Authorization and Governance for AI Agents: Runtime Authorization Beyond Identity at Scale
Designing Authorization‑Aware AI Agents at Scale Enforcing Runtime RBAC + ABAC with Approval Injection (JIT) Microsoft Entra Agent Identity enables organizations to govern and manage AI agent identities in Copilot Studio, improving visibility and identity-level control. However, as enterprises deploy multiple autonomous AI agents, identity and OAuth permissions alone cannot answer a more critical question: “Should this action be executed now, by this agent, for this user, under the current business and regulatory context?” This post introduces a reusable Authorization Fabric—combining a Policy Enforcement Point (PEP) and Policy Decision Point (PDP)—implemented as a Microsoft Entra‑protected endpoint using Azure Functions/App Service authentication. Every AI agent (Copilot Studio or AI Foundry/Semantic Kernel) calls this fabric before tool execution, receiving a deterministic runtime decision: ALLOW / DENY / REQUIRE_APPROVAL / MASK Who this is for Anyone building AI agents (Copilot Studio, AI Foundry/Semantic Kernel) that call tools, workflows, or APIs Organizations scaling to multiple agents and needing consistent runtime controls Teams operating in regulated or security‑sensitive environments, where decisions must be deterministic and auditable Why a V2? Identity is necessary—runtime authorization is missing Entra Agent Identity (preview) integrates Copilot Studio agents with Microsoft Entra so that newly created agents automatically get an Entra agent identity, manageable in the Entra admin center, and identity activity is logged in Entra. That solves who the agent is and improves identity governance visibility. But multi-agent deployments introduce a new risk class: Autonomous execution sprawl — many agents, operating with delegated privileges, invoking the same backends independently. OAuth and API permissions answer “can the agent call this API?” They do not answer “should the agent execute this action under business policy, compliance constraints, data boundaries, and approval thresholds?” This is where a runtime authorization decision plane becomes essential. The pattern: Microsoft Entra‑Protected Authorization Fabric (PEP + PDP) Instead of embedding RBAC logic independently inside every agent, use a shared fabric: PEP (Policy Enforcement Point): Gatekeeper invoked before any tool/action PDP (Policy Decision Point): Evaluates RBAC + ABAC + approval policies Decision output: ALLOW / DENY / REQUIRE_APPROVAL / MASK This Authorization Fabric functions as a shared enterprise control plane, decoupling authorization logic from individual agents and enforcing policies consistently across all autonomous execution paths. Architecture (POC reference architecture) Use a single runtime decision plane that sits between agents and tools. What’s important here Every agent (Copilot Studio or AI Foundry/SK) calls the Authorization Fabric API first The fabric is a protected endpoint (Microsoft Entra‑protected endpoint required) Tools (Graph/ERP/CRM/custom APIs) are invoked only after an ALLOW decision (or approval) Trust boundaries enforced by this architecture Agents never call business tools directly without a prior authorization decision The Authorization Fabric validates caller identity via Microsoft Entra Authorization decisions are centralized, consistent, and auditable Approval workflows act as a runtime “break-glass” control for high-impact actions This ensures identity, intent, and execution are independently enforced, rather than implicitly trusted. Runtime flow (Decision → Approval → Execution) Here is the runtime sequence as a simple flow (you can keep your Mermaid diagram too). ```mermaid flowchart TD START(["START"]) --> S1["[1] User Request"] S1 --> S2["[2] Agent Extracts Intent\n(action, resource, attributes)"] S2 --> S3["[3] Call /authorize\n(Entra protected)"] S3 --> S4 subgraph S4["[4] PDP Evaluation"] ABAC["ABAC: Tenant · Region · Data Sensitivity"] RBAC["RBAC: Entitlement Check"] Threshold["Approval Threshold"] ABAC --> RBAC --> Threshold end S4 --> Decision{"[5] Decision?"