Welcome to the Microsoft Security Community!
Protect it all with Microsoft Security Eliminate gaps and get the simplified, comprehensive protection, expertise, and AI-powered solutions you need to innovate and grow in a changing world. The Microsoft Security Community is your gateway to connect, learn, and collaborate with peers, experts, and product teams. Gain access to technical discussions, webinars, and help shape Microsoft’s security products. Get there fast To stay up to date on upcoming opportunities and the latest Microsoft Security Community news, make sure to subscribe to our email list. Find the latest skilling content and on-demand videos – subscribe to the Microsoft Security Community YouTube channel. Catch the latest announcements and connect with us on LinkedIn – Microsoft Security Community and Microsoft Entra Community. Index Community Calls: January 2026 | February 2026 Upcoming Community Calls January 2026 Jan. 20 | 8:00am | Microsoft Defender for Cloud | What’s New in Microsoft Defender CSPM Cloud security posture management (CSPM) continues to evolve, and Microsoft Defender CSPM is leading the way with powerful enhancements introduced at Microsoft Ignite. This session will showcase the latest innovations designed to help security teams strengthen their posture and streamline operations. Jan. 21 | 8:00am | Microsoft Entra | Microsoft Agent Identity Platform Fundamentals In this session, we take a deep technical dive into the Microsoft Agent Identity Platform. You’ll learn how the platform’s core building blocks—Agent Identity Blueprints, Agent Identities, Agent Users, and the Agent Registry—work together to enable secure, scalable agent authentication and authorization. Jan. 22 | 8:00am | Azure Network Security | Advancing web application Protection with Azure WAF: Ruleset and Security Enhancements Explore the latest Azure WAF ruleset and security enhancements. Learn to fine-tune configurations, reduce false positives, gain threat visibility, and ensure consistent protection for web workloads—whether starting fresh or optimizing deployments. Jan. 22 | 8:00am | Security Copilot Skilling Series | Building Custom Agents: Unlocking Context, Automation, and Scale Microsoft Security Copilot already features a robust ecosystem of first-party and partner-built agents, but some scenarios require solutions tailored to your organization’s specific needs and context. In this session, you'll learn how the Security Copilot agent builder platform and MCP servers empower you to create tailored agents that provide context-aware reasoning and enterprise-scale solutions for your unique scenarios. RESCHEDULED for Jan. 27 | 9:00am | Microsoft Sentinel | AI-Powered Entity Analysis in Sentinel’s MCP Server Simplify entity risk assessment with Entity Analyzer. Eliminate complex playbooks; get unified, AI-driven analysis using Sentinel’s semantic understanding. Accelerate automation and enrich SOAR workflows with native Logic Apps integration. Jan. 28 | 8:00am | Security Copilot Skilling Series | Security Copilot in Purview Technical Deep Dive Discover how AI-powered alert triage agents for Data Loss Prevention (DLP) and Insider Risk Management (IRM) are transforming incident response and compliance workflows. Explore new Data Security Posture Management (DSPM) capabilities that deliver deeper insights and automation to strengthen your security posture. This session will showcase real-world scenarios and actionable strategies to help you protect sensitive data and simplify compliance. February 2026 Feb. 2 | 9:00am | Microsoft Sentinel | Accelerate your SIEM migration to Microsoft Sentinel Join us for an insightful webinar to discover how Microsoft Sentinel simplifies SIEM migration and enables true SOC transformation. Experience the new AI-powered SIEM migration tool that goes beyond syntax conversion—delivering advanced correlation, actionable insights, and accurate intent-based mapping for improved detection coverage and continuous optimization. Feb 4. | 8:00am | 425 Show | Introducing the Identity Risk Management Agent for Entra ID Protection Discover how the Identity Risk Management Agent for Microsoft Entra ID Protection simplifies identity defense. Learn how it analyzes risk signals, surfaces risky users, and enables one-click remediation to help teams stay ahead of identity-based threats. Feb. 10 | 8:00am | Microsoft Security Store | From Alert to Resolution: Using Security Agents to Power Real‑World SOC Workflows In this webinar, we’ll show how SOC analysts can harness security agents from Microsoft Security Store to strengthen every stage of the incident lifecycle. Through realistic SOC workflows based on everyday analyst tasks, we will follow each scenario end to end, beginning with the initial alert and moving through triage, investigation, and remediation. Along the way, we’ll demonstrate how agents in Security Store streamline signal correlation, reduce manual investigation steps, and accelerate decision‑making when dealing with three of the most common incident types: phishing attacks, credential compromise, and business email compromise (BEC), helping analysts work faster and more confidently by automating key tasks, surfacing relevant insights, and improving consistency in response actions. Feb. 12 | 8:00am | Microsoft Purview | Data Security Investigations (DSI) Introducing Microsoft Purview Data Security Investigations (DSI) Identify: Efficiently search your Microsoft 365 data estate to locate incident-relevant documents, emails, Copilot prompts and responses, and Teams messages Investigate: Use AI-powered deep content analysis enriched with activity insights to find key sensitive data and security risks within impacted data quickly. Mitigate: Collaborate with partner teams securely to mitigate identified risks and use investigation learnings to strengthen security practices. Launch DSI from its home page, Microsoft Defender XDR, Microsoft Purview Insider Risk Management, or Microsoft Purview Data Security Posture Management. Feb. 26 | 9:00am | Azure Network Security | Azure Firewall Integration with Microsoft Sentinel Learn how Azure Firewall integrates with Microsoft Sentinel to enhance threat visibility and streamline security investigations. This webinar will demonstrate how firewall logs and insights can be ingested into Sentinel to correlate network activity with broader security signals, enabling faster detection, deeper context, and more effective incident response. Looking for more? Join the Microsoft Customer Connection Program (MCCP)! As a MCCP member, you’ll gain early visibility into product roadmaps, participate in focus groups, and access private preview features before public release. You’ll have a direct channel to share feedback with engineering teams, influencing the direction of Microsoft Security products. The program also offers opportunities to collaborate and network with fellow security experts and Microsoft product teams. Join the MCCP that best fits your interests: www.aka.ms/joincommunity. Additional resources Microsoft Security Hub on Tech Community Virtual Ninja Training Courses Microsoft Security Documentation Azure Network Security GitHub Microsoft Defender for Cloud GitHub Microsoft Sentinel GitHub Microsoft Defender XDR GitHub Microsoft Defender for Cloud Apps GitHub Microsoft Defender for Identity GitHub Microsoft Purview GitHub
Artificial Intelligence & Security
Understanding Artificial Intelligence Artificial intelligence (AI) is a computational system that perform human‑intelligence tasks, learning, reasoning, problem‑solving, perception, and language understanding by leveraging algorithmic and statistical methods to analyse data and make informed decisions. Artificial Intelligence (AI) can also be abbreviated as is the simulation of human intelligence through machines programmed to learn, reason, and act. It blends statistics, machine learning, and robotics to deliver following outcomes: Prediction: The application of statistical modelling and machine learning techniques to anticipate future outcomes, such as detecting fraudulent transactions. Automation: The utilisation of robotics and artificial intelligence to streamline and execute routine processes, exemplified by automated invoice processing. Augmentation: The enhancement of human decision-making and operational capabilities through AI-driven tools, for instance, AI-assisted sales enablement. Artificial Intelligence: Core Capabilities and Market Outlook Key capabilities of AI include: Data-driven decision-making: Analysing large datasets to generate actionable insights and optimise outcomes. Anomaly detection: Identifying irregular patterns or deviations in data for risk mitigation and quality assurance. Visual interpretation: Processing and understanding visual inputs such as images and videos for applications like computer vision. Natural language understanding: Comprehending and interpreting human language to enable accurate information extraction and contextual responses. Conversational engagement: Facilitating human-like interactions through chatbots, virtual assistants, and dialogue systems. With the exponential growth of data, ML learning models and computing power. AI is advancing much faster and as According to industry analyst reports breakthroughs in deep learning and neural network architectures have enabled highly sophisticated applications across diverse sectors, including healthcare, finance, manufacturing, and retail. The global AI market is on a trajectory of significant expansion, projected to increase nearly 5X by 2030, from $391 billion in 2025 to $1.81 trillion. This growth corresponds to a compound annual growth rate (CAGR) of 35.9% during the forecast period. These projections are estimates and subject to change as per rapid growth and advancement in the AI Era. AI and Cloud Synergy AI, and cloud computing form a powerful technological mixture. Digital assistants are offering scalable, cloud-powered intelligence. Cloud platforms such as Azure provide pre-trained models and services, enabling businesses to deploy AI solutions efficiently. Core AI Workloads Capabilities Machine Learning Machine learning (ML) underpins most AI systems by enabling models to learn from historical and real-time data to make predictions, classifications, and recommendations. These models adapt over time as they are exposed to new data, improving accuracy and robustness. Example use cases: Credit risk scoring in banking, demand forecasting in retail, and predictive maintenance in manufacturing. Anomaly Detection Anomaly detection techniques identify deviations from expected patterns in data, systems, or processes. This capability is critical for risk management and operational resilience, as it enables early detection of fraud, security breaches, or equipment failures. Example use cases: Fraud detection in financial transactions, network intrusion monitoring in cybersecurity, and quality control in industrial production. Natural Language Processing (NLP) NLP focuses on enabling machines to understand, interpret, and generate human language in both text and speech formats. This capability powers a wide range of applications that require contextual comprehension and semantic accuracy. Example