At the same time, this innovation is happening against a sea change in AI-powered attacks where agents can become “double agents.” And chief information officers (CIOs), chief information security officers (CISOs), and security decision makers are grappling with the resulting security implications: How do they observe, govern, and secure agents? How do they secure their foundations in this new era? How can they use agentic AI to protect their organization and detect and respond to traditional and emerging threats?

The answer starts with trust, and security has always been the root of trust. In this agentic era, security must be woven into, and around, every layer of the AI estate. It must be ambient and autonomous, just like the AI it protects. This is our vision for security as the core primitive of the AI stack.

At RSAC 2026, we are delivering on that vision with new purpose-built capabilities designed to help organizations secure agents, secure their foundations, and defend using agents and experts. Fueled by more than 100 trillion daily signals, Microsoft Security helps protect 1.6 million customers, one billion identities, and 24 billion Copilot interactions.² Read on to learn how we can help you secure agentic AI.

Secure agents

Earlier this month, we announced that Agent 365 will be generally available on May 1. Agent 365—the control plane for agents—gives IT, security, and business teams the visibility and tools they need to observe, secure, and govern agents at scale using the infrastructure you already have and trust. It includes new Microsoft Defender, Entra, and Purview capabilities to help you secure agent access, prevent data oversharing, and defend against emerging threats.

Agent 365 is included in Microsoft 365 E7: The Frontier Suite along with Microsoft 365 Copilot, Microsoft Entra Suite, and Microsoft 365 E5, which includes many of the advanced Microsoft Security capabilities below to deliver comprehensive protection for your organization.

Secure your foundations

Along with securing agents, we also need to think of securing AI comprehensively. To truly secure agentic AI, we must secure foundations—the systems that agentic AI is built and runs on and the people who are developing and using AI. At RSAC 2026, we are introducing new capabilities to help you gain visibility into risks across your enterprise, secure identities with continuous adaptive access, safeguard sensitive data across AI workflows, and defend against threats at the speed and scale of AI.

Gain visibility into risks across your enterprise

As AI adoption accelerates, so does the need for comprehensive and continuous visibility into AI risks across your environment—from agents to AI apps and services. We are addressing this challenge with new capabilities that give you insight into risks across your enterprise so you know where AI is showing up, how it is being used, and where your exposure to risk may be growing. New capabilities include:

• Security Dashboard for AI provides CISOs and security teams with unified visibility into AI-related risk across the organization. Now generally available.
• Entra Internet Access Shadow AI Detection uses the network layer to identify previously unknown AI applications and surface unmanaged AI usage that might otherwise go undetected. Generally available March 31.
• Enhanced Intune app inventory provides rich visibility into your app estate installed on devices, including AI-enabled apps, to support targeted remediation of high-risk software. Generally available in May.

Secure identities with continuous, adaptive access

Identity is the foundation of modern security, the most targeted layer in any environment, and the first line of defense. With Microsoft Entra, you can secure access and deliver comprehensive identity security using new capabilities that help you harden your identity infrastructure, improve tenant governance, modernize authentication, and make intelligent access decisions.

• Entra Backup and Recovery strengthens resilience with an automated backup of Entra directory objects to enable rapid recovery in case of accidental data deletion or unauthorized changes. Now available in preview.
• Entra Tenant Governance helps organizations discover unmanaged (shadow) Entra tenants and establish consistent tenant policies and governance in multi-tenant environments. Now available in preview.
• Entra passkey capabilities now include synced passkeys and passkey profiles to enable maximum flexibility for end-users, making it easy to move between devices, while organizations looking for maximum control still have the option of device-bound passkeys. Plus, Entra passkeys are now natively integrated into the Windows Hello experience, making phishing-resistant passkey authentication more seamless on Windows devices. Synced passkeys and passkey profiles are generally available, passkey integration into Windows Hello is in preview. 
• Entra external Multi-Factor Authentication (MFA) allows organizations to connect external MFA providers directly with Microsoft Entra so they can leverage pre-existing MFA investments or use highly specialized MFA methods. Now generally available.
• Entra adaptive risk remediation helps users securely regain access without help-desk friction through automatic self-remediation across authentication methods, adapting to where they are in their modern authentication journey. Generally available in April.
• Unified identity security provides end-to-end coverage across identity infrastructure, the identity control plane, and identity threat detection and response (ITDR)—built for rapid response and real-time decisions. The new identity security dashboard in Microsoft Defender highlights the most impactful insights across human and non-human identities to help accelerate response, and the new identity risk score unifies account-level risk signals to deliver a comprehensive view of user risk to inform real-time access decisions and SecOps investigations. Now available in preview.

Safeguard sensitive data across AI workflows

With AI embedded in everyday work, sensitive data increasingly moves through prompts, responses, and grounding flows—often faster than policies can keep up. Security teams need visibility into how AI interacts with data as well as the ability to stop data oversharing and data leakage. Microsoft brings data security directly into the AI control plane, giving organizations clear insight into risk, real-time enforcement at the point of use, and the confidence to enable AI responsibly across the enterprise. New Microsoft Purview capabilities include:

• Expanded Purview data loss prevention for Microsoft 365 Copilot helps block sensitive information such as PII, credit card numbers, and custom data types in prompts from being processed or used for web grounding. Generally available March 31.
• Purview embedded in Copilot Control System provides a unified view of AI‑related data risk directly in the Microsoft 365 Admin Center. Generally available in April.
• Purview customizable data security reports enable tailored reporting and drilldowns to prioritized data security risks. Available in preview March 31.

Defend against threats across endpoints, cloud, and AI services

Security teams need proactive 24/7 threat protection that disrupts threats early and contains them automatically. Microsoft is extending predictive shielding to proactively limit impact and reduce exposure, expanding our container security capabilities, and introducing network-layer protection against malicious AI prompts.

• Entra Internet Access prompt injection protection helps block malicious AI prompts across apps and agents by enforcing universal network-level policies. Generally available March 31.
• Enhanced Defender for Cloud container security includes binary drift and antimalware prevention to close gaps attackers exploit in containerized environments. Now available in preview.
• Defender for Cloud posture management adds broader coverage and supports Amazon Web Services and Google Cloud Platform, delivering security recommendations and compliance insights for newly discovered resources. Available in preview in April.
• Defender predictive shielding dynamically adjusts identity and access policies during active attacks, reducing exposure and limiting impact. Now available in preview.

Defend with agents and experts

To defend in the agentic age, we need agentic defense. This means having an agentic defense platform and security agents embedded directly into the flow of work, augmented by deep human expertise and comprehensive security services when you need them.

Agents built into the flow of security work

Security teams move fastest with targeted help where and when work is happening. As alerts surface and investigations unfold across identities, data, endpoints, and cloud workloads, AI-powered assistance needs to operate alongside defenders. With Security Copilot now included in Microsoft 365 E5 and E7, we are empowering defenders with agents embedded directly into daily security and IT operations that help accelerate response and reduce manual effort so they can focus on what matters most.

New agents available now include:

• Security Analyst Agent in Microsoft Defender helps accelerate threat investigations by providing contextual analysis and guided workflows. Available in preview March 26.
• Security Alert Triage Agent in Microsoft Defender has the capabilities of the phishing triage agent and then extends to cloud and identity to autonomously analyze, classify, prioritize, and resolve repetitive low-value alerts at scale. Available in preview in April.
• Conditional Access Optimization Agent in Microsoft Entra enhancements add context-aware recommendations, deeper analysis, and phased rollout to strengthen identity security. Agent generally available, enhancements now available in preview.
• Data Security Posture Agent in Microsoft Purview enhancements include a credential scanning capability that can be used to proactively detect credential exposure in your data. Now available in preview.
• Data Security Triage Agent in Microsoft Purview enhancements include an advanced AI reasoning layer and improved interpretation of custom Sensitive Information Types (SITs), to improve agent outputs during alert triage. Agent generally available, enhancements available in preview March 31.
• Over 15 new partner-built agents extend Security Copilot with additional capabilities, all available in the Security Store.

Scale with an agentic defense platform

To help defenders and agents work together in a more coordinated, intelligence-driven way, Microsoft is expanding Sentinel, the agentic defense platform, to unify context, automate end-to-end workflows, and standardize access, governance, and deployment across security solutions.

• Sentinel data federation powered by Microsoft Fabric investigates external security data in place in Databricks, Microsoft Fabric, and Azure Data Lake Storage while preserving governance. Now available in preview.
• Sentinel playbook generator with natural language orchestration helps accelerate investigations and automate complex workflows. Now available in preview.
• Sentinel granular delegated administrator privileges and unified role-based access control enable secure and scaling management for partners and enterprise customers with cross-tenant collaboration. Now available in preview.
• Security Store embedded in Purview and Entra makes it easier to discover and deploy agents directly within existing security experiences. Generally available March 31.
• Sentinel custom graphs powered by Microsoft Fabric enable views unique to your organization of relationships across your environment. Now available in preview.
• Sentinel model context protocol (MCP) entity analyzer helps automate faster with natural language and harnesses the flexibility of code to accelerate responses. Generally available in April.

Strengthen with experts

Even the most mature security organizations face moments that call for deeper partnership—a sophisticated attack, a complex investigation, a situation where seasoned expertise alongside your team makes all the difference. The Microsoft Defender Experts Suite brings together expert-led services—technical advisory, managed extended detection and response (MXDR), and end-to-end proactive and reactive incident response—to help you defend against advanced cyber threats, build long-term resilience, and modernize security operations with confidence.

