Customized Oversharing Dialog not working for Exchange DLP
Hi Team, When I'm enabling policy tip as a dialog for custom content. This is not working. I'm testing this option on new outlook. and this is my JSON file { "LocalizationData": [ { "Language": "en-us", "Title": "Add a title", "Body": "Add the body", "Options": [ "I have a business justification", "This message doesn't contain sensitive information", "Business justification" ] } ], "HasFreeTextOption": "true", "DefaultLanguage": "en-us" } For old outlook it's not working there too. No policy tips, no override option My old outlook versionWelcome to the Microsoft Security Community!
Protect it all with Microsoft Security Eliminate gaps and get the simplified, comprehensive protection, expertise, and AI-powered solutions you need to innovate and grow in a changing world. The Microsoft Security Community is your gateway to connect, learn, and collaborate with peers, experts, and product teams. Gain access to technical discussions, webinars, and help shape Microsoft’s security products. Get there fast To stay up to date on upcoming opportunities and the latest Microsoft Security Community news, make sure to subscribe to our email list. Find the latest skilling content and on-demand videos – subscribe to the Microsoft Security Community YouTube channel. Catch the latest announcements and connect with us on LinkedIn – Microsoft Security Community and Microsoft Entra Community. Index Community Calls: December 2025 | January 2026 | February 2026 Upcoming Community Calls December 2025 Dec. 8 | 9:00am | Microsoft Security Store | Security, Simplified: A look inside the Security Store Welcome to Microsoft Security Store! During this session, you’ll learn all about this centralized destination where customers can discover, deploy, and manage trusted security solutions built to extend Microsoft’s security platforms like Defender, Sentinel, Entra, Purview, and Intune. Dec. 9 | 8:00am | Microsoft Defender XDR | A Deep Dive into Automated Attack Disruption Learn what’s new in Microsoft Sentinel! See deeper Defender integration, evolving data lake capabilities for scalable security, plus demos and real-world use cases to help you stay ahead. Dec. 9 | 9:00am | Microsoft Sentinel | Part 1: Stop Waiting, Start Onboarding: Get Sentinel Defender-Ready Today The Microsoft Sentinel portal retires July 2026—explore the Defender unified portal! Learn to manage incidents in a unified queue, enrich investigations with UEBA and Threat Intelligence, and leverage automation and dashboards for smarter SOC operations. Dec. 10 | 8:00am | Azure Network Security | Deep Dive into Azure DDoS Protection Explore Azure DDoS Protection! Learn to secure apps and infrastructure with end-to-end architecture, detection and mitigation flow, telemetry, analytics, and seamless integration for visibility and protection. Dec. 10 | 9:00am | Microsoft Defender for Cloud | Expose Less, Protect More with Microsoft Security Exposure Management Join us for an in-depth look at how Microsoft Security Exposure Management helps organizations reduce risk by identifying and prioritizing exposures before attackers can exploit them. Learn practical strategies to minimize your attack surface, strengthen defenses, and protect what matters most. Dec. 11 | 8:00am | Microsoft Defender for Cloud | Modernizing Cloud Security with Next Generation Microsoft Defender for Cloud Discover how Microsoft Defender for Cloud simplifies multi-cloud security. Learn to streamline posture management and threat protection across Azure, AWS, and GCP, improving efficiency, reducing risk, and enabling smarter prioritization. Dec. 11 | 9:00am | Microsoft Sentinel data lake | Transforming data collection for AI-ready security operations with Microsoft Sentinel See how Microsoft Sentinel transforms multi-cloud/multiplatform data collection. Learn a unified, cloud-native approach; ingest from on-prem, Microsoft workloads, and multicloud via codeless connectors (350+; App Assure), plus the roadmap for scaling to AI driven SecOps. Dec. 15 | 9:00am | Microsoft Entra | Diving into the New Microsoft Entra Agent ID Join our first session in the Microsoft Entra Agent ID series to learn why agent identity matters, explore core concepts, and see how it fits into Microsoft’s identity ecosystem. Perfect for developers and product owners building AI agents. Dec. 16 | 8:00am | Microsoft Defender for Office 365 | Ask the Experts: Tips and Tricks Engage in this interactive panel with Microsoft MVPs! Get answers to real-world Defender for Office 365 scenarios, best practices, and tips on migration, SOC optimization, Teams protection, and more. Bring your toughest questions for the live discussion. Dec. 16 | 9:00am | Microsoft Sentinel | Part 2: Don’t Get Left Behind: Complete Your Sentinel Move to Defender Prepare for the July 2026 transition! Unlock Microsoft Defender’s full potential with data onboarding, retention, governance, Content Hub, analytic rules, MTO for simplified management, and Security Copilot for AI-driven insights. Dec. 18 | 8:00am | Security Copilot Skilling Series | What's New in Security Copilot for Defender Discover the latest innovations in Microsoft Security Copilot embedded in Defender that are transforming how organizations detect, investigate, and respond to threats. This session will showcase powerful new capabilities like AI-driven incident response, contextual insights, and automated workflows that help security teams stop attacks faster and simplify operations. January 2026 Jan 14. | 8:00am | 425 Show | Microsoft MCP Server for Enterprise: Transforming User, Security & Identity Tasks with AI See Microsoft’s MCP Server in action! Discover how AI-powered workflows simplify tasks and strengthen security. Packed with demos, this session shows how to operationalize AI across your organization. Jan. 20 | 8:00am | Microsoft Defender for Cloud | What’s New in Microsoft Defender CSPM Cloud security posture management (CSPM) continues to evolve, and Microsoft Defender CSPM is leading the way with powerful enhancements introduced at Microsoft Ignite. This session will showcase the latest innovations designed to help security teams strengthen their posture and streamline operations. Jan. 22 | 8:00am | Azure Network Security | Advancing web application Protection with Azure WAF: Ruleset and Security Enhancements Explore the latest Azure WAF ruleset and security enhancements. Learn to fine-tune configurations, reduce false positives, gain threat visibility, and ensure consistent protection for web workloads—whether starting fresh or optimizing deployments. RESCHEDULED for Jan.27 | 9:00am | Microsoft Sentinel | AI-Powered Entity Analysis in Sentinel’s MCP Server Simplify entity risk assessment with Entity Analyzer. Eliminate complex playbooks; get unified, AI-driven analysis using Sentinel’s semantic understanding. Accelerate automation and enrich SOAR workflows with native Logic Apps integration. February 2026 Feb. 26 | 9:00am | Azure Network Security | Azure Firewall Integration with Microsoft Sentinel Learn how Azure Firewall integrates with Microsoft Sentinel to enhance threat visibility and streamline security investigations. This webinar will demonstrate how firewall logs and insights can be ingested into Sentinel to correlate network activity with broader security signals, enabling faster detection, deeper context, and more effective incident response. Looking for more? Join the Microsoft Customer Connection Program (MCCP)! As a MCCP member, you’ll gain early visibility into product roadmaps, participate in focus groups, and access private preview features before public release. You’ll have a direct channel to share feedback with engineering teams, influencing the direction of Microsoft Security products. The program also offers opportunities to collaborate and network with fellow security experts and Microsoft product teams. Join the MCCP that best fits your interests: www.aka.ms/joincommunity. Additional resources Microsoft Security Hub on Tech Community Virtual Ninja Training Courses Microsoft Security Documentation Azure Network Security GitHub Microsoft Defender for Cloud GitHub Microsoft Sentinel GitHub Microsoft Defender XDR GitHub Microsoft Defender for Cloud Apps GitHub Microsoft Defender for Identity GitHub Microsoft Purview GitHubSecurity as the core primitive - Securing AI agents and apps
This week at Microsoft Ignite, we shared our vision for Microsoft security -- In the agentic era, security must be ambient and autonomous, like the AI it protects. It must be woven into and around everything we build—from silicon to OS, to agents, apps, data, platforms, and clouds—and throughout everything we do. In this blog, we are going to dive deeper into many of the new innovations we are introducing this week to secure AI agents and apps. As I spend time with our customers and partners, there are four consistent themes that have emerged as core security challenges to secure AI workloads. These are: preventing agent sprawl and access to resources, protecting against data oversharing and data leaks, defending against new AI threats and vulnerabilities, and adhering to evolving regulations. Addressing these challenges holistically requires a coordinated effort across IT, developers, and security leaders, not just within security teams and to enable this, we are introducing several new innovations: Microsoft Agent 365 for IT, Foundry Control Plane in Microsoft Foundry for developers, and the Security Dashboard for AI for security leaders. In addition, we are releasing several new purpose-built capabilities to protect and govern AI apps and agents across Microsoft Defender, Microsoft Entra, and Microsoft Purview. Observability at every layer of the stack To facilitate the organization-wide effort that it takes to secure and govern AI agents and apps – IT, developers, and security leaders need observability (security, management, and monitoring) at every level. IT teams need to enable the development and deployment of any agent in their environment. To ensure the responsible and secure deployment of agents into an organization, IT needs a unified agent registry, the ability to assign an identity to every agent, manage the agent’s access to data and resources, and manage the agent’s entire lifecycle. In addition, IT needs to be able to assign access to common productivity and collaboration tools, such as email and file storage, and be able to observe their entire agent estate for risks such as over-permissioned agents. Development teams need to build and test agents, apply security