Microsoft Strengthens AI Security to Reduce Enterprise Risks

Microsoft Strengthens AI Security to Reduce Enterprise Risks

Next week marks the 35th anniversary of the RSAC conference, a key event where the security community addresses new challenges and opportunities. As we reach this milestone, Agentic AI is rapidly transforming industries, and 80% of Fortune 500 companies are already using agents.  

At the same time, we are witnessing a critical shift in AI-powered attacks, where agents act as dangerous double agents. CIOs, CISOs, and other security leaders urgently face unprecedented security challenges. The Immediate Questions column: How can they monitor, manage, and secure agents, protect core systems, and leverage agentic AI to aggressively defend organizations against evolving threats?  

Trust and security are the foundation of trust in this new era of agentic AI; security must be built into every part of the AI system. With secure, agentic AI, organizations benefit from both greater productivity and proactive defense against threats as agents efficiently accomplish tasks. Security should work in the background and on its own, just like the AI it protects. This is our vision: making security the core of any AI stack.  

Register today for RSAC 2026 and see firsthand how Microsoft Security tools and expertise can help you secure Agentic AI, protect your organization, and empower your teams to stay ahead of evolving threats.  

Secure Agents 

Earlier this month, we urgently announced that Agent 365 will be available to everyone on May 1. Agent 365 is the essential platform for managing agents, giving IT, security, and business teams the critical tools and insight needed to monitor. Monitor, secure, and manage agents at scale with the trusted systems you can rely on now. It also delivers crucial new features from Microsoft, Defender, Intra, and Purview to urgently secure agent access, prevent risky data oversharing, and proactively guard against emerging threats.  

Agent 365 comes with Microsoft 365 E7, the Frontier Suite, along with Microsoft 365 Copilot, Microsoft Entra, and Microsoft 365 E5. These include advanced Microsoft security features to provide your organization with complete protection.  

Secure Your Foundations. 

In addition to securing agents, it’s important to take an all-encompassing approach to AI security. To protect agentic AI, we need to secure the systems it relies on as well as the people who develop and use it. At RSAC 2026, we are launching new features to help you see the risks across your organization, secure identities with adaptive access controls, protect sensitive data in AI workflows, and respond to threats quickly and at scale.  

Gain Visibility Into Risks Across Your Enterprise 

As more organizations use AI, it’s more important than ever to have ongoing visibility into AI risks across your environment, from agents to apps and services. Meeting this need with new tools that show you where AI is present, how it’s being used, and where your risk might be increasing. These new features include visibility into AI-related risks across the organization.  

  • Entra Internet Access Shadow AI detection monitors network activity to locate AI applications that have not been previously identified by an organization. It highlights instances of unsanctioned AI tools, providing visibility into unmanaged AI use that could pose security risks. It is generally available as of March 31.  
  • Enhanced InTune app inventory extends its reach and visibility into the apps installed on your devices, including AI-enabled apps, to support targeted remediation of high-risk software. Generally available in May.  

Secure Identities With Continuous Adaptive Access 

Identity is the core of modern security, often the main target in any environment, and the first line of defense. With Microsoft Intra, you can secure access and strengthen identity protection with new features that help you improve your identity setup, manage tenants better, update authentication, and make smarter access decisions.  

  • Entra-tenant governance enables organizations to find and manage intra-tenants that are not currently under central IT governance. It establishes policies and ensures management consistency across multiple tenants, helping reduce shadow IT risks. This feature is now available in preview.  
  • Entra now offers synced passkeys and passkey profiles, giving users more flexibility to move between devices. Organizations that want more control can still use device-bound passkeys.  
  • Entra passkeys are also now built into Windows Halo, making secure, phishing-resistant authentication easier on Windows devices. Sync passkeys and profiles are available now, and Windows Hello integration is in preview. Connect external MFA providers directly with Microsoft Intra so they can leverage pre-existing MFA investments or use highly specialized MFA methods now generally available.  
  • Entra adaptive risk remediation helps users restore account access independently after a lockout or risk-based challenge by selecting from a range of authentication methods. The system adapts its prompts based on the user’s authentication progress. This self-service solution will be available in April.  
  • Unified identity security covers your entire identity setup, including systems, infrastructure, control systems, and threat monitoring and response, all designed for quick action and instant decisions. The new identity security dashboard in Microsoft Defender provides key insights for both human and non-human identities, helping you respond faster. The new identity risk score aggregates risk signals from different accounts to provide a clear view of user risk for instant access decisions and security investigations. Now available in preview.  

Secure Sensitive Data Across AI Workflows 

As AI becomes part of daily work, sensitive data moves through prompts, responses, and grounding flows; sometimes, files and policies keep up with security teams, so there is no need to see how AI handles data or to prevent leaks. Microsoft now adds data security into the AI control system, giving organizations risk insights, real-time enforcement, and confidence to use AI responsibly. New Microsoft Purview Features Intrude:  

  • Expanded purview data loss prevention for Microsoft 365 Copilot helps block sensitive information such as PII, credit card numbers, and custom data types from being processed or used for web scraping. Generally available March 31.  
  • Purview, embedded in Copilot Control System, integrates AI data risk insights into the Microsoft 365 Admin Center. This gives administrators a single view of AI data handling risks across their organization. General availability is planned in April.  
  • Preview customizable data security reports, tailored reporting, and drill-downs to prioritized data security risks available in preview on March 31.  