Apply Zero Trust for AI

Zero Trust has always been built on three principles: verify explicitly, use least privilege, and assume breach. As AI becomes embedded across your entire environment—from the models you build on, to the data they consume, to the agents that act on your behalf—applying those principles has never been more critical. At RSAC 2026, we’re extending our Zero Trust architecture, the full AI lifecycle—from data ingestion and model training to deployment agent behavior. And we’re making it actionable with an updated Zero Trust for AI reference architecture, workshop, assessment tool, and new patterns and practices articles to help you improve your security posture.

See you at RSAC

If you’re joining the global security community in San Francisco for RSAC 2026 Conference, we invite you to connect with us. Join us at our Microsoft Pre-Day event and stop by our booth at the RSAC Conference North Expo (N-5744) to explore our latest innovations across Microsoft Agent 365, Microsoft Defender, Microsoft Entra, Microsoft Purview, Microsoft Sentinel, and Microsoft Security Copilot and see firsthand how we can help your organization secure agents, secure your foundation, and help you defend with agents and experts. The future of security is ambient, autonomous, and built for the era of AI. Let’s build it together.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹Based on Microsoft first-party telemetry measuring agents built with Microsoft Copilot Studio or Microsoft Agent Builder that were in use during the last 28 days of November 2025.

²Microsoft Fiscal Year 2026 First Quarter Earnings Conference Call and Microsoft Fiscal Year 2026 Second Quarter Earnings Conference Call

The post Secure agentic AI end-to-end appeared first on Microsoft Security Blog.

Your AI is only as good as your data.

Organizations are skeptical about AI transformation due to concerns of sensitive data oversharing and poor data quality. In fact, 86% of organizations lack visibility into AI data flows, operating in darkness about what information employees share with AI systems [1]. Compounding on this challenge, about 67% of executives are uncomfortable using data for AI due to quality concerns [2]. The challenges of data oversharing and poor data quality requires organizations to solve these issues seamlessly for the safe usage of AI. Microsoft Purview offers a modern, unified approach to help organizations secure and govern data across their entire data estate, in particular best in class integrations with M365, Microsoft Fabric, and Azure data estates, streamlining oversight and reducing complexity across the estate.

At FabCon Atlanta, we’re announcing new Microsoft Purview innovations for Fabric to help seamlessly secure and confidently activate your data for AI transformation. These updates span data security and data governance, granting Fabric users to both

1. Discover risks and prevent data oversharing in Fabric
2. Improve governance processes and data quality across their data estate

1. Discover risks and prevent data oversharing in Fabric

As data volume increases with AI usage, Microsoft Purview secures your data with capabilities such as Information Protection, Data Loss Prevention (DLP), Insider Risk Management (IRM), and Data Security Posture Management (DSPM). These capabilities work together to secure data throughout its lifecycle and now specifically for your Fabric data estate. Here are a few new Purview innovations for your Fabric estate:

Microsoft Purview DLP policies to prevent data leakage for Fabric Warehouse and KQL/SQL DBs

Now generally available, Microsoft Purview DLP policies allow Fabric admins to prevent data oversharing in Fabric through policy tip triggering when sensitive data is detected in assets uploaded to Warehouses. Additionally, in preview, Purview DLP enables Fabric admins to restrict access to assets with sensitive data in KQL/SQL DBs and Fabric Warehouses to prevent data oversharing. This helps admins limit access to sensitive data detected in these data sources and data stores to just asset owners and allowed collaborators. These DLP innovations expand upon the depth and breadth of existing DLP policies to ensure sensitive data in Fabric is protected.

Figure 1. DLP restrict access preventing data oversharing of customer information stored in a KQL database.

Microsoft Purview Insider Risk Management (IRM) indicators for Lakehouse, IRM data theft quick policy for Fabric, and IRM pay-as-you-go usage report for Fabric

Microsoft Purview Insider Risk Management is now generally available for Microsoft Fabric extending its risk-detection capabilities to Microsoft Fabric lakehouses (in addition to Power BI which is supported today) by offering ready-to-use risk indicators based on risky user activities in Fabric lakehouses, such as sharing data from a Fabric lakehouse with people outside the organization . Additionally, IRM data theft policy is now generally available for security admins to create a data theft policy to detect Fabric data exfiltration, such as exporting Power BI reports. Also, organizations now have visibility into how much they are billed with the IRM pay-as-you-go usage report for Fabric, providing customers with an easy-to-use dashboard to track their consumption and predictability on costs.

Figure 2. IRM identifying risky user behavior when handling data in a Fabric Lakehouse. 

Figure 3. Security admins can create a data theft policy to detect Fabric data exfiltration. 

Figure 4. Security admins can check the pay-as-you-go usage (processing units) across different workloads and activities such as the downgrading of sensitivity labels of a lakehouse through the usage report.

Microsoft Purview for all Fabric Copilots and Agents

Microsoft Purview currently provides capabilities in preview for all Copilots and Agents in Fabric. Organizations can:

• Discover data risks such as sensitive data in user prompts and responses and receive recommended actions to reduce these risks.
• Detect and remediate oversharing risks with Data Risk Assessments on DSPM, that identify potentially overshared, unprotected, or sensitive Fabric assets, giving teams clear visibility into where data exposure exists and enabling targeted actions—like applying labels or policies—to reduce risk and ensure Fabric data is AI‑ready and governed by design.
• Identify risky AI usage with Microsoft Purview Insider Risk Management to investigate risky AI usage, such as an inadvertent user who has neglected security best practices and shared sensitive data in AI.
• Govern AI usage with Microsoft Purview Audit, Microsoft Purview eDiscovery, retention policies, and non-compliant usage detection.

Figure 5. Purview DSPM provides admins with the ability to discover data risks such as a user’s attempt to obtain historical data within a data agent in the Data Science workload in Fabric. DSPM subsequently provides actions to solve this risk.

Now that we’ve covered how Purview helps secure Fabric data and AI, the next focus is ensuring Fabric users can use that data responsibly.

2. Improve governance processes and data quality across their data estate

Once an organization’s data is secured for AI, the next challenge is ensuring consumers can easily find and trust the data needed for AI. This is where the Purview Unified Catalog comes in, serving as the foundation for enterprise data governance. Estate-wide data discovery provides a holistic view of the data landscape, helping prevent valuable data from being underutilized. Built-in data quality tools enable teams to measure, monitor, and remediate issues such as incomplete records, inconsistencies, and redundancies, ensuring decisions and AI outcomes are based on trusted, reliable data.  Purview provides additional governance capabilities for all data consumers and governance teams and supplement those who utilize the Fabric OneLake catalog. Here are a few new innovations within the Purview Unified Catalog:

Publication workflows for data products and glossary terms

Now generally available, data owners can leverage Workflows in the Purview Unified Catalog to manage how data products and glossary terms are published. Customizable workflows enable governance teams to work faster to create a well curated catalog, specifically by ensuring that data products and glossary terms are published and governed responsibly. Data consumers can request access to data products and be reassured that the data is held to a certain governance standard by governance teams.

Figure 6. Customizing a Workflow for publishing a glossary term in your catalog.

Data quality for ungoverned assets in the Unified Catalog, including Fabric data  

In the Unified Catalog, Data Quality for ungoverned data assets allows organizations to run data quality on data assets, including Fabric assets, without linking them to data products. This approach enables data quality stewards to run data quality at a faster speed and on greater scale, ensuring that their organizations can democratize high quality data for AI use cases.

Figure 7.  Running data quality on data assets without it being associated with a data product.

Looking Forward

As organizations accelerate their AI ambitions, data security and governance become essential. Microsoft Purview and Microsoft Fabric deliver an integrated and unified foundation that enables organizations to innovate with confidence, ensuring data is protected, governed, and trusted for responsible AI activation.

We’re committed to helping you stay ahead of evolving challenges and opportunities as you unlock more value from your data. Explore these new capabilities and join us on the journey toward a more secure, governed, and AI‑ready data future.

[1] 2025 AI Security Gap: 83% of Organizations Flying Blind

[2] The Importance Of Data Quality: Metrics That Drive Business Success

The post New Microsoft Purview innovations for Fabric to safely accelerate your AI transformation appeared first on Microsoft Security Blog.

At Microsoft, we see this moment giving rise to what we call the Frontier Firm: organizations that are human-led and agent-operated. With more than 80% of leaders already using agents or planning to within the year, we’re entering a world where every person may soon have an entire agentic team at their side¹. By 2028, IDC projects 1.3 billion agents in use—a scale that changes everything about how we work and how we secure².

In the agentic era, security must be ambient and autonomous, just like the AI it protects. This is our vision for security as the core primitive, woven into and around everything we build and throughout everything we do. At RSAC™ 2026 Conference, we’ll share how we are delivering on that vision through our AI-first, end-to-end, security platform that helps you protect every layer of the AI stack and secure with agentic AI.

Join us at RSAC Conference 2026—March 22–26 in San Francisco

RSAC 2026 will give you a front‑row seat to how AI is transforming the global threat landscape, and how defenders can stay ahead with:

• A deeper understanding of how AI is reshaping the global threat landscape
• Insight into how Microsoft can help you protect every layer of the AI stack and secure with agentic AI
• Product demos, curated sessions, executive conversations, and live meetings with our experts in the booth

This is your moment to see what’s next and what’s possible as we enter the era of agentic security.