and compliance controls by default, and ensure AI models are evaluated for safety guardrails and security vulnerabilities. Post deployment, development teams must observe agents to ensure they are staying on task, accessing applications and data sources appropriately, and operating within their cost and performance expectations. Security & compliance teams must ensure overall security of their AI estate, including their AI infrastructure, platforms, data, apps, and agents. They need comprehensive visibility into all their security risks- including agent sprawl and resource access, data oversharing and leaks, AI threats and vulnerabilities, and complying with global regulations. They want to address these risks by extending their existing security investments that they are already invested in and familiar with, rather than using siloed or bolt-on tools. These teams can be most effective in delivering trustworthy AI to their organizations if security is natively integrated into the tools and platforms that they use every day, and if those tools and platforms share consistent security primitives such as agent identities from Entra; data security and compliance controls from Purview; and security posture, detections, and protections from Defender. With the new capabilities being released today, we are delivering observability at every layer of the AI stack, meeting IT, developers, and security teams where they are in the tools they already use to innovate with confidence. For IT Teams - Introducing Microsoft Agent 365, the control plane for agents, now in preview The best infrastructure for managing your agents is the one you already use to manage your users. With Agent 365, organizations can extend familiar tools and policies to confidently deploy and secure agents, without reinventing the wheel. By using the same trusted Microsoft 365 infrastructure, productivity apps, and protections, organizations can now apply consistent and familiar governance and security controls that are purpose-built to protect against agent-specific threats and risks. gement and governance of agents across organizations Microsoft Agent 365 delivers a unified agent Registry, Access Control, Visualization, Interoperability, and Security capabilities for your organization. These capabilities work together to help organizations manage agents and drive business value. The Registry powered by the Entra provides a complete and unified inventory of all the agents deployed and used in your organization including both Microsoft and third-party agents. Access Control allows you to limit the access privileges of your agents to only the resources that they need and protect their access to resources in real time. Visualization gives organizations the ability to see what matters most and gain insights through a unified dashboard, advanced analytics, and role-based reporting. Interop allows agents to access organizational data through Work IQ for added context, and to integrate with Microsoft 365 apps such as Outlook, Word, and Excel so they can create and collaborate alongside users. Security enables the proactive detection of vulnerabilities and misconfigurations, protects against common attacks such as prompt injections, prevents agents from processing or leaking sensitive data, and gives organizations the ability to audit agent interactions, assess compliance readiness and policy violations, and recommend controls for evolving regulatory requirements. Microsoft Agent 365 also includes the Agent 365 SDK, part of Microsoft Agent Framework, which empowers developers and ISVs to build agents on their own AI stack. The SDK enables agents to automatically inherit Microsoft's security and governance protections, such as identity controls, data security policies, and compliance capabilities, without the need for custom integration. For more details on Agent 365, read the blog here. For Developers - Introducing Microsoft Foundry Control Plane to observe, secure and manage agents, now in preview Developers are moving fast to bring agents into production, but operating them at scale introduces new challenges and responsibilities. Agents can access tools, take actions, and make decisions in real time, which means development teams must ensure that every agent behaves safely, securely, and consistently. Today, developers need to work across multiple disparate tools to get a holistic picture of the cybersecurity and safety risks that their agents may have. Once they understand the risk, they then need a unified and simplified way to monitor and manage their entire agent fleet and apply controls and guardrails as needed. Microsoft Foundry provides a unified platform for developers to build, evaluate and deploy AI apps and agents in a responsible way. Today we are excited to announce that Foundry Control Plane is available in preview. This enables developers to observe, secure, and manage their agent fleets with built-in security, and centralized governance controls. With this unified approach, developers can now identify risks and correlate disparate signals across their models, agents, and tools; enforce consistent policies and quality gates; and continuously monitor task adherence and runtime risks. Foundry Control Plane is deeply integrated with Microsoft’s security portfolio to provide a ‘secure by design’ foundation for developers. With Microsoft Entra, developers can ensure an agent identity (Agent ID) and access controls are built into every agent, mitigating the risk of unmanaged agents and over permissioned resources. With Microsoft Defender built in, developers gain contextualized alerts and posture recommendations for agents directly within the Foundry Control Plane. This integration proactively prevents configuration and access risks, while also defending agents from runtime threats in real time. Microsoft Purview’s native integration into Foundry Control Plane makes it easy to enable data security and compliance for every Foundry-built application or agent. This allows Purview to discover data security and compliance risks and apply policies to prevent user prompts and AI responses from safety and policy violations. In addition, agent interactions can be logged and searched for compliance and legal audits. This integration of the shared security capabilities, including identity and access, data security and compliance, and threat protection and posture ensures that security is not an afterthought; it’s embedded at every stage of the agent lifecycle, enabling you to start secure and stay secure. For more details, read the blog. For Security Teams - Introducing Security Dashboard for AI - unified risk visibility for CISOs and AI risk leaders, coming soon AI proliferation in the enterprise, combined with the emergence of AI governance committees and evolving AI regulations, leaves CISOs and AI risk leaders needing a clear view of their AI risks, such as data leaks, model vulnerabilities, misconfigurations, and unethical agent actions across their entire AI estate, spanning AI platforms, apps, and agents. 90% of security professionals, including CISOs, report that their responsibilities have expanded to include data governance and AI oversight within the past year. 1 At the same time, 86% of risk managers say disconnected data and systems lead to duplicated efforts and gaps in risk coverage. 2 To address these needs, we are excited to introduce the Security Dashboard for AI. This serves as a unified dashboard that aggregates posture and real-time risk signals from Microsoft Defender, Microsoft Entra, and Microsoft Purview. This unified dashboard allows CISOs and AI risk leaders to discover agents and AI apps, track AI posture and drift, and correlate risk signals to investigate and act across their entire AI ecosystem. For example, you can see your full AI inventory and get visibility into a quarantined agent, flagged for high data risk due to oversharing sensitive information in Purview. The dashboard then correlates that signal with identity insights from Entra and threat protection alerts from Defender to provide a complete picture of exposure. From there, you can delegate tasks to the appropriate teams to enforce policies and remediate issues quickly. With the Security Dashboard for AI, CISOs and risk leaders gain a clear, consolidated view of AI risks across agents, apps, and platforms—eliminating fragmented visibility, disconnected posture insights, and governance gaps as AI adoption scales. Best of all, there’s nothing new to buy. If you’re already using Microsoft security products to secure AI, you’re already a Security Dashboard for AI customer. Figure 5: Security Dashboard for AI provides CISOs and AI risk leaders with a unified view of their AI risk by bringing together their AI inventory, AI risk, and security recommendations to strengthen overall posture Together, these innovations deliver observability and security across IT, development, and security teams, powered by Microsoft’s shared security capabilities. With Microsoft Agent 365, IT teams can manage and secure agents alongside users. Foundry Control Plane gives developers unified governance and lifecycle controls for agent fleets. Security Dashboard for AI provides CISOs and AI risk leaders with a consolidated view of AI risks across platforms, apps, and agents. Added innovation to secure and govern your AI workloads In addition to the IT, developer, and security leader-focused innovations outlined above, we continue to accelerate our pace of innovation in Microsoft Entra, Microsoft Purview, and Microsoft Defender to address the most pressing needs for securing and governing your AI workloads. These needs are: Manage agent sprawl and resource access e.g. managing agent identity, access to resources, and permissions lifecycle at scale Prevent data oversharing and leaks e.g. protecting sensitive information shared in prompts, responses, and agent interactions Defend against shadow AI, new threats, and vulnerabilities e.g. managing unsanctioned applications, preventing prompt injection attacks, and detecting AI supply chain vulnerabilities Enable AI governance for regulatory compliance e.g. ensuring AI development, operations, and usage comply with evolving global regulations and frameworks Manage agent sprawl and resource access 76% of business leaders expect employees to manage agents within the next 2–3 years. 