} Decision -->|"ALLOW"| Exec["Execute Tool / API"] Decision -->|"MASK"| Masked["Execute with Masked Data"] Decision -->|"DENY"| Block["Block Request"] Decision -->|"REQUIRE_APPROVAL"| Approve{"[6] Approval Flow"} Approve -->|"Approved"| Exec Approve -->|"Rejected"| Block Exec --> Audit["[7] Audit & Telemetry"] Masked --> Audit Block --> Audit Audit --> ENDNODE(["END"]) style START fill:#4A90D9,stroke:#333,color:#fff style ENDNODE fill:#4A90D9,stroke:#333,color:#fff style S1 fill:#5B5FC7,stroke:#333,color:#fff style S2 fill:#5B5FC7,stroke:#333,color:#fff style S3 fill:#E8A838,stroke:#333,color:#fff style S4 fill:#FFF3E0,stroke:#E8A838,stroke-width:2px style ABAC fill:#FCE4B2,stroke:#999 style RBAC fill:#FCE4B2,stroke:#999 style Threshold fill:#FCE4B2,stroke:#999 style Decision fill:#fff,stroke:#333 style Exec fill:#2ECC71,stroke:#333,color:#fff style Masked fill:#27AE60,stroke:#333,color:#fff style Block fill:#C0392B,stroke:#333,color:#fff style Approve fill:#F39C12,stroke:#333,color:#fff style Audit fill:#3498DB,stroke:#333,color:#fff ``` Design principle: No tool execution occurs until the Authorization Fabric returns ALLOW or REQUIRE_APPROVAL is satisfied via an approval workflow. Where Power Automate fits (important for readers) In most Copilot Studio implementations, Agents calls Power Automate (agent flows), is the practical integration layer that calls enterprise services and APIs. Copilot Studio supports “agent flows” as a way to extend agent capabilities with low-code workflows. For this pattern, Power Automate typically: acquires/uses the right identity context for the call (depending on your tenant setup), and calls the /authorize endpoint of the Authorization Fabric, returns the decision payload to the agent for branching. Copilot Studio also supports calling REST endpoints directly using the HTTP Request node, including passing headers such as Authorization: Bearer <token>. Protected endpoint only: Securing the Authorization Fabric with Microsoft Entra For this V2 pattern, the Authorization Fabric must be protected using Microsoft Entra‑protected endpoint on Azure Functions/App Service (built‑in auth). Microsoft Learn provides the configuration guidance for enabling Microsoft Entra as the authentication provider for Azure App Service / Azure Functions. Step 1 — Create the Authorization Fabric API (Azure Function) Expose an authorization endpoint: HTTP Step 2 — Enable Microsoft Entra‑protected endpoint on the Function App In Azure Portal: Function App → Authentication Add identity provider → Microsoft Choose Workforce configuration (enterprise tenant) Set Require authentication for all requests This ensures the Authorization Fabric is not callable without a valid Entra token. Step 3 — Optional hardening (recommended) Depending on enterprise posture, layer: IP restrictions / Private endpoints APIM in front of the Function for rate limiting, request normalization, centralized logging (For a POC, keep it minimal—add hardening incrementally.) Externalizing policy (so governance scales) To make this pattern reusable across multiple agents, policies should not be hardcoded inside each agent. Instead, store policy definitions in a central policy store such as Cosmos DB (or equivalent configuration store), and have the PDP load/evaluate policies at runtime. Why this matters: Policy changes apply across all agents instantly (no agent republish) Central governance + versioning + rollback becomes possible Audit and reporting become consistent across environments (For the POC, a single JSON document per policy pack in Cosmos DB is sufficient. For production, add versioning and staged rollout.) Store one PolicyPack JSON document per environment (dev/test/prod). Include version, effectiveFrom, priority for safe rollout/rollback. Minimal decision contract (standard request / response) To keep the fabric reusable across agents, standardize the request payload. Request payload (example) Decision response (deterministic) Example scenario (1 minute to understand) Scenario: A user asks a Finance agent to create a Purchase Order for 70,000. Even if the user has API permission and the agent can technically call the ERP API, runtime policy should return: REQUIRE_APPROVAL (threshold exceeded) trigger an approval workflow execute only after approval is granted This is the difference between API access and authorized business execution. Sample Policy Model (RBAC + ABAC + Approval) This POC policy model intentionally stays simple while demonstrating both coarse and fine-grained governance. 1) Coarse‑grained RBAC (roles → actions) FinanceAnalyst CreatePO up to 50,000 ViewVendor FinanceManager CreatePO up to 100,000 and/or approve higher spend 2) Fine‑grained ABAC (conditions at runtime) ABAC evaluates context such as region, classification, tenant boundary, and risk: 3) Approval injection (Agent‑level JIT execution) For higher-risk/high-impact actions, the fabric returns REQUIRE_APPROVAL rather than hard deny (when appropriate): How policies should be evaluated (deterministic order) To ensure predictable and auditable behavior, evaluate in a deterministic order: Tenant isolation & residency (ABAC hard deny first) Classification rules (deny or mask) RBAC entitlement validation Threshold/risk evaluation Approval injection (JIT step-up) This prevents approval workflows from bypassing foundational security boundaries such as tenant isolation or data sovereignty. Copilot