Microsoft at RSAC™ 2026

From Microsoft Pre‑Day to innovation sessions, networking opportunities, and 1:1 meetings, explore experiences designed to help you navigate the age of AI with clarity and impact.

Explore conference events

Microsoft Pre-Day: Your first look at what’s next in security

Kick off RSAC 2026 on Sunday, March 22 at the Palace Hotel for Microsoft Pre‑Day, an exclusive experience designed to set the tone for the week ahead.

Hear keynote insights from Vasu Jakkal, CVP of Microsoft Security Business and other Microsoft security leaders as they explore how AI and agents are reshaping the security landscape.

You’ll discover how Microsoft is advancing agentic defense, informed by more than 100 trillion security signals each day. You’ll learn how solutions like Agent 365 deliver observability at every layer, and how Microsoft’s purpose‑built security capabilities help you secure every layer of the AI stack. You’ll also explore how our expert-led services can help you defend against cyberthreats, build cyber resilience, and transform your security operations.

The experience concludes with opportunities to connect, including a networking reception and an invite-only dinner for CISOs and security executives.

Microsoft Pre‑Day is your chance to hear what is coming next and prepare for the week ahead. Secure your spot today.

Executive events: Exclusive access to insights, strategy, and connections

For CISOs and senior security decision makers, RSAC 2026 offers curated experiences designed to deliver maximum value:

• CISO Dinner (Sunday, March 22): Join Microsoft Security executives and fellow CISOs for an intimate dinner following Microsoft Pre-Day. Share insights, compare strategies, and build connections that matter.
• The CISO and CIO Mandate for Securing and Governing AI (Monday, March 23): A session outlining why organizations need integrated AI security and governance to manage new risks and accelerate responsible innovation.
• Executive Lunch & Learn: AI Agents are here! Are you Ready? (Tuesday, March 24): A panel exploring how observability, governance, and security are essential to safely scaling AI agents and unlocking human potential.
• The AI Risk Equation: Visibility, Control, and Threat Acceleration (Wednesday, March 25): A deeply interactive discussion on how CISOs address AI proliferation, visibility challenges, and expanding attack surfaces while guiding enterprise risk strategy.
• Post-Day Forum (Thursday, March 26): Wrap up RSAC with an immersive, half‑day program at the Microsoft Experience Center in Silicon Valley—designed for deeper conversations, direct access to Microsoft’s security and AI experts, and collaborative sessions that go beyond the main‑stage content. Explore securing and managing AI agents, protecting multicloud environments, and deploying agentic AI through interactive discussions. Transportation from the city center will be provided. Space is limited, so register early.

These experiences are designed to help CISOs move beyond theory and into actionable strategies for securing their organizations in an AI-first world.

Keynote and sessions: Insights you can act on

On Monday, March 23, don’t miss the RSAC 2026 keynote featuring Vasu Jakkal, CVP of Microsoft Security. In Ambient and Autonomous Security: Building Trust in the Agentic AI Era (3:55 PM-4:15 PM PDT), learn how ambient, autonomous platforms with deep observability are evolving to address AI-powered threats and build a trusted digital foundation.

Here are two sessions you don’t want to miss:

1. Security, Governance, and Control for Agentic AI 

• Monday, March 23 | 2:20–3:10 PM. Learn the core principles that keep autonomous agents secure and governed so organizations can innovate with AI without sprawl, misuse, or unintended actions.
  • Speakers: Neta Haiby, Partner, Product Manager and Tina Ying, Director, Product Marketing, Microsoft 

2. Advancing Cyber Defense in the Era of AI Driven Threats 

• Tuesday, March 24 | 9:40–10:30 AM. Explore how AI elevates threat sophistication and what resilient, intelligence-driven defenses look like in this new era.
  • Speaker: Brad Sarsfield, Senior Director, Microsoft Security, NEXT.ai

Plus, don’t miss our sessions throughout the week: 

• Monday, March 23 
  • Cyber Coaches: Lessons from Securing US Water Infrastructure
• Tuesday, March 24 
  • How to Red Team a Frontier AI Model
  • Turning Mandates Into Momentum: Policy Tools for PQC Adoption 
  • AI, Identity, and Ethical Governance: Building Trust in High Stakes Systems
• Wednesday, March 25 
  • VC Investments—2026 and Beyond
  • The Fundamentals Forum: Let’s Get Back to Basics
• Thursday, March 26 
  • Beyond Red Teaming: Why AI Security Needs a Bigger Playbook
  • Architecting Systems for Human–AI Collaboration in Cyber Defense
  • Disrupting Cybercrime Networks, Successfully, Continuously, and at Scale
  • Automated Cyber Defense: Lessons from DARPA’s AI Cyber Challenge
  • AI on Trial: How CISOs Navigate Hype, Risk, and Accountability 

Microsoft Booth #5744: Theater sessions and interactive experiences

Visit the Microsoft booth at Moscone Center for an immersive look at how modern security teams protect AI‑powered environments. Connect with Microsoft experts, explore security and governance capabilities built for agentic AI, and see how solutions work together across identity, data, cloud, and security operations.

Test your skills and compete in security games

At the center of the booth is an interactive single‑player experience that puts you in a high‑stakes security scenario, working with adaptive agents to triage incidents, optimize conditional access, surface threat intelligence, and keep endpoints secure and compliant, then guiding you to demo stations for deeper exploration.

Quick sessions, big takeaways, plus a custom pet sticker

You can also stop by the booth theater for short, expert‑led sessions highlighting real‑world use cases and practical guidance, giving you a clear view of how to strengthen your security approach across the AI landscape—and while you’re there, don’t miss the Security Companion Sticker activation, where you can upload a photo of your pet and receive a curated AI-generated sticker.

Microsoft Security Hub: Your space to connect

Throughout the week, the iconic Palace Hotel will serve as Microsoft’s central gathering place—a welcoming hub where you can step away from the bustle of the conference. It’s a space to recharge and connect with Microsoft security experts and executives, participate in focused thought leadership sessions and roundtable discussions, and take part in networking experiences designed to spark meaningful conversations. Full details on sessions and activities are available on the Microsoft Security Experiences at RSAC™ 2026 page.

Customers can also take advantage of scheduled one-on-one meetings with Microsoft security experts during the week. These meetings offer an opportunity to dig deeper into today’s threat landscape, discuss specific product questions, and explore strategies tailored to your organization. To schedule a one-on-one meeting with Microsoft executives and subject matter experts, speak with your account representative or submit a meeting request form.

Partners: Building security together

Microsoft’s presence at RSAC 2026 isn’t just about our technology. It’s about the ecosystem. Visit the booth and the Security Hub to meet members of the Microsoft Intelligent Security Association (MISA) and explore how our partners extend and enhance Microsoft Security solutions. From integrated threat intelligence to compliance automation, these collaborations help you build a stronger, more resilient security posture.

Special thanks to Ascent Solutions, Avertium, BlueVoyant, CyberProof, Darktrace, and Huntress for sponsoring the Microsoft Security Hub and karaoke party.

Why join us at RSAC?

Attending RSAC™ 2026? By engaging with Microsoft Security, you’ll gain clear perspective on how AI agents are reshaping risk and response, practical guidance to help you focus on what matters most, and meaningful connections with peers and experts facing the same challenges.

Together, we can make the world safer for all. Join us in San Francisco and be part of the conversation defining the next era of cybersecurity.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹According to data from the 2025 Work Trend Index, 82% of leaders say this is a pivotal year to rethink key aspects of strategy and operations, and 81% say they expect agents to be moderately or extensively integrated into their company’s AI strategy in the next 12–18 months. At the same time, adoption on the ground is spreading but uneven: 24% of leaders say their companies have already deployed AI organization-wide, while just 12% remain in pilot mode.

²IDC Info Snapshot, sponsored by Microsoft, 1.3 Billion AI Agents by 2028, May 2025 #US53361825

The post Your complete guide to Microsoft experiences at RSAC™ 2026 Conference appeared first on Microsoft Security Blog.

In this blog, we spotlight three global organizations that are leading the way. Each is taking a proactive, platform-first approach to security—moving beyond fragmented defenses and embedding protection across identity, data, devices, and cloud infrastructure. Their stories show that when security is deeply integrated from the start, it becomes a strategic enabler of resilience, agility, and innovation. And by choosing Microsoft Security, these customers are securing the foundation of their AI transformation from end to end.

Why security transformation matters to decision makers

Security is a board-level priority. The following customer stories show how strategic investments in security platforms can drive cost savings, operational efficiency, and business agility, not just risk reduction. Read on to learn how Ford, Icertis, and TriNet transformed their operations with support from Microsoft.

Ford builds trust across global operations

In the automotive industry, a single cyberattack can ripple across numerous aspects of the business. Ford recognized that rising ransomware and targeted cyberattacks demanded a different approach. The company made a deliberate shift away from fragmented, custom-built security tools toward a unified Microsoft security platform, adopting a Zero Trust approach and prioritizing security embedded into every layer of its hybrid environment—from endpoints to data centers and cloud infrastructure.