3 Widespread adoption of agents is driving the need for visibility and control, which includes the need for a unified registry, agent identities, lifecycle governance, and secure access to resources. Today, Microsoft Entra provides robust identity protection and secure access for applications and users. However, organizations lack a unified way to manage, govern, and protect agents in the same way they manage their users. Organizations need a purpose-built identity and access framework for agents. Introducing Microsoft Entra Agent ID, now in preview Microsoft Entra Agent ID offers enterprise-grade capabilities that enable organizations to prevent agent sprawl and protect agent identities and their access to resources. These new purpose-built capabilities enable organizations to: Register and manage agents: Get a complete inventory of the agent fleet and ensure all new agents are created with an identity built-in and are automatically protected by organization policies to accelerate adoption. Govern agent identities and lifecycle: Keep the agent fleet under control with lifecycle management and IT-defined guardrails for both agents and people who create and manage them. Protect agent access to resources: Reduce risk of breaches, block risky agents, and prevent agent access to malicious resources with conditional access and traffic inspection. Agents built in Microsoft Copilot Studio, Microsoft Foundry, and Security Copilot get an Entra Agent ID built-in at creation. Developers can also adopt Entra Agent ID for agents they build through Microsoft Agent Framework, Microsoft Agent 365 SDK, or Microsoft Entra Agent ID SDK. Read the Microsoft Entra blog to learn more. Prevent data oversharing and leaks Data security is more complex than ever. Information Security Media Group (ISMG) reports that 80% of leaders cite leakage of sensitive data as their top concern. 4 In addition to data security and compliance risks of generative AI (GenAI) apps, agents introduces new data risks such as unsupervised data access, highlighting the need to protect all types of corporate data, whether it is accessed by employees or agents. To mitigate these risks, we are introducing new Microsoft Purview data security and compliance capabilities for Microsoft 365 Copilot and for agents and AI apps built with Copilot Studio and Microsoft Foundry, providing unified protection, visibility, and control for users, AI Apps, and Agents. New Microsoft Purview controls safeguard Microsoft 365 Copilot with real-time protection and bulk remediation of oversharing risks Microsoft Purview and Microsoft 365 Copilot deliver a fully integrated solution for protecting sensitive data in AI workflows. Based on ongoing customer feedback, we’re introducing new capabilities to deliver real-time protection for sensitive data in M365 Copilot and accelerated remediation of oversharing risks: Data risk assessments: Previously, admins could monitor oversharing risks such as SharePoint sites with unprotected sensitive data. Now, they can perform item-level investigations and bulk remediation for overshared files in SharePoint and OneDrive to quickly reduce oversharing exposure. Data Loss Prevention (DLP) for M365 Copilot: DLP previously excluded files with sensitivity labels from Copilot processing. Now in preview, DLP also prevents prompts that include sensitive data from being processed in M365 Copilot, Copilot Chat, and Copilot agents, and prevents Copilot from using sensitive data in prompts for web grounding. Priority cleanup for M365 Copilot assets: Many organizations have org-wide policies to retain or delete data. Priority cleanup, now generally available, lets admins delete assets that are frequently processed by Copilot, such as meeting transcripts and recordings, on an independent schedule from the org-wide policies while maintaining regulatory compliance. On-demand classification for meeting transcripts: Purview can now detect sensitive information in meeting transcripts on-demand. This enables data security admins to apply DLP policies and enforce Priority cleanup based on the sensitive information detected. & bulk remediation Read the full Data Security blog to learn more. Introducing new Microsoft Purview data security capabilities for agents and apps built with Copilot Studio and Microsoft Foundry, now in preview Microsoft Purview now extends the same data security and compliance for users and Copilots to agents and apps. These new capabilities are: Enhanced Data Security Posture Management: A centralized DSPM dashboard that provides observability, risk assessment, and guided remediation across users, AI apps, and agents. Insider Risk Management (IRM) for Agents: Uniquely designed for agents, using dedicated behavioral analytics, Purview dynamically assigns risk levels to agents based on their risky handing of sensitive data and enables admins to apply conditional policies based on that risk level. Sensitive data protection with Azure AI Search: Azure AI Search enables fast, AI-driven retrieval across large document collections, essential for building AI Apps. When apps or agents use Azure AI Search to index or retrieve data, Purview sensitivity labels are preserved in the search index, ensuring that any sensitive information remains protected under the organization’s data security & compliance policies. For more information on preventing data oversharing and data leaks - Learn how Purview protects and governs agents in the Data Security and Compliance for Agents blog. Defend against shadow AI, new threats, and vulnerabilities AI workloads are subject to new AI-specific threats like prompt injections attacks, model poisoning, and data exfiltration of AI generated content. Although security admins and SOC analysts have similar tasks when securing agents, the attack methods and surfaces differ significantly. To help customers defend against these novel attacks, we are introducing new capabilities in Microsoft Defender that deliver end-to-end protection, from security posture management to runtime defense. Introducing Security Posture Management for agents, now in preview As organizations adopt AI agents to automate critical workflows, they become high-value targets and potential points of compromise, creating a critical need to ensure agents are hardened, compliant, and resilient by preventing misconfigurations and safeguarding against adversarial manipulation. Security Posture Management for agents in Microsoft Defender now provides an agent inventory for security teams across Microsoft Foundry and Copilot Studio agents. Here, analysts can assess the overall security posture of an agent, easily implement security recommendations, and identify vulnerabilities such as misconfigurations and excessive permissions, all aligned to the MITRE ATT&CK framework. Additionally, the new agent attack path analysis visualizes how an agent’s weak security posture can create broader organizational risk, so you can quickly limit exposure and prevent lateral movement. Introducing Threat Protection for agents, now in preview Attack techniques and attack surfaces for agents are fundamentally different from other assets in your environment. That’s why Defender is delivering purpose-built protections and detections to help defend against them. Defender is introducing runtime protection for Copilot Studio agents that automatically block prompt injection attacks in real time. In addition, we are announcing agent-specific threat detections for Copilot Studio and Microsoft Foundry agents coming soon. Defender automatically correlates these alerts with Microsoft’s industry-leading threat intelligence and cross-domain security signals to deliver richer, contextualized alerts and security incident views for the SOC analyst. Defender’s risk and threat signals are natively integrated into the new Microsoft Foundry Control Plane, giving development teams full observability and the ability to act directly from within their familiar environment. Finally, security analysts will be able to hunt across all agent telemetry in the Advanced Hunting experience in Defender, and the new Agent 365 SDK extends Defender’s visibility and hunting capabilities to third-party agents, starting with Genspark and Kasisto, giving security teams even more coverage across their AI landscape. To learn more about how you can harden the security posture of your agents and defend against threats, read the Microsoft Defender blog. Enable AI governance for regulatory compliance Global AI regulations like the EU AI Act and NIST AI RMF are evolving rapidly; yet, according to ISMG, 55% of leaders report lacking clarity on current and future AI regulatory requirements. 5 As enterprises adopt AI, they must ensure that their AI innovation aligns with global regulations and standards to avoid costly compliance gaps. Introducing new Microsoft Purview Compliance Manager capabilities to stay ahead of evolving AI regulations, now in preview Today, Purview Compliance Manager provides over 300 pre-built assessments for common industry, regional, and global standards and regulations. However, the pace of change for new AI regulations requires controls to be continuously re-evaluated and updated so that organizations can adapt to ongoing changes in regulations and stay compliant. To address this need, Compliance Manager now includes AI-powered regulatory templates. AI-powered regulatory templates enable real-time ingestion and analysis of global regulatory documents, allowing compliance teams to quickly adapt to changes as they happen. As regulations evolve, the updated regulatory documents can be uploaded to Compliance Manager, and the new requirements are automatically mapped to applicable recommended actions to implement controls across Microsoft Defender, Microsoft Entra, Microsoft Purview, Microsoft 365, and Microsoft Foundry. Automated actions by Compliance Manager further streamline governance, reduce manual workload, and strengthen regulatory accountability. Introducing expanded Microsoft Purview compliance capabilities for agents and AI apps now in preview Microsoft Purview now extends its compliance capabilities across agent-generated interactions, ensuring responsible use and regulatory alignment as AI becomes deeply embedded across business processes. New capabilities include expanded coverage for: Audit: Surface agent interactions, lifecycle events, and data usage with Purview Audit. Unified audit logs across user and agent activities, paired with traceability for every agent using an Entra Agent ID, support investigation, anomaly detection, and regulatory reporting. Communication Compliance: Detect prompts sent to agents and agent-generated responses containing inappropriate, unethical, or risky language, including attempts to manipulate agents into bypassing