use cases: Sentiment analysis for customer feedback, document summarisation for legal and compliance teams, and multilingual translation for global operations. Principles of Responsible AI To ensure ethical and trustworthy AI, organisations must embrace: Reliability & Safety Privacy & Security Inclusiveness Fairness Transparency Accountability These principles are embedded in frameworks like the Responsible-AI-Standard and reinforced by governance models such as Microsoft AI Governance Framework. Responsible AI Principles and Approach | Microsoft AI AI and Security AI introduces both opportunities and risks. A responsible approach to AI security involves three dimensions: Risk Mitigation: It Is addressing threats from immature or malicious AI applications. Security Applications: These are used to enhance AI security and public safety. Governance Systems: Establishing frameworks to manage AI risks and ensure safe development. Security Risks and Opportunities Due to AI Transformation AI’s transformative nature brings new challenges: Cybersecurity: This brings the opportunities and advancement to track, detect and act against Vulnerabilities in infrastructure and learning models. Data Security: This helps the tool and solutions such as Microsoft Purview to prevent data security by performing assessments, creating Data loss prevention policies applying sensitivity labels. Information Security: The biggest risk is securing the information and due to the AI era of transformation securing IS using various AI security frameworks. These concerns are echoed in The Crucial Role of Data Security Posture Management in the AI Era, which highlights insider threats, generative AI risks, and the need for robust data governance. AI in Security Applications AI’s capabilities in data analysis and decision-making enable innovative security solutions: Network Protection: applications include use of AI algorithms for intrusion detection, malware detection, security situational awareness, and threat early warning, etc. Data Management: applications refer to the use of AI technologies to achieve data protection objectives such as hierarchical classification, leak prevention, and leak traceability. Intelligent Security: applications refer to the use of AI technology to upgrade the security field from passive defence toward the intelligent direction, developing of active judgment and timely early warning. Financial Risk Control: applications use AI technology to improve the efficiency and accuracy of credit assessment, risk management, etc., and assisting governments in the regulation of financial transactions. AI Security Management Effective AI security requires: Regulations & Policies: Establish and safety management laws specifically designed to for governance by regulatory authorities and management policies for key application domains of AI and prominent security risks. Standards & Specifications: Industry-wide benchmarks, along with international and domestic standards can be used to support AI safety. Technological Methods: Early detection with Modern set of tools such as Defender for AI can be used to support to detect and mitigate and remediate AI threats. Security Assessments: Organization should use proper tools and platforms for evaluating AI risks and perform assessments regularly using automated tools approach Conclusion AI is transforming how organizations operate, innovate, and secure their environments. As AI capabilities evolve, integrating security and governance considerations from the outset remains critical. By combining responsible AI principles, effective governance, and appropriate security measures, organizations can work toward deploying AI technologies in a manner that supports both innovation and trust. Industry projections suggest continued growth in AI‑related security investments over the coming years, reflecting increased focus on managing AI risks alongside its benefits. These estimates are subject to change and should be interpreted in the context of evolving technologies and regulatory developments. Disclaimer References to Microsoft products and frameworks are for informational purposes only and do not imply endorsement, guarantee, or contractual commitment. Market projections referenced are based on publicly available industry analyses and are subject to change.Security as the core primitive - Securing AI agents and apps
This week at Microsoft Ignite, we shared our vision for Microsoft security -- In the agentic era, security must be ambient and autonomous, like the AI it protects. It must be woven into and around everything we build—from silicon to OS, to agents, apps, data, platforms, and clouds—and throughout everything we do. In this blog, we are going to dive deeper into many of the new innovations we are introducing this week to secure AI agents and apps. As I spend time with our customers and partners, there are four consistent themes that have emerged as core security challenges to secure AI workloads. These are: preventing agent sprawl and access to resources, protecting against data oversharing and data leaks, defending against new AI threats and vulnerabilities, and adhering to evolving regulations. Addressing these challenges holistically requires a coordinated effort across IT, developers, and security leaders, not just within security teams and to enable this, we are introducing several new innovations: Microsoft Agent 365 for IT, Foundry Control Plane in Microsoft Foundry for developers, and the Security Dashboard for AI for security leaders. In addition, we are releasing several new purpose-built capabilities to protect and govern AI apps and agents across Microsoft Defender, Microsoft Entra, and Microsoft Purview. Observability at every layer of the stack To facilitate the organization-wide effort that it takes to secure and govern AI agents and apps – IT, developers, and security leaders need observability (security, management, and monitoring) at every level. IT teams need to enable the development and deployment of any agent in their environment. To ensure the responsible and secure deployment of agents into an organization, IT needs a unified agent registry, the ability to assign an identity to every agent, manage the agent’s access to data and resources, and manage the agent’s entire lifecycle. In addition, IT needs to be able to assign access to common productivity and collaboration tools, such as email and file storage, and be able to observe their entire agent estate for risks such as over-permissioned agents. Development teams need to build and test agents, apply security and compliance controls by default, and ensure AI models are evaluated for safety guardrails and security vulnerabilities. Post deployment, development teams must observe agents to ensure they are staying on task, accessing applications and data sources appropriately, and operating within their cost and performance expectations. Security & compliance teams must ensure overall security of their AI estate, including their AI infrastructure, platforms, data, apps, and agents. They need comprehensive visibility into all their security risks- including agent sprawl and resource access, data oversharing and leaks, AI threats and vulnerabilities, and complying with global regulations. They want to address these risks by extending their existing security investments that they are already invested in and familiar with, rather than using siloed or bolt-on tools. These teams can be most effective in delivering trustworthy AI to their organizations if security is natively integrated into the tools and platforms that they use every day, and if those tools and platforms share consistent security primitives such as agent identities from Entra; data security and compliance controls from Purview; and security posture, detections, and protections from Defender. With the new capabilities being released today, we are delivering observability at every layer of the AI stack, meeting IT, developers, and security teams where they are in the tools they already use to innovate with confidence. For IT Teams - Introducing Microsoft Agent 365, the control plane for agents, now in preview The best infrastructure for managing your agents is the one you already use to manage your users. With Agent 365, organizations can extend familiar tools and policies to confidently deploy and secure agents, without reinventing the wheel. By using the same trusted Microsoft 365 infrastructure, productivity apps, and protections, organizations can now apply consistent and familiar governance and security controls that are purpose-built to protect against agent-specific threats and risks. gement and governance of agents across organizations Microsoft Agent 365 delivers a unified agent Registry, Access Control, Visualization, Interoperability, and Security capabilities for your organization. These capabilities work together to help organizations manage agents and drive business value. The Registry powered by the Entra provides a complete and unified inventory of all the agents deployed and used in your organization including both Microsoft and third-party agents. Access Control allows you to limit the access privileges of your agents to only the resources that they need and protect their access to resources in real time. Visualization gives organizations the ability to see what matters most and gain insights through a unified dashboard, advanced analytics, and role-based reporting. Interop allows agents to access organizational data through Work IQ for added context, and to integrate with Microsoft 365 apps such as Outlook, Word, and Excel so they can create and collaborate alongside users. Security enables the proactive detection of vulnerabilities and misconfigurations, protects against common attacks such as prompt injections, prevents agents from processing or leaking sensitive data, and gives organizations the ability to audit agent interactions, assess compliance readiness and policy violations, and recommend controls for evolving regulatory requirements. Microsoft Agent 365 also includes the Agent 365 SDK, part of Microsoft Agent Framework, which empowers developers and ISVs to build agents on their own AI stack. The SDK enables agents to automatically inherit Microsoft's security and governance protections, such as identity controls, data security policies, and compliance capabilities, without the need for custom integration. For more details on Agent 365, read the blog here. For Developers - Introducing Microsoft Foundry Control Plane to observe, secure and manage agents, now in preview Developers are moving fast to bring agents into production, but operating them at scale introduces new challenges and responsibilities. Agents can access tools, take actions, and make decisions in real time, which means development teams must ensure that every agent behaves safely, securely, and consistently. Today, developers need to work across multiple disparate tools to get a holistic picture of the cybersecurity and safety risks that their agents may have. Once they understand the risk, they then need a unified and simplified way to monitor and manage their entire agent fleet and apply controls and guardrails as needed. Microsoft