[DigitalToday reporter Chi-gyu Hwang (황치규)] Microsoft has unveiled a large batch of security updates as part of efforts to respond to the spread of AI agents.

SiliconANGLE reported on March 22 that the update spans agent governance, identity protection, data security, cloud and endpoint defense, and AI-based security operations capabilities.

Microsoft’s view is that AI agents should be treated not just as applications to be protected but as a core security layer. It said that as AI agents take on larger roles within companies, they need central controls for agent governance, stronger identity protection, tighter data protection and autonomous security operations.

The centrepiece of the update is Microsoft Agent 365, set for general release on May 1. It is a control platform where IT, security and business teams can manage AI agents deployed across an enterprise in one place. It integrates Defender, Entra and Purview functions to support managing agent access rights, blocking excessive data sharing and defending against new threats in the AI era. Microsoft will offer Agent 365 bundled with Microsoft 365 E7: The Frontier Suite.

Microsoft also introduced new tools to enhance observability. The Security Dashboard for AI, which shows organisation-wide AI risk on one screen for chief information security officers and security teams, is now generally available. Entra Internet Access Shadow AI Detection, due for general release on March 31, detects the use of unregistered AI applications at the network layer. An Intune App Inventory update that shows installed software, including AI-enabled apps, will launch in May.

Microsoft also strengthened identity management features. It released in preview an Entra directory object automatic backup and recovery function, as well as tenant governance features that identify unmanaged Entra tenants and apply policies across multi-tenant environments.

It also added synced passkeys, passkey profiles and Windows Hello native Entra passkey integration. Entra external multi-factor authentication is now generally available.

On data security, Microsoft embedded Purview functions directly into AI workflows. This prevents sensitive information such as personally identifiable information and credit card numbers from being included in AI prompts or used in web-based processing. The feature, which integrates Purview with Copilot control systems, will launch in April, and customised data security reports will be offered in preview on March 31.

The update also expands the security stack. Entra Internet Access Prompt Injection Protection, which blocks malicious AI prompt injection attacks through network policies, will be generally available on March 31. Defender for Cloud adds enhanced container security features in preview, and its posture management coverage for Amazon Web Services and Google Cloud Platform will expand in an April preview.

Microsoft is also accelerating automation of security operations. As part of that, it integrated Security Copilot into Microsoft 365 E5 and E7. It plans to roll out a Security Analyst Agent in preview on March 26 and a Security Alert Triage Agent in preview in April. It will also upgrade its existing security information and event management platform, Microsoft Sentinel, and reorganise it as a central pillar of an AI-based security strategy.