policies, generating risky content, or producing noncompliant outputs. When issues arise, data security admins get full context, including the prompt, the agent’s output, and relevant metadata, so they can investigate and take corrective action Data Lifecycle Management: Apply retention and deletion policies to agent-generated content and communication flows to automate lifecycle controls and reduce regulatory risk. Read about Microsoft Purview data security for agents to learn more. Finally, we are extending our data security, threat protection, and identity access capabilities to third-party apps and agents via the network. Advancing Microsoft Entra Internet Access Secure Web + AI Gateway - extend runtime protections to the network, now in preview Microsoft Entra Internet Access, part of the Microsoft Entra Suite, has new capabilities to secure access to and usage of GenAI at the network level, marking a transition from Secure Web Gateway to Secure Web and AI Gateway. Enterprises can accelerate GenAI adoption while maintaining compliance and reducing risk, empowering employees to experiment with new AI tools safely. The new capabilities include: Prompt injection protection which blocks malicious prompts in real time by extending Azure AI Prompt Shields to the network layer. Network file filtering which extends Microsoft Purview to inspect files in transit and prevents regulated or confidential data from being uploaded to unsanctioned AI services. Shadow AI Detection that provides visibility into unsanctioned AI applications through Cloud Application Analytics and Defender for Cloud Apps risk scoring, empowering security teams to monitor usage trends, apply Conditional Access, or block high-risk apps instantly. Unsanctioned MCP server blocking prevents access to MCP servers from unauthorized agents. With these controls, you can accelerate GenAI adoption while maintaining compliance and reducing risk, so employees can experiment with new AI tools safely. Read the Microsoft Entra blog to learn more. As AI transforms the enterprise, security must evolve to meet new challenges—spanning agent sprawl, data protection, emerging threats, and regulatory compliance. Our approach is to empower IT, developers, and security leaders with purpose-built innovations like Agent 365, Foundry Control Plane, and the Security Dashboard for AI. These solutions bring observability, governance, and protection to every layer of the AI stack, leveraging familiar tools and integrated controls across Microsoft Defender, Microsoft Entra, and Microsoft Purview. The future of security is ambient, autonomous, and deeply woven into the fabric of how we build, deploy, and govern AI systems. Explore additional resources Learn more about Security for AI solutions on our webpage Learn more about Microsoft Agent 365 Learn more about Microsoft Entra Agent ID Get started with Microsoft 365 Copilot Get started with Microsoft Copilot Studio Get started with Microsoft Foundry Get started with Microsoft Defender for Cloud Get started with Microsoft Entra Get started with Microsoft Purview Get started with Microsoft Purview Compliance Manager Sign up for a free Microsoft 365 E5 Security Trial and Microsoft Purview Trial 1 Bedrock Security, 2025 Data Security Confidence Index, published Mar 17, 2025. 2 AuditBoard & Ascend2, Connected Risk Report 2024; as cited by MIT Sloan Management Review, Spring 2025. 3 KPMG AI Quarterly Pulse Survey | Q3 2025. September 2025. n= 130 U.S.-based C-suite and business leaders representing organizations with annual revenue of $1 billion or more 4 First Annual Generative AI study: Business Rewards vs. Security Risks, , Q3 2023, ISMG, N=400 5 First Annual Generative AI study: Business Rewards vs. Security Risks, Q3 2023, ISMG, N=400Building layered protection: New Microsoft Purview data security controls for the browser & network
Microsoft is committed to helping our customers protect their data wherever it lives or travels - even as the modern data estate grows more complex. Over the years, we have taken a uniquely seamless approach of building protections directly where data is stored, used, or moves, helping customers get up and running easily without compromising on coverage. Our journey started with native integration of Purview data security controls into Microsoft 365 apps and services. This built-in design enables us to secure data right where most of your organization’s productivity takes place, without added latency or onboarding. This principle has continued with built-in controls for Teams, PowerBI, Fabric, and Microsoft 365 Copilot. We have also extended protections to Windows and macOS endpoint devices using a differentiated, agentless model that delivers visibility and control without deployment headaches or heavy on-premises footprint. However, the nature of modern work is continuously evolving: Generative AI tools are increasingly ubiquitous in the digital workplace and information workers are spending more time working in the browser than ever before [1]. As such, we are once again evolving our solutions to the modern AI era by extending Purview data security capabilities to the network layer and Microsoft Edge for Business. These capabilities include: Inline discovery of sensitive data across the network through secure access service edge (SASE) integration Inline discovery & protection of sensitive data in Edge for Business Data security controls for unmanaged Windows & macOS devices using Edge for Business When combined with existing Purview protections across cloud, email, and endpoints, the new browser and network controls empower teams to build a layered strategy for data protection that scales with the pace and complexity of today’s data ecosystems. To see layered protection in action, watch our latest Mechanics video: Introducing inline data discovery for the network Historically, Microsoft Purview has possessed the ability to allow or block the use of sensitive data within specified applications through our cloud and endpoint data loss prevention (DLP) solutions. As users interact with a wider variety of cloud-connected apps & services throughout the day – such as unmanaged SaaS apps, personal cloud storage services, and consumer GenAI apps – organizations need greater oversight over sensitive data that is being sent outside of the trusted boundaries of the organization. Today, we are excited to share that Microsoft Purview is opening its best-in-class data classification and data loss prevention policies to an ecosystem of secure access service edge (SASE) solutions. Integrating Purview with your SASE technology of choice enables you to secure sensitive data at the network layer using the same tools and workflows you rely on every day. This approach also enables you to extend Purview inspection, classification and ability to make policy verdicts to data in unmanaged, 3rd party locations, all at the speed & scale of the cloud. Users won’t have their pace and productivity disrupted as policies await decisions from on-premises classification systems, and admins can intercept sensitive data before it's leaked to risky destinations. Alongside us for the start of this journey are Netskope, a Leader in the Gartner Magic Quadrant for SSE and SASE, iboss, a Leader in the IDC ZTNA MarketScape, and Palo Alto Networks, a Leader in the Gartner Magic Quadrant for SSE and SASE. We are excited to announce that inline discovery of sensitive data will be available in public preview early May through the Netskope One SSE and iboss Zero Trust SASE integrations. The integration with Palo Alto Networks Prisma Access for inline discovery will be available later this year. The list of supported SASE partners will continue to expand in the coming months. Through these joint solutions, we can help our customers see greater value from bringing together best-of-breed data security and network visibility. "As insider threats rise and adversaries leverage AI, large enterprises are strengthening their security strategies by integrating insights from diverse tools. Netskope’s seamless integration with Microsoft Purview tackles these evolving challenges head-on, enhancing data protection and ensuring classified information remains secure." – Siva VRS, Wipro, Vice President & Global Business Unit Head, Cyber Security Practices Securing risky data interactions through SASE integration Through the upcoming Netskope and iboss integrations, your SASE solution will provide visibility into network traffic originating from managed devices to potentially untrusted locations. These interactions can be initiated from desktop applications such as the ChatGPT desktop app, cloud file sync apps like Box, and even non-Microsoft browsers such as Opera or Brave. Examples of common but potentially risky interactions include: Intentional or inadvertent exfiltration of sensitive company data to a personal or 3rd party instance of an application: For example, an employee is working with a partner outside of their organization on an upcoming project via the Slack desktop application. If the employee sends sensitive data to that 3rd party Slack channel, such as customer account numbers or contact information, this event will be captured in Purview Data Security Posture Management (DSPM) and Activity Explorer, and the admin can dive deeper into the sensitive data that was exfiltrated & its destination: Use of unsanctioned generative AI applications or plugins: Some employees in your organization may have installed an unsanctioned GPT plugin for their Microsoft Word application, for example. If they prompt the plugin to summarize the contents of the Confidential merger & acquisition document that is open, this prompt will also be captured in Purview DSPM for AI. Learn more about inline discovery of sensitive data in GenAI applications in this blog. Detection & discovery of these events provide data security admins invaluable insight into how sensitive data is leaving trusted locations through the network, even before policies are ever created. From Purview DSPM, admins can better understand how the sensitive data detected in network activity contributes to their organizational risk, such as the top applications to which users send sensitive data, and the types of data that are most frequently exfiltrated. Even better, DSPM provides proactive policy recommendations for controls that can help address this risk. Additionally, admins have the option to leverage Activity Explorer to drill down into specific egress points and destinations of sensitive data to better inform their protection