Foundry provides a unified platform for developers to build, evaluate and deploy AI apps and agents in a responsible way. Today we are excited to announce that Foundry Control Plane is available in preview. This enables developers to observe, secure, and manage their agent fleets with built-in security, and centralized governance controls. With this unified approach, developers can now identify risks and correlate disparate signals across their models, agents, and tools; enforce consistent policies and quality gates; and continuously monitor task adherence and runtime risks. Foundry Control Plane is deeply integrated with Microsoft’s security portfolio to provide a ‘secure by design’ foundation for developers. With Microsoft Entra, developers can ensure an agent identity (Agent ID) and access controls are built into every agent, mitigating the risk of unmanaged agents and over permissioned resources. With Microsoft Defender built in, developers gain contextualized alerts and posture recommendations for agents directly within the Foundry Control Plane. This integration proactively prevents configuration and access risks, while also defending agents from runtime threats in real time. Microsoft Purview’s native integration into Foundry Control Plane makes it easy to enable data security and compliance for every Foundry-built application or agent. This allows Purview to discover data security and compliance risks and apply policies to prevent user prompts and AI responses from safety and policy violations. In addition, agent interactions can be logged and searched for compliance and legal audits. This integration of the shared security capabilities, including identity and access, data security and compliance, and threat protection and posture ensures that security is not an afterthought; it’s embedded at every stage of the agent lifecycle, enabling you to start secure and stay secure. For more details, read the blog. For Security Teams - Introducing Security Dashboard for AI - unified risk visibility for CISOs and AI risk leaders, coming soon AI proliferation in the enterprise, combined with the emergence of AI governance committees and evolving AI regulations, leaves CISOs and AI risk leaders needing a clear view of their AI risks, such as data leaks, model vulnerabilities, misconfigurations, and unethical agent actions across their entire AI estate, spanning AI platforms, apps, and agents. 90% of security professionals, including CISOs, report that their responsibilities have expanded to include data governance and AI oversight within the past year. 1 At the same time, 86% of risk managers say disconnected data and systems lead to duplicated efforts and gaps in risk coverage. 2 To address these needs, we are excited to introduce the Security Dashboard for AI. This serves as a unified dashboard that aggregates posture and real-time risk signals from Microsoft Defender, Microsoft Entra, and Microsoft Purview. This unified dashboard allows CISOs and AI risk leaders to discover agents and AI apps, track AI posture and drift, and correlate risk signals to investigate and act across their entire AI ecosystem. For example, you can see your full AI inventory and get visibility into a quarantined agent, flagged for high data risk due to oversharing sensitive information in Purview. The dashboard then correlates that signal with identity insights from Entra and threat protection alerts from Defender to provide a complete picture of exposure. From there, you can delegate tasks to the appropriate teams to enforce policies and remediate issues quickly. With the Security Dashboard for AI, CISOs and risk leaders gain a clear, consolidated view of AI risks across agents, apps, and platforms—eliminating fragmented visibility, disconnected posture insights, and governance gaps as AI adoption scales. Best of all, there’s nothing new to buy. If you’re already using Microsoft security products to secure AI, you’re already a Security Dashboard for AI customer. Figure 5: Security Dashboard for AI provides CISOs and AI risk leaders with a unified view of their AI risk by bringing together their AI inventory, AI risk, and security recommendations to strengthen overall posture Together, these innovations deliver observability and security across IT, development, and security teams, powered by Microsoft’s shared security capabilities. With Microsoft Agent 365, IT teams can manage and secure agents alongside users. Foundry Control Plane gives developers unified governance and lifecycle controls for agent fleets. Security Dashboard for AI provides CISOs and AI risk leaders with a consolidated view of AI risks across platforms, apps, and agents. Added innovation to secure and govern your AI workloads In addition to the IT, developer, and security leader-focused innovations outlined above, we continue to accelerate our pace of innovation in Microsoft Entra, Microsoft Purview, and Microsoft Defender to address the most pressing needs for securing and governing your AI workloads. These needs are: Manage agent sprawl and resource access e.g. managing agent identity, access to resources, and permissions lifecycle at scale Prevent data oversharing and leaks e.g. protecting sensitive information shared in prompts, responses, and agent interactions Defend against shadow AI, new threats, and vulnerabilities e.g. managing unsanctioned applications, preventing prompt injection attacks, and detecting AI supply chain vulnerabilities Enable AI governance for regulatory compliance e.g. ensuring AI development, operations, and usage comply with evolving global regulations and frameworks Manage agent sprawl and resource access 76% of business leaders expect employees to manage agents within the next 2–3 years. 3 Widespread adoption of agents is driving the need for visibility and control, which includes the need for a unified registry, agent identities, lifecycle governance, and secure access to resources. Today, Microsoft Entra provides robust identity protection and secure access for applications and users. However, organizations lack a unified way to manage, govern, and protect agents in the same way they manage their users. Organizations need a purpose-built identity and access framework for agents. Introducing Microsoft Entra Agent ID, now in preview Microsoft Entra Agent ID offers enterprise-grade capabilities that enable organizations to prevent agent sprawl and protect agent identities and their access to resources. These new purpose-built capabilities enable organizations to: Register and manage agents: Get a complete inventory of the agent fleet and ensure all new agents are created with an identity built-in and are automatically protected by organization policies to accelerate adoption. Govern agent identities and lifecycle: Keep the agent fleet under control with lifecycle management and IT-defined guardrails for both agents and people who create and manage them. Protect agent access to resources: Reduce risk of breaches, block risky agents, and prevent agent access to malicious resources with conditional access and traffic inspection. Agents built in Microsoft Copilot Studio, Microsoft Foundry, and Security Copilot get an Entra Agent ID built-in at creation. Developers can also adopt Entra Agent ID for agents they build through Microsoft Agent Framework, Microsoft Agent 365 SDK, or Microsoft Entra Agent ID SDK. Read the Microsoft Entra blog to learn more. Prevent data oversharing and leaks Data security is more complex than ever. Information Security Media Group (ISMG) reports that 80% of leaders cite leakage of sensitive data as their top concern. 4 In addition to data security and compliance risks of generative AI (GenAI) apps, agents introduces new data risks such as unsupervised data access, highlighting the need to protect all types of corporate data, whether it is accessed by employees or agents. To mitigate these risks, we are introducing new Microsoft Purview data security and compliance capabilities for Microsoft 365 Copilot and for agents and AI apps built with Copilot Studio and Microsoft Foundry, providing unified protection, visibility, and control for users, AI Apps, and Agents. New Microsoft Purview controls safeguard Microsoft 365 Copilot with real-time protection and bulk remediation of oversharing risks Microsoft Purview and Microsoft 365 Copilot deliver a fully integrated solution for protecting sensitive data in AI workflows. Based on ongoing customer feedback, we’re introducing new capabilities to deliver real-time protection for sensitive data in M365 Copilot and accelerated remediation of oversharing risks: Data risk assessments: Previously, admins could monitor oversharing risks such as SharePoint sites with unprotected sensitive data. Now, they can perform item-level investigations and bulk remediation for overshared files in SharePoint and OneDrive to quickly reduce oversharing exposure. Data Loss Prevention (DLP) for M365 Copilot: DLP previously excluded files with sensitivity labels from Copilot processing. Now in preview, DLP also prevents prompts that include sensitive data from being processed in M365 Copilot, Copilot Chat, and Copilot agents, and prevents Copilot from using sensitive data in prompts for web grounding. Priority cleanup for M365 Copilot assets: Many organizations have org-wide policies to retain or delete data. Priority cleanup, now generally available, lets admins delete assets that are frequently processed by Copilot, such as meeting transcripts and recordings, on an independent schedule from the org-wide policies while maintaining regulatory compliance. On-demand classification for meeting transcripts: Purview can now detect sensitive information in meeting transcripts on-demand. This enables data security admins to apply DLP policies and enforce Priority cleanup based on the sensitive information detected. & bulk remediation Read the full Data Security blog to learn more. Introducing new Microsoft Purview data security capabilities for agents and apps built with Copilot Studio and Microsoft Foundry, now in preview Microsoft Purview now extends the same data security and compliance for users and Copilots to agents and apps. These new capabilities are: Enhanced Data Security Posture Management: A centralized DSPM dashboard that provides observability, risk assessment, and guided remediation across users, AI apps, and agents. Insider Risk Management (IRM) for Agents: Uniquely designed for agents, using dedicated behavioral analytics, Purview dynamically assigns risk levels to agents based on their risky handing of sensitive data and enables admins to apply conditional policies based on that risk level. Sensitive data protection with Azure AI Search: Azure AI Search enables fast, AI-driven retrieval across large document collections, essential for building AI Apps. When apps or agents use Azure AI Search to index or retrieve data, Purview sensitivity labels are preserved in the search index, ensuring that any sensitive information remains protected under the organization’s data security & compliance policies. For more information on preventing data oversharing and data leaks - Learn how Purview protects and governs agents in the Data Security and Compliance for Agents blog. Defend