/Premium), Defender for Cloud – Defender for DevOps, GitHub Advanced Security. 6) Network isolation & egress control Use Private Link for Azure OpenAI and data stores, Azure Firewall Premium (TLS inspection, FQDN allow-lists), WAF, and DDoS Protection to prevent endpoint enumeration, SSRF via plugins, and exfiltration. Responsibility: Customer. SKU: Private Link, Firewall Premium, WAF, DDoS Protection. 7) Training data pipeline hardening Combine Purview classification/lineage, private storage endpoints & encryption, human-in-the-loop review, dataset validation, and safety evaluations pre/post finetuning. Responsibility: Customer. SKU: Purview (E5 Compliance / Purview), Azure Storage (consumption). 8) Model registry & artifacts Use Azure AI Foundry/AML workspaces with RBAC, approval gates, versioning, private registries, and signed inferencing images to prevent tampering and unauthorized promotion. Responsibility: Customer. SKU: AML; Azure AI Foundry (consumption). 9) Supply chain & CI/CD for AI apps GitHub Advanced Security (CodeQL, Dependabot, secret scanning), Defender for DevOps, branch protection, environment approvals, and policy-as-code guardrails protect pipelines and prompt flows. Responsibility: Customer. SKU: GitHub Advanced Security; Defender for Cloud – Defender for DevOps. 10) Governance & risk management Microsoft Purview AI Hub, Compliance Manager assessments, Purview DSPM for AI, usage discovery and policy enforcement govern “shadow AI” and ensure compliant data use. Responsibility: Customer. SKU: Purview (E5 Compliance/addons); Compliance Manager. 11) Monitoring, detection & incident Defender for Cloud ingests Content Safety signals for AI alerts; Defender XDR and Microsoft Sentinel consolidate incidents and enable KQL hunting and automation. Responsibility: Shared. SKU: Defender for Cloud; Sentinel (consumption); Defender XDR (E5/E5 Security). 12) Existing landing zone baseline Adopt Azure Landing Zones with AI-ready design, Microsoft Cloud Security Benchmark policies, Azure Policy guardrails, and platform automation. Responsibility: Customer (with Microsoft guidance). SKU: Guidance + Azure Policy (included); Defender for Cloud CSPM. Mapping attacks to controls This heatmap ties common attack themes (prompt injection, cross-prompt injection, sensitive data loss, identity & keys, network egress, training data, registries, supply chain, governance, monitoring, and landing zone) to the primary Microsoft controls you’ll deploy. Use it to drive backlog prioritization. Quick decision table (assets → attacks → scope → solution) Use this as a guide during design reviews and backlog planning. The rows below are a condensed extract of the broader map in your workbook. Asset Class Possible Attack Scope Solution Data Sensitive info disclosure / Risky AI usage Microsoft AI Purview DSPM for AI; Purview DSPM for AI + IRM Unknown interactions for enterprise AI apps Microsoft AI Purview DSPM for AI Unethical behavior in AI apps Microsoft AI Purview DSPM for AI + Comms Compliance Sensitive info disclosure / Risky AI usage Non-Microsoft AI Purview DSPM for AI + IRM Unknown interactions for enterprise AI apps Non-Microsoft AI Purview DSPM for AI Unethical behavior in AI apps Non-Microsoft AI Purview DSPM for AI + Comms Compliance Models (MaaS) Supply-chain attacks (ML registry / DevOps of AI) OpenAI LLM OOTB built-in; Azure AI Foundry – Content Safety / Prompt Shield; Defender for AI – Run-time Secure registries/workspaces compromise OpenAI LLM OOTB built-in Secure models running inside containers OpenAI LLM OOTB built-in Training data poisoning OpenAI LLM OOTB built-in Model theft OpenAI LLM OOTB built-in Prompt injection (XPIA) OpenAI LLM OOTB built-in; Azure AI Foundry – Content Safety / Prompt Shield Crescendo OpenAI LLM OOTB built-in Jailbreak OpenAI LLM OOTB built-in Supply-chain attacks (ML registry / DevOps of AI) Non-OpenAI LLM Azure AI Foundry – Content Safety / Prompt Shield; Defender for AI – Run-time Secure registries/workspaces compromise Non-OpenAI LLM Azure AI Foundry – Content Safety / Prompt Shield; Defender for AI – Run-time Secure models running inside containers Non-OpenAI LLM Azure AI Foundry – Content Safety / Prompt Shield; Defender for AI – Run-time Training data poisoning Non-OpenAI LLM Azure AI Foundry – Content Safety / Prompt Shield; Defender for AI – Run-time Model theft Non-OpenAI LLM Azure AI Foundry – Content Safety / Prompt Shield; Defender for AI – Run-time Prompt injection (XPIA) Non-OpenAI LLM Azure AI Foundry – Content Safety / Prompt Shield; Defender for AI – Run-time