Unified protection and measurable impact

Partnering with Microsoft, Ford deployed Microsoft Defender, Microsoft Sentinel, Microsoft Purview, and Microsoft Entra to strengthen defenses, centralize threat detection, and enforce data governance. AI-powered telemetry and automation improved visibility and accelerated incident response, while compliance certifications supported global scaling. By building a security-first culture and leveraging Microsoft’s integrated stack, Ford reduced vulnerabilities, simplified operations, and positioned itself for secure growth across markets.

Icertis cuts security operations center (SOC) incidents by 50%

As a global leader in contract intelligence, Icertis introduced generative AI to transform enterprise contracting, launching applications built on Microsoft Azure OpenAI and its Vera platform. These innovations brought new security challenges, including prompt injection risks and compliance demands across more than 300 Azure subscriptions. To address these, Icertis adopted Microsoft Defender for Cloud for AI posture management, threat detection, and regulatory alignment, ensuring sensitive contract data remains protected.

Driving security efficiency and resilience

By integrating Microsoft Security solutions—Defender for Cloud, Microsoft Sentinel, Purview, Entra, and Microsoft Security Copilot—Icertis strengthened governance and accelerated incident response. AI-powered automation reduced alert triage time by up to 80%, cut mean time to resolution to 25 minutes, and lowered incident volume by 50%. With Zero Trust principles and embedded security practices, Icertis scales innovation securely while maintaining compliance, setting a new standard for trust in AI-powered contracting.

TriNet moves to Microsoft 365 E5, achieves annual savings in security spend

Facing growing complexity from multiple point solutions, TriNet sought to reduce operational overhead and strengthen its security posture. The company’s leadership recognized that consolidating tools could improve visibility, reduce risk, and align security with its broader digital strategy. After evaluating providers, TriNet chose Microsoft 365 E5 for its integrated security platform, delivering advanced threat protection, identity management, and compliance capabilities.

Streamlined operations and improved efficiencies

By adopting Microsoft Defender XDR, Purview, Entra, Microsoft Sentinel, and Microsoft 365 Copilot, TriNet unified security across endpoints, cloud apps, and data governance. Automation and centralized monitoring reduced alert fatigue, accelerated incident response, and improved Secure Score. The platform blocked a spear phishing attempt targeting executives, demonstrating the value of Zero Trust and advanced safeguards. With cost savings from tool consolidation and improved efficiency, TriNet is building a secure foundation for future innovation.

How to plan, adopt, and operationalize a Microsoft Security strategy 

Ford, Icertis, and TriNet each began their transformation by assessing legacy systems and identifying gaps that created complexity and risk. Ford faced fragmented tools across a global manufacturing footprint, Icertis needed to secure sensitive contract data while adopting generative AI, and TriNet aimed to reduce operational complexity caused by managing multiple point solutions, seeking a more streamlined and integrated approach. These assessments revealed the need for a unified, risk-based strategy to simplify operations and strengthen protection.

Building on Zero Trust and deploying integrated solutions

All three organizations aligned on Zero Trust principles as the foundation for modernization. They consolidated security into Microsoft’s integrated platform, deploying Defender for endpoint and cloud protection, Microsoft Sentinel for centralized monitoring, Purview for data governance, Entra for identity management, and Security Copilot for AI-powered insights. This phased rollout allowed each company to embed security into daily operations while reducing manual processes and improving visibility.

Measuring impact and sharing best practices

The results were tangible: Ford accelerated threat detection and governance across its hybrid environment, Icertis cut incident volume by 50% and reduced triage time by 80%, and TriNet improved Secure Score while achieving cost savings through tool consolidation. Automation and AI-powered workflows delivered faster response times and reduced complexity. Each organization now shares learnings internally and with industry peers—whether through executive briefings, training programs, or participation in cybersecurity forums—helping set new standards for resilience and innovation.

Working towards a more secure future

The future of enterprise security is being redefined by AI, by innovation, and by the bold choices organizations make today. Modernization, automation, and collaboration are no longer optional—they’re foundational. As AI reshapes how we work, build, and protect, security must evolve in lockstep: not as an add-on, but as a fabric woven through every layer of the enterprise. 

These customer stories show us that building a security-first approach isn’t just possible; it’s imperative. From cloud-native disruptors to global institutions modernizing complex environments, leading organizations are showing what’s possible when security and AI move together. By unifying their tools, automating what once was manual, and using AI to stay ahead of emerging cyberthreats, they’re not just protecting today, they’re securing the future and shaping what comes next. 

Share your thoughts

Are you a regular user of Microsoft Security products? Share your insights and experiences on Gartner Peer Insights™.

Learn more

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Microsoft Security success stories: Why integrated security is the foundation of AI transformation appeared first on Microsoft Security Blog.

That is why we are making security agents available in the everyday flow of work of security teams, embedded right in the tools they love and use. At Microsoft Ignite 2025, we are not just announcing new features—we are redefining what’s possible, empowering security teams to shift from reactive responses to proactive strategies.

Unlocking AI-first security with Microsoft Security Copilot

A Microsoft 365 E5 subscription delivers security across your organization, including threat protection with Microsoft Defender, identity and access management through Microsoft Entra, endpoint device management via Microsoft Intune, and data security provided by Microsoft Purview. Microsoft Security Copilot amplifies these capabilities with built-in agents that act as a force multiplier across the security stack. Security teams are empowered with adaptive agents, running side by side with them to accelerate investigations, streamline tasks and deliver faster, smarter outcomes.

To make it easier to harness the power of these agents and get started more quickly, we are excited to announce that Microsoft Security Copilot will be included for all Microsoft 365 E5 customers.* The rollout begins today for existing Security Copilot customers with Microsoft 365 E5 and will continue in the upcoming months for all Microsoft 365 E5 customers.

Existing Security Copilot customers with Microsoft 365 E5 subscriptions can get started with the agents today at no additional cost*:

• Security operations in Microsoft Defender
• Data security in Microsoft Purview
• Identity and access in Microsoft Entra
• Endpoint management in Microsoft Intune

All other Microsoft 365 E5 customers will receive a 30-day advanced notification before activation and can learn more in the documentation.

Welcome to a new era of cybersecurity: where agents are built in, easy to use, and ready to help your team stay ahead of cyberthreats.

Expanding our agent portfolio for stronger security outcomes

We’re not only making these agents more easily accessible, we’re extending the ecosystem even further. Adding to the 37 Security Copilot agents already available, we’re introducing more than 40 new Microsoft and partner-built agents.

12 new Microsoft-built agents across Microsoft Defender, Entra, Intune, and Purview are available today in preview. Additionally, more than 30 new partner-built agents extend protection end-to-end. These agents automate large-scale tasks, which allows security teams to dedicate more time to strategic initiatives.

Extensive portfolio with new agents

Security operations teams can harness agents that triage alerts in real time, surface actionable threat intelligence, and enable natural language threat hunting—so defenders can focus on what matters most: staying ahead of cyberattackers.

Identity and access admins can deploy new agents in Microsoft Entra to protect across layers of identity: proactively remediating risky users, optimizing Conditional Access policies, streamlining access reviews, and managing app lifecycles to reduce risk and improve efficiency.

Data security professionals can use agents in Microsoft Purview, to strengthen data security by discovering, analyzing, and remediating sensitive data risks—combining proactive posture management with intelligent triage to reduce manual work and help continuous risk reduction.

IT admins can use the new agents in Microsoft Intune to make complex tasks easier and security stronger by turning requirements into policies, assessing changes before they impact productivity, and identifying devices for removal— for smarter decisions, better compliance, and reduced risk.

Agents across all roles through partner ecosystem: additionally, there are more than 30 new partner-built agents available today in the Microsoft Security Store. These agents support security roles across the industry, with skills and capabilities like simplifying incident analysis, enhancing data protection, and ensuring security tools are aligned with industry standards. To learn more about these agent offerings, visit Microsoft Security Store.

If you don’t find exactly what you need among the dozens of ready-to-use agents, Security Copilot gives you the flexibility to create your own. Since announcing this capability in September, customers have already built more than 370 unique agents—tailored to their environments and designed for their specific use cases.

Evolving agent capabilities for deeper collaboration

With the interactive agent experience, now in public preview, security teams can engage in scoped, focused chats tailored to each agent’s expertise. Dynamic workflows and built-in starter prompts keep investigations on track, while prompt suggestions surface in real time, helping humans and agents collaborate for quicker, more effective security and IT results.

And to truly empower agents, context and data are key. Security Copilot taps into Microsoft’s threat intelligence—powered by more than 100 trillion signals processed daily—and unifies insights through Microsoft Sentinel. Now, with enterprise knowledge integration in preview, agents can reason over your organization’s internal data, delivering contextual recommendations unique to your environment. This means every interaction is informed, precise, and tailored to accelerate your security and IT operations.

Agents accelerating cybersecurity outcomes

This is not just vision—it’s reality. Security Copilot agents are already delivering transformative outcomes:

• SOC analysts have detected malicious emails up to 550% faster with the Phishing Triage Agent in Microsoft Defender—based on controlled comparisons of detection speed in simulated phishing scenarios.²
• Identity admins have achieved up to 204% greater accuracy in identifying missing Zero Trust policies with the Conditional Access Optimization Agent in Microsoft Entra—measured against baseline policy audits in enterprise environments.³

Shape the future of security with Microsoft

Microsoft is committed to helping organizations become true “Frontier Firms”—pioneers who harness agentic AI to transform security and IT operations. Microsoft Ignite is your invitation to be part of this movement: connect with our experts, experience the future firsthand, and discover how Security Copilot can help you realize your boldest ambitions.

