Microsoft Corp. today detailed a broad set of security updates and enhancements aimed at helping enterprises secure the rise of agentic artificial intelligence — while arguing that the industry needs to start treating AI agents as a new core security layer rather than simply another application to protect.

The announcements, made ahead of the annual RSAC Conference in San Francisco, cover agent governance, identity protection, data security and cloud and endpoint defense and are complemented with new AI-powered security operations capabilities.

Taken together, they show Microsoft trying to define security for the agentic AI era as an end-to-end architecture rather than a collection of point products. The company is suggesting that as AI agents take on more responsibility inside enterprises, organizations will need centralized controls for agent governance, stronger identity protections, tighter data safeguards and increasingly autonomous security operations to keep up.

Leading the list of updates is the forthcoming general availability on May 1 of Microsoft Agent 365, a control plane for agents designed to give information technology, security and business teams centralized visibility and governance over AI agents deployed across the enterprise. The offering includes Microsoft Defender, Entra and Purview capabilities that are intended to help organizations manage agent access, reduce data oversharing and defend against emerging AI-era threats.

Microsoft is packaging Agent 365 into Microsoft 365 E7: The Frontier Suite along with Microsoft 365 Copilot, Microsoft Entra Suite and Microsoft 365 E5, which includes various advanced Microsoft Security capabilities to deliver comprehensive protection.

The company is also pitching a larger “secure foundations” strategy that focuses on the infrastructure, identities, data flows and services that AI systems depend on. Microsoft argues that as AI adoption accelerates, enterprises need continuous visibility into where AI is being used, how it is being accessed and where new forms of risk are starting to emerge.

To address the issues that arise from AI adoption, Microsoft is expanding its visibility tooling with a number of new offerings. The offerings include Security Dashboard for AI, now generally available, which is designed to give chief information security officers and security teams a unified view of AI-related risks across their organizations.

Microsoft is also launching Entra Internet Access Shadow AI Detection, generally available March 31, to identify previously unknown AI applications at the network layer and surface unmanaged AI usage. Another forthcoming service, called Enhanced Intune App Inventory due in May, is meant to provide more in-depth visibility into installed software, including AI-enabled apps, to support remediation of high-risk tools.

Identity capabilities

On the identity front, Microsoft is adding new Entra capabilities to strengthen resilience and governance while modernizing authentication.

New features include Entra Backup and Recovery, now in preview, for automated backup of Entra directory objects. Entra Tenant Governance, also in preview, is designed to help organizations discover unmanaged Entra tenants and apply policy across multitenant environments.

Microsoft is also adding new passkey features, including synced passkeys and passkey profiles and native Entra passkey integration into Windows Hello. Another new feature, Entra external multifactor authentication, is now generally available and Entra adaptive risk remediation is due to become generally available in April.

The company is also introducing unified identity security features in preview, including a new identity security dashboard in Microsoft Defender and a new identity risk score.

The identity additions see Microsoft tightening the link between identity governance and broader security operations.

Data controls

On the data side, Microsoft detailed new Purview features that put security controls directly into AI workflows.

The new features will allow organizations to block sensitive information, such as personally identifiable information, credit card numbers and custom data types in prompts, from being processed or used for web grounding. Purview embedded in the Copilot Control System, due in April, will provide a view of AI-related data risk inside the Microsoft 365 Admin Center.

Customizable data security reports are also set to arrive in preview March 31, with a goal to give organizations tighter oversight of how business data is exposed to and used by AI systems.

Security features

Microsoft is also extending its security stack across endpoints, cloud workloads and AI services.

New capabilities include Entra Internet Access prompt injection protection, a service designed to protect against malicious AI prompts using network-level policies across applications and agents. The prompt injection capability will be generally available March 31.

For Defender for Cloud, Microsoft is adding enhanced container security with binary drift and antimalware prevention in preview. It is also expanding posture management coverage for Amazon Web Services and Google Cloud Platform in preview in April.

Another service currently in preview, Defender predictive shielding, is designed to dynamically adjust identity and access policies during active attacks as part of Microsoft’s wider push to make defenses more adaptive as AI-driven threats become faster and more automated.

Microsoft is also making a strong push around agentic defense, using AI agents to help security teams respond faster. Microsoft Security Copilot is now integrated into Microsoft 365 E5 and E7. It’s rolling out new and enhanced security agents across Defender, Entra and Purview.

New agents include a Security Analyst Agent in Microsoft Defender, available in preview March 26 and a Security Alert Triage Agent that extends automated analysis and prioritization beyond phishing into cloud and identity alerts, with preview availability in April.

The company is also expanding its Conditional Access Optimization Agent in Entra and enhancing Purview’s Data Security Posture Agent and Data Security Triage Agent.

Microsoft Sentinel, the company’s existing security information and event management and security orchestration, automation and response solution, is also getting an upgrade. Microsoft is positioning it as an “agentic defense platform” that unifies context, automates workflows and standardizes governance across security tools. The changes are designed to make Sentinel a more central layer in Microsoft’s broader AI-driven security strategy.

New capabilities include data federation powered by Microsoft Fabric and a playbook generator that uses natural language orchestration. Microsoft is also adding granular delegated administrator privileges, unified role-based access control and custom graphs powered by Fabric.

Additionally, a new Model Context Protocol entity analyzer is set to become generally available in April. Security Store integration in Purview and Entra is set to become generally available March 31.

Microsoft will be demonstrating its new releases at the RSAC Conference March 23-26.

Photo: Wikimedia Commons