against shadow AI, new threats, and vulnerabilities AI workloads are subject to new AI-specific threats like prompt injections attacks, model poisoning, and data exfiltration of AI generated content. Although security admins and SOC analysts have similar tasks when securing agents, the attack methods and surfaces differ significantly. To help customers defend against these novel attacks, we are introducing new capabilities in Microsoft Defender that deliver end-to-end protection, from security posture management to runtime defense. Introducing Security Posture Management for agents, now in preview As organizations adopt AI agents to automate critical workflows, they become high-value targets and potential points of compromise, creating a critical need to ensure agents are hardened, compliant, and resilient by preventing misconfigurations and safeguarding against adversarial manipulation. Security Posture Management for agents in Microsoft Defender now provides an agent inventory for security teams across Microsoft Foundry and Copilot Studio agents. Here, analysts can assess the overall security posture of an agent, easily implement security recommendations, and identify vulnerabilities such as misconfigurations and excessive permissions, all aligned to the MITRE ATT&CK framework. Additionally, the new agent attack path analysis visualizes how an agent’s weak security posture can create broader organizational risk, so you can quickly limit exposure and prevent lateral movement. Introducing Threat Protection for agents, now in preview Attack techniques and attack surfaces for agents are fundamentally different from other assets in your environment. That’s why Defender is delivering purpose-built protections and detections to help defend against them. Defender is introducing runtime protection for Copilot Studio agents that automatically block prompt injection attacks in real time. In addition, we are announcing agent-specific threat detections for Copilot Studio and Microsoft Foundry agents coming soon. Defender automatically correlates these alerts with Microsoft’s industry-leading threat intelligence and cross-domain security signals to deliver richer, contextualized alerts and security incident views for the SOC analyst. Defender’s risk and threat signals are natively integrated into the new Microsoft Foundry Control Plane, giving development teams full observability and the ability to act directly from within their familiar environment. Finally, security analysts will be able to hunt across all agent telemetry in the Advanced Hunting experience in Defender, and the new Agent 365 SDK extends Defender’s visibility and hunting capabilities to third-party agents, starting with Genspark and Kasisto, giving security teams even more coverage across their AI landscape. To learn more about how you can harden the security posture of your agents and defend against threats, read the Microsoft Defender blog. Enable AI governance for regulatory compliance Global AI regulations like the EU AI Act and NIST AI RMF are evolving rapidly; yet, according to ISMG, 55% of leaders report lacking clarity on current and future AI regulatory requirements. 5 As enterprises adopt AI, they must ensure that their AI innovation aligns with global regulations and standards to avoid costly compliance gaps. Introducing new Microsoft Purview Compliance Manager capabilities to stay ahead of evolving AI regulations, now in preview Today, Purview Compliance Manager provides over 300 pre-built assessments for common industry, regional, and global standards and regulations. However, the pace of change for new AI regulations requires controls to be continuously re-evaluated and updated so that organizations can adapt to ongoing changes in regulations and stay compliant. To address this need, Compliance Manager now includes AI-powered regulatory templates. AI-powered regulatory templates enable real-time ingestion and analysis of global regulatory documents, allowing compliance teams to quickly adapt to changes as they happen. As regulations evolve, the updated regulatory documents can be uploaded to Compliance Manager, and the new requirements are automatically mapped to applicable recommended actions to implement controls across Microsoft Defender, Microsoft Entra, Microsoft Purview, Microsoft 365, and Microsoft Foundry. Automated actions by Compliance Manager further streamline governance, reduce manual workload, and strengthen regulatory accountability. Introducing expanded Microsoft Purview compliance capabilities for agents and AI apps now in preview Microsoft Purview now extends its compliance capabilities across agent-generated interactions, ensuring responsible use and regulatory alignment as AI becomes deeply embedded across business processes. New capabilities include expanded coverage for: Audit: Surface agent interactions, lifecycle events, and data usage with Purview Audit. Unified audit logs across user and agent activities, paired with traceability for every agent using an Entra Agent ID, support investigation, anomaly detection, and regulatory reporting. Communication Compliance: Detect prompts sent to agents and agent-generated responses containing inappropriate, unethical, or risky language, including attempts to manipulate agents into bypassing policies, generating risky content, or producing noncompliant outputs. When issues arise, data security admins get full context, including the prompt, the agent’s output, and relevant metadata, so they can investigate and take corrective action Data Lifecycle Management: Apply retention and deletion policies to agent-generated content and communication flows to automate lifecycle controls and reduce regulatory risk. Read about Microsoft Purview data security for agents to learn more. Finally, we are extending our data security, threat protection, and identity access capabilities to third-party apps and agents via the network. Advancing Microsoft Entra Internet Access Secure Web + AI Gateway - extend runtime protections to the network, now in preview Microsoft Entra Internet Access, part of the Microsoft Entra Suite, has new capabilities to secure access to and usage of GenAI at the network level, marking a transition from Secure Web Gateway to Secure Web and AI Gateway. Enterprises can accelerate GenAI adoption while maintaining compliance and reducing risk, empowering employees to experiment with new AI tools safely. The new capabilities include: Prompt injection protection which blocks malicious prompts in real time by extending Azure AI Prompt Shields to the network layer. Network file filtering which extends Microsoft Purview to inspect files in transit and prevents regulated or confidential data from being uploaded to unsanctioned AI services. Shadow AI Detection that provides visibility into unsanctioned AI applications through Cloud Application Analytics and Defender for Cloud Apps risk scoring, empowering security teams to monitor usage trends, apply Conditional Access, or block high-risk apps instantly. Unsanctioned MCP server blocking prevents access to MCP servers from unauthorized agents. With these controls, you can accelerate GenAI adoption while maintaining compliance and reducing risk, so employees can experiment with new AI tools safely. Read the Microsoft Entra blog to learn more. As AI transforms the enterprise, security must evolve to meet new challenges—spanning agent sprawl, data protection, emerging threats, and regulatory compliance. Our approach is to empower IT, developers, and security leaders with purpose-built innovations like Agent 365, Foundry Control Plane, and the Security Dashboard for AI. These solutions bring observability, governance, and protection to every layer of the AI stack, leveraging familiar tools and integrated controls across Microsoft Defender, Microsoft Entra, and Microsoft Purview. The future of security is ambient, autonomous, and deeply woven into the fabric of how we build, deploy, and govern AI systems. Explore additional resources Learn more about Security for AI solutions on our webpage Learn more about Microsoft Agent 365 Learn more about Microsoft Entra Agent ID Get started with Microsoft 365 Copilot Get started with Microsoft Copilot Studio Get started with Microsoft Foundry Get started with Microsoft Defender for Cloud Get started with Microsoft Entra Get started with Microsoft Purview Get started with Microsoft Purview Compliance Manager Sign up for a free Microsoft 365 E5 Security Trial and Microsoft Purview Trial 1 Bedrock Security, 2025 Data Security Confidence Index, published Mar 17, 2025. 2 AuditBoard & Ascend2, Connected Risk Report 2024; as cited by MIT Sloan Management Review, Spring 2025. 3 KPMG AI Quarterly Pulse Survey | Q3 2025. September 2025. n= 130 U.S.-based C-suite and business leaders representing organizations with annual revenue of $1 billion or more 4 First Annual Generative AI study: Business Rewards vs. Security Risks, , Q3 2023, ISMG, N=400 5 First Annual Generative AI study: Business Rewards vs. Security Risks, Q3 2023, ISMG, N=400Microsoft Ignite 2025: Top Security Innovations You Need to Know
🤖 Security & AI -The Big Story This Year 2025 marks a turning point for cybersecurity. Rapid adoption of AI across enterprises has unlocked innovation but introduced new risks. AI agents are now part of everyday workflows-automating tasks and interacting with sensitive data—creating new attack surfaces that traditional security models cannot fully address. Threat actors are leveraging AI to accelerate attacks, making speed and automation critical for defense. Organizations need solutions that deliver visibility, governance, and proactive risk management for both human and machine identities. Microsoft Ignite 2025 reflects this shift with announcements focused on securing AI at scale, extending Zero Trust principles to AI agents, and embedding intelligent automation into security operations. As a Senior Cybersecurity Solution Architect, I’ve curated the top security announcements from Microsoft Ignite 2025 to help you stay ahead of evolving threats and understand the latest innovations in enterprise security. Agent 365: Control Plane for AI Agents Agent 365 is a centralized platform that gives organizations full visibility, governance, and risk management over AI agents across Microsoft and third-party ecosystems. Why it matters: Unmanaged AI agents can introduce compliance gaps and security risks. Agent 365 ensures full lifecycle control. Key Features: Complete agent registry and discovery Access control and conditional policies Visualization of agent interactions and risk posture Built-in integration with Defender, Entra, and Purview Available via the Frontier Program Microsoft Agent 365: The control plane for AI agents Deep dive blog on Agent 365 Entra Agent ID: Zero Trust for AI Identities Microsoft Entra is the identity and access management suite (covering Azure AD, permissions, and secure access). Entra Agent ID extends Zero Trust identity principles to AI agents, ensuring they are governed like human identities. Why it matters: Unmanaged or over-privileged AI agents can create major security gaps. Agent ID enforces identity governance on AI agents and reduces automation risks. Key Features: Provides unique identities for AI agents Lifecycle governance and sponsorship for agents Conditional access policies applied to agent activity Integrated with open SDKs/APIs for third‑party platforms Microsoft Entra Agent ID Overview Entra Ignite 2025 announcements Public Preview details Security Copilot Expansion Security Copilot is Microsoft’s AI assistant for security teams, now expanded to automate threat hunting, phishing triage, identity risk remediation, and compliance tasks. Why it matters: Security teams face alert fatigue and resource constraints. Copilot accelerates response and reduces manual effort. Key Features: 12 new Microsoft-built agents across Defender, Entra, Intune, and Purview. 