Protect Your Endpoints, Cloud, and AI Services From Threats. 

Security teams need always-on protection that detects threats early and automatically contains them. Microsoft is introducing predictive shielding to limit impact and reduce exposure, strengthening container security, and offering network protection against harmful AI prompts.  

  • Intra Internet Access now blocks harmful AI prompts in apps and agents by using network-wide policies. This feature will be available starting on March 31.  
  • The improved Defender for cloud container security now includes binary drift detection and antimalware protection to close gaps that attackers might exploit in container environments. This is now available in preview.  
  • Defender for Cloud Posture Management now covers more ground and supports both Amazon Web Services and Google Cloud Platform. It gives security recommendations and compliance insights concerning new resources. This will be available in preview in April.  
  • Defender predictive shielding can adjust identity and access policies in real time during attacks, helping reduce exposure and limit damage. This feature is now in preview.  

Defend With Agents And Experts 

Today’s defense platforms require security agents embedded in daily workflows, supported by expertise and full security services as needed.  

Agents Integrated Into Everyday Security Tasks 

Security teams work best when they get targeted help right where and when they need it. As alerts and investigations come across identities, data, endpoints, and cloud workloads, AI-powered tools should work alongside defenders. With Security Copilot now part of Microsoft 365 E5 and E7, defenders get agents built into daily security and IT operations to speed responses and reduce manual work, so they can focus on what matters most.  

Here are some of the new agents now available  

  • The security analyst in Microsoft Defender helps analysts quickly investigate threats by supplying relevant background information and step-by-step investigative guidance. It will be available in preview starting March 26, 2026.  
  • The security alert triage agent in Microsoft Defender builds on the phishing triage agent and now also handles cloud and identity alerts. It analyzes, categorizes, prioritizes, and automatically resolves routine low-priority alerts, reducing manual effort for security teams. This will be in preview in April.  
  • The conditional access optimization agent in Microsoft Intra is a tool that enhances identity security by providing context-aware recommendations, deeper analysis, and staged rollout. The agent itself is generally available, while its new features are in preview.  
  • The Security Posture Agent in Microsoft Purview enhancements include a credential scanning capability that can proactively detect credential exposure. Now available in preview.  
  • The data security triage agent in Microsoft Purview now includes an advanced AI reasoning layer and improved handling of custom sensitive information types (SITs), resulting in better alert triage. The agent is generally available, and the new features will be in preview on March 31.  
  • Over 15 new partner-built agents extend Security Copilot with additional capabilities, all available in the Security Store.  

Scale With An Agentic Defense Platform 

Microsoft is expanding Sentinel, its agent-based defense platform, to help you grow your security more efficiently. This update offers unified context, automated workflows, and standardized access governance and deployment across security tools.  

  • Sentinel Data Federation, powered by Microsoft Fabric, lets you investigate external security data directly in Databricks, Microsoft Fabric, and Azure Data Lake Storage while keeping governance in place. This is now in preview.  
  • The Sentinel Playbook Generator uses natural language to accelerate investigations and automate complex workflows.s. This feature is now available in preview.  
  • Administrator privileges and unified role-centric access control enabled secure, scalable management for partners and enterprise customers. Through cross-tenant collaboration, now available in preview.  
  • The security store is now built into Purview and Entra, so you can easily find and deploy agents right from your current security tool. This will be available starting March 31.  
  • Sentinel custom graphs powered by Microsoft Fabric enable views unique to your organization of relationships across your environment. The Sentinel Model Context Protocol (MCP) Entity Analyzer automates and speeds up responses using natural language and flexible coding. It will be generally available in April.  

Strengthen With Experts. 

Even the most experienced security teams sometimes need extra support, whether it’s handling a sophisticated attack or a complex investigation. Having experts work alongside your team can make a real difference. The Microsoft Defender Experts Suite offers services such as technical advice, managed extended detection and response (MXDR), and full incident response to help you protect against advanced cyberattacks, build lasting resilience, and modernize your security operations with confidence.  

Use Zero Trust Principles for AI Security. 

Zero trust is based on three main ideas. Consistently verify, use the least privilege needed, and assume a breach could happen as AI becomes a bigger part of your environment from the models you use to the data they process and the agents that act for you. Keeping to these principles is more important than ever. At RSAC 2026, we are expanding our zero trust approach to cover the entire AI life cycle from data collection and model training to how agents behave after deployment. We are also making it easier to put these ideas into practice with an updated Zero Trust for AI reference guide, a workshop, an assessment tool, and new articles on best practices to help you strengthen your security.  

Source: Secure agentic AI end-to-end