Studio integration (enforcing runtime authorization) Copilot Studio can call external REST APIs using the HTTP Request node, including passing headers such as Authorization: Bearer <token> and binding response schema for branching logic. Copilot Studio also supports using flows with agents (“agent flows”) to extend capabilities and orchestrate actions. Option A (Recommended): Copilot Studio → Agent Flow (Power Automate) → Authorization Fabric Why: Flows are a practical place to handle token acquisition patterns, approval orchestration, and standardized logging. Topic flow: Extract user intent + parameters Call an agent flow that: calls /authorize returns decision payload Branch in the topic: If ALLOW → proceed to tool call If REQUIRE_APPROVAL → trigger approval flow; proceed only if approved If DENY → stop and explain policy reason Important: Tool execution must never be reachable through an alternate topic path that bypasses the authorization check. Option B: Direct HTTP Request node to Authorization Fabric Use the Send HTTP request node to call the authorization endpoint and branch using the response schema. This approach is clean, but token acquisition and secure secretless authentication are often simpler when handled via a managed integration layer (flow + connector). AI Foundry / Semantic Kernel integration (tool invocation gate) For Foundry/SK agents, the integration point is before tool execution. Semantic Kernel supports Azure AI agent patterns and tool integration, making it a natural place to enforce a pre-tool authorization check. Pseudo-pattern: Agent extracts intent + context Calls Authorization Fabric Enforces decision Executes tool only when allowed (or after approval) Telemetry & audit (what Security Architects will ask for) Even the best policy engine is incomplete without audit trails. At minimum, log: agentId, userUPN, action, resource decision + reason + policyIds approval outcome (if any) correlationId for downstream tool execution Why it matters: you now have a defensible answer to: “Why did an autonomous agent execute this action?” Security signal bonus: Denials, unusual approval rates, and repeated policy mismatches can also indicate prompt injection attempts, mis-scoped agents, or governance drift. What this enables (and why it scales) With a shared Authorization Fabric: Avoid duplicating authorization logic across agents Standardize decisions across Copilot Studio + Foundry agents Update governance once (policy change) and apply everywhere Make autonomy safer without blocking productivity Closing: Identity gets you who. Runtime authorization gets you whether/when/how. Copilot Studio can automatically create Entra agent identities (preview), improving identity governance and visibility for agents. But safe autonomy requires a runtime decision plane. Securing that plane as an Entra-protected endpoint is foundational for enterprise deployments. In enterprise environments, autonomous execution without runtime authorization is equivalent to privileged access without PIM—powerful, fast, and operationally risky.A Microsoft FTE’s Reflections from MVP Summit 2026: Deep Insights & Connections
Last week, March 24 to 26, 2026, Microsoft headquarters in Redmond played host to the annual Microsoft MVP Summit. What an incredible few days it was. As someone fortunate enough to be part of this community, I walked away with a renewed sense of what makes the Microsoft MVP program truly special. The NDA sessions delivered by my colleagues were, as always, packed with impressive technical depth. We dove into the latest advancements across Microsoft’s ecosystem. Everything from AI innovations and cloud infrastructure to productivity tools, security enhancements, and the roadmap for the platforms so many of us support every day. These closed-door conversations gave direct access to product teams, unfiltered feedback opportunities, and early insights that will help better serve all communities, customers, and the broader Microsoft ecosystem in the months ahead. The level of detail and candor in those rooms is unmatched. It is where real-world challenges meet engineering priorities, and where MVPs can share the voice of the user directly with the people building the future of technology at Microsoft. If you have attended before, you know the feeling. Walking out of a session with your mind racing about new possibilities and ways to apply what you have learned. But if I am being honest, the technical content, valuable as it is, only tells part of the story. What truly defines the MVP Summit is the people. It is the energy in the hallways between sessions. It is the conversations that stretch late into the evening over coffee or something stronger. It is meeting new MVPs for the first time. Bright, passionate