strategy. Visibility of sensitive data in motion not only gives admins insight into how to improve their data loss prevention strategy, but also broadens their aperture of activities that could indicate potentially risky behavior by users. In the coming months, these new network signals will unlock a new category of policy indicators in Purview Insider Risk Management. Indicators for user activities such as file uploads or AI prompt submissions detected through the network will help Insider Risk Management formulate richer and comprehensive profiles of user risk. In turn, these signals will also better contextualize future data interactions and enrich policy verdicts. Introducing inline data protection in Edge for Business Every day, your employees interact with data across a variety of web applications & services. Chances are, some of this data is sensitive or proprietary for the organization. For that reason, it’s growing increasingly critical to have visibility and control over how employees interact with sensitive data within the browser. Today, we are excited to announce two new capabilities that represent significant strides in our growing set of native data security controls for Edge for Business, the secure enterprise browser optimized for AI: inline data protection and data security controls for unmanaged devices. With the new inline protection capability for Edge for Business, available in public preview in the coming weeks, you can prevent data leakage across the various ways that users interact with sensitive data in the browser, including typing of text directly into a web application or generative AI prompt. Inline protection is built natively into Edge for Business, meaning it can be enabled even without endpoint DLP deployed, and complements existing endpoint DLP protections for uploading or pasting sensitive content to the browser. Starting with some of the top consumer GenAI apps (ChatGPT, Google Gemini, and DeepSeek), admins will be able to block typed prompts containing sensitive data. This list will continuously expand to support a broad range of unmanaged apps, including additional genAI, email, collaboration, and social media apps. In the example below, you can see how a Purview DLP policy can block a user from submitting a prompt containing sensitive M&A details to Google Gemini for summarization: Inline protection can also leverage Adaptive Protection policy conditions for activities in GenAI apps. This enables data security admins to tailor the level of enforcement to the risk level of the user interacting with the data, minimizing disruption to day-to-day AI usage. For example, Adaptive Protection can enable admins to block low-risk users from submitting prompts containing the highest-sensitivity classifiers for their organization, such as M&A-related data or intellectual property, while blocking prompts containing any sensitive information type (SIT) for an elevated-risk user. To bring this full circle, risky prompts sent to GenAI apps or responses containing sensitive information can also raise a user’s risk level through risky AI usage detections in Insider Risk Management. This helps organizations understand and adapt to how insiders are interacting with data in AI apps. Similarly to inline data discovery for the network, visibility into sensitive data use in Edge for Business will now surface in Purview DSPM, even if a protection policy has not yet been deployed. If DSPM observes high data exfiltration risk originating from Edge for Business, it will proactively recommend a set of data security policies to mitigate that risk, such as blocking typed sensitive data and sensitive files from being sent to consumer AI apps. Purview data security controls for unmanaged devices In addition to the new inline protection capability, we are thrilled to announce that Purview data security controls now extend to Edge for Business on unmanaged Windows or macOS devices. These data loss prevention policies, rolling out in public preview in the coming weeks, allow organizations to prevent or enable access to data in organizational apps based on the sensitivity of the data, as long as the end user is logged into their Edge for Business profile. This is particularly relevant for organizations that leverage a significant contractor or frontline workforce, or enable bring-your-own-device (BYOD) policies. Similarly to inline protection, these controls are built natively into Edge for Business and can be activated even without endpoint DLP deployed. As an example, your organization may allow a contractor to use a personal macOS device to access corporate resources. By opening Edge for Business and logging in using their Entra ID account, Purview data security policies can now be applied to that browser session. If the contractor navigates to a managed app such as Workday or a proprietary line of business app, you can apply context-aware data protections such as allowing download of a benefits brochure that does not contain any sensitive information, but preventing download of employee or patient records that contain sensitive data. This context-aware policy helps organizations balance adequate data security controls with end user productivity. To learn more about security capabilities built into Edge for Business, the secure enterprise browser, visit the blog. Licensing details Inline data discovery via 3rd party network integrations: Your global admin will be able to enable this capability by activating Purview pay-as-you-go meters. Pricing will be based on the number of requests captured through network traffic within the scope of a policy. E5, E5 Compliance, and E5 Information Protection & Governance required. Additional pricing details will be available with public preview rollout in early May. Inline discovery & protection in Edge for Business: [Revision Nov. 2025] Inline data protection in Edge for Business is now a pay-as-you-go capability. Your global admin will be able to enable this capability by activating Purview pay-as-you-go meters. Data security controls for unmanaged devices accessing Edge for Business: Included in E5, E5 Compliance, and E5 Information Protection & Governance. Get started You can try Microsoft Purview data security solutions directly in the Microsoft Purview compliance portal with a free trial. Want to learn more about the innovations designed to help your organization protect data, defend against cyber threats, and stay compliant? Hear from Microsoft leaders online at Microsoft Secure on April 9. [1] Internal Windows telemetryPurview Launches New DLP Policy to Control Copilot Prompts
A new DLP policy for Copilot prompts monitors blocked sensitive information types like credit card numbers to stop their use in Copilot prompts. The new policy can’t be combined with the existing DLP policy for Copilot, which checks for files with specific sensitivity labels to prevent Copilot using their content in its responses. But that’s OK because the two policies do very different work. https://office365itpros.com/2025/11/20/dlp-policy-for-copilot-prompts/Uncover hidden security risks with Microsoft Sentinel graph
Earlier this fall, we launched Microsoft Sentinel graph – and today, we are pleased to announce that Sentinel graph is generally available starting December 1, 2025. Microsoft Sentinel graph maps the interconnections across activity, asset, and threat intelligence data. This enables comprehensive graph-based security and analysis across pre-and post-breach scenarios in both Microsoft Defender and Microsoft Purview. Customers are already seeing the impact of the graph-powered experiences that is providing insights beyond tabular queries. "The predefined scenarios in Sentinel graph are excellent... it definitely shows where I would need to look as an investigator to figure out what's happening in my environment, who has access to it, not only directly, but also indirectly, a couple of hops away. And that's something that you really can't get through a standard KQL query..." - Gary Bushey, Security Architect, Cyclotron, Inc. Building on this foundation, we are taking Sentinel graph to the next level and are excited to announce the public preview of the following new capabilities. Graph MCP Tools Building on the hunting graph and blast radius analysis capabilities in Microsoft Defender portal. We are excited to announce preview of purpose-built Sentinel graph MCP tools (Blast Radius, Path Discovery, and Exposure Perimeter) that make the graph-powered insights accessible to the AI agents. Using these purpose-built Sentinel graph MCP tools, you will be able to use and build AI agents to get insights from the graph in natural language (figure 1): “What is the blast radius from ‘Laura Hanak’?” “Is there a path from user Mark Gafarov to key vault wg-prod?” “Who can all get to wg-prod key vault?” You can sign up here for a free preview of Sentinel graph MCP tools, which will also roll out starting December 1, 2025. Custom Graphs The security operations teams, including Tier-3 analysts, threat intelligence specialists, and security researchers play a critical role in investigating sophisticated attacks and addressing systemic security issues. Their responsibilities range from uncovering design vulnerabilities and tracing historical exploitation, to analyzing types of abuse and recommending effective solutions. These experts strive to identify hidden patterns within organizational data and struggle with the right tools that can help them differentiate between normal vs. abnormal, keep-up with the changing attack patterns, and handle massive and complex datasets at scale. This requires a high level of flexibility and customization to rapidly iterate on the analysis. We’re taking Microsoft Sentinel graph to the next level and are thrilled to announce the public preview of custom graphs with two new powerful approaches designed specifically for security: ephemeral custom graphs and materialized custom graphs. These innovative approaches empower defenders to create and analyze graphs tailored and tuned to their unique security scenarios to find hidden risks and patterns in their security data available in the Sentinel data lake. Using their data in the lake, defenders will be able author notebooks (figure 2) to model, build, visualize, traverse, and run advanced graph analyses like Chokepoint/Centrality, Blast Radius/Reachability, Prioritized Path/Ranked, and K-hop. It’s a transformative leap in graph analytics, fundamentally changing how security teams understand and mitigate organizational risk by connecting the dots in their