Visit our Meet the Experts booths (#2330 and #2320), attend security sessions, and visit the Microsoft Security Store to explore available Microsoft and partner-built agents. The future of defense is not just about keeping up—it’s about leading the way.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

Security in the agentic era:

The core primitive

Envision a future where defenders and AI agents work together. Hear Charlie Bell and Vasu Jakkal share how leading organizations are securing AI innovation at scale—plus get demos and actionable steps.

Watch now

* Eligible Microsoft 365 E5 customers will have 400 Security Compute Units (SCUs) per month for every 1,000 user licenses, up to 10,000 SCUs per month. This included capacity is expected to support typical scenarios. Customers will have an option to pay for scaling beyond the allocated amount at a future date with $6 per SCU on a pay-as-you-go basis, and will get a 30-day advanced notification when this option is available. Learn more.

¹ Bridging the Cyber Skills Gap, World Economic Forum. 2025.

²Randomized Controlled Trial for Phishing Triage Agent, James Bono, Microsoft Corporation. October 2025.

³ Randomized Controlled Trial for Conditional Access Optimization Agent, James Bono, Beibei Cheng, Joaquin Lozano, Microsoft Corporation. October 2025.

The post Agents built into your workflow: Get Security Copilot with Microsoft 365 E5 appeared first on Microsoft Security Blog.

As agents become ubiquitous, security leaders are asking urgent questions: How do we onboard, manage, and govern these agents? How do we protect the data they access and create? How do we protect them from cyberthreats? How do we monitor them to ensure their trustworthiness, and ensure they are not double agents? And how can we use agents to protect, defend, and respond at the speed of AI?

The answer starts with trust and security has always been, and will always be, the root of trust. In the agentic era, security must be ambient and autonomous, like the AI it protects. It must be woven into and around everything we build—from silicon to operating systems, to agents, apps, data, platforms, and clouds—and throughout everything we do. This is our vision for security, where security becomes the core primitive.

At Microsoft Ignite 2025, we’re delivering on that vision with solutions that help customers observe, secure, and govern AI agents and apps, protect the platforms and clouds they are built on, and put agentic AI to work for security and IT teams. We are announcing new innovations across Microsoft Defender, Microsoft Entra, Microsoft Intune, Microsoft Purview, and Microsoft Sentinel—solutions used by more than 1.5 million customers today—to help customers secure every layer of the AI stack with industry-leading offerings.^1,2

Securing AI agents and apps

Let’s start with the first layer of that stack: the AI agents and apps that are helping us across our work, and how we are securing them end to end.

Microsoft Agent 365

Today we announced Microsoft Agent 365, the control plane for AI agents. Agent 365 brings observability at every level of the AI stack. Whether you create agents with Microsoft tools, open-source frameworks, or third-party platforms, Agent 365 helps you observe, manage, secure, and govern them. Security teams can now address agent sprawl, detect shadow agents, and protect agents comprehensively.

Agent 365 capabilities include:

• Registry: With Microsoft Entra registry, IT leaders get the complete inventory of all agents that are being used in their organization, including agents with Microsoft Entra Agent ID, agents that they decide to register themselves, and—coming soon—shadow agents. The registry also allows IT admins to quarantine unsanctioned agents to help ensure that they cannot be discovered by users or connect to other agents and organizational resources.

• Access control: With Agent Policy Templates, customers can enforce standard security policies from day one. As agents integrate into organizational workflows, Microsoft Entra enforces adaptive access policies that respond to real-time context and risk, and blocks agents that may have been compromised from accessing organization resources.

• Visualization: A unified dashboard and advanced analytics provide a complete map of connections among agents and users, other agents, and resources in your organization. Role-based reporting with tailored metrics and analytics helps IT, security, and business leaders see what matters most, right in their flow of work.

• Interop: Agents don’t just automate tasks for users, they amplify the work. With Work IQ, agents help accelerate time to value by accessing your organization’s unique data and context. Integrated with Microsoft 365 apps such as Outlook, Word, and Excel, agents take actions, build content, and collaborate seamlessly alongside users. Agent 365 works across Microsoft platforms, open-source frameworks and partner ecosystems.

• Security: Security is non-negotiable which is why Agent 365 uses Microsoft Defender, Microsoft Entra, and Microsoft Purview to deliver comprehensive protection from external and internal threats. Security leaders can proactively assess posture and risk, detect vulnerabilities and misconfigurations, protect against AI cyberattacks such as prompt injections, prevent agents from processing or leaking sensitive data, identify risky behaviors, and give organizations the ability to audit agent interactions, assess compliance readiness, policy violations, and recommend controls for evolving regulatory requirements.

Microsoft Foundry Control Plane

We announced Foundry Control Plane, a new experience in Microsoft Foundry, which makes it easier for developers to build, manage, and secure agent fleets at scale. Microsoft Defender, Microsoft Entra, and Microsoft Purview capabilities are natively integrated into Foundry Control Plane, so developers and security teams can share unified security controls, policies, and real-time risk insights, ensuring that agents and apps are protected from code development to runtime. Developers can also use Foundry Control Plane to publish agents directly to Agent 365 for IT enablement and activation, ensuring the same shared security foundations.

Microsoft Security Dashboard for AI

As AI adoption accelerates, the need for unified visibility into the security posture, risks, and regulatory compliance of their AI agents, apps, and platforms becomes more important than ever for security teams. The Security Dashboard for AI, announced today, centralizes discovery, protection, and governance by aggregating signals from Microsoft Defender, Microsoft Entra, and Microsoft Purview. This helps chief information security officers (CISOs) and AI risk leaders to manage security posture and mitigate risks across their entire AI estate. For example, you can see your full AI inventory and get visibility into a quarantined agent, flagged for high data risk due to oversharing sensitive information in Microsoft Purview. The dashboard then correlates that signal with identity insights from Microsoft Entra and threat protection alerts from Microsoft Defender to provide a complete picture of exposure.

Microsoft Purview expansion for Microsoft 365 Copilot

Microsoft Purview expanded data security and compliance controls for Microsoft 365 Copilot to include comprehensive data oversharing reports within the Microsoft 365 admin center, automated bulk remediation of overshared links, and data loss prevention for Microsoft 365 Copilot and chat prompts. Organizations can also benefit from automated deletion schedules for Microsoft Teams transcripts containing sensitive data, and enhanced controls to exclude processing of sensitive files in government cloud environments. These capabilities empower security and compliance teams to rapidly detect, protect, and remediate data risks in real time, and at scale.

All of these new solutions add to existing tools that help you secure and govern your AI estate.

Securing platforms and clouds

Now let’s look at the second layer of the stack: the platforms and clouds your agents and AI apps run on, and the innovations we announced to protect them.

Microsoft Defender and GitHub Advanced Security

Developers are under pressure to deliver rapid innovation while security teams are inundated with alerts and growing risk. New integration between Microsoft Defender and GitHub Advanced Security helps developers and security teams work together to secure code and infrastructure, using familiar tools. Security can recommend that developers address vulnerable code and developers can remediate with Copilot Autofix. Security can then validate fixes in Microsoft Defender, closing the loop and accelerating the “shift left” approach to security.

Microsoft Baseline Security Mode

As cyberattackers increasingly use AI to exploit legacy configurations, Baseline Security Mode, now generally available, uses Microsoft-recommended settings to help mitigate legacy risks and improve cloud security posture. A guided admin experience helps to identify potential gaps, simulate changes with “What If” analysis, and deploy broad protections designed to minimize disruption to business-critical workflows. It helps support compliance and audit readiness, provides greater visibility through built-in dashboards and telemetry, and promotes predictability with major updates approximately every six to 12 months.

Microsoft Intune and Windows Security

Windows, built to harness AI and the cloud, helps employees be more productive while you remain secure and in control. Support for post-quantum cryptography helps future-proof your organization against emerging cyberthreats while hardware-accelerated BitLocker protects data without performance trade-offs. And with the Windows Resilience Initiative, we’re making recovery faster and more reliable so when issues occur, you can return to business quickly.

Managing Windows at scale just got easier—and more secure—with new capabilities in Microsoft Intune. These enhancements give IT and security leaders the confidence to embrace AI while minimizing risk. Phased deployments simplify AI rollouts by reducing risk and validating security before scaling, ensuring smooth adoption without disruption. Recovery is faster and more reliable, transforming manual, device-by-device fixes into remote management of the Windows Recovery Environment at scale, with hardware-bound certificates guaranteeing every action is authenticated and authorized. Maintenance windows provide precise control over update timing for operating systems, drivers, and firmware, helping organizations maintain patch compliance while minimizing disruption and keeping productivity high.

Securing with agentic AI

To defend in the agentic age, we need agentic defense. This starts with having an agentic platform and security agents built into the flow of work. Microsoft Sentinel has evolved from its traditional role as a cloud security information and event management (SIEM) to an agentic security platform, powering Microsoft Security Copilot agents and new predictive protection in Microsoft Defender.