experts from around the world who bring fresh perspectives and unique experiences. It is renewing old friendships with people you might only see once a year, picking up right where you left off as if no time had passed. And it is the powerful realization that hits you in those moments: we are all in this together. We come from different countries, different backgrounds, and different areas of expertise. Yet we share the same drive, to learn, to contribute, to help others succeed with Microsoft technologies. Whether you are deep in Azure, Microsoft 365, Power Platform, security, AI, or any of the countless other areas, there is a common thread of enthusiasm and a genuine desire to make technology better for everyone. Standing shoulder-to-shoulder with like-minded individuals reminds you that the MVP community is not just a collection of awardees. It is a global network of collaborators, mentors, and friends united by a passion for what Microsoft is building. To everyone I had the chance to connect with directly last week, thank you. The conversations, the laughs, the shared stories, and the thoughtful exchanges meant more than I can easily express. You made the Summit memorable and energizing. And to those I did not get to meet this year (there are never enough hours in the day), I hope our paths cross at next year’s MVP Summit, or at one of the many conferences and events happening throughout the year. The community is stronger when we keep showing up for each other. A huge thank you as well to my Microsoft colleagues who helped organize the Summit and pour so much effort into making these NDA sessions valuable and productive. Your commitment to transparency and partnership with the MVP community does not go unnoticed. If you are an MVP reading this and you attended, drop a comment or reach out. Let us keep the momentum going. If you are aspiring to the program, know that moments like these are part of what makes it so rewarding. Here is to another year of learning, building, and connecting, together.Microsoft Pre-Day: Your first look at what’s next in Security
Kick off RSAC 2026 on Sunday, March 22 at the Palace Hotel for Microsoft Pre‑Day, an exclusive experience designed to set the tone for the week ahead. Hear keynote insights from Vasu Jakkal, CVP of Microsoft Security Business and other Microsoft security leaders as they explore how AI and agents are reshaping the security landscape. You’ll discover how Microsoft is advancing agentic defense, informed by more than 100 trillion security signals each day. You’ll learn how solutions like Agent 365 deliver observability at every layer, and how Microsoft’s purpose‑built security capabilities help you secure every layer of the AI stack. You’ll also explore how our expert-led services can help you defend against cyberthreats, build cyber resilience, and transform your security operations. The experience concludes with opportunities to connect, including a networking reception and an invite-only dinner for CISOs and security executives. Microsoft Pre‑Day is your chance to hear what is coming next and prepare for the week ahead. Secure your spot today.Ask Microsoft Anything: Data & AI Security in the Real World
At RSA this year, we’re hosting Ask the Experts: Data & AI Security in the Real World a live, unscripted conversation with Microsoft Security engineers and product leaders who are actively building and securing AI systems on a scale. And if you’re not attending in person, you can join the conversation online through Tech Community. What to Expect This is not a traditional conference session. There are no slide decks. There’s no product pitch. Instead, we’ll host an open AMA-style discussion where security practitioners can ask: Implementation questions Architecture questions Lessons learned from early deployments You’ll hear directly from the engineers and security leaders responsible for securing Microsoft AI systems and customer environments. Topics We’ll Cover While the format is open, we expect to dive into areas like: Data protection strategies for AI workloads Securing copilots and generative AI integrations Identity and access controls for AI services Monitoring, logging, and anomaly detection Join Us at RSA or Online If you’re attending RSA, join us live and bring your toughest questions. If you’re remote, participate through Tech Community; where you can post questions in advance or engage during the live discussion. The conversation will remain open afterward so practitioners across time zones can continue the dialogue. Hope to see you there! Tech Community Event LinkYour Guide to Microsoft at RSAC™ 2026