data. Figure 2: Custom graphs using Notebook in VS Code You can sign up here for a free preview of custom graph capability, which will also roll out starting December 1, 2025. Ephemeral Custom Graphs Ephemeral custom graphs are for one-time investigations requiring quick pattern examination and rapidly changing large scale data that doesn't justify materialization for reuse. For example, in a typical SOC investigation, brute-force attempts or privilege escalations appear as isolated incidents. But in reality, attackers move laterally through interconnected credentials and resources. Let’s assume, a service account (svc-backup) used by a legacy database is compromised. It holds group membership in “DataOps-Admins,” which shares access with “Engineering-All.” A developer reuses their personal access token across staging and production clusters. Individually, these facts seem harmless. Together, they form a multi-hop credential exposure chain that can only be detected through graph traversal. Sentinel graph helps you to build ad-hoc graphs for an investigation and discarded afterward (not kept in a database for reuse). You can pull the data from the Sentinel data lake and build a graph to explore relationships, run analytics, iterate on nodes/edges, and refine queries in an interactive loop. Here are some additional scenarios where ephemeral custom graphs can expose hidden patterns: Sign-in anomaly hunting: An analyst graphs user logins against source IPs and timestamps to identify unusual patterns (like a single IP connecting to many accounts). By iterating on the graph (filtering nodes, adding context like geolocation), they can spot suspicious login clusters or a credential theft scenario. TTP (Tactics, Techniques, Procedures) investigation: For a specific threat (e.g., a known APT’s techniques), the hunter might use a graph template to map related events. Microsoft Sentinel, for instance, can provide hunting notebook templates for scenarios like investigating lateral movement or scanning logs for leaked credentials, so analysts quickly construct a graph of relevant evidence. Audit log pattern discovery: By graphing Office 365 activity logs or admin audit logs, defenders can apply advanced graph algorithms (like betweenness centrality) to find outliers – e.g., an account that intermediates many rare files access relationships might indicate insider abuse. Materialized Custom Graphs Materialized custom graphs are graph datasets that are stored and maintained over time, often updated at intervals (e.g., daily or hourly). Instead of being thrown away each session, these graphs will be materialized in the graph database for running graph analytics and visualization. Materialized custom graphs will enable organizations to create their custom enterprise knowledge graphs for various use cases, such as every organization already has an identity graph — they just haven’t visualized it yet. Imagine a large enterprise where users, devices, service principals, and applications are constantly changing. New credentials are issued, groups evolve, and permissions shift by the hour. Over time, this churn creates a complex web of implicit trust and shared access that no static tool can capture. Organizations can now build their own identity graphs and materialize them. These materialized custom graphs can continuously map relationships across Azure AD Domain Services, Entra ID, AWS IAM, SaaS platforms, and custom applications, updating daily or hourly to reflect the organization’s true security topology. Organizations can query these graphs and run various advanced graph algorithms and understand the chokepoint, blast radius, attack paths, and so on. This helps detect the gradual buildup of privilege overlap — when identities that were once isolated begin to share access paths through evolving group memberships, role assignments, or inherited permissions. Over weeks or months, these subtle shifts expand the blast radius of any single compromise. Behind the scenes We are partnering with our friends in Microsoft Fabric to bring these new capabilities to market. Mapping a large digital estate into a graph requires new scale out approach and that is what graph in Microsoft Fabric enables. “Discovering modern security risks is a massive data challenge. It requires connecting the dots across an entire digital estate, which can only be achieved with a graph at hyperscale. This is why our Fabric team's partnership with the Sentinel graph team is so critical. We’ve collaborated to build a scale-out graph solution capable of processing billion nodes and edges, delivering the performance and scale our largest security customers need to stay ahead of threats.” - Yitzhak Kesselman, CVP, Fabric Real-Time Intelligence Getting started Check out this video to learn more. To get access to the preview capabilities, please sign-up here. Reference links Data lake blog MCP server blogMicrosoft Security Store: Now Generally Available
When we launched the Microsoft Security Store in public preview on September 30, our goal was simple: make it easier for organizations to discover, purchase, and deploy trusted security solutions and AI agents that integrate seamlessly with Microsoft Security products. Today, Microsoft Security Store is generally available—with three major enhancements: Embedded where you work: Security Store is now built into Microsoft Defender, featuring SOC-focused agents, and into Microsoft Entra for Verified ID and External ID scenarios like fraud protection. By bringing these capabilities into familiar workflows, organizations can combine Microsoft and partner innovation to strengthen security operations and outcomes. Expanded catalog: Security Store now offers more than 100 third-party solutions, including advanced fraud prevention, forensic analysis, and threat intelligence agents. Security services available: Partners can now list and sell services such as managed detection and response and threat hunting directly through Security Store. Real-World Impact: What We Learned in Public Preview Thousands of customers explored Microsoft Security Store and tried a growing catalog of agents and SaaS solutions. While we are at the beginning of our journey, customer feedback shows these solutions are helping teams apply AI to improve security operations and reduce manual effort. Spairliners, a cloud-first aviation services joint venture between Air France and Lufthansa, strengthened identity and access controls by deploying Glueckkanja’s Privileged Admin Watchdog to enforce just-in-time access. “Using the Security Store felt easy, like adding an app in Entra. For a small team, being able to find and deploy security innovations in minutes is huge.” – Jonathan Mayer, Head of Innovation, Data and Quality GTD, a Chilean technology and telecommunications company, is testing a variety of agents from the Security Store: “As any security team, we’re always looking for ways to automate and simplify our operations. We are exploring and applying the world of agents more and more each day so having the Security Store is convenient—it’s easy to find and deploy agents. We’re excited about the possibilities for further automation and integrations into our workflows, like event-triggered agents, deeper Outlook integration, and more." – Jonathan Lopez Saez, Cybersecurity Architect Partners echoed the momentum they are seeing with the Security Store: “We’re excited by the early momentum with Security Store. We’ve already received multiple new leads since going live, including one in a new market for us, and we have multiple large deals we’re looking to drive through Security Store this quarter.” - Kim Brault, Head of Alliances, Delinea “Partnering with Microsoft through the Security Store has unlocked new ways to reach enterprise customers at scale. The store is pivotal as the industry shifts toward AI, enabling us to monetize agents without building our own billing infrastructure. With the new embedded experience, our solutions appear at the exact moment customers are looking to solve real problems. And by working with Microsoft’s vetting process, we help provide customers confidence to adopt AI agents” – Milan Patel, Co-founder and CEO, BlueVoyant “Agents and the Microsoft Security Store represent a major step forward in bringing AI into security operations. We’ve turned years of service experience into agentic automations, and it’s resonating with customers—we’ve been positively surprised by how quickly they’re adopting these solutions and embedding our automated agentic expertise into their workflows.” – Christian Kanja, Founder and CEO of glueckkanja New at GA: Embedded in Defender, Entra—Security Solutions right where you work Microsoft Security Store is now embedded in the Defender and Entra portals with partner solutions that extend your Microsoft Security products. By placing Security Store in front of security practitioners, it’s now easier than ever to use the best of partner and Microsoft capabilities in combination to drive stronger security outcomes. As Dorothy Li, Corporate Vice President of Security Copilot and Ecosystem put it, “Embedding the Security Store in our core security products is about giving customers access to innovative solutions that tap into the expertise of our partners. These solutions integrate with Microsoft Security products to complete end-to-end workflows, helping customers improve their security” Within the Microsoft Defender portal, SOC teams can now discover Copilot agents from both Microsoft and partners in the embedded Security Store, and run them all from a single, familiar interface. Let’s look at an example of how these agents might help in the day of the life of a SOC analyst. The day starts with Watchtower (BlueVoyant) confirming Sentinel connectors and Defender sensors are healthy, so investigations begin with full visibility. As alerts arrive, the Microsoft Defender Copilot Alert Triage Agent groups related signals, extracts key evidence, and proposes next steps; identity related cases are then validated with Login Investigator (adaQuest), which baselines recent sign-in behavior and device posture to cut false positives. To stay ahead of emerging campaigns, the analyst checks the Microsoft Threat Intelligence Briefing Agent for concise threat rundowns tied to relevant indicators, informing hunts and temporary hardening. When HR flags an offboarding, GuardianIQ (People Tech Group) correlates activity across Entra ID, email, and files to surface possible data exfiltration with evidence and risk scores. After containment, Automated Closing Comment