Crescendo Non-OpenAI LLM Azure AI Foundry – Content Safety / Prompt Shield; Defender for AI – Run-time Jailbreak Non-OpenAI LLM Azure AI Foundry – Content Safety / Prompt Shield; Defender for AI – Run-time GenAI Applications (SaaS) Jailbreak Microsoft Copilot SaaS OOTB built-in Prompt injection (XPIA) Microsoft Copilot SaaS OOTB built-in Wallet abuse Microsoft Copilot SaaS OOTB built-in Credential theft Microsoft Copilot SaaS OOTB built-in Data leak / exfiltration Microsoft Copilot SaaS OOTB built-in Insecure plugin design Microsoft Copilot SaaS Responsibility: Provider/Creator Example 1: Microsoft plugin: responsibility to secure lies with Microsoft Example 2: 3rd party custom plugin: responsibility to secure lies with the 3rd party provider. Example 3: customer-created plugin: responsibility to secure lies with the plugin creator. Shadow AI Microsoft Copilot SaaS or non-Microsoft SaaS gen AI APPS: Purview DSPM for AI (endpoints where browser extension is installed) + Defender for Cloud Apps AGENTS: Entra agent ID (preview) + Purview DSPM for AI Jailbreak Non-Microsoft GenAI SaaS SaaS provider Prompt injection (XPIA) Non-Microsoft GenAI SaaS SaaS provider Wallet abuse Non-Microsoft GenAI SaaS SaaS provider Credential theft Non-Microsoft GenAI SaaS SaaS provider Data leak / exfiltration Non-Microsoft GenAI SaaS Purview DSPM for AI Insecure plugin design Non-Microsoft GenAI SaaS SaaS provider Shadow AI Microsoft Copilot SaaS or non-Microsoft SaaS GenAI APPS: Purview DSPM for AI (endpoints where browser extension is installed) + Defender for Cloud Apps AGENTS: Entra agent ID (preview) + Purview DSPM for AI Agents (Memory) Memory injection Microsoft PaaS (Azure AI Foundry) agents Defender for AI – Run-time* Memory exfiltration Microsoft PaaS (Azure AI Foundry) agents Defender for AI – Run-time* Memory injection Microsoft Copilot Studio agents Defender for AI – Run-time* Memory exfiltration Microsoft Copilot Studio agents Defender for AI – Run-time* Memory injection Non-Microsoft PaaS agents Defender for AI – Run-time* Memory exfiltration Non-Microsoft PaaS agents Defender for AI – Run-time* Identity Tool misuse / Privilege escalation Enterprise Entra for AI / Entra Agent ID – GSA Gateway Token theft & replay attacks Enterprise Entra for AI / Entra Agent ID – GSA Gateway Agent sprawl & orphaned agents Enterprise Entra for AI / Entra Agent ID – GSA Gateway AI agent autonomy Enterprise Entra for AI / Entra Agent ID – GSA Gateway Credential exposure Enterprise Entra for AI / Entra Agent ID – GSA Gateway PaaS General AI platform attacks Azure AI Foundry (Private Preview) Defender for AI General AI platform attacks Amazon Bedrock Defender for AI* (AI-SPM GA, Workload protection is on roadmap) General AI platform attacks Google Vertex AI Defender for AI* (AI-SPM GA, Workload protection is on roadmap) Network / Protocols (MCP) Protocol-level exploits (unspecified) Custom / Enterprise Defender for AI * *roadmap OOTB = Out of the box (built-in) This table consolidates the mind map into a concise reference showing each asset class, the threats/attacks, whether they are scoped to Microsoft or non-Microsoft ecosystems, and the recommended solutions mentioned in the diagram. Here is a mind map corresponding to the table above, for easier visualization: Mind map as of 30 Sep 2025 (to be updated in case there are technology enhancements or changes by Microsoft) OWASP-style risks in SaaS & custom GenAI apps—what’s covered Your map calls out seven high frequency risks in LLM apps (e.g., jailbreaks, cross prompt injection, wallet abuse, credential theft, data exfiltration, insecure plugin design, and shadow LLM apps/plugins). For Security Copilot (SaaS), mitigations are built-in/OOTB; for non-Microsoft AI apps, pair Azure AI Foundry (Content Safety, Prompt Shields) with Defender for AI (runtime), AISPM via MDCSPM (build-time), and Defender for Cloud Apps to govern unsanctioned use. What to deploy first (a pragmatic order of operations) Land the platform: Existing landing zone with Private Link to models/data, Azure Policy guardrails, and Defender for Cloud CSPM. Lock down identity & secrets: Entra Conditional Access/PIM and Key Vault + secret scanning in code and pipelines. Protect usage: Purview labels/DLP for Copilot; Content Safety shields and XPIA detection for custom apps; APIM policy mediation. Govern & monitor: Purview AI Hub and Compliance Manager assessments; Defender for Cloud AI alerts into Defender XDR/Sentinel with KQL hunting & playbooks. Scale SecOps with AI: Light up Copilot for Security across XDR/Sentinel workflows