Agents built into your everyday flow of work with Security Copilot

With more than four million open roles in cybersecurity, it’s clear: human-scale defense alone cannot secure our digital future.³ The answer? Empowering every security professional with intelligent agents—AI partners that amplify human expertise and transform the very fabric of organizational security.

At Microsoft Ignite, we are introducing a dozen new and enhanced Microsoft Security Copilot agents, available in Microsoft Defender, Microsoft Entra, Microsoft Intune, and Microsoft Purview, to empower security teams to shift from reactive responses to proactive strategies and help transform every aspect of organizational security.

These adaptive agents run side by side with security teams to triage incidents, optimize conditional access policies, surface threat intelligence, and maintain secure, compliant endpoints more easily. Our partner community also released more than 30 new Security Copilot agents, extending protection end-to-end.

To make it easier than ever for organizations to harness the power of Security Copilot agents to protect at the speed and scale of AI, we are thrilled to announce that Security Copilot will be included for all Microsoft 365 E5 customers.* The rollout starts today for Security Copilot customers with Microsoft 365 E5 and continues for all Microsoft 365 E5 customers in the upcoming months.

Predictive shielding with Microsoft Defender

Cyberattackers are using AI to increase the speed and scale of attacks, unleashing a barrage on defenders. Defender predictive shielding goes beyond automated cyberattack disruption and introduces a new capability that can anticipate cyberattacker movement and proactively harden attack pathways to protect critical assets. It forecasts likely attacker pivots using graph insights and threat intelligence from the 100 trillion signals Microsoft analyzes daily. Then, it applies targeted, just-in-time hardening actions to block exploitation of adjacent resources. This strategic and coordinated response minimizes business disruption and gives security teams a powerful advantage over increasingly sophisticated cyberthreats.

Securing with a new suite of expert-led services

To help organizations easily access security expertise, we’re introducing the Microsoft Defender Experts Suite, a new offering that brings together human-led, AI-powered managed extended detection and response, end-to-end proactive incident response services, and direct access to designated Microsoft security advisors. The expert-led services will help you defend against cyberthreats, build cyber resilience, and transform your security operations. Defender Experts Suite will be available early 2026 to help you accelerate security outcomes. We are also announcing that Microsoft is now an approved incident response partner of Beazley, a specialist insurer. The collaboration will provide Microsoft customers with a streamlined claims process and faster action following a cyber event.

Security is the core primitive

In the agentic AI era, digital trust is paramount: security, safety, ethics, and privacy will underpin progress, and security has been, and always will be, the root of trust. This is why we prioritize security above all else through the Microsoft Secure Future Initiative—an ongoing effort to improve security for Microsoft, our customers, and the ecosystem. It is also why we believe security must be ambient and autonomous, woven into and around everything we build—from silicon to operating systems, to agents, apps, data, platforms, and clouds—and throughout everything we do. This is our vision for security as the core primitive.

Security in the agentic era:

The core primitive

Envision a future where defenders and AI agents work together. Hear Charlie Bell and Vasu Jakkal share how leading organizations are securing AI innovation at scale—plus get demos and actionable steps.

Watch now

We are excited to connect with you, the defenders, at Ignite to explore these innovations and more throughout the week. And we look forward to working together to build a safer future for all.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security Blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

* Eligible Microsoft 365 E5 customers will have 400 Security Compute Units (SCUs) per month for every 1,000 user licenses, up to 10,000 SCUs per month. This included capacity is expected to support typical scenarios. Customers will have an option to pay for scaling beyond the allocated amount at a future date with $6 per SCU on a pay-as-you-go basis, and will get a 30-day advanced notification when this option is available. Learn more.

¹ Microsoft is a recognized leader in cybersecurity, Microsoft Security. 2025.

² Microsoft FY25 Fourth Quarter Earnings Conference Call, Jonathan Neilson, Satya Nadella, Amy Hood. July 30, 2025

³ Bridging the Cyber Skills Gap, World Economic Forum. 2025.

The post ​​Ambient and autonomous security for the agentic era​​  appeared first on Microsoft Security Blog.

While AI supports growth and innovation, it is also reshaping how organizations address faster, more adaptive security risks. AI-driven security threats, including “vibe-hacking”, are evolving faster than traditional defenses can adapt. Attackers can now combine reinforcement learning (RL) with LLM capabilities in code generation, tool use, and multi-step reasoning to create agents that act as autonomous, adaptive cyber weapons. These agents can mutate attacks and bypass defenses in real time—outpacing human response teams.   

Traditional security tools, built on static rules and signatures, are quickly becoming obsolete. To stay protected, enterprises need to adopt AI-powered cybersecurity systems that learn, anticipate, and respond as intelligently as attackers. This is where Adversarial Learning, a critical new frontier in security, comes in. By continuously training attack and defense models together, we can build an autonomic defense system against weaponized AI. However, achieving real-time security requires scaling transformer-based architectures and optimizing them for ultra-low-latency inference at massive scale.  

This post highlights how Microsoft and NVIDIA are transforming adversarial learning research into real-time, production-grade cyber defense—leveraging GPU-accelerated computing to deliver scalable, adaptive protection.  

Strategic Collaboration: Building Real-Time Threat Detection   

Once trained, deploying transformer models for live traffic analysis demands an inference engine that can match the volume and velocity of production workloads—without compromising detection accuracy. Through joint engineering efforts, Microsoft and NVIDIA achieved breakthrough performance by transitioning from CPU to GPU compute:   

This end-to-end latency, which includes network latency, demonstrates the viability of deploying adversarial learning at an enterprise scale.  

Microsoft’s Contributions: Adversarial Learning, Model Training & Optimization  

To achieve high detection accuracy on adversarial traffic, Microsoft researchers trained and optimized transformer-based classifiers to detect malicious payloads.  

Key innovations included:  

• Adversarial learning pipeline  

• Model distillation and architecture  

• Security-specific input segmentation that enabled NVIDIA to develop parallel tokenization  

These enhancements laid the foundation for high-precision detection and enabling AI models which can generalize across diverse attack variants.  

NVIDIA Contributions: Accelerating Inference at Scale  

Beyond baseline GPU acceleration, two NVIDIA innovations were critical to achieving real-time latency targets:   

1. Optimized GPU Classifier (NVIDIA Triton + TensorRT):  

NVIDIA engineered a custom TensorRT implementation of Microsoft’s classifier, fusing key operations into a single CUDA kernel to minimize memory traffic and launch overhead.  In particular, normalization operations were automatically fused into kernels of preceding operations by TensorRT, while custom CUDA kernels were developed to optimize both sliding window attention and dense layer activation functions. All custom kernels were then compiled together into a TensorRT engine and served via the Triton-TensorRT C++ backend to minimize host overhead.    

Overall, the NVIDIA solution led to significant performance boosts compared to standard GPU solutions, reducing forward-pass latency from 9.45 ms to 3.39 ms. This represented a 2.8× speedup and contributed 6.06 ms of the total 10.13 ms end-to-end latency reduction reported in the performance breakdown above.   

2. Domain-Specific Tokenization  

After optimizing the threat-detection classifier, the data pre-processing pipeline emerged as the next major performance bottleneck. Traditional tokenization techniques often fall short when it comes to leveraging parallelism within a sequence. While whitespace-based segmentation may suffice for conventional content like articles or documentation, it proves inadequate for densely packed request strings. These strings, common in security-sensitive environments, resist balanced segmentation, leading to inefficiencies in downstream processing.   
   
To address the challenges of processing dense machine-generated payloads, NVIDIA engineered a domain-specific tokenizer optimized for low-latency environments. By integrating segmentation points developed by Microsoft, tailored to the structural nuances of machine data, the tokenizer unlocked finer-grained parallelism, delivering a 3.5× reduction in tokenization latency. These cumulative engineering breakthroughs will enable Microsoft to deploy a high-performance threat-detection classifier capable of efficiently handling a wide range of sequence lengths in real-time.  

Inference Stack:   

• Serving: NVIDIA Triton Inference Server  

• Model: NVIDIA TensorRT implementation of Microsoft’s threat classifier   

• Tokenizer: Custom tokenizer optimized for security data  

Custom CUDA Kernels:   

• Embedding + LayerNorm  

• Residual Add + LayerNorm  

• GeGLU activation  

• Bidirectional sliding window flash attention  

Real-World Impact   

Speed: Real-time classification enables truly inline adversarial detection for production traffic, without introducing queueing delays.  

Scale: Sustained GPU throughput (> 130 req/s on H100); supports high-traffic endpoints and bursty workloads.   

Accuracy: >95% detection accuracy on representative adversarial inputs provides robust coverage against rapidly evolving attack variants.   

What’s Next   

The roadmap and deep engineering collaboration continues to push the boundaries of real-time threat-detection. Future efforts will explore advanced model architectures for adversarial robustness and advanced acceleration techniques such as quantization. The next phase will significantly broaden the impact of adversarial learning in practical cybersecurity applications. By training models on malicious patterns, we’re equipping them to manage higher traffic volumes and increasingly intricate payloads—while maintaining strict latency constraints. These innovations collectively lay the foundation for faster, more robust defenses that can keep pace with the escalating scale and complexity of today’s AI-driven cyber threats.  

To learn more about this research, join us at the Security Preday event on Monday, November 17 starting at 1 pm Pacific or at the NVIDIA booth on Thursday, November 20 at 10:35 am Pacific.  Please visit the Ignite event Website https://ignite.microsoft.com/en-US/home for details on how to register. 
 