30+ partner-built agents available in the Microsoft Security Store. Automates threat hunting, phishing triage, identity risk remediation, and compliance tasks. Included for Microsoft 365 E5 customers at no extra cost. Security Copilot inclusion in Microsoft 365 E5 Security Copilot Ignite blog Security Dashboard for AI A unified dashboard for CISOs and risk leaders to monitor AI risks, aggregate signals from Microsoft security services, and assign tasks via Security Copilot - included at no extra cost. Why it matters: Provides a single pane of glass for AI risk management, improving visibility and decision-making. Key Features: Aggregates signals from Entra, Defender, and Purview Supports natural language queries for risk insights Enables task assignment via Security Copilot Ignite Session: Securing AI at Scale Microsoft Security Blog Microsoft Defender Innovations Microsoft Defender serves as Microsoft’s CNAPP solution, offering comprehensive, AI-driven threat protection that spans endpoints, email, cloud workloads, and SIEM/SOAR integrations. Why It Matters Modern attacks target multi-cloud environments and software supply chains. These innovations provide proactive defense, reduce breach risks before exploitation, and extend protection beyond Microsoft ecosystems-helping organizations secure endpoints, identities, and workloads at scale. Key Features: Predictive Shielding: Proactively hardens attack paths before adversaries pivot. Automatic Attack Disruption: Extended to AWS, Okta, and Proofpoint via Sentinel. Supply Chain Security: Defender for Cloud now integrates with GitHub Advanced Security. What’s new in Microsoft Defender at Ignite Defender for Cloud innovations Global Secure Access & AI Gateway Part of Microsoft Entra’s secure access portfolio, providing secure connectivity and inspection for web and AI traffic. Why it matters: Protects against lateral movement and AI-specific threats while maintaining secure connectivity. Key Features: TLS inspection, URL/file filtering AI Prompt Injection protection Private access for domain controllers to prevent lateral movement attacks. Learn about Secure Web and AI Gateway for agents Microsoft Entra: What’s new in secure access on the AI frontier Purview Enhancements Microsoft Purview is the data governance and compliance platform, ensuring sensitive data is classified, protected, and monitored. Why it matters: Ensures sensitive data remains protected and compliant in AI-driven environments. Key Features: AI Observability: Monitor agent activities and prevent sensitive data leakage. Compliance Guardrails: Communication compliance for AI interactions. Expanded DSPM: Data Security Posture Management for AI workloads. Announcing new Microsoft Purview capabilities to protect GenAI agents Intune Updates Microsoft Intune is a cloud-based endpoint device management solution that secures apps, devices, and data across platforms. It simplifies endpoint security management and accelerates response to device risks using AI. Why it matters: Endpoint security is critical as organizations manage diverse devices in hybrid environments. These updates reduce complexity, speed up remediation, and leverage AI-driven automation-helping security teams stay ahead of evolving threats. Key Features: Security Copilot agents automate policy reviews, device offboarding, and risk-based remediation. Enhanced remote management for Windows Recovery Environment (WinRE). Policy Configuration Agent in Intune lets IT admins create and validate policies with natural language What’s new in Microsoft Intune at Ignite Your guide to Intune at Ignite Closing Thoughts Microsoft Ignite 2025 signals the start of an AI-driven security era. From visibility and governance for AI agents to Zero Trust for machine identities, automation in security operations, and stronger compliance for AI workloads-these innovations empower organizations to anticipate threats, simplify governance, and accelerate secure AI adoption without compromising compliance or control. 📘 Full Coverage: Microsoft Ignite 2025 Book of NewsMicrosoft Security Store: Now Generally Available
When we launched the Microsoft Security Store in public preview on September 30, our goal was simple: make it easier for organizations to discover, purchase, and deploy trusted security solutions and AI agents that integrate seamlessly with Microsoft Security products. Today, Microsoft Security Store is generally available—with three major enhancements: Embedded where you work: Security Store is now built into Microsoft Defender, featuring SOC-focused agents, and into Microsoft Entra for Verified ID and External ID scenarios like fraud protection. By bringing these capabilities into familiar workflows, organizations can combine Microsoft and partner innovation to strengthen security operations and outcomes. Expanded catalog: Security Store now offers more than 100 third-party solutions, including advanced fraud prevention, forensic analysis, and threat intelligence agents. Security services available: Partners can now list and sell services such as managed detection and response and threat hunting directly through Security Store. Real-World Impact: What We Learned in Public Preview Thousands of customers explored Microsoft Security Store and tried a growing catalog of agents and SaaS solutions. While we are at the beginning of our journey, customer feedback shows these solutions are helping teams apply AI to improve security operations and reduce manual effort. Spairliners, a cloud-first aviation services joint venture between Air France and Lufthansa, strengthened identity and access controls by deploying Glueckkanja’s Privileged Admin Watchdog to enforce just-in-time access. “Using the Security Store felt easy, like adding an app in Entra. For a small team, being able to find and deploy security innovations in minutes is huge.” – Jonathan Mayer, Head of Innovation, Data and Quality GTD, a Chilean technology and telecommunications company, is testing a variety of agents from the Security Store: “As any security team, we’re always looking for ways to automate and simplify our operations. We are exploring and applying the world of agents more and more each day so having the Security Store is convenient—it’s easy to find and deploy agents. We’re excited about the possibilities for further automation and integrations into our workflows, like event-triggered agents, deeper Outlook integration, and more." – Jonathan Lopez Saez, Cybersecurity Architect Partners echoed the momentum they are seeing with the Security Store: “We’re excited by the early momentum with Security Store. We’ve already received multiple new leads since going live, including one in a new market for us, and we have multiple large deals we’re looking to drive through Security Store this quarter.” - Kim Brault, Head of Alliances, Delinea “Partnering with Microsoft through the Security Store has unlocked new ways to reach enterprise customers at scale. The store is pivotal as the industry shifts toward AI, enabling us to monetize agents without building our own billing infrastructure. With the new embedded experience, our solutions appear at the exact moment customers are looking to solve real problems. And by working with Microsoft’s vetting process, we help provide customers confidence to adopt AI agents” – Milan Patel, Co-founder and CEO, BlueVoyant “Agents and the Microsoft Security Store represent a major step forward in bringing AI into security operations. We’ve turned years of service experience into agentic automations, and it’s resonating with customers—we’ve been positively surprised by how quickly they’re adopting these solutions and embedding our automated agentic expertise into their workflows.” – Christian Kanja, Founder and CEO of glueckkanja New at GA: Embedded in Defender, Entra—Security Solutions right where you work Microsoft Security Store is now embedded in the Defender and Entra portals with partner solutions that extend your Microsoft Security products. By placing Security Store in front of security practitioners, it’s now easier than ever to use the best of partner and Microsoft capabilities in combination to drive stronger security outcomes. As Dorothy Li, Corporate Vice President of Security Copilot and Ecosystem put it, “Embedding the Security Store in our core security products is about giving customers access to innovative solutions that tap into the expertise of our partners. These solutions integrate with Microsoft Security products to complete end-to-end workflows, helping customers improve their security” Within the Microsoft Defender portal, SOC teams can now discover Copilot agents from both Microsoft and partners in the embedded Security Store, and run them all from a single, familiar interface. Let’s look at an example of how these agents might help in the day of the life of a SOC analyst. The day starts with Watchtower (BlueVoyant) confirming Sentinel connectors and Defender sensors are healthy, so investigations begin with full visibility. As alerts arrive, the Microsoft Defender Copilot Alert Triage Agent groups related signals, extracts key evidence, and proposes next steps; identity related cases are then validated with Login Investigator (adaQuest), which baselines recent sign-in behavior and device posture to cut false positives. To stay ahead of emerging campaigns, the analyst checks the Microsoft Threat Intelligence Briefing Agent for concise threat rundowns tied to relevant indicators, informing hunts and temporary hardening. When HR flags an offboarding, GuardianIQ (People Tech Group) correlates activity across Entra ID, email, and files to surface possible data exfiltration with evidence and risk scores. After containment, Automated Closing Comment Generator (Ascent Global Inc.) produces clear, consistent closure notes from Defender incident details, keeping documentation tight without hours of writing. Together, these Microsoft and partner agents maintain platform health, accelerate triage, sharpen identity decisions, add timely threat context, reduce insider risk blind spots, and standardize reporting—all inside the Defender portal. You can read more about the new agents available in the Defender portal in this blog. In addition, Security Store is now integrated into Microsoft Entra, focused on identity-centric solutions. Identity admins can discover and activate partner offerings for DDoS protection, intelligent bot defense, and government ID–based verification for account recovery —all within the Entra portal. With these