and Threat Intelligence/EASM. The below table shows the different AI Apps and the respective pricing SKU. There exists a calculator to estimate costs for your different AI Apps, Pricing - Microsoft Purview | Microsoft Azure. Contact your respective Microsoft Account teams to understand the mapping of the above SKUs to dollar value. Conclusion: Microsoft’s two-pronged strategy—Security for AI and AI for Security—empowers organizations to safely scale generative AI while strengthening incident response and governance across the stack. By deploying layered controls and leveraging integrated solutions, enterprises can confidently innovate with AI while minimizing risk and ensuring compliance.People of Purview: Elie El Karkafi
How long have you been working with Microsoft products? I am a Microsoft MVP in Security and a results-driven and dedicated Senior Solutions Architect with more than 14 years of professional experience in Microsoft Technologies. I have in-depth experience in Cloud, Security, Enterprise Mobility, Messaging & Collaboration, and IT Infrastructure. I am dedicated to customer satisfaction with focused delivery of technical solutions. I'm a proven leader in directing operations, maintenance, and support of complex systems. Highly adept in request for proposal development, technology needs assessment and staff training. How (and when) did you get involved in the Microsoft Community? (MCCP, MVP) Tell us about your journey! I became a member of the Microsoft Customer Connection Program (MCCP) in 2022 and was honored with the Microsoft MVP award in Security in 2023. Throughout my time in the MCCP, I’ve consistently contributed valuable insights and feedback to help enhance Microsoft Security products. Over the past years, I’ve been recognized as one of the top contributors across several MCCP focus areas—ranking second in Security, and first in Identity, Management, and Purview in the last two years. My contributions have earned me multiple accolades, including the Community Rockstar Award and Community Leader Awards in Security, Management, Entra, and Purview, along with several Partner of the Month honors. My engagement spans more than 150 private previews, 200 surveys, 50 focus groups, and 50 one-on-one feedback sessions with Microsoft product teams. I’ve been actively involved in shaping the future of AI and Microsoft Security Copilot, including identifying and resolving bugs in Copilot for Entra and Purview. As a Security Design Partner, I’ve collaborated directly with Microsoft designers on key features such as XDR Case Management and Microsoft Entra Conditional Access Optimization Agent. The MVP recognition not only validates my expertise but also enhances my professional credibility, supporting both client engagements and career growth. Being an MVP provides early access to Microsoft products and services, allowing me to deliver cutting-edge solutions. It also opens direct communication channels with Microsoft product teams, enabling me to influence product development and stay informed about upcoming features and roadmaps. What do you find most rewarding about being a community member? Being part of Microsoft Customer Connection Program (MCCP) significantly enhanced and diversified my skill sets in many ways: Product Innovation: Contributed to the enhancement of Microsoft products—specifically Defender, Sentinel, Entra, Purview, and Intune—by supporting the development of new features and improved functionalities. Community Empowerment: Actively supported peers in engaging with Microsoft Customer Connection Programs (MCCP), helping them amplify their impact through increased contributions and facilitating more direct interactions with product teams. Program Advocacy: Championed participation in Microsoft initiatives by providing strategic feedback and encouraging broader community involvement to drive continuous improvement. Collaborative Development: Partnered closely with Microsoft Product Groups and UX Designers, delivering in-depth user feedback to influence product direction and usability. Program Shaping: Leveraged personal experience within Microsoft programs to help co-develop and refine these initiatives in collaboration with internal teams. Tool Creation: Designed and launched a security calculator—originally built for internal use—which is now widely adopted by CCP members to assess and compare Microsoft security solutions and simulate associated costs. What advice do you have for others who would like to get involved in their Microsoft Community? To all Folks, look for opportunities