Special thanks to key contributors to this research: Sami Ait Ouahmane (Microsoft), Rachel Allen (NVIDIA), Mohit Ayani (NVIDIA), Francis Beckert (Microsoft), Nora Hajjar (Microsoft), Rakib Hasan (NVIDIA), Yingqi Liu (Microsoft), Navid Nobakht (Microsoft), Rohan Varma (NVIDIA), and Bryan Xia (Microsoft)  

The post Collaborative research by Microsoft and NVIDIA on real-time immunity appeared first on Microsoft Security Blog.

Join us, in San Francisco from November 17–21, 2025—or online from November 18–20, 2025—as we spotlight our AI-first, end-to-end security platform designed to protect identities, devices, data, applications, clouds, infrastructure, and—critically—AI systems and agents.

Why security professionals should attend Microsoft Ignite: 

• Learn from experts and peers: Hear from industry leaders, security executives, and customers about security innovations, trends and real-world results. 
• Explore cutting-edge solutions: Dive into cloud, AI, and security tools through in-depth sessions, hands-on labs, and solution showcases. 
• Grow your skills and credentials: Take certification exams and test our latest security solutions with guidance from experts. (One free exam included with conference registration). 
• Connect and collaborate: Network with security experts, partners, and peers at community spaces, evening events, and one-on-one meetings.
• Focus on your specialty: Attend targeted presentations and sessions designed for security professionals and other roles. 

Explore the security sessions at Microsoft Ignite 2025

Discover sessions tailored for security pros. Filter by topic, format, and role to plan your Microsoft Ignite experience.

Explore the catalog

Make the most of your time at Microsoft Ignite

Whether you’re joining Microsoft Ignite in person or online, you’ll have access to a full slate of experiences designed to help you connect, learn, and grow as a security professional. Explore what’s in store below. 

• Keynote: The Ignite keynote will include a dedicated security segment featuring Vasu Jakkal, Corporate Vice President (CVP) of Microsoft Security Business, and Charlie Bell, Executive Vice President of Microsoft Security. Together, they’ll explore the future of cybersecurity in the age of AI—setting the stage for deeper conversations throughout the event.  
• Start strong at the Security Forum (November 17, 2025): Kick off Microsoft Ignite a day early with the Security Forum, an immersive, in-person event featuring in-depth discussions, interactive roundtables, and fresh insights from Microsoft leaders and industry experts—including Vasu Jakkal, CVP of Microsoft Security Business, and Ann Johnson, CVP and Deputy Chief Information Security Officer (CISO), Customer Security Management Office. Select the Security Forum option during your Microsoft Ignite registration.
• Breakout sessions: Explore the latest security strategies, tools, and trends with expert-led presentations and panel discussions. These sessions are designed to deliver actionable insights and practical solutions for today’s security challenges. If you’re a Microsoft Security partner, be sure to check out the partner-focused security sessions at Microsoft Ignite. 
• Theater sessions: Experience fast-paced, demo-driven talks in the Innovation Hub, where you’ll see real-world applications of Microsoft security technologies and learn advanced techniques to strengthen your security posture. 
• Hands-on labs: Dive into practical, instructor-led labs where you can test drive the newest Microsoft security tools and technologies. These sessions are designed to help you build real-world skills, troubleshoot with experts, and walk away ready to implement what you’ve learned.
• Earn Microsoft Security certifications: Take advantage of onsite certification opportunities to validate your expertise and advance your career. Whether you’re looking to deepen your knowledge or showcase your skills, earning certifications in in Microsoft security products is a powerful way to stand out.
• Networking and community events: Microsoft Ignite is where the security community comes together. Meet peers, Microsoft engineers, and most-valued partners (MVPs) at expert meetups, connection pods, and community theater sessions, including these two exclusive experiences on Tuesday, November 18, 2025:
  • Security Leaders Dinner: Join Microsoft Security executives for an elevated dining experience at the Palace Hotel in San Francisco. Enjoy meaningful conversations and build connections with fellow security leaders over dinner. (Registration required, exclusive to CISOs and Vice Presidents. Request your spot today.)
  • Secure the Night party: Celebrate with fellow security professionals and partners at our signature evening event. Enjoy music, drinks, and entertainment while networking in a relaxed, festive atmosphere. Many thanks to our sponsors and members of the Microsoft Intelligent Security Association (MISA), Ascent Solutions, BlueVoyant, Darktrace, Illumio, Inforcer, LTIMindtree, Security Risk Advisors, and Yubico. (Registration required. Get on the guest list.)
• Microsoft Intelligent Security Association (MISA): Security is a team sport, and we’re excited to be joined by members of MISA at our Expert meet up area where select partners will demo their solutions. MISA will also be hosting a happy hour for members on Wednesday November 19, 2025. Members, secure your spot today!

Below, we break down the three core security themes shaping this year’s experience, along with the sessions you won’t want to miss. See the full sessions catalog.

Modernize your security operations

See how our unified, AI-powered platform brings together the foundational tools security teams use to prevent, detect, respond to, and defend against cyberthreats—all while streamlining operations.

Breakout sessions: Explore the latest in Microsoft Sentinel, Microsoft Defender, and Microsoft Entra—where security is integrated into every layer of your AI stack. Learn how scalable architectures, agentic workflows, and unified controls automate threat response, reshape security operations center (SOC) operations, and protect identities for both humans and AI agents. Expect deep dives into Microsoft Security Copilot agents, AI-powered security, predictive SOC strategies, Zero Trust, compliance, and integrated security foundations—all led by our top security experts.

Theater sessions: Get fast-paced, demo-driven insights in the Innovation Hub. See how to eliminate passwords with phishing-resistant passkeys, build custom Security Copilot agents, and stop ransomware before it starts. Learn advanced automation and hunting techniques with Microsoft Sentinel.

Hands-on labs: Turn theory into practice with real-world scenarios. Test drive Microsoft Defender XDR, implement Zero Trust across identities and devices, and integrate Microsoft Purview with Microsoft Defender for enhanced visibility. Instructor-led labs help you build skills, troubleshoot with experts, and leave Microsoft Ignite ready to modernize your SOC.

Protect your cloud and AI

Explore ways to protect your cloud and AI platforms, apps, and agents, from code to runtime, with Microsoft Defender, Microsoft Purview, and Microsoft Entra.

Breakout sessions: Learn how to secure cloud-native and AI workloads with Microsoft Defender for Cloud, implement proactive posture management, and automate threat detection and response. Explore design strategies for securing agentic AI systems across the lifecycle, aligned with the Microsoft Secure Future Initiative, and discover new capabilities for agent visibility, governance, and least-privilege access.

Theater sessions: Get practical guidance on strengthening your Microsoft Azure security posture, aligning AI innovation with compliance using Microsoft Purview, and enabling secure SAP access with Microsoft Entra ID Governance. See how Microsoft’s unified platform defends cloud environments, applications, and data—integrating Zero Trust, compliance, and threat intelligence across every layer.

Hands-on labs: Gain real-world experience mitigating threats with Defender for Cloud, maximizing Cloud Security Posture Management (CSPM), and safeguarding AI agents across their lifecycle. These instructor-led labs help you build practical skills in cloud and AI security, ensuring you’re ready to protect what matters most as your organization innovates.

Secure your data

Simplify investigations, address insider risks, and protect sensitive data—across clouds, devices, AI apps, and agents—to meet the challenges of tomorrow.

Breakout sessions: Discover how Microsoft Purview delivers layered data protection to prevent exfiltration, secures data wherever it lives, and integrates across Microsoft 365, Microsoft Azure, Windows, and Microsoft Fabric. Learn best practices for classification, labeling, and data loss prevention (DLP), scale investigations with AI-powered Data Security Investigations, and enable secure Microsoft Copilot adoption with safeguards to prevent data loss and insider risks.

Theater sessions: See how Microsoft Purview Compliance Manager unifies compliance, security, and AI readiness, and how to leverage existing security investments for comprehensive data protection. Explore how Microsoft Purview Data Security Posture Management delivers actionable insights to strengthen your data security posture.

Hands-on labs: Get practical experience creating and managing sensitive information types and labels, implementing insider risk management and adaptive protection, and configuring DLP policies across Microsoft 365. These labs equip you with real-world skills to secure data and meet tomorrow’s challenges.

Don’t miss your chance to be part of Microsoft Ignite. Register today to secure your spot, connect with the global security community, and get hands-on with the latest innovations. Join us in San Francisco or online—your journey to stronger security starts here. Conference passes are limited—use RSVP code ATXTJ77W to secure your spot. Once capacity is reached, we will no longer be able to accept registrations. Your RSVP code expires October 20—register today.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Securing agentic AI: Your guide to the Microsoft Ignite sessions catalog appeared first on Microsoft Security Blog.

AI innovation is transforming every industry, business process, and individual experience. As organizations adopt AI, one truth remains constant:

Your AI is only as good as your data

If poor quality, incomplete, biased, or sensitive data is fed into AI models, the results will be equally flawed, leading to sensitive data leaks and inaccurate predictions—both of which create potentially harmful outcomes and erode trust. High quality, governed, and secured data enables AI systems to deliver reliable insights and instill confidence in data usage and AI usage. Consider a team building an AI-powered customer service app. Without trustworthy data, the AI could give incorrect answers or expose sensitive information. In fact, about 99% of organizations have already experienced sensitive data exposure through AI tools, underscoring the urgent need for robust safeguards.¹ Compounding this challenge, many companies address data security and governance in silos, using separate point solutions for each, and different tools across cloud platforms, which makes it harder to ensure data discovery, quality, and protection consistently.

