It’s the right question, and it’s the one we’ve been working to answer by updating the tools and guidance you already rely on. We’re announcing Microsoft’s approach to Zero Trust for AI (ZT4AI). Zero Trust for AI extends proven Zero Trust principles to the full AI lifecycle—from data ingestion and model training to deployment and agent behavior. Today, we’re releasing a new set of tools and guidance to help you move forward with confidence:

• A new AI pillar in the Zero Trust Workshop.
• Updated Data and Networking pillars in the Zero Trust Assessment tool.
• A new Zero Trust reference architecture for AI.
• Practical patterns and practices for securing AI at scale.

Here’s what’s new and how to use it.

Why Zero Trust principles must extend to AI

AI systems don’t fit neatly into traditional security models. They introduce new trust boundaries—between users and agents, models and data, and humans and automated decision-making. As organizations adopt autonomous and semi-autonomous AI agents, a new class of risk emerges: agents that are overprivileged, manipulated, or misaligned can act like “double agents,” working against the very outcomes they were built to support.

By applying three foundational principles of Zero Trust to AI:

• Verify explicitly—Continuously evaluate the identity and behavior of AI agents, workloads, and users.
• Apply least privilege—Restrict access to models, prompts, plugins, and data sources to only what’s needed.
• Assume breach—Design AI systems to be resilient to prompt injection, data poisoning, and lateral movement.

These aren’t new principles. What’s new is how we apply them systematically to AI environments.

A unified journey: Strategy → assessment → implementation

The most common challenge we hear from security leaders and practitioners is a lack of a clear, structured path from knowing what to do to doing it. That’s what Microsoft’s approach to Zero Trust for AI is designed to solve—to help you get to next steps and actions, quickly.

Zero Trust Workshop—now with an AI pillar

Building on last year’s announcement, the Zero Trust Workshop has been updated with a dedicated AI pillar, now covering 700 security controls across 116 logical groups and 33 functional swim lanes. It is scenario-based and prescriptive, designed to move teams from assessment to execution with clarity and speed.

The workshop helps organizations:

• Align security, IT, and business stakeholders on shared outcomes.
• Apply Zero Trust principles across all pillars, including AI.
• Explore real-world AI scenarios and the specific risks they introduce.
• Identify cross-product integrations that break down silos and drive measurable progress.

The new AI pillar specifically evaluates how organizations secure AI access and agent identities, protect sensitive data used by and generated through AI, monitor AI usage and behavior across the enterprise, and govern AI responsibly in alignment with risk and compliance objectives.

Zero Trust Assessment—expanded to Data and Networking

As AI agents become more capable, the stakes around data and network security have never been higher. Agents that are insufficiently governed can expose sensitive data, act on malicious prompts, or leak information in ways that are difficult to detect and costly to remediate. Data classification, labeling, governance, and loss prevention are essential controls. So are network-layer defenses that inspect agent behavior, block prompt injections, and prevent unauthorized data exposure.

Yet, manually evaluating security configurations across identity, endpoints, data, and network controls is time consuming and error prone. That is why we built the Zero Trust Assessment to automate it. The Zero Trust Assessment evaluates hundreds of controls aligned to Zero Trust principles, informed by learnings from Microsoft’s Secure Future Initiative (SFI). Today, we are adding Data and Network as new pillars alongside the existing Identity and Devices coverage.

Zero Trust Assessment tests are derived from trusted industry sources including:

• Industry standards such as the National Institute of Standards and Technology (NIST), the Cybersecurity and Infrastructure Security Agency (CISA), and the Center for Internet Security (CIS).
• Microsoft’s own learnings from SFI.
• Real-world customer insights from thousands of security implementations.

And we are not stopping here. A Zero Trust Assessment for AI pillar is currently in development and will be available in summer 2026, extending automated evaluation to AI-specific scenarios and controls.

Overall, the redesigned experience delivers:

• Clearer insights—Simplified views that help teams quickly identify strengths, gaps, and next steps.
• Deep(er) alignment with the Workshop—Assessment insights directly inform workshop discussions, exercises, and deployment paths.
• Actionable, prioritized recommendations—Concrete implementation steps mapped to maturity levels, so you can sequence improvements over time.

Zero Trust for AI reference architecture

Our new Zero Trust for AI reference architecture (extends our existing Zero Trust reference architecture) shows how policy-driven access controls, continuous verification, monitoring, and governance work together to secure AI systems, while increasing resilience when incidents occur.

The architecture gives security, IT, and engineering teams a shared mental model by clarifying where controls apply, how trust boundaries shift with AI, and why defense-in-depth remains essential for agentic workloads.

Practical patterns and practices for AI security

Knowing what to do is one thing. Knowing how to operationalize it at scale is another. Our patterns and practices provide repeatable, proven approaches to the most complex AI security challenges, much like software design patterns offer reusable solutions to common engineering problems.