to join programs like the Microsoft Customer Connection Program (MCCP), MVP program, or private previews. These give you direct access to product teams and a chance to influence development through feedback. Don’t be afraid to ask questions, share your experiences, or offer help. Even small contributions like answering a question or sharing a tip can make a big impact and help you build credibility Community involvement is a journey. Stay curious, keep learning, and show up regularly. Over time, your presence and contributions will be recognized!!! And the most important thing is to stay humble!!! Do you have anything you’d like to promote or recommend? (your blog or podcast, an article you recommend, a book everyone should read, etc) Security Calculator that I Built: Login - Microsoft Security Calculator Personal website where my blogs are posted : Elie El Karkafi - MVP - Personal Blog LinkedIn Page: (1) Elie El Karkafi | LinkedIn Credly Profile: https://www.credly.com/users/eliekarkafy MVP Profile: MVP Communities --- Elie is based in Dallas, Texas and is a Senior Solutions Architect at ampiO Solutions. (Listen.Develop.Deliver - ampiO Solutions) Banner photos (above) are from Elie's trip to Spain visiting Santiago Bernabeu stadium as he is a fan of Real Madrid football Team. ____________________________________________________________________________________ Stay tuned to meet more People of Purview! If you would like to get involved with the Microsoft Security Community, here are some quick actions you can take: Log in (here, on Tech Community!) and follow: The Purview Community - post questions, respond to community members The all-up Microsoft Security Blog Join the Security Community mailing list Join the Customer Connection Program Check out this Community Choice article for a comprehensive list of Microsoft Security Community offerings.Purview Webinars
REGISTER FOR ALL WEBINARS HERE Upcoming Microsoft Purview Webinars JULY 15 (8:00 AM) Microsoft Purview | How to Improve Copilot Responses Using Microsoft Purview Data Lifecycle Management Join our non-technical webinar and hear the unique, real life case study of how a large global energy company successfully implemented Microsoft automated retention and deletion across the entire M365 landscape. You will learn how the company used Microsoft Purview Data Lifecyle Management to achieve a step up in information governance and retention management across a complex matrix organization. Paving the way for the safe introduction of Gen AI tools such as Microsoft Copilot. 2025 Past Recordings JUNE 10 Unlock the Power of Data Security Investigations with Microsoft Purview MAY 8 Data Security - Insider Threats: Are They Real? MAY 7 Data Security - What's New in DLP? MAY 6 What's New in MIP? APR 22 eDiscovery New User Experience and Retirement of Classic MAR 19 Unlocking the Power of Microsoft Purview for ChatGPT Enterprise MAR 18 Inheriting Sensitivity Labels from Shared Files to Teams Meetings MAR 12 Microsoft Purview AMA - Data Security, Compliance, and Governance JAN 8 Microsoft Purview AMA | Blog Post 📺 Subscribe to our Microsoft Security Community YouTube channel for ALL Microsoft Security webinar recordings, and more!People of Purview: Karen Lopez
In this latest edition of People of Purview, we are excited to spotlight Karen Lopez. Karen is a seasoned data architect and passionate advocate for the Microsoft community. With decades of experience and a longstanding commitment to data management excellence, Karen has shaped the way organizations approach data governance and collaboration. Join us as she shares insights from her remarkable journey, her experiences with Microsoft technologies—from the days of MS-DOS to the cutting edge of Purview—and what continues to inspire her as a leader and mentor in the data world. Read on to meet Karen Lopez: Data Governance Leader and Community Champion! Let's get this Purview Party started, Karen! How long have you been working with Microsoft products, as well as Purview specifically? I'm not sure I can remember that far back. I first started working with SQL Server 7.0, so that's about 1998. However, the first product I worked with was MS-DOS, then Windows when it was released. At the US Department of Defense, I even worked on Wang PCs with MS-DOS. As a data architect and data management professional, I worked with Azure Data Catalog when it first came out. I was happy to see Microsoft move in the data world beyond databases and storage. I of course moved to the first versions of Purview to take advantage of the data