Generator (Ascent Global Inc.) produces clear, consistent closure notes from Defender incident details, keeping documentation tight without hours of writing. Together, these Microsoft and partner agents maintain platform health, accelerate triage, sharpen identity decisions, add timely threat context, reduce insider risk blind spots, and standardize reporting—all inside the Defender portal. You can read more about the new agents available in the Defender portal in this blog. In addition, Security Store is now integrated into Microsoft Entra, focused on identity-centric solutions. Identity admins can discover and activate partner offerings for DDoS protection, intelligent bot defense, and government ID–based verification for account recovery —all within the Entra portal. With these capabilities, Microsoft Entra delivers a seamless, multi-layered defense that combines built-in identity protection with best-in-class partner technologies, making it easier than ever for enterprises to strengthen resilience against modern identity threats. Learn more here. Levent Besik, VP of Microsoft Entra, shared that “This sets a new benchmark for identity security and partner innovation at Microsoft. Attacks on digital identities can come from anywhere. True security comes from defense in depth, layering protection across the entire user journey so every interaction, from the first request to identity recovery, stays secure. This launch marks only the beginning; we will continue to introduce additional layers of protection to safeguard every aspect of the identity journey” New at GA: Services Added to a Growing Catalog of Agents and SaaS For the first time, partners can offer their security services directly through the Security Store. Customers can now find, buy, and activate managed detection and response, threat hunting, and other expert services—making it easier to augment internal teams and scale security operations. Every listing has a MXDR Verification that certifies they are providing next generation advanced threat detection and response services. You can browse all the services available at launch here, and read about some of our exciting partners below: Avanade is proud to be a launch partner for professional services in the Microsoft Security Store. As a leading global Microsoft Security Services provider, we’re excited to make our offerings easier to find and help clients strengthen cyber defenses faster through this streamlined platform - Jason Revill, Avanade Global Security Technology Lead ProServeIT partnering with Microsoft to have our offers in the Microsoft Security Store helps ProServeIT protect our joint customers and allows us to sell better with Microsoft sellers. It shows customers how our technology and services support each other to create a safe and secure platform - Eric Sugar, President Having Reply’s security services showcased in the Microsoft Security Store is a significant milestone for us. It amplifies our ability to reach customers at the exact point where they evaluate and activate Microsoft security solutions, ensuring our offerings are visible alongside Microsoft’s trusted technologies. Notable New Selections Since public preview, the Security Store catalog has grown significantly. Customers can now choose from over 100 third-party solutions, including 60+ SaaS offerings and 50+ Security Copilot agents, with new additions every week. Recent highlights include Cisco Duo and Rubrik: Cisco Duo IAM delivers comprehensive, AI-driven identity protection combining MFA, SSO, passwordless and unified directory management. Duo IAM seamlessly integrates across the Microsoft Security suite—enhancing Entra ID with risk-based authentication and unified access policy management across cloud and on-premises applications seamlessly in just a few clicks. Intune for device compliance and access enforcement. Sentinel for centralized security monitoring and threat detection through critical log ingestion about authentication events, administrator actions, and risk-based alerts, providing real-time visibility across the identity stack. Rubrik's data security platform delivers complete cyber resilience across enterprise, cloud, and SaaS alongside Microsoft. Through the Microsoft Sentinel integration, Rubrik’s data management capabilities are combined with Sentinel’s security analytics to accelerate issue resolution, enabling unified visibility and streamlined responses. Furthermore, Rubrik empowers organizations to reduce identity risk and ensure operational continuity with real-time protection, unified visibility and rapid recovery across Microsoft Active Directory and Entra ID infrastructure. The Road Ahead This is just the beginning. Microsoft Security Store will continue to make it even easier for customers to improve their security outcomes by tapping into the innovation and expertise of our growing partner ecosystem. The momentum we’re seeing is clear—customers are already gaining real efficiencies and stronger outcomes by adopting AI-powered agents. As we work together with partners, we’ll unlock even more automation, deeper integrations, and new capabilities that help security teams move faster and respond smarter. Explore the Security Store today to see what’s possible. For a more detailed walk-through of the capabilities, read our previous public preview Tech Community post If you’re a partner, now is the time to list your solutions and join us in shaping the future of security.Beyond Visibility: The new Microsoft Purview Data Security Posture Management (DSPM) experience
In today’s AI-powered enterprises, understanding your data estate—and the risks that come with it—is both more complex and more critical than ever. Meanwhile, many organizations still grapple with a fragmented data security landscape, relying on a patchwork of disconnected tools that obscure visibility and hinder effective data security posture management. As AI adoption accelerates, entirely new data risk vectors are emerging—ranging from oversharing and compliance gaps to operational inefficiencies. According to recent research[1], 40% of data security incidents now occur within AI applications, and 78% of AI users are bringing their own AI tools to work. This challenge is further compounded by the rise of AI agents, creating a scenario that demands a unified, context-aware approach to understanding and securing data within trusted workflows. This is where data security posture management helps organizations - by providing the visibility and control they need across sprawling data estates and evolving risk surfaces. By continuously assessing data security posture, organizations can better identify gaps and remediate risks, avoiding fragmented efforts. However, even with these capabilities, many organizations still struggle to stay focused on the ultimate goal—achieving meaningful security outcomes rather than simply managing tools or processes. To overcome this, organizations must shift their perspective: seeing data security not as a collection of individual solutions, but as a holistic program anchored in desired business and security outcomes. Managing data security posture should become the foundation for building a sustainable and healthy data security program—one that continuously improves, drives measurable resilience, strengthens trust, and systematically reduces risk across the enterprise. At Microsoft Ignite, we’re excited to share the newly enhanced Microsoft Purview Data Security Posture Management (DSPM) experience—an AI-powered, centralized solution that focuses on the goals your organization needs to accomplish, and helps you strengthen data security to confidently embrace AI apps and agents with actionable insights, new third-party signals, and Security Copilot agents. Enabling AI and agents confidently with enhanced data security posture The enhanced DSPM experience is designed to simplify data security posture by stitching together the scenarios and goals customers need to achieve when it comes to their data. We are combining the depth of Purview visibility and controls with the breadth of external signals and agentic activities, complemented by Security Copilot agents, to provide a strong, proactive DSPM experience. See what’s new in Purview DSPM: ▪ Outcome-based guided workflows: To avoid the guesswork of interpreting insights and determining the next best actions, now customers can manage their data security posture by selecting which data security outcome to prioritize and the risks related to each—shifting from reactive visibility to actionable, outcome-driven insights. For each outcome, this experience will guide customers through the key metrics and risk patterns present in their organization, as well as a recommended action plan, including the expected impact of taking those actions. For example, if an admin chooses to address the risk of “Preventing sensitive data exfiltration to risky destinations,” DSPM will show how many sensitive files are at risk, how many have been exfiltrated to personal domains or external cloud services in the past 30 days, and provide recommended actions to mitigate these risks. These actions may include creating a new DLP policy and an IRM policy to detect and prevent such exfiltration to personal emails, and admins can see the impact each of these actions will have. After that, they can continuously assess their data security posture through the outcome metrics. [Figure 1: List of data security objectives, with metrics and remediation plans per objective] ▪ External data source visibility: Organizations trust Microsoft for collaboration and productivity, but their footprint spans to external data platforms too. To provide a more complete and comprehensive view of data risks across the digital estate, we’re excited to announce the advancement of the Purview partner ecosystem, with the inclusion of third-party signals in DSPM through the collaboration with our partners Varonis, BigID, Cyera and OneTrust. This partnership, possible via integration with Microsoft Sentinel Data Lake, is designed to help organizations see and understand more of their data—wherever it resides. Through DSPM, a customer will be able to easily turn on these external data signals and evaluate data asset information (such as permissions, location, sensitive information types) in these environments. Available sources initially will be: Salesforce (provided by Varonis), Databricks (provided by BigID), Snowflake (provided by Cyera), and Google Cloud Platform (provided by OneTrust), with additional external data coverage coming soon. By integrating