See it live at RSAC 2026

If you’re attending RSAC™ 2026 Conference, join us for three sessions focused on Zero Trust for AI—from expanding attack surfaces to hands-on, actionable guidance.

Get started with Zero Trust for AI

Zero Trust for AI brings proven security principles to the realities of modern AI. Whether you’re governing agents, protecting models and data, or scaling AI without introducing new risk, the tools, architecture, and guidance are ready for you today.

Get started:

• Explore Microsoft’s unique approach to Zero Trust (including Zero Trust for AI).
• Implement your Zero Trust architecture for AI your way—self-service, through a trusted partner, or directly with Microsoft.
• Execute the Zero Trust Workshop to move from strategy to execution with scenario-based, prescriptive guidance.
• Assess your Zero Trust posture and explore the new Data and Network pillars with the Zero Trust Assessment tool.

To continue the conversation, join the Microsoft Security Community, where security practitioners and Microsoft experts share insights, guidance, and real world experiences across Zero Trust and AI security.

Learn more about Microsoft Security solutions on our website and bookmark the Microsoft Security blog for expert insights on security matters. Follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest cybersecurity news and updates.

The post New tools and guidance: Announcing Zero Trust for AI appeared first on Microsoft Security Blog.

The Zero Trust security model offers longstanding, proven benefits. Zero Trust minimizes the attack surface and makes it significantly harder for cyberattackers to gain illicit access, whether from outside or inside an organization’s network. Zero Trust is also great at securing hybrid and remote work environments, helping to facilitate secure modernization efforts. Microsoft strongly believes in these benefits and works diligently to share resources, insights, and tools like Zero Trust workshops with customers. As Microsoft innovates in the Zero Trust space, it shares insights with the technology industry and its customers.

In November of 2023, we launched the Secure Future Initiative—a multiyear effort to revolutionize the way we design, build, test, and operate our products and services in order to achieve the highest security standards. In May 2024, Microsoft expanded the Secure Future Initiative to include six engineering pillars and 28 aligned objectives. Engineering owners were assigned to each pillar and established an initial body of work to advance each objective, articulated as standards and measured as key results. In many cases, these objectives and standards are stringent applications of Zero Trust for Microsoft’s unique requirements as a leading hyper-scale cloud operator, provider of cloud services and products, and as a major enterprise target for bad actors.

Zero Trust Workshop

A comprehensive technical guide to help customers and partners adopt a Zero Trust strategy and deploy security solutions end-to-end to secure their organizations. Learn more.

Zero Trust: What it means for you

Zero Trust assumes cyberattackers can come from anywhere—inside or outside your network. This means that you must “never trust, always verify.” In practice, it also means every access request must be authenticated, authorized, and continuously validated—giving you greater confidence that only the right people and devices can connect to your resources.

How Microsoft helps you put Zero Trust into action

• Proven guidance and collaboration: We align with the National Institute of Standards and Technology (NIST), The Open Group, the Cybersecurity and Infrastructure Security Agency (CISA), MITRE, and others, helping our customers benefit from industry-standard frameworks and best practices.
• End-to-end deployment support: From planning to rollout, Microsoft experts, tools, and partner ecosystem guide customers through each of our six security pillars: identities, endpoints, applications, infrastructure, network, and data.
• AI-ready security: We’ve extended Zero Trust to cover AI workloads and models, embedding Microsoft solutions and governance controls at every layer, so our customers can innovate confidently.

With this comprehensive approach from Microsoft, customers don’t just learn the principles—they gain the ability to apply them across their environment to help reduce risk, simplify operations, and accelerate secure modernization.

Learnings from the Secure Future Initiative for your Zero Trust journey

Microsoft processes more than 84 trillion security signals every day—from devices and endpoints to cloud services and applications—giving us robust visibility into emerging cyberthreats and attack patterns.¹ By integrating data and insights with a “never trust, always verify” approach, the Secure Future Initiative at Microsoft builds on established Zero Trust strategies—turning architecture into practical implementation. Insights from this experience can enable you to expedite your Zero Trust implementations. 

Key insights from SFI

The journey Microsoft has gone on while implementing the Secure Future Initiative surfaced these practical lessons: use them to accelerate your own security improvements.

Lesson 1: Set priorities and measure progress 

Based on our priorities, we developed six pillars and 28 objectives to help us focus on what truly matters. You can do likewise: analyze your top risks, then group them into a set of measurable objectives. This gives your team a clear roadmap and helps prioritize efforts that move the needle.

Lesson 2: Align culture with security goals

We learned that tools alone don’t stick—people do. The Secure Future Initiative’s emphasis on culture, clear security objectives, ongoing training, and individual performance goals creates accountability. Translate this by embedding security accountability into every role and offering continuous, role-based training.