classification and lineage functions. Data governance is a big part of my practice, so this was a good fit. I'm looking forward to learning more about Microsoft 365 compliance features, and then whatever AI features it will be getting. How (and when) did you get involved in the Microsoft Community? Tell us about your journey! I became a Microsoft MVP (SQL Server, now Data Platform) about 14 years ago. My technology areas are Azure SQL DB and Microsoft Purview - Data Governance. I spent time speaking at Microsoft user groups and conferences Along the way, I founded a SQL Server User Group in Toronto. I'm also a Microsoft Certified Trainer and I'm always working on passing a new exam so I can train in that area. What do you find most rewarding about being a community member? Meeting others who are working towards the same goals as I am. User groups and conferences are like mini-family reunions to me. We talk about work, life, and families. We share hobbies like running and space exploration. We debate contentious design patterns, toolsets, and project techniques. I've made friends over the years who share the same data passions as I do — plus a lot more. "What I like about Microsoft in 2025 is that our community recognizes that we work with tools and software from outside the Microsoft ecosystem. That's one of the things I like about Purview: it supports data governance for all our data inventory." What advice do you have for others who would like to get involved in their Microsoft Community? Jump on social media like Bluesky and LinkedIn to meet others around the world. Talk about your work, ask questions, get into debates, and share your wins. Then plan on making it to local and global events to meet others. Start writing about your experiences. It could be a blog, or just an article or newsletter on LinkedIn. Don't forget to attend virtual meetings, too. Anything else you’d like to share? 👩🚀👠 I love that I can mix my interest in data and space as a NASA Datanaut. We help citizen scientists work with NASA and other space agency open data. In fact, almost all my demos use NASA open data. My two favourites are Meteorite Landings and US & Russian EVA (space walks) data. My other nerd fun is to mentor and judge data-driven hackathons. I'm a frequent volunteer for Microsoft Imagine Cup and the NASA Space Apps Challenge. I travel with a mascot or two: usually astronaut Barbies. It sounds weird, but they get invited to space agencies and astronaut conferences all over the world and I get to tag along. It has been fun. I usually have space swag to share during my talks and the events I attend. Where can people find you? I blog at www.datamodel.com. I'm on Bluesky as datachick@bksy.social. My favourite book is always the one I last read, so I don't have one to recommend. Karen is based in Toronto, Ontario, Canada and works as a Data Evangelist for InfoAdvisors. ______________________________________________________________________________________________________________________________________________________________ Stay tuned to meet more People of Purview! If you would like to get involved with the Microsoft Security Community, here are some quick actions you can take: Log in (here, on Tech Community!) and follow: The Purview Community - post questions, respond to community members The all-up Microsoft Security Blog Join the Security Community mailing list Join the Customer Connection Program Check out this Community Choice article for a comprehensive list of Microsoft Security Community offerings. Karen's Links: http://www.datamodel.com mailto:datachick@bksy.social. Questions? Feel free to post below or message blog author RenWoods directly.People of Purview: Nikki Chapple
Meet Nikki Chapple, from the London area of the UK, Principal Cloud Architect at CloudWay, and Microsoft MVP and Customer Connection Program member! Nikki has worked with Microsoft products for over 10 years, although her IT career spans four decades, starting in the days of paper tape and punch cards! Her background is in enterprise architecture, translating business needs into practical technical solutions. Nikki specializes in data governance, security, and change management, helping organizations adopt Microsoft 365 in a way that prioritizes people, processes, and policy, not just technology. Read on to learn more about Nikki, her experience with Microsoft Communities, and her favorite resources to share! To kick this off, tell us about your start with Microsoft Purview; when and why? I began focusing on Microsoft Purview with the rise of