capabilities, Microsoft Entra delivers a seamless, multi-layered defense that combines built-in identity protection with best-in-class partner technologies, making it easier than ever for enterprises to strengthen resilience against modern identity threats. Learn more here. Levent Besik, VP of Microsoft Entra, shared that “This sets a new benchmark for identity security and partner innovation at Microsoft. Attacks on digital identities can come from anywhere. True security comes from defense in depth, layering protection across the entire user journey so every interaction, from the first request to identity recovery, stays secure. This launch marks only the beginning; we will continue to introduce additional layers of protection to safeguard every aspect of the identity journey” New at GA: Services Added to a Growing Catalog of Agents and SaaS For the first time, partners can offer their security services directly through the Security Store. Customers can now find, buy, and activate managed detection and response, threat hunting, and other expert services—making it easier to augment internal teams and scale security operations. Every listing has a MXDR Verification that certifies they are providing next generation advanced threat detection and response services. You can browse all the services available at launch here, and read about some of our exciting partners below: Avanade is proud to be a launch partner for professional services in the Microsoft Security Store. As a leading global Microsoft Security Services provider, we’re excited to make our offerings easier to find and help clients strengthen cyber defenses faster through this streamlined platform - Jason Revill, Avanade Global Security Technology Lead ProServeIT partnering with Microsoft to have our offers in the Microsoft Security Store helps ProServeIT protect our joint customers and allows us to sell better with Microsoft sellers. It shows customers how our technology and services support each other to create a safe and secure platform - Eric Sugar, President Having Reply’s security services showcased in the Microsoft Security Store is a significant milestone for us. It amplifies our ability to reach customers at the exact point where they evaluate and activate Microsoft security solutions, ensuring our offerings are visible alongside Microsoft’s trusted technologies. Notable New Selections Since public preview, the Security Store catalog has grown significantly. Customers can now choose from over 100 third-party solutions, including 60+ SaaS offerings and 50+ Security Copilot agents, with new additions every week. Recent highlights include Cisco Duo and Rubrik: Cisco Duo IAM delivers comprehensive, AI-driven identity protection combining MFA, SSO, passwordless and unified directory management. Duo IAM seamlessly integrates across the Microsoft Security suite—enhancing Entra ID with risk-based authentication and unified access policy management across cloud and on-premises applications seamlessly in just a few clicks. Intune for device compliance and access enforcement. Sentinel for centralized security monitoring and threat detection through critical log ingestion about authentication events, administrator actions, and risk-based alerts, providing real-time visibility across the identity stack. Rubrik's data security platform delivers complete cyber resilience across enterprise, cloud, and SaaS alongside Microsoft. Through the Microsoft Sentinel integration, Rubrik’s data management capabilities are combined with Sentinel’s security analytics to accelerate issue resolution, enabling unified visibility and streamlined responses. Furthermore, Rubrik empowers organizations to reduce identity risk and ensure operational continuity with real-time protection, unified visibility and rapid recovery across Microsoft Active Directory and Entra ID infrastructure. The Road Ahead This is just the beginning. Microsoft Security Store will continue to make it even easier for customers to improve their security outcomes by tapping into the innovation and expertise of our growing partner ecosystem. The momentum we’re seeing is clear—customers are already gaining real efficiencies and stronger outcomes by adopting AI-powered agents. As we work together with partners, we’ll unlock even more automation, deeper integrations, and new capabilities that help security teams move faster and respond smarter. Explore the Security Store today to see what’s possible. For a more detailed walk-through of the capabilities, read our previous public preview Tech Community post If you’re a partner, now is the time to list your solutions and join us in shaping the future of security.
Start Secure and Stay Secure on your AI Agent Journey with Microsoft Defender
Introduction The power of AI agents is their autonomy – their ability to understand context, dynamically adjust workflows, orchestrate tooling, and act with little to no human interaction. But that same autonomous decision-making amplifies security risks. Not only are we seeing a geometric rise in the volume of agents being added to our workforce, but the attack techniques and surface area these agents introduce are fundamentally different than anything before. Analysts expect more than 1.3 billion agents will be in operation by 2028. To put that into perspective, if they were their own country today, they would rank 3rd in population, behind only India and China. The proliferation of pro-code, low-code, and no-code agent-building platforms is further democratizing agent creation and will continue to drive the massive growth we expect in the coming years. These new waves of AI tinkerers, many without extensive developer-level security knowledge, have the potential to introduce additional risks without even realizing it. Today, we are excited to announce new capabilities in Microsoft Defender that help security administrators and security analysts manage agent risks and threats, as part of Microsoft Agent 365. Security teams will now benefit from a unified approach to manage posture and protect against threats across the AI agent lifecycle. Introducing AI Agent security within Microsoft Defender At Ignite 2025, Microsoft Defender is announcing the preview of unified posture management and threat protection for AI agents. These new agent security capabilities will be added to existing product experiences, as well as Microsoft Agent 365. This evolution broadens Defender’s AI security capabilities to cover agentic AI services on pro-code platforms like Microsoft Foundry and low-code/no-code environments such as Copilot Studio. AI security posture management for Microsoft Foundry agents, as well as threat protection for Copilot Studio agents, are now in preview. Threat protection for Microsoft Foundry agents will be available soon. Core Capabilities 1. Comprehensive Visibility for AI Agents Gain a unified, risk-based inventory of AI agents across Microsoft Foundry and Copilot Studio to eliminate blind spots and reduce shadow agents. Defender consolidates metadata, instructions, identities, and connected tools—helping security administrators manage sprawl and maintain control. Unlike point solutions, Defender’s posture, alerts, and response capabilities cover the entire AI stack within a unified portal and experience. AI agent inventory in Defender 2. Risk Reduction for AI Agents Defender strengthens posture by identifying misconfigurations, excessive permissions, and insecure instructions. AI security posture recommendations and detailed attack path analysis contextualize how weak spots from Microsoft Foundry agents form broader risks for the organization, enabling proactive remediation before breaches occur. Pre-built advanced hunting queries help security teams spot potential vulnerabilities within Copilot Studio agents. 2: Attack path analysis for AI agents 3. Threat Protection for AI Agents The rise of AI agents introduces entirely new threats that traditional security tools aren’t equipped to handle, including prompt injection and privilege compromise. Attackers can exploit an agent’s language understanding with manipulative inputs that evade classic defenses, demanding fresh approaches to security. Defender is expanding its threat protections for generative AI to include new protection for AI agent-specific threats. New jailbreak attempt alerts and real-time blocking of unsafe tool invocation for Copilot Studio agents are automatically correlated with broader threat signals and insights from the industry-leading Microsoft Threat Intelligence, to deliver contextual alerts and incident-level visibility. Similar detections for Microsoft Foundry agents will also be available in preview soon. 3: Threat protection for AI agents Above-mentioned threat signals are further contextualized within Microsoft Defender and Sentinel, seamlessly connecting Microsoft’s security, AI, and DevOps platforms like Microsoft Defender, Foundry, Copilot Studio, and GitHub Advanced Security, helping organizations start secure and shift AI security farther left. Additionally, Defender is expanding the threat hunting experience to include logs for Copilot Studio, Azure Foundry, and agents built on third-party agent builder platforms through the A365 SDK. This enhancement will provide security teams with even more insight into agentic threats and incident context. Customer Scenarios With these capabilities, customers can protect AI agents better with these specific use cases: Gain visibility and insight: Eliminate shadow agents and unify AI asset management across multi-cloud platforms. • Conduct risk reduction: Understand vulnerabilities with posture recommendations and prioritize proactive hardening with attack-path analysis. • Threat protection: Monitor runtime activity for malicious patterns, block prompt injection attacks, and correlate signals for incident context. What Sets Defender Apart AI agents are just one of many potential threat vectors within your organization that attackers may target. Unlike point solutions, Defender offers build-to-runtime protection across the AI stack—models, agents, SaaS apps, and cloud infrastructure. The power of this unified approach is that it extends beyond AI. Correlating security posture, attack paths, and alerts across endpoints, identities, applications, cloud infrastructure, and other signals helps security practitioners better understand threats and coordinate response within a single experience, reducing complexity and enabling continuous security. Looking Ahead Microsoft remains committed to helping customers start secure and stay secure on their AI journey. Join us at Microsoft Ignite either live or in person to learn more about these and other announcements. To learn more about our news, join us live at Microsoft Ignite 2025: BRK264 From Risk to Resilience: Secure your AI Agents with Microsoft Defender BRK267 End-to-end security for your AI platforms, apps, and agents BRK268 Secure Azure AI Foundry agents with Microsoft Security And read about our other Ignite 2025 announcement from Microsoft Defender for Cloud and Microsoft Defender. Learn more about the AI Security Posture Management capabilities within Defender Cloud Security Posture Management.
Know MCP risks before you deploy!