As organizations prepare for an AI future, they require a comprehensive approach that solves both security and governance together. Microsoft Purview offers a modern, unified approach to help organizations secure and govern data across their heterogenous data estate. Purview consolidates security, governance, and compliance into a single solution. Purview also bridges different tools across different data sources like Microsoft Azure, Microsoft 365, and Microsoft Fabric, streamlining oversight and reducing complexity across the estate.

At FabCon Vienna, we are announcing new Microsoft Purview innovations for Fabric to help you seamlessly secure and confidently activate your data for AI. These updates span data security and data governance, allowing Fabric users to both

1. Discover risks and protect data in Fabric
2. Improve data discovery and quality across their Fabric estate

Discover risks and protect data

In today’s AI-powered world, data is both a powerful asset and a growing risk. Microsoft Purview helps organizations protect their data holistically by integrating Information Protection, Data Loss Prevention, Insider Risk Management, and Data Security Posture Management for AI. These tools work together to classify and secure sensitive data, prevent leaks, detect insider threats, and uncover AI-related risks. Paired with Microsoft Fabric, Purview builds upon existing data security such as OneLake Security while enabling innovation. Here are a few examples how Purview secures your Fabric estate:

Microsoft Purview Information Protection policies for Fabric items and Data Loss Prevention for structured data in OneLake

Now generally available, Microsoft Purview Information Protection policies allow Fabric users to manually label Fabric items, with access controls automatically enforced according to pre-defined protection policies set by administrators. Data Loss Prevention policies on structured data in OneLake is also now generally available, preventing data oversharing in Fabric through policy tip triggering when sensitive data is detected in assets. 

Microsoft Purview Insider Risk Management indicators for Power BI

Microsoft Purview Insider Risk Management is now generally available for Microsoft Fabric and extends its detection capabilities to Fabric by introducing built-in risk indicators for user activities in Power BI, such as viewing, downloading, exporting, and managing sensitivity labels for Power BI artifacts. These indicators can be applied directly to data theft and data leak policies, giving organizations stronger signals to spot suspicious behavior. By correlating signals across different activities, Insider Risk Management helps uncover potential insider threats such as intellectual property theft, unauthorized data sharing, or policy violations in Fabric.

Microsoft Purview Data Risk Assessments for Fabric

Within Purview’s Data Security Posture Management for AI, Data Risk Assessments will now support discovering overshared Fabric data (dashboards, reports, and more) in preview. Fabric customers will benefit from Data Risk Assessments by easily identifying what data is most at risk of leakage within Fabric. A default assessment will be created to identify overshared Fabric data in the top 100 accessed Fabric workspaces.

Microsoft Purview Data Security and Compliance controls for Copilot in Power BI

Microsoft Purview Data Security and Compliance controls for Copilot in Power BI are now generally available for Fabric users. Users can discover data risks, such as sensitive information in Copilot in Power BI’s prompts and responses, with actionable recommendations surfaced in Microsoft Purview Data Security Posture Management for AI reports. Users can also govern Copilot interactions using audit, eDiscovery, retention policies, and identifying non-compliant usage to support responsible AI usage.

Now that we’ve covered how Purview helps secure Fabric data, the next focus is to ensure that Fabric users can use that data.

Improve data discovery and quality across their Fabric estate

Once an organization’s data is well-protected, the next challenge is making sure Fabric data consumers can find and trust the data for AI and analytics projects. This is where the Microsoft Purview Unified Catalog comes in, as a foundation for data discovery, quality, and curation across your Fabric environment. The Unified Catalog acts as a lever for data activation: it brings together powerful tools to improve data visibility and quality so that your analysts, data scientists, and AI models can easily locate the right data and use it with confidence. Estate-wide data discovery provides a holistic view of your data landscape, so data is not underutilized. Data quality tools empower teams to measure, monitor, and remediate issues in your data such as incomplete rows and columns and redundant data so business decisions are made with confidence based on the accuracy and reliability of the data. Paired with Microsoft Fabric, Purview builds upon existing data governance capabilities in Fabric such as the OneLake catalog while enabling innovation. Here are a few examples of how:

Sub item metadata in Fabric Lakehouse for comprehensive visibility of your Fabric estate

In preview, Fabric data consumers can now view metadata at the table, column, and file level in Purview, ensuring each artifact is recorded at its most granular detail for in-depth data discovery.

Defining custom attributes for business concepts using language your data consumers will understand

In the Unified Catalog, you can define and apply custom attributes to your data assets, which fosters better organization and utilization of your data. Now in preview, custom attributes provide data practitioners with the ability to apply specific attributes to business concepts such as glossary terms, critical data elements and data products. For a Fabric customer, this ensures that data is easier to understand and is more discoverable for usage of data workloads and AI use cases.

Published error records in Fabric for analysis and remediation of data quality issues

Now in preview, Fabric users can identify the root causes of data quality errors directly where they work in Fabric OneLake, providing Fabric data consumers with a one stop shop for remediation of data for its use in analytics and AI.

These governance enhancements empower teams to use data with confidence. A protected dataset isn’t very useful if users neither know it exists nor if they don’t trust its accuracy. Unified Catalog ensures that data assets are more discoverable and trustworthy for Fabric users

Looking forward

As organizations embrace the transformative power of AI, the need for robust data security and governance has never been greater. Microsoft Purview and Microsoft Fabric provide a unified foundation that empowers organizations to innovate confidently, knowing their data is protected, governed, and ready for responsible AI activation. We are committed to helping you stay ahead of evolving challenges and opportunities and invite you to explore these new capabilities. Join us on the journey toward a more secure, governed, and innovative data future.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity. 

¹ Businesstechweekly.com, 99% of Organizations Expose Sensitive Data: The Security Risks of Uncontrolled AI Tools, May 28, 2025.

The post Microsoft Purview innovations for your Fabric data: Unify data security and governance for the AI era appeared first on Microsoft Security Blog.

At Microsoft Ignite 2025, we will showcase end-to-end security innovations and share world-class threat and regulatory intelligence to give you the advantage you need to safely adopt AI and face the rapidly changing threat landscape. Register today using RSVP code ATXTJ77W to secure your spot and join us November 17-21, 2025, in San Francisco, California—or online November 18-21, 2025—for a week of immersive learning, hands-on experiences, and strategic insights tailored for security leaders, practitioners, and innovators.

Why attend? Because security can’t wait

The security community comes together at Microsoft Ignite to explore the latest innovations, share real-world insights, and connect with peers and industry leaders, including Charlie Bell, Executive Vice President, Microsoft Security, and Vasu Jakkal, Corporate Vice President, Microsoft Security Business. Whether you’re a chief information security officer (CISO), security operations (SecOps) lead, identity architect, or cloud security engineer, this year’s event is designed to help you:

• Accelerate secure AI adoption with ready-to-go security and governance tools.
• Modernize your SecOps with an AI-first, end-to-end security platform.
• Protect your data, identities, and infrastructure across clouds, devices, and applications.
• Stay ahead of cyberthreats with world-class threat intelligence and regulatory insights.

From the Microsoft Security Forum to hands-on labs and certification opportunities, here’s what you can expect.

Microsoft Security Forum (Monday, November 17, 2025)

Kick off Microsoft Ignite a day early with a half-day pre-conference forum dedicated to security. Hear from Microsoft leaders, industry experts, and peers as they unpack the latest threat intelligence, secure AI strategies, and real-world insights. Join us for presentations, demos, and roundtable discussions, and gain actionable insights to lead confidently in the era of AI-powered security. Space is limited—register early to secure your spot!

Security is a team sport—and Microsoft Ignite is your chance to connect with the best in the business. There will be multiple community events throughout the week. Don’t miss the Secure the Night party—our signature celebration with customers and partners on Tuesday, November 18, 2025. Register here (please note, the party requires a separate registration from the main conference).

Connect with the Security Community at Microsoft Ignite 2025

Join Microsoft Security leaders on Tuesday, November 18, 2025, at the Palace Hotel in San Francisco for an evening of good food and great conversation. Network with peers from across the industry, share ideas, and build new connections. After dinner, join us for Secure the Night—a casual evening of music, drinks, and continued networking. Request your spot today.

One-on-one meetings

Schedule time with Microsoft Security leaders and experts to discuss your most pressing questions.

Hands-on labs and demos

Get under the hood of Microsoft’s latest security innovations. Explore live demos and participate in hands-on labs featuring:

Certifications and career growth

Advance your career with Microsoft Security certifications. Whether you’re looking to validate your skills or expand your expertise, Microsoft Ignite offers multiple opportunities to get certified on-site.

Register now

The future of security is being written today—and you have a front-row seat. Meet the experts, see the tech, and learn how you can accelerate your AI adoption. We look forward to seeing you there!

Microsoft Ignite 2025

Join us in San Francisco or online for a week of immersive learning, hands-on experiences, and strategic insights. Register now.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Connect with the security community at Microsoft Ignite 2025 appeared first on Microsoft Security Blog.