Microsoft Teams. I viewed it as a chance to rethink how organizations manage collaboration, prioritizing people, processes, and governance. Microsoft Purview is now essential to my work, helping organizations protect sensitive data, comply with regulations, and integrate governance into daily practices. It's about creating a trusted digital workplace where security, transparency, and user empowerment are key. When did you begin your involvement in the Microsoft Community? Tell us about your journey. I’ve been a Microsoft MVP for three years. My journey began before this, as I shared my experiences through blogs and speaking engagements. I've found that sharing our experiences, both successes and challenges, can be incredibly inspiring and motivating for others. Connecting with others who are passionate about Microsoft 365 and Purview has been inspiring and rewarding. What do you find most rewarding about being a community member? The most rewarding aspect is the people, connecting with others who share a passion for Microsoft Purview, innovation, and lifelong learning. The community is a continuous source of inspiration, insights, and support. Whether through events, forums, or collaboration, there's always a chance to grow, share, and give back. What advice do you have for others wanting to get involved in their Microsoft Community? Start small: Join forums or webinars. Share what you know in blogs, talks, or conversations. Be consistent and stay curious. Connect with others and give back when you can. Everyone has something valuable to contribute! Can you tell us more about your Microsoft Customer Connection Program (MCCP) Experience? How has it helped you, your customers, and fellow community members? Being part of the Microsoft Purview CCP has allowed me to share real-world customer scenarios directly with the product team, ensuring our clients' voices are heard. This direct line of communication has significantly boosted customer confidence and loyalty as they see their feedback shaping the platform's evolution. Knowing that their challenges are being addressed reassures them that their investment in Microsoft 365 is secure and future-proof. As a Principal Cloud Architect, I collaborate closely with customers to understand their specific needs and challenges. By influencing the design of Purview features based on these insights, I help create highly relevant and practical solutions. This real-world application results in faster adoption and greater satisfaction, as clients see immediate benefits in their day-to-day operations. The CCP provides early access to new features through private preview programs, a strategic advantage for planning governance and compliance strategies for my clients. As an MVP and consultant, this is especially advantageous when working with large or regulated organizations, where preparation and alignment with internal controls are essential. Furthermore, it enables me to share practical insights through my blog "nikkichapple.com" and my podcast "All Things M365 Compliance", benefiting the wider community. Anything else you’d like to share? I’m passionate about making complex topics like compliance and governance more accessible. Whether through writing, presenting, or mentoring, I love helping others build confidence in this space, especially those just starting their journey in Microsoft 365. Do you have anything you’d like to promote or recommend? (your blog or podcast, an article you recommend, a book everyone should read, etc.) I share my insights at nikkichapple.com, focusing on data security, governance, and compliance topics that matter. Additionally, I co-host the All Things M365 Compliance video podcast, where I team up with Ryan John Murphy from Microsoft and a former MVP to explore everything about Microsoft 365 Purview. ______________________________________________________________________________________________________ Stay tuned to meet more People of Purview! If you would like to get involved with the Microsoft Security Community, here are some quick actions you can take: Log in (here, on Tech Community!) and follow: The Purview Community - post questions, respond to community members The all-up Microsoft Security Blog Join the Security Community mailing list Join the Customer Connection Program Check out this Community Choice article for a comprehensive list of Microsoft Security Community offerings. Nikki's links: Nikki Chapple- Microsoft 365 Blog All Things M365 Compliance - YouTube Questions? Feel free to post below or message blog author RenWoods directly.