AI is accelerating both opportunity and exposure at a pace security leaders haven’t seen before. The impact is universal, and for security teams, the challenge has shifted from if AI will change their work to how to get ahead of what comes next. At RSAC 2026, we’ll show how an AI‑first, end‑to‑end security platform enables you to defend every layer of the AI stack and secure with agentic AI. Read our full guide on making the most of RSAC 2026 Conference. What to experience at RSAC 2026 with Microsoft Microsoft Pre-Day (Sunday, March 22): Start the week at the Palace Hotel with insights from Vasu Jakkal, CVP of Microsoft Security Business, on how AI and autonomous agents are reshaping defense strategy. Close the day by connecting with peers at a networking reception and an invite‑only CISO dinner. Microsoft Security Hub at the Palace Hotel: Make the Palace your home base, step away from the show floor to network, join focused roundtables, and recharge between sessions, all alongside Microsoft experts and partners. 1:1 Meetings: Book dedicated time with Microsoft leaders and security experts to go deep on your priorities, roadmaps, and product questions. Request a meeting: https://aka.ms/RSAC/MeetingRequest Post-Day Forum (Thursday, March 26): Wrap up your week with a half‑day program at the Microsoft Experience Center in Silicon Valley, featuring hands‑on discussions with Microsoft security and AI experts, interactive sessions beyond the mainstage, and transportation from downtown provided. Capacity is limited; register early. Ready to plan your RSAC week? Go beyond the conference with Microsoft Security to gain clear perspective on how AI agents are reshaping risk and response, practical guidance to help you focus on what matters most, and meaningful connections with peers and experts facing the same challenges Read the full details on Microsoft experiences at RSAC 2026.Microsoft Ignite 2025: Top Security Innovations You Need to Know
🤖 Security & AI -The Big Story This Year 2025 marks a turning point for cybersecurity. Rapid adoption of AI across enterprises has unlocked innovation but introduced new risks. AI agents are now part of everyday workflows-automating tasks and interacting with sensitive data—creating new attack surfaces that traditional security models cannot fully address. Threat actors are leveraging AI to accelerate attacks, making speed and automation critical for defense. Organizations need solutions that deliver visibility, governance, and proactive risk management for both human and machine identities. Microsoft Ignite 2025 reflects this shift with announcements focused on securing AI at scale, extending Zero Trust principles to AI agents, and embedding intelligent automation into security operations. As a Senior Cybersecurity Solution Architect, I’ve curated the top security announcements from Microsoft Ignite 2025 to help you stay ahead of evolving threats and understand the latest innovations in enterprise security. Agent 365: Control Plane for AI Agents Agent 365 is a centralized platform that gives organizations full visibility, governance, and risk management over AI agents across Microsoft and third-party ecosystems. Why it matters: Unmanaged AI agents can introduce compliance gaps and security risks. Agent 365 ensures full lifecycle control. Key Features: Complete agent registry and discovery Access control and conditional policies Visualization of agent interactions and risk posture Built-in integration with Defender, Entra, and Purview Available via the Frontier Program Microsoft Agent 365: The control plane for AI agents Deep dive blog on Agent 365 Entra Agent ID: Zero Trust for AI Identities Microsoft Entra is the identity and access management suite (covering Azure AD, permissions, and secure access). Entra Agent ID extends Zero Trust identity principles to AI agents, ensuring they are governed like human identities. Why it matters: Unmanaged or over-privileged AI agents can create major security gaps. Agent ID enforces identity governance on AI agents and reduces automation risks. Key Features: Provides unique identities for AI agents Lifecycle governance and sponsorship for agents Conditional access policies applied to agent activity Integrated with open SDKs/APIs for third‑party platforms Microsoft Entra Agent ID Overview Entra Ignite 2025 announcements Public Preview details Security Copilot Expansion Security Copilot is Microsoft’s AI assistant for security teams, now expanded to automate threat hunting, phishing triage, identity risk remediation, and compliance tasks. Why it matters: Security teams face alert fatigue and resource constraints. Copilot accelerates response and reduces manual effort. Key Features: 12 new Microsoft-built agents across Defender, Entra, Intune, and Purview. 