The Model Context Protocol (MCP) is emerging as a powerful standard for enabling AI agents to interact with tools and data. However, like any evolving technology, MCP introduces new security challenges that organizations must address before deploying it in production environments. Major MCP Vulnerabilities MCP’s flexibility comes with risks. Here are the most critical vulnerabilities: Prompt Injection Attackers embed hidden instructions in user input, manipulating the model to trigger unauthorized MCP actions and bypass safety rules. Tool Poisoning Malicious MCP servers provide misleading tool descriptions or parameters, tricking agents into leaking sensitive data or executing harmful commands. Remote Code Execution Untrusted servers can inject OS-level commands through compromised endpoints, enabling full control over the host environment. Unauthenticated Access Rogue MCP servers bypass authentication and directly call sensitive tools, extracting internal data without user consent. Confused Deputy (OAuth Proxy) A malicious server misuses OAuth tokens issued for a trusted agent, performing unauthorized actions under a legitimate identity. MCP Configuration Poisoning Attackers silently modify approved configuration files so agents execute malicious commands as if they were part of the original setup. Token or Credential Theft Plaintext MCP config files expose API keys, cloud credentials, and access tokens, making them easy targets for malware or filesystem attacks. Path Traversal Older MCP filesystem implementations allow navigation outside the intended directory, exposing sensitive project or system files. Token Passthrough Some servers blindly accept forwarded tokens, allowing compromised agents to impersonate other services without validation. Session Hijacking Session IDs appearing in URLs can be captured from logs or redirects and reused to access active sessions. Current Known Limitations While MCP is promising, it has structural limitations that organizations must plan for: Lack of Native Tool Authenticity Verification There is no built-in mechanism to verify if a tool or server is genuine. Trust relies on external validation, increasing exposure to tool poisoning attacks. Weak Context Isolation Multi-session environments risk cross-contamination, where sensitive data from one session leaks into another. Limited Built-In Encryption Enforcement MCP depends on HTTPS/TLS for secure communication but does not enforce encryption across all channels by default. Monitoring & Auditing Gaps MCP lacks native logging and auditing capabilities. Organizations must integrate with external SIEM tools like Microsoft Sentinel for visibility. Dynamic Registration Risks Current implementations allow dynamic client registration without granular controls, enabling rogue client onboarding. Scalability Constraints Large-scale deployments require manual tuning for performance and security. There is no standardized approach for load balancing or high availability. Configuration Management Challenges Credentials often stored in plaintext within MCP config files. Lack of automated secret rotation or secure vault integration makes them vulnerable. Limited Standardization Across Vendors MCP is still evolving, and interoperability between different implementations is inconsistent, creating integration complexity. Mitigation Best Practices To reduce risk and strengthen MCP deployments: Enforce OAuth 2.1 with PKCE and strong RBAC. Use HTTPS/TLS for all MCP communications. Deploy MCP servers in isolated networks with private endpoints. Validate tools before integration; avoid untrusted sources. Integrate with Microsoft Defender for Cloud and Sentinel for monitoring. Encrypt and rotate credentials; never store in plaintext. Implement policy-as-code for configuration governance. MCP opens new possibilities for AI-driven automation, but without robust security, it can become an attack vector. Organizations must start with a secure baseline, continuously monitor, and adopt best practices to operationalize MCP safely.Ignite your future with new security skills during Microsoft Ignite 2025
Ignite your future with new security skills during Microsoft Ignite 2025 AI and cloud technologies are reshaping every industry. Organizations need professionals who can secure AI solutions, modernize infrastructure, and drive innovation responsibly. Ignite brings together experts, learning, and credentials to help you get skilled for the future. Take on the Secure and Govern AI with Confidence Challenge Start your journey with the Azure Skilling Microsoft Challenge. These curated challenges help you practice real-world scenarios and earn recognition for your skills. One of the challenges featured is the Secure and Govern AI with Confidence challenge. This challenge helps you: Implement AI governance frameworks. Configure responsible AI guardrails in Azure AI Foundry. Apply security best practices for AI workloads. Special Offer: Be among the first 5,000 participants to complete this challenge and receive a discounted certification exam voucher—a perfect way to validate your skills and accelerate your career. Completing this challenge earns you a badge and prepares you for advanced credentials—ideal for anyone looking to lead in AI security. Join the challenge today! Validate Your Expertise with this new Microsoft Applied Skill. Applied Skills assessments are scenario-based, so you demonstrate practical expertise—not just theory. Earn the Secure AI Solutions in the Cloud credential—a job-ready validation of your ability to: Configure security for AI services using Microsoft Defender for Cloud. Implement governance and guardrails in Azure AI Foundry. Protect sensitive data and ensure compliance across AI workloads. This applied skill is designed for professionals who want to lead in AI security, accelerate career growth, and stand out in a competitive market. To learn how to prepare and take the applied skill, visit here. Your Next Steps: Security Plans Ignite isn’t just about live sessions—it’s about giving you on-demand digital content and curated learning paths so you can keep building skills long after the event ends. With 15 curated security plans that discuss topics such as controlling access with Microsoft Entra and securing your organization’s data, find what is relevant to you on Microsoft Ignite: Keep the momentum going page.GenAI vs Cyber Threats: Why GenAI Powered Unified SecOps Wins
Cybersecurity is evolving faster than ever. Attackers are leveraging automation and AI to scale their operations, so how can defenders keep up? The answer lies in Microsoft Unified Security Operations powered by Generative AI (GenAI). This opens the Cybersecurity Paradox: Attackers only need one successful attempt, but defenders must always be vigilant, otherwise the impact can be huge. Traditional Security Operation Centers (SOCs) are hampered by siloed tools and fragmented data, which slows response and creates vulnerabilities. On average, attackers gain unauthorized access to organizational data in 72 minutes, while traditional defense tools often take on average 258 days to identify and remediate. This is over eight months to detect and resolve breaches, a significant and unsustainable gap. Notably, Microsoft Unified Security Operations, including GenAI-powered capabilities, is also available and supported in Microsoft Government Community Cloud (GCC) and GCC High/DoD environments, ensuring that organizations with the highest compliance and security requirements can benefit from these advanced protections. The Case for Unified Security Operations Unified security operations in Microsoft Defender XDR consolidates SIEM, XDR, Exposure management, and Enterprise Security Posture into a single, integrated experience. This approach allows the following: Breaks down silos by centralizing telemetry across identities, endpoints, SaaS apps, and multi-cloud environments. Infuses AI natively into workflows, enabling faster detection, investigation, and response. Microsoft Sentinel exemplifies this shift with its Data Lake architecture (see my previous post on Microsoft Sentinel’s New Data Lake: Cut Costs & Boost Threat Detection), offering schema-on-read flexibility for petabyte-scale analytics without costly data rehydration. This means defenders can query massive datasets in real time, accelerating threat hunting and forensic analysis. GenAI: A Force Multiplier for Cyber Defense Generative AI transforms security operations from reactive to proactive. Here’s how: Threat Hunting & Incident Response GenAI enables predictive analytics and anomaly detection across hybrid identities, endpoints, and workloads. It doesn’t just find threats—it anticipates them. Behavioral Analytics with UEBA Advanced User and Entity Behavior Analytics (UEBA) powered by AI correlates signals from multi-cloud environments and identity providers like Okta, delivering actionable insights for insider risk and compromised accounts. [13 -Micros...s new UEBA | Word] Automation at Scale AI-driven playbooks streamline repetitive tasks, reducing manual workload and accelerating remediation. This frees analysts to focus on strategic threat hunting. Microsoft Innovations Driving This Shift For SOC teams and cybersecurity practitioners, these innovations mean you spend less time on manual investigations and more time leveraging actionable insights, ultimately boosting productivity and allowing you to focus on higher-value security work that matters most to your organization. Plus, by making threat detection and response faster and more accurate, you can reduce stress, minimize risk, and demonstrate greater value to your stakeholders. Sentinel Data Lake: Unlocks real-time analytics at scale, enabling AI-driven threat detection without rehydration costs. Microsoft Sentinel data lake overview UEBA Enhancements: Multi-cloud and identity integrations for unified risk visibility. Sentinel UEBA’s Superpower: Actionable Insights You Can Use! Now with Okta and Multi-Cloud Logs! Security Copilot & Agentic AI: Harnesses AI and global threat intelligence to automate detection, response, and compliance across the security stack, enabling teams to scale operations and strengthen Zero Trust defenses defenders. Security Copilot Agents: The New Era of AI, Driven Cyber Defense Sector-Specific Impact All sectors are different, but I would like to focus a bit on the public sector at this time. This sector and critical infrastructure organizations face unique challenges: talent shortages, operational complexity, and nation-state threats. GenAI-centric platforms help these sectors shift from reactive defense to predictive resilience, ensuring mission-critical systems remain secure. By leveraging advanced AI-driven analytics and automation, public sector organizations can streamline incident detection, accelerate response times, and proactively uncover hidden risks before they escalate. With unified platforms that bridge data silos and integrate identity, endpoint, and cloud telemetry, these entities gain a holistic security posture that supports compliance and operational continuity. Ultimately, embracing generative AI not only helps defend against sophisticated cyber adversaries but also empowers public sector teams to confidently protect the services and infrastructure their communities rely on every day. Call to Action Artificial intelligence is driving unified cybersecurity. Solutions like Microsoft Defender XDR and Sentinel now integrate into a single dashboard, consolidating alerts, incidents, and data from multiple sources. AI swiftly correlates information, prioritizes