these external data sources into Purview, data security teams gain extended visibility into sensitive data across third-party platforms alongside their Microsoft data, which also empowers teams to raise their confidence when adopting AI apps and agents by expanding visibility on external data that is referenced by those tools. This collaboration not only eliminates blind spots and strengthens risk posture, but also simplifies data security operations with a single, streamlined experience. These signals will be offered using pay-as-you-go billing through Microsoft Sentinel consumptive meters. Learn more here. [Figure 2: Asset explorer with external data from Databricks, Snowflake, Google Cloud Platform, and Salesforce] ▪ New out-of-the-box reports for posture insights: DSPM also extends visibility by presenting new out-of-the-box reports that deliver immediate visibility into top-of-mind metrics organizations care about, such as protection coverage via Sensitivity labels, Data Loss Prevention (DLP) policy triggers, and posture trends over time. With advanced filtering options and deep drilldowns, security teams can quickly identify unprotected sensitive data, track label adoption, monitor policy effectiveness, and surface potential risks earlier. These actionable insights streamline monitoring and support precise policy fine-tuning, enabling data security teams to shift from reactive operations to proactive, data-driven strategic decisions. ▪ Expanded coverage and remediation on Data Risk Assessments: DSPM now extends Data Risk Assessments to item-level analysis with automated new remediation actions like—enabling bulk disabling of overshared SharePoint links and direct activation of protection policies. Starting from an outcome-based remediation plan or the Data Risk Assessment tab, teams can take targeted actions such as removing or tightening sharing links, notifying owners, and applying or updating sensitivity labels—including new support for bulk manual labeling from search—so fixes occur where the risky items reside, and progress is immediately reflected in posture metrics. Beyond Microsoft 365, Data Risk Assessments have also expanded to Microsoft Fabric, surfacing Fabric assets in a new default assessment and proactive actions to protect new Fabric assets with DLP policies or sensitivity labels. These enhancements address key customer challenges around visibility gaps, fragmented remediation workflows, and governance across hybrid environments. AI agents are growing rapidly in enterprise environments, bringing unique data risks that traditional security can’t address. Their autonomous actions and broad access to sensitive information create complex risk profiles tied to behavior, not just identity. To stay secure, organizations need data protection strategies that treat agents as first-class entities with tailored visibility, risk scoring, and policy controls. DSPM is also adapting to this new scenario: ▪ AI Observability for agents: We’re introducing a dedicated view within DSPM that treats agents—such as the ones created on Microsoft 365 Copilot, Copilot Studio, and Azure AI Foundry—as first-class entities in your organizations when it comes to data security posture. It provides a unified inventory of all agents – including third-party agents – as well as the assigned insider risk level based on the agent behavior, posture metrics, and activity trends of each agent. Security teams can drill down into individual agents to see contextual insights like risky behaviors, oversharing patterns, and can take recommended actions, such as the creation of retention policies. AI Observability gives customers clear visibility across agents and connects insights to guided actions— simplifying governance, facilitating risk prioritization, and enabling secure AI adoption without slowing innovation. [Figure 3: AI Observability plane with inventory of 1st and 3rd party agents within the organization, as well as assigned risk level per agent] Learn more about all the innovations we are announcing to help you safely adopt agents. Redefining data security posture for the AI-powered era The new DSPM experience marks a pivotal moment in Microsoft Purview’s journey to secure the modern enterprise. By unifying visibility, protection, and investigation across human and agentic data activity, Purview empowers organizations to embrace AI responsibly, reduce risk, and drive continuous improvement in their data security posture. When it comes to leveraging built-in AI within data security solutions, admins can view proactive or summary insights and launch a Data Security Investigation (DSI) directly from DSPM. This important integration allows admins to utilize the power and scale of DSI analysis to take a closer look at data risks. Furthermore, applying AI to strengthen data security is just as critical as securing AI itself, as AI-powered solutions help organizations anticipate and neutralize risks at scale, and agents have the potential to take data security processes to another level, increasing automation and allowing teams to focus on the most pressing risks. That’s why we’re thrilled to introduce the Data Security Posture Agent, designed to augment the new Purview DSPM experience even further. This agent leverages LLMs to understand context and intent, going beyond traditional classifiers that can often miss nuance. It analyzes selected file sets and generates precise reports on requested information, such as merger & acquisition details or PO numbers. Armed with these insights, admins can decide on their own next steps, whether that’s applying new labels, updating policies, or initiating investigations, streamlining discovery and risk reduction in one intelligent, outcome-driven experience. This capability tackles the challenges of manual, time-consuming data analysis and limited visibility into sensitive information, helping organizations achieve faster resolution, stronger compliance posture, and greater operational efficiency. [Figure 4: Data Security Posture Agent to discover sensitive data and take appropriate actions] Combined with the Data Security Triage agent and other Security Copilot capabilities integrated within Purview, the Data Security Posture agent creates a robust AI-powered foundation for modern data security teams. To make the agents easily accessible and help teams get started more quickly, we are excited to announce that Security Copilot will be available to all Microsoft 365 E5 customers. Rollout starts today for existing Security Copilot customers with Microsoft 365 E5 and will continue in the upcoming months for all Microsoft 365 E5 customers. Customers will receive advanced notice before activation. Learn more: https://aka.ms/SCP-Ignite25 Building the future of data security alongside customers As organizations navigate this new era of AI-driven innovation, the ability to secure data confidently and proactively is no longer optional—it’s mission-critical. Microsoft Purview DSPM delivers a unified, outcome-based approach that transforms complexity into clarity, guiding teams from insight to action with precision. Current solutions Purview DSPM and DSPM for AI will remain available until June, when the new Purview DSPM experience becomes the centralized solution. Costumers’ top-of-mind capabilities within current workflows, such as Data Risk Assessments and Security Copilot prompt gallery, will also be available within the new DSPM experience. These new capabilities will be available in Public Preview within the next few weeks. By extending visibility across external sources, introducing AI observability, and empowering remediation through intelligent agents, Purview enables enterprises to embrace AI and agents without compromise—strengthening trust, reducing risk, and driving continuous improvement in data security posture. The future of secure AI adoption starts here. Getting connected with Microsoft Purview Read our blog with the main announcements across the Purview data security solutions at Ignite. Try Microsoft Purview data security. Learn more about Microsoft Purview on our website and Microsoft Learn. [1] July 2025 multi-national survey of over 1700 data security professionals commissioned by Microsoft from Hypothesis GroupIgnite your future with new security skills during Microsoft Ignite 2025
Ignite your future with new security skills during Microsoft Ignite 2025 AI and cloud technologies are reshaping every industry. Organizations need professionals who can secure AI solutions, modernize infrastructure, and drive innovation responsibly. Ignite brings together experts, learning, and credentials to help you get skilled for the future. Take on the Secure and Govern AI with Confidence Challenge Start your journey with the Azure Skilling Microsoft Challenge. These curated challenges help you practice real-world scenarios and earn recognition for your skills. One of the challenges featured is the Secure and Govern AI with Confidence challenge. This challenge helps you: Implement AI governance frameworks. Configure responsible AI guardrails in Azure AI Foundry. Apply security best practices for AI workloads. Special Offer: Be among the first 5,000 participants to complete this challenge and receive a discounted certification exam voucher—a perfect way to validate your skills and accelerate your career. Completing this challenge earns you a badge and prepares you for advanced credentials—ideal for anyone looking to lead in AI security. Join the challenge today! Validate Your Expertise with this new Microsoft Applied Skill. Applied Skills assessments are scenario-based, so you demonstrate practical expertise—not just theory. Earn the Secure AI Solutions in the Cloud credential—a job-ready validation of your ability to: Configure security for AI services using Microsoft Defender for Cloud. Implement governance and guardrails in Azure AI Foundry. Protect sensitive data and ensure compliance across AI workloads. This applied skill is designed for professionals who want to lead in AI security, accelerate career growth, and stand out in a competitive market. To learn how to prepare and take the applied skill, visit here. Your Next Steps: Security Plans Ignite isn’t just about live sessions—it’s about giving you on-demand digital content and curated learning paths so you can keep building skills long after the event ends. With 15 curated security plans that discuss topics such as controlling access with Microsoft Entra and securing your organization’s data, find what is relevant to you on Microsoft Ignite: Keep the momentum going page.