30+ partner-built agents available in the Microsoft Security Store. Automates threat hunting, phishing triage, identity risk remediation, and compliance tasks. Included for Microsoft 365 E5 customers at no extra cost. Security Copilot inclusion in Microsoft 365 E5 Security Copilot Ignite blog Security Dashboard for AI A unified dashboard for CISOs and risk leaders to monitor AI risks, aggregate signals from Microsoft security services, and assign tasks via Security Copilot - included at no extra cost. Why it matters: Provides a single pane of glass for AI risk management, improving visibility and decision-making. Key Features: Aggregates signals from Entra, Defender, and Purview Supports natural language queries for risk insights Enables task assignment via Security Copilot Ignite Session: Securing AI at Scale Microsoft Security Blog Microsoft Defender Innovations Microsoft Defender serves as Microsoft’s CNAPP solution, offering comprehensive, AI-driven threat protection that spans endpoints, email, cloud workloads, and SIEM/SOAR integrations. Why It Matters Modern attacks target multi-cloud environments and software supply chains. These innovations provide proactive defense, reduce breach risks before exploitation, and extend protection beyond Microsoft ecosystems-helping organizations secure endpoints, identities, and workloads at scale. Key Features: Predictive Shielding: Proactively hardens attack paths before adversaries pivot. Automatic Attack Disruption: Extended to AWS, Okta, and Proofpoint via Sentinel. Supply Chain Security: Defender for Cloud now integrates with GitHub Advanced Security. What’s new in Microsoft Defender at Ignite Defender for Cloud innovations Global Secure Access & AI Gateway Part of Microsoft Entra’s secure access portfolio, providing secure connectivity and inspection for web and AI traffic. Why it matters: Protects against lateral movement and AI-specific threats while maintaining secure connectivity. Key Features: TLS inspection, URL/file filtering AI Prompt Injection protection Private access for domain controllers to prevent lateral movement attacks. Learn about Secure Web and AI Gateway for agents Microsoft Entra: What’s new in secure access on the AI frontier Purview Enhancements Microsoft Purview is the data governance and compliance platform, ensuring sensitive data is classified, protected, and monitored. Why it matters: Ensures sensitive data remains protected and compliant in AI-driven environments. Key Features: AI Observability: Monitor agent activities and prevent sensitive data leakage. Compliance Guardrails: Communication compliance for AI interactions. Expanded DSPM: Data Security Posture Management for AI workloads. Announcing new Microsoft Purview capabilities to protect GenAI agents Intune Updates Microsoft Intune is a cloud-based endpoint device management solution that secures apps, devices, and data across platforms. It simplifies endpoint security management and accelerates response to device risks using AI. Why it matters: Endpoint security is critical as organizations manage diverse devices in hybrid environments. These updates reduce complexity, speed up remediation, and leverage AI-driven automation-helping security teams stay ahead of evolving threats. Key Features: Security Copilot agents automate policy reviews, device offboarding, and risk-based remediation. Enhanced remote management for Windows Recovery Environment (WinRE). Policy Configuration Agent in Intune lets IT admins create and validate policies with natural language What’s new in Microsoft Intune at Ignite Your guide to Intune at Ignite Closing Thoughts Microsoft Ignite 2025 signals the start of an AI-driven security era. From visibility and governance for AI agents to Zero Trust for machine identities, automation in security operations, and stronger compliance for AI workloads-these innovations empower organizations to anticipate threats, simplify governance, and accelerate secure AI adoption without compromising compliance or control. 📘 Full Coverage: Microsoft Ignite 2025 Book of News
Catch up on Microsoft Security sessions and announcements from Ignite 2025
Ignite 2025 delivered groundbreaking innovations for securing the agentic era—where AI agents transform how we work and collaborate. If you missed the live sessions, news announcements, or want to dive deeper, here’s your quick start guide to the most important resources and actionable steps to stay informed. 