Updated Sensitivity labels not showing up in document library
I have created Sensitivity Labels in Microsoft Purview and they have been published. In my dev site, when I go to create a document library, the sensitivity labels that I published are not showing, but they show within Word, etc. Checked all my configurations and not seeing anything unusual.Everything to See at RSAC 2025
Are you heading to RSAC 2025? Unsure of what to add to your calendar? Well, starting with the Microsoft Security Pre-Day on April 27th, there is so much content packed into the week that you may feel the need to clone yourself! Check it out: The Ultimate Guide to Microsoft Security at RSAC 2025 | Microsoft Community Hub
Microsoft Defender for Endpoint Security (STIG) Microsoft Challenge' of Debugging WinForms Designer
Microsoft Defender for Endpoint Security Technical Implementation Guide (STIG) for review https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Defender_Endpoint_V1R0-1_IDraftSTIG.zip as per: Daily intelligence Brief p802 (Final) Microsoft Plugs Away at 'Huge Technical Challenge' of Creating Debugging WinForms Designer on .NET Core its very basic for me, like kindergarden stuff, hey get me on international microsoft advertisement commercial enterprise or something? Common, my 20 year National security assignment is nearly over, lunch anyone, & im as rich as Bill Gates say Hi to Avi for me, Presadi has a long history of being a big **bleep**People of Purview: Victor Wingsing, Jr.
It is our pleasure to introduce you to Microsoft Purview practitioner and MVP, Victor Wingsing Jr., who hails from “the bright and sunny London, United Kingdom” and currently serves as a Senior Manager in Technology Consulting at Protiviti. Victor has been working on Exchange and Windows since 2006, when his first tech job gave him the opportunity to work on Windows XP Migration and Exchange 2007 administration, which was also his very first Microsoft Certification! He has been working with Purview for five years. How (and when) did you get involved in the Microsoft Community? (Customer Connection Program, MVP, etc) Tell us about your journey! I've been part of the CCP for the past 3 years and the MVP community this past year when I got my MVP recognition. The CCP has been great since it has helped me get ahead of my tech learning. Each CCP call that I've attended has allowed me to immerse myself in Microsoft Security solutions. These then translated to me being able to better explain the technology to my clients. Learn More About the Customer Connection Program (CCP) What do you find most rewarding about being a community member? I find that the most rewarding part is connecting with the community. My pool of contacts and resources has significantly grown after being a member. The other thing that I value about the program is the connection with the Microsoft product groups during the Product Group feedback session. I know that we are being heard as I see our feedback from years back being introduced as part of the solution. What advice do you have for others who would like to get involved in their Microsoft Community? Get started today. You don't need to be an expert to join. Start by asking questions as there are many helpful and knowledgeable members who are ready and willing to share. The Microsoft Community is NOT just an online community. You can likely find a local community in your area. There are many Microsoft User Groups for you to join in-person or virtually. Check out Meet Up or Facebook groups for these kinds of user groups. Do you have anything you’d like to promote or recommend? (your blog or podcast, an article you recommend, a book everyone should read, etc) If you'd like to hear more about my thoughts on Information Security, Data Loss Prevention, Insider Risk Management, AI and more. Please read my blog at: https://victorwingsing.com/ Feel free to follow me on LinkedIn: https://www.linkedin.com/in/victorwingsing/ I can also be found in the Microsoft Tech Community at : Member: vicwingsing | Microsoft Community Hub For books to read: I'm a big fan of sci-fi books. Give these books a read: Of Ants and Dinosaurs by Cixin Liu Starter Villian by John Scalzi Kaiju Preservation Society by John Scalzi Rivers of London by Ben Aaronovitch (this one is a fantasy series set in real location in and around London) _____________________________________________________________________________________________________ Stay tuned to meet more People of Purview! If you'd like to get involved with the Microsoft Security Community, here are a some quick actions you can take: Log in (here, on Tech Community!) and follow: The Purview Community - post questions, respond to community members The all-up Microsoft Security Blog Join the Security Community mailing list Join the Customer Connection Program Check out this Community Choice article for a comprehensive list of Microsoft Security Community offerings. Questions? Feel free to post below or message blog author RenWoods directly.
Microsoft account login error
Hello, I'm looking for a solution to my problem. I haven't been able to find one with hours of searching and trouble shooting. The error pops up after an attempt to sign into my account "Something went wrong please try again later. 0x8007000e." If there's anyone that can help me solve this error please reply to my discussion.