Lesson 3: Strengthen security governance

With SFI, integrating Deputy CISOs from key product and functional areas into the Governance Council has advanced security as a core part of development. That makes it more than just a checkpoint, enabling earlier risk mitigation and improved resilience at scale. You can evolve your approach to governance in step with your growth and key functional areas to ensure visibility and accountability. This will help you accelerate Zero Trust maturity and stay ahead of emerging cyberthreats.

Lesson 4: You can’t protect what you can’t see 

With the Secure Future Initiative, currently, more than 99% of network devices are logged in a central repository for full lifecycle management. These devices use centralized authentication and audit trails, are configured with Access Control Lists (ACLs) for IPv4/v6 to restrict lateral movement and have safeguards in place to prevent key compromise or abuse. Apply this by developing an inventory of your own environment and implementing isolation, monitoring and secure operations. 

Lesson 5: Share learnings and build feedback loops

The Secure Future Initiative is a living case study—sharing progress, learnings, and best practices through reports and blogs. You can also adopt a similar mindset: document what works, share internally and externally (where appropriate), and continuously refine your Zero Trust journey based on your own real-world experiences.

Build secure by design, secure by default, and secure operations

The Secure Future Initiative embeds three foundational principles into everything we do, and you can too:

• Secure by design: Incorporate threat modeling and risk assessments at the earliest planning phases.
• Secure by default: Enable guardrails and policies out of the box so users—and cyberattackers—can’t easily disable them.
• Secure operations: Continuously monitor, test, and iterate on defenses as cyberthreats evolve.

Download our Secure by design: A UX toolkit to integrate these checklists into your development pipelines today.

Key customer takeaways from the April 2025 Secure Future Initiative report

You can learn more about the progress we have made improving our security posture in the April 2025 progress report.  

Below are learnings from that report, and examples of how you can improve your security posture by applying the Zero Trust framework and principles.

1. Protect identities and secrets

Validate controls with attack simulations: Use red team exercises or breach-and-attack-simulation tools to test your identity protections (multifactor authentication, conditional access, just-in-time privilege). Identify gaps, then tune policies and workflows to close them.

2. Protect tenants and isolate production systems

Map and limit lateral paths: Graph your environment’s trust relationships (subscriptions, resource groups, service connections). Pinpoint where a cyberattacker could “hop,” then apply micro-segmentation, just-in-time network access, or privileged identity management to contain any breach.

3. Protect networks

Inventory, monitor, and segment: Ensure every device, virtual machine, and service is inventoried and sending telemetry. Lock down network flows with Zero Trust network policies and micro-segmentation. Use continuous monitoring to detect misconfigurations before they become vulnerabilities.

4. Protect engineering systems

Enforce secure build pipelines: Assign clear code-ownership and integrate security gates into your continuous integration/continuous delivery (CI/CD) pipeline. Adopt infrastructure-as-code templates with embedded guardrails and automatically remediate any drift from your security baseline.

5. Monitor and detect threats

Test your detection end-to-end: Regularly run realistic cyberattack simulations (for example, breach-and-attack-simulation, purple team exercises) across all clouds and on-premises environments. Validate that alerts fire correctly and that your security operations center (SOC) workflows drive timely investigation and response.

6. Accelerate response and remediation

Automate patching at scale: Implement automated operating system (OS) and application updates (Microsoft has deployed automated operating system upgrades to 86% of our first-party Virtual Machine Scale Sets (VMSS)-based services, resulting in more than 91 million upgrades in 2024). Shift left on vulnerability management: integrate scanning and patch-orchestration into your DevOps pipelines.

By adopting these practices, you can harden your Zero Trust posture, reduce risk, and accelerate secure modernization—no matter where you are on your journey.

Additional resources and action items

Get started on your Zero Trust journey: Visit the Microsoft Zero Trust webpage, access the Zero Trust Adoption Framework in the Microsoft Zero Trust guidance center, and download the self-serve Zero Trust Workshop Assessment today.

Read the April 2025 report from the Secure Future Initiative and visit the Microsoft Secure Future Initiative page for more information and resources.

Talk to our experts: Connect through your Microsoft account team or submit a request on the Microsoft Security contact page.

Work with a trusted partner: Use the Microsoft Solution Partner directory to find specialists who can help you deploy and optimize your strategy.

Join the community: Get direct access to engineers and early insights via the Security Tech Community and Customer Connection Program.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹Microsoft unveils Microsoft Security Copilot agents and new protections for AI, March 24, 2025.

The post ​​How the Microsoft Secure Future Initiative brings Zero Trust to life appeared first on Microsoft Security Blog.

We are announcing a resource to help our customers answer these questions: The Microsoft Zero Trust Workshop, a self-service tool to help you plan and execute your Zero Trust journey guide by yourself or with the guidance of a partner.