1. Watch the Innovation Session: Security in the Agentic Era on demand Hear from Vasu Jakkal, CVP, Microsoft Security Business, and Charlie Bell, EVP, Microsoft Security, as they outline why digital trust is the foundation for innovation in the agentic era. With AI agents projected to reach 1.3 billion by 2028¹, organizations face new security challenges such as manipulated models to coerced agents and expanded attack surfaces. This session introduces Microsoft’s vision for ambient and autonomous security integrated across every layer of operations. You’ll learn how our AI-first security platform can help anticipate and stop attacks with AI-driven defense while helping to ensure security, governance, and compliance for your IT assets, and how it simplifies data management with a modern data lake and dynamic threat intelligence capabilities. You’ll also learn more about the just-announced Microsoft Agent 365, the control plane for AI agents that brings observability at every level of the AI stack. Through demos and customer stories, discover how identity, data, and compliance protections converge to enable secure AI innovation at scale. 2. Leverage AI agents in your workflow with Security Copilot in Microsoft 365 E5. With Security Copilot now part of Microsoft 365 E5, security teams can seamlessly bring AI-powered assistance into their daily workflows. This means faster incident response, simplified threat analysis, and natural language queries—all integrated into the tools you already use. By embedding generative AI directly into Microsoft 365, organizations can strengthen defenses and reduce complexity without adding extra licensing or overhead. Learn more. 3. Ambient and autonomous security for the agentic era Ignite 2025 introduced a bold vision for securing the agentic era. From making security ambient and autonomous across identities, data, apps, endpoints, and agents, to unveiling Agent 365 for centralized AI agent governance and embedding Security Copilot into Microsoft 365 E5, these updates show how Microsoft is transforming security for a world woven with AI. Explore this collection of insights, technical deep dives, and demos to see how Microsoft’s integrated security platform delivers unified protection and intelligent automation at scale. Explore all the security announcements from Ignite 2025. 4. Explore on-demand sessions Missed a live session or want to dive deeper into the latest security innovations? Explore the catalog of security sessions covering topics like modernizing SecOps, securing data, and protecting AI platforms and apps. Each session is packed with demos, best practices, and expert insights to help you apply what’s new in Microsoft Security. Your next steps Start with the Innovation Session (#1), then dive into the news announcements (#2, #3) and on-demand content (#4) to understand how Microsoft is securing the agentic era. ¹IDC Info Snapshot, sponsored by Microsoft, 1.3 Billion AI Agents by 2028, May 2025 #US53361825Ignite your future with new security skills during Microsoft Ignite 2025
Ignite your future with new security skills during Microsoft Ignite 2025 AI and cloud technologies are reshaping every industry. Organizations need professionals who can secure AI solutions, modernize infrastructure, and drive innovation responsibly. Ignite brings together experts, learning, and credentials to help you get skilled for the future. Take on the Secure and Govern AI with Confidence Challenge Start your journey with the Azure Skilling Microsoft Challenge. These curated challenges help you practice real-world scenarios and earn recognition for your skills. One of the challenges featured is the Secure and Govern AI with Confidence challenge. This challenge helps you: Implement AI governance frameworks. Configure responsible AI guardrails in Azure AI Foundry. Apply security best practices for AI workloads. Special Offer: Be among the first 5,000 participants to complete this challenge and receive a discounted certification exam voucher—a perfect way to validate your skills and accelerate your career. Completing this challenge earns you a badge and prepares you for advanced credentials—ideal for anyone looking to lead in AI security. Join the challenge today! Validate Your Expertise with this new Microsoft Applied Skill. Applied Skills assessments are scenario-based, so you demonstrate practical expertise—not just theory. Earn the Secure AI Solutions in the Cloud credential—a job-ready validation of your ability to: Configure security for AI services using Microsoft Defender for Cloud. Implement governance and guardrails in Azure AI Foundry. Protect sensitive data and ensure compliance across AI workloads. This applied skill is designed for professionals who want to lead in AI security, accelerate career growth, and stand out in a competitive market. To learn how to prepare and take the applied skill, visit here. Your Next Steps: Security Plans Ignite isn’t just about live sessions—it’s about giving you on-demand digital content and curated learning paths so you can keep building skills long after the event ends. With 15 curated security plans that discuss topics such as controlling access with Microsoft Entra and securing your organization’s data, find what is relevant to you on Microsoft Ignite: Keep the momentum going page.Celebrating Cybersecurity Awareness Month: Everyday Protection with Microsoft 365
