AI agents assist with security tasks, but they themselves must also be secured. With new features in Defender, Entra, and Purview, Microsoft aims to help organizations centrally manage AI agents, protect identities, and secure sensitive data. The announcements were made ahead of the RSAC Conference in San Francisco.
The RSA announcements focus on securing AI agents, which Microsoft bundles into a dedicated layer. These are AI systems that are performing tasks within organizations with increasing autonomy. Specifically, this involves new functionality in Microsoft Defender, Entra, and Purview, supplemented by improvements in Security Copilot and Microsoft Sentinel. Microsoft states that AI agents should no longer be treated as ordinary applications but require a separate security layer.
Central to the announcements is Agent 365, a control plane for AI agents that will become generally available on May 1. The platform provides IT, security, and business teams with a centralized overview of all AI agents deployed within an organization. We previously saw the launch of Agent 365 as a control center for AI agents. Microsoft bundles the platform into Microsoft 365 E7, which was recently introduced as the biggest licensing change in a decade.
Visibility and governance over AI agents
In addition to Agent 365, Microsoft is also introducing a Security Dashboard for AI, now generally available. This dashboard provides CISOs and security teams with a consolidated view of AI-related risks within their organization. Furthermore, Microsoft is launching Entra Internet Access Shadow AI Detection, available starting March 31, to detect unmanaged AI usage at the network level. Enhanced Intune App Inventory will follow in May for deeper visibility into installed AI apps.
Identity, data, and attack protection
In the area of identity, Microsoft is adding new Entra features, including Entra Backup and Recovery (in preview) and Entra Tenant Governance for multi-tenant environments. Passkey support is being expanded with native integration into Windows Hello. For data, Microsoft is introducing new Purview features that allow organizations to block sensitive information such as personal data and credit card numbers in AI prompts. According to Microsoft’s own security blog, sensitive data moves through AI workflows faster than policies can keep up.
Security Copilot and Sentinel as a line of defense
Microsoft is now integrating Security Copilot by default into Microsoft 365 E5 and E7. Last year , Microsoft introduced AI agents for Security Copilot that automate repetitive security tasks. New additions include a Security Analyst Agent in Defender (preview starting March 26) and a Security Alert Triage Agent for cloud and identity alerts. Microsoft Sentinel is positioned as an “agentless defense platform” with new data combination capabilities via Microsoft Fabric.