threats, and automates investigations, helping security teams respond quickly with less manual work. This shift enables organizations to proactively manage cyber risks and strengthen their resilience against evolving challenges. Picture a single pane of glass where all your XDRs and Defenders converge, AI instantly shifts through the noise, highlighting what matters most so teams can act with clarity and speed. That may include: Assess your SOC maturity and identify silos. Use the Security Operations Self-Assessment Tool to determine your SOC’s maturity level and provide actionable recommendations for improving processes and tooling. Also see Security Maturity Model from the Well-Architected Framework Explore Microsoft Sentinel, Defender XDR, and Security Copilot for AI-powered security. Explains progressive security maturity levels and strategies for strengthening your security posture. What is Microsoft Defender XDR? - Microsoft Defender XDR and What is Microsoft Security Copilot? Design Security in Solutions from Day One! Drive embedding security from the start of solution design through secure-by-default configurations and proactive operations, aligning with Zero Trust and MCRA principles to build resilient, compliant, and scalable systems. Design Security in Solutions from Day One! Innovate boldly, Deploy Safely, and Never Regret it! Upskill your teams on GenAI tools and responsible AI practices. Guidance for securing AI apps and data, aligned with Zero Trust principles Build a strong security posture for AI About the Author: Hello Jacques "Jack” here! I am a Microsoft Technical Trainer focused on helping organizations use advanced security and AI solutions. I create and deliver training programs that combine technical expertise with practical use, enabling teams to adopt innovations like Microsoft Sentinel, Defender XDR, and Security Copilot for stronger cyber resilience. #SkilledByMTT #MicrosoftLearnSecurity Copilot Agents: The New Era of AI, Driven Cyber Defense
With increasing cyber threats, security teams require intelligent agents that adapt and operate throughout the security stack, not just automation. Key statistics from our Microsoft Digital Defense Report 2024 which highlights this concerning trend of Cybersecurity threats: Over 600 million cyberattacks per day targeting Microsoft customers 2.75x increase in ransomware attacks year-over-year 400% surge in tech scams since 2022 Growing collaboration between cybercriminals and nation-state actors In my previous blogs, I explored how AI agents are transforming security operations in Microsoft Defender XDR, Intune, and Entra: Phishing Triage Agent in Defender XDR: Say Goodbye to False Positives and Analyst Fatigue Intune AI Agent: Instant Threat Defense, Invisible Protection Conditional Access Optimization Agent in Microsoft Entra Security Copilot Today, I’ll discuss how Security Copilot, Copilot for Azure in Azure, Defender for Cloud, and Security Copilot Agents in Microsoft Purview use AI to transform security, compliance, and efficiency across the Microsoft ecosystem. What Are Security Copilot Agents? Security Copilot Agents are modular, AI-driven assistants embedded in Microsoft’s security platforms. They automate, high-volume repetitive tasks, deliver actionable insights, and streamline incident responses. By leveraging large language models (LLMs), Microsoft’s global threat intelligence, and your organization’s data, these agents empower security teams to work smarter and faster. Microsoft Security Copilot agents overview Agents are available in both standalone and embedded experiences and can be discovered and configured directly within product portals like Defender, Sentinel, Entra, Intune, and Purview. Why Security Copilot Agents Matter Security Copilot Agents represent a paradigm shift in cyber defense: Automation at Scale: They handle high-volume repetitive tasks, freeing up human expertise for strategic initiatives. Adaptive Intelligence: Agents learn from feedback, adapt to workflows, and operate securely within Microsoft’s Zero Trust framework. Operational Efficiency: By reducing manual workloads, agents accelerate response, prioritize risks, and strengthen security posture. Microsoft Security Copilot Frequently Asked Questions Security Copilot Agents in Azure and Defender for Cloud Azure and Defender for Cloud now feature embedded Security Copilot and Copilot for Azure that help security professionals analyze, summarize, remediate, and delegate recommendations using natural language prompts. This integration streamlines security management by: Risk Exploration: Agents help admins identify misconfigured resources and focus on those posing critical risks, using natural language queries. Accelerated Remediation: Agents generate remediation scripts and automate pull requests, enabling rapid fixes for vulnerabilities. Noise Reduction: By filtering through alerts and recommendations, agents help teams focus on the most impactful remediations. Unified Experience: Security Copilot and Copilot for Azure work together to provide context, explain recommendations, and guide implementation steps, all within the Defender for Cloud portal. Microsoft Security Copilot in Defender for Cloud Security Copilot Agents in Microsoft Purview Microsoft Purview leverages Security Copilot agents to automate and scale Data Loss Prevention (DLP) and Insider Risk Management workflows. Here are more details: Alert Triage Agent (DLP): Evaluates alerts based on sensitivity, exfiltration, and policy risk, sorting them into actionable categories. Alert Triage Agent (Insider Risk): Assesses user, file, and activity risk, prioritizing alerts for investigation. Managed Alert Queue: Agents sift out high-risk activities from lower-risk noise, improving response time and team efficiency. Comprehensive Explanations: Agents provide clear logic behind alert categorization, supporting transparency and compliance. Deployment: Enabling Security Copilot can be done in: Azure portal https://portal.azure.com Security Copilot portal https://securitycopilot.microsoft.com. Security Copilot requires per-seat licenses for human users, while all agent operations are billed by Security Compute Units (SCUs) on a pay-as-you-go basis. Agents do not need separate per-seat licenses; their costs depend solely on SCU consumption, and they typically run under a service or managed identity in the Copilot environment. Security Copilot Agent Responsible AI FAQ Security Copilot Agents: Unified Across the Microsoft Security Ecosystem Security Copilot Agents automate intelligence and security orchestration across Microsoft’s ecosystem, including Defender, Sentinel, Entra, Intune, Azure, Purview, Threat Intelligence, and Office. Their unified design enables consistent protection, swift responses, and scalable automation for security teams. Operating across multiple platforms, these agents provide comprehensive coverage and efficient threat response. End-to-End Visibility: Agents correlate signals across domains, providing context, rich insights and automating common workflows. Custom Agent Creation: Teams can build custom agents using no-code tools, tailoring automation to their unique environments. Marketplace Integration: The new Security Store allows organizations to browse, deploy, and manage agents alongside conventional security tools, streamlining procurement and governance. Intune AI Agents: Device and Endpoint Management Intune AI Agents automate device compliance and endpoint security. They monitor configuration drift, remediate vulnerabilities, and enforce security baselines across managed devices. By correlating device signals with threat intelligence, these agents proactively identify risks and recommend mitigation actions, reducing manual workload and accelerating incident response. Defender for Cloud AI Agents: Threat Detection and Response Defender for Cloud AI Agents continuously analyze cloud workloads, network traffic, and user behavior to detect threats and suspicious activities. They automate alert triage, escalate high-risk events, and coordinate remediation actions across hybrid environments. Integration with other Copilot Agents ensures unified protection and rapid containment of cloud-based threats. Conditional Access Optimization Agent: Policy Automation The Conditional Access Optimization Agent evaluates authentication patterns, risk signals, and user activity to recommend and enforce adaptive access policies. It automates policy updates based on real-time threat intelligence, ensuring that only authorized users access sensitive resources while minimizing friction for legitimate users. Azure AI Agents: Cloud Security and Automation Azure AI Agents provide automated monitoring, configuration validation, and vulnerability management across cloud resources. They integrate with Defender for Cloud and Sentinel, enabling cross-platform correlation of security events and orchestration of incident response workflows. These agents help maintain compliance, optimize resource usage, and enforce best practices. Purview AI Agents: Compliance and Data Protection Purview AI Agents automate data classification, information protection, and compliance management for AI-powered applications and Copilot experiences. They enforce retention policies, flag sensitive data handling, and ensure regulatory compliance across organizational data assets. Their integration supports transparent security controls and audit-ready reporting. Phishing Triage Defender for Office AI Agents: Email Threat Automation Defender for Office AI Agents specialize in identifying, categorizing, and responding to phishing attempts. They analyze email metadata, attachments, and user interactions to detect malicious campaigns, automate alerting, and initiate containment actions. By streamlining phishing triage, these agents reduce investigation times and enhance protection against targeted attacks. Threat Intelligence Briefing Agent: Contextual Security Insights The Threat Intelligence Briefing Agent aggregates global threat intelligence, correlates it with local signals, and delivers actionable briefings to security teams. It highlights emerging risks, prioritizes vulnerabilities, and recommends remediation based on organizational context. This agent empowers teams with timely, relevant insights to anticipate and counter evolving threats. Marketplace Integration and Custom Agent Creation Organizations can leverage the Security Store to discover, deploy, and manage agents tailored to their specific needs. No-code tools facilitate custom agent creation, enabling rapid automation of unique workflows and seamless integration with existing security infrastructure. Getting Started To deploy Security Copilot Agents across the enterprise, make sure to Check Licensing: Ensure you have the required subscriptions and SCUs provisioned. Enable Agents: Use product portals to activate agents and configure settings. Integrate Across Products: Link agents for enhanced threat detection, compliance, and automated response. Monitor and Optimize: Use dashboards and reports to track effectiveness and refine policies. About the Author: Hi! Jacques “Jack” here, Microsoft Technical Trainer. As a technical trainer, I’ve seen firsthand how Security Copilot Agents accelerate secure modernization and empower teams to stay ahead of threats. Whether you’re optimizing identity protection, automating phishing triage, or streamlining endpoint remediation, these agents are your AI, powered allies in building a resilient security posture. #MicrosoftLearn #SkilledByMTT #MTTBloggingGroup