Every October, people around the world- from students and parents to large organizations and governments- take time to strengthen their online safety habits and learn how to protect their digital lives. Microsoft’s pledge to our customers and our community is to prioritize your cybersafety above all else. Whether you're running a Fortune 100 company, shopping online, or helping your kids with homework, we’re here to help you stay one step ahead of cyber threats. Our goal is simple: to give you the tools, tips, and confidence to be cybersmart every day. The Evolving Threat Landscape In the past year, online threats have become more aggressive and harder to spot: Phishing scams are everywhere—fraudsters now mimic trusted brands to trick you into giving up passwords or personal info. Fraudulent websites are deceptive and often mimic legitimate businesses or government agencies, luring users into sharing sensitive information like passwords or credit card numbers. Identity theft is on the rise, with criminals using leaked personal data to open fake accounts or impersonate you online. These attacks are fast, sneaky, and can be powered by artificial intelligence. That’s why you need to have a security-first mindset. Today, you need always-on protection that can spot suspicious behavior, predict hacker tactics, and respond quickly—before damage is done. Microsoft’s Commitment to Security Every time you check your email, save a photo, or browse the web, Microsoft’s security ecosystem is working behind the scenes to keep you safe. Microsoft analyzes over 84 trillion signals daily—from devices, emails, and cloud activity—to detect threats and protect your personal data. Millions of people trust Microsoft to help secure their digital lives, whether they’re managing finances, helping kids with homework, or staying connected with loved ones. Through our Secure Future Initiative, we’re investing in smarter, faster protection—powered by over 30,000 engineers focused on identity safety, threat detection, and cloud security. This means that whether you're using Outlook to email a friend, OneDrive to store family memories, or your phone to shop online, you're backed by the same advanced security that protects global organizations—tailored for your everyday life. Microsoft 365: Everyday Online Protection in Action Microsoft 365 and its suite of apps are here to keep you safer online: Microsoft Defender for Individuals¹ ²: Get peace of mind with a proactive online security solution to protect your family’s identities³, data, and devices from hackers and scammers. Outlook: Keep your emails safer – automatically scan⁴ emails for viruses and malware from unsafe links and attachments or encrypt⁴ your sensitive emails. OneDrive: Save your photos, videos, and files securely to OneDrive and keep them protected with ransomware detection and file recovery⁴. Personal Vault provides another layer of protection for your most sensitive files. Security Is a Shared Responsibility Technology plays a big role in keeping you safe online—but it’s not the whole story. You are the first and last line of defense. This Cybersecurity Awareness Month, take simple steps to protect yourself and your family: Turn on multi-factor authentication (MFA) for all your accounts to add an extra layer of security. Keep your devices and apps updated so you’re protected against the latest threats. Use strong, unique passwords—and consider a password manager to help keep track. Take advantage of built-in security tools like Defender, Outlook, and OneDrive to help safeguard your personal phones and computers, data, emails, and files. Together, we can build a safer digital world. When each of us takes action, we raise the bar against cyber threats. Let’s make online safety a daily habit—for ourselves and those we care about. Explore our Cybersecurity Awareness Month resources for best practices on how to be cybersmart, which includes articles on AI safety, phishing, fraud, cybersecurity 101, and more. We also include cybersecurity learning paths, certification opportunities, and the latest insights about threat intelligence and cybersecurity developments, including tools like the Be Cybersmart Kit. Cybersecurity first, stay safe always. Happy Cybersecurity Awareness Month! References 1 – Microsoft 365 Personal, Family, or Premium subscription is required. 2 – Microsoft Defender is currently not available in certain regions. 3 – Available in the US and US territories only. Your device's primary display language must be set to English. 4 – Microsoft 365 Basic, Personal, Family, or Premium subscription is required.