The Zero Trust Workshop lets you customize your organization’s end-to-end security deployment to your unique business needs and your environment with a powerful tool that: provides a comprehensive assessment of zero trust capabilities learned from hundreds of deployments; guides you with a visual easy-to-use tool that explains each step of the journey; and delivers a digital artifact that you and your team can use to plan and prioritize your next steps and to compare and measure progress regularly. 

Zero Trust Workshop

A comprehensive technical guide to help customers and partners adopt a Zero Trust strategy and deploy security solutions end-to-end to secure their organizations.

Learn more

How our workshop helps customers and partners solidify their Zero Trust strategy 

Over the past year, we have piloted this workshop with more than 30 customers and partners. They have consistently told us that this provides them with the clarity, coverage, and actionable guidance they need to secure their organization within each Zero Trust pillar and across the pillars. When asked how likely they are to recommend the workshop to their partner teams or to other customers, customers give the workshop a net promoter score of 73.

The layout and question structure is fantastic as it provokes a fair amount of thought around adding each of the capabilities to take a multi-faceted approach to authentication and authorization.

—Senior vice president at a major financial institution

Security is a team sport, and we recognize that customers often need security partners to help them plan and execute their security strategy. This is why we partnered with several deployment partners across the pillars of Zero Trust to get their feedback on the workshop and how they would use it to help their customers.

The Zero Trust Workshop is a great starting point for our customers who want to embrace Zero Trust principles, but don’t know how to align the technology they already own. Furthermore, the workshop allows our customers to measure the progress they’ve made and aim for the next incremental hardening of the Zero Trust model, which is part and parcel of the Zero Trust manner of thinking. As a Microsoft partner and as an MVP, I advocate that customers use the materials provided by Microsoft, including these workshops, to measure and further their security posture.

—Nicolas Blank, NBConsult

[The Zero Trust workshop] has enabled Slalom to help clients accelerate their efforts towards a comprehensive cyber resilience strategy. It provides a clear picture of an organization’s current state and provides a template for order of operations and best practices in a very tidy package. It’s an easy-to-use tool with a huge impact, and our clients and workshop participants have been very impressed by how it organizes and prioritizes a complex set of operations in an approachable and manageable way.

—Slalom

How to start using the workshop to plan your Zero Trust journey

The Zero Trust Workshop is comprised of two main components, all in one handy file you can download and use to drive these conversations: 

• The Zero Trust Basic Assessment (optional): For customers starting on their Zero Trust journey, the assessment is a foundational tool that customers can run before the workshop to check for common misconfigurations and gaps in settings (for example, having too many global admins) to remediate before starting to enable the security features and capabilities of a Zero Trust journey.  

• The Zero Trust Strategy workshop: This is a guided breakdown of the Zero Trust areas according to the standard Zero Trust pillars (Identity, Devices, Data, Network, Infrastructure and Application, and Security Operations). For each pillar, we walk you through the associated areas with a proposed “do this first, consider this then, think about this next” order to how you should tackle them. For each area and capability, you have guidance on why it matters and options to address it and then can discuss it with your stakeholder and decide if this is something you already did, something you are going to do, or something you do not plan to implement at this time. As you progress through the different boxes and areas, you create an artifact for your organization on how well-deployed you are in this Zero Trust pillar and what are the next areas to tackle.  

Now, we are launching the Identity, Devices, and Data pillars. We will add the Network, Infrastructure and Application, and Security Operations in the coming few months. The website for the workshop will announce these as they become available.

I invite you to check out the Zero Trust Workshop site where we have detailed training videos and content. 

For our valued security deployment partners, the workshop is also included in the recently launched Zero Trust Partner kit where, as a partner, you can take the workshop material and customize it for your customer engagements based on your needs. 

Closing thoughts

We all need to work together to help secure the world we live in and keep people safe with the intention of collective defense. As shared in the most recent Microsoft Digital Defense Report, the cyber threat landscape is ever-growing and requires a collaborative approach between product vendors, security experts, and customers to help protect everyone. In the spirit of working with the wider ecosystem to help secure all customers, we recently partnered with NIST’s NCCoE and more than 20 security vendors to publish a guide on how to adopt NIST’s Zero Trust reference architecture using Microsoft’s Security products and this is another example of us working with all of you deploying security out there to help secure the ecosystem. 

We would love to hear how you are using it. Use the feedback form on the site to share with us how we can improve it to help your organization implement a Zero Trust journey. 

Additional resources to accelerate your Zero Trust journey 

This joins a library of other resources to guide your security modernization and Zero Trust journey, including: 

• The Zero Trust Guidance center

• The Microsoft Security Adoption Framework (SAF) which includes the Microsoft Cybersecurity Reference Architecture and the Chief Information Security Officer (CISO) Workshop.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity. 

The post ​​Zero Trust Workshop: Advance your knowledge with an online resource appeared first on Microsoft Security Blog.