At Ignite 2025, Microsoft revealed a strategic shift toward securing not just users and devices, but the emerging workforce of AI agents that now carry out business-critical tasks. Security stakes have never been higher the more AI becomes embedded in every layer of the modern enterprise. The updates announced this year will redefine how organisations will govern identity, protect data and maintain trust in an AI driven world. In this blog we will be highlighting the key security advancements unveiled at Ignite and why they matter for anyone building, deploying or securing AI in the enterprise.
Agent 365: Governance for the New Era of AI Agents
Agent 365 is a brand-new governance platform built to manage AI agents across an organization. With companies rapidly deploying agents for automation, analysis and workflow support, Agent 365 provides the security foundation needed to keep everything visible and controlled. This is the biggest step yet toward treating AI agents like first-class entities within the enterprise security perimeter.
Agent 365 includes:
- A central agent registry to identify every agent
- Risk-based access control so agents only access what they need
- Security and compliance tooling powered by Defender, Entra and Purview
- Visual insights showing how agents interact with data, people and other agents
Entra Agent ID: Identity for AI
Microsoft have also introduced Entra Agent ID which is a new identity type created specifically for AI agents. This brings AI agents under the same identity and access governance principles used for human users, dramatically reducing risks from unmanaged or over-privileged automation.
Every agent built in Copilot Studio will now receive its own identity, making it:
- Discoverable
- Governable
- Auditable
- Subject to lifecycle management
Real-Time Monitoring for Agent Activity
AI governance doesn’t stop at identity. Microsoft is adding real-time monitoring during agent execution, allowing security teams to detect threats while an agent is running. Organisations can connect Microsoft Defender, Third-party monitoring tools and custom detection engine which overall helps identify:
- Prompt-injection attempts
- Abnormal behaviour
- Suspicious data access
- Unexpected task execution
Baseline Security Mode
Microsoft announced the general availability of Baseline Security Mode (BSM) to help organizations strengthen their security posture. This is valuable for organizations without dedicated security teams, ensuring the environment is secured using proven baseline best practices. BSM includes:
- Curated, Microsoft-recommended security configurations
- Simulation tools to preview the impact of changes
- Guided remediation workflows
- Consistent enforcement across Microsoft 365
Securing the Software Supply Chain
Microsoft has released a new preview integration between Microsoft Defender for Cloud and GitHub Advanced Security. These include AI-powered remediation to speed up fixes and reduce manual effort.
- Defender for Cloud + GitHub Advanced Security creates a continuous loop between development and runtime security that allows the most critical alerts to be prioritised and fixed first.
- Copilot Autofix and GitHub Copilot coding agents automatically generate and validate vulnerability fixes
Purview Enhancements
Microsoft Purview have received several updates that directly address emerging AI and data risks. This includes:
- AI-powered Data Security Investigations – Purview offers deeper visibility into how agents use data, helping teams to track data access patterns or identify risky agent behaviour.
- Expanded DLP and Insider Risk Management for AI-driven environments – Purview can now enforce data loss prevention policies on Copilot prompts to prevent accidental data leakage through AI interactions.
- Adaptive Protection and DSPM for unified risk management – Purview DSPM can detect and fix overshared SharePoint links that reduce the risk of excessive data exposure.
Security Copilot Agents
Microsoft have expanded its AI-driven security operations with new Security Copilot agents and have over 100 third-party security solutions now available. These new agents help security teams analyse sensitive data locations, uncover exposure risks and triage alerts faster. This includes fraud prevention, forensics and posture auditing tools. The agents are:
- Data Security Posture Agent (Preview)
- Data Security Alert Triage Agent (GA)
What This Means for Your Organisation
These new updates have put a new light on security as it is no longer about just users and devices. Organizations now must focus on governing AI agents, protecting data throughout its lifecycle and securing software from code to runtime. With that said, it is key for organisations to adopt these new capabilities early to be better positioned to innovate safely, reduce risk and maintain trust in an increasingly automated and AI-enabled workplace.
How We Can Help
Our team can help you:
- Assess your current AI and cloud security posture
- Deploy Microsoft’s new security features quickly and effectively
- Ensure compliance and reduce risks across AI agents, data and software supply chains
If you’d like to discuss any of the above, please speak to your Business Development Manager, call us on +44 345 249 3303 or email us at microsoft@infinigate.cloud , and we’ll be happy to chat through any of your questions.