Security

Microsoft Agentic AI Security Tools Unveiled at RSAC

3 min read

Summary

At RSAC 2026, Microsoft introduced a broader security strategy for enterprise AI, led by Agent 365, a new control plane for governing and protecting AI agents that will reach general availability on May 1. The company also announced expanded AI risk visibility and identity protections across Defender, Entra, Purview, Intune, and new shadow AI detection tools, signaling that securing AI usage is becoming a core part of enterprise security operations as adoption accelerates.

Audio Summary

0:00--:--
Need help with Security?Talk to an Expert

Introduction

Agentic AI is moving quickly from experimentation to enterprise deployment, and that creates a new set of security challenges for IT and security teams. At RSAC 2026, Microsoft outlined an end-to-end strategy for securing AI agents, the infrastructure they rely on, and the data and identities they touch.

What’s new

Agent 365 reaches general availability soon

Microsoft confirmed that Agent 365 will be generally available on May 1. Positioned as a control plane for agents, it is designed to help IT, security, and business teams observe, secure, and govern AI agents at scale.

Key capabilities highlighted include:

  • Integration with Microsoft Defender, Entra, and Purview
  • Controls to secure agent access
  • Protections to reduce data oversharing
  • Support for defending against emerging AI threats

Agent 365 is included in Microsoft 365 E7: The Frontier Suite.

New visibility into AI risk across the enterprise

Microsoft is adding several tools to improve AI discovery and risk awareness:

  • Security Dashboard for AI is now generally available, providing centralized visibility into AI-related risk.
  • Entra Internet Access Shadow AI Detection becomes generally available on March 31, helping identify unmanaged AI app usage at the network layer.
  • Enhanced Intune app inventory arrives in May, adding visibility into AI-enabled apps installed on devices.

Entra expands identity protection

Microsoft Entra gains several new and updated capabilities for modern identity security:

  • Entra Backup and Recovery for directory resilience is in preview.
  • Entra Tenant Governance helps discover shadow Entra tenants and improve multi-tenant governance, also in preview.
  • Synced passkeys and passkey profiles are generally available.
  • Windows Hello integration for Entra passkeys is in preview.
  • External MFA integration is now generally available.
  • Adaptive risk remediation is generally available in April.
  • A new identity security dashboard and identity risk score in Microsoft Defender are in preview.

Purview adds AI-aware data protection

To address data leakage and oversharing in AI workflows, Microsoft announced:

  • Expanded Purview DLP for Microsoft 365 Copilot, generally available March 31
  • Purview embedded in Copilot Control System, generally available in April
  • Customizable data security reports, available in preview March 31

Why this matters for IT admins

These announcements show Microsoft treating AI as a full security domain rather than a feature add-on. For administrators, the big takeaway is that AI governance, identity, endpoint visibility, and data protection are becoming more tightly integrated across the Microsoft stack.

Organizations already deploying Copilot, AI apps, or autonomous agents should expect increased scrutiny around shadow AI, access policies, and data handling. The new dashboards and controls could help reduce blind spots while supporting safer AI adoption.

Next steps

  • Review whether Agent 365 fits your AI governance strategy.
  • Enable or evaluate new Entra identity protections, especially passkeys and adaptive remediation.
  • Prepare for Shadow AI Detection and updated Intune app inventory to identify unmanaged AI usage.
  • Assess Purview DLP policies for Copilot and other AI-related workflows.
  • Brief security and compliance teams on Microsoft’s broader agentic AI security model.

Need help with Security?

Our experts can help you implement and optimize your Microsoft solutions.

Talk to an Expert

Stay updated on Microsoft technologies

Read the original article by Vasu Jakkal
Securityagentic AIMicrosoft EntraMicrosoft PurviewMicrosoft Defender

Related Posts

Security

Dirty Frag Linux Vulnerability Raises Root Risk

Microsoft has warned of active exploitation involving the newly disclosed Dirty Frag Linux local privilege escalation vulnerability, which can help attackers move from a low-privileged account to root. The issue affects kernel networking components such as esp4, esp6, and rxrpc, making it especially important for administrators to review module exposure, restrict local access, and prepare for vendor kernel patches.

Security

AI Agent RCE Flaws in Semantic Kernel Explained

Microsoft Defender researchers disclosed two fixed vulnerabilities in Semantic Kernel that could let prompt injection escalate into host-level remote code execution in AI agents. The findings matter because they show how unsafe tool parameter handling in agent frameworks can turn natural language inputs into code execution paths, raising the stakes for organizations building or securing AI-powered apps.

Security

Microsoft Entra Passkeys: 2026 Passwordless Updates

Microsoft outlined major passkey and account recovery updates across Entra ID, Windows, External ID, and Microsoft Password Manager as part of World Passkey Day. The changes matter for IT teams because they expand phishing-resistant sign-in options, improve recovery security, and continue the retirement of weaker authentication methods such as security questions.

Security

Microsoft AI SOC Report 2026: KuppingerCole Leader

Microsoft says it has been named an Overall Leader and Market Leader in KuppingerCole Analysts’ 2026 Emerging AI Security Operations Center report. The announcement highlights Microsoft’s push beyond traditional SOAR toward AI-driven, agent-assisted security operations in Sentinel and Security Copilot to help SOC teams improve speed, consistency, and scale.

Security

ClickFix macOS Campaign Delivers Infostealers

Microsoft has identified a new ClickFix-style campaign targeting macOS users with fake troubleshooting and utility instructions hosted on blogs and content platforms. Instead of downloading apps, victims are tricked into running Terminal commands that bypass typical macOS app checks and deploy infostealers such as Macsync, SHub Stealer, and AMOS.

Security

AiTM Phishing Campaign Targets Microsoft 365 Users

Microsoft has detailed a large-scale adversary-in-the-middle (AiTM) phishing campaign that used fake code-of-conduct investigations to steal authentication tokens. The attack combined polished social engineering, staged CAPTCHA pages, and a legitimate Microsoft sign-in flow, highlighting why phishing-resistant protections and stronger email defenses matter.