Secure agentic AI end-to-end

2026-03-20 · Source: The Microsoft Cloud Blog · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Cloud Computing & IT Infrastructure · Depth: Intermediate, long

Summary

Microsoft Security is introducing a suite of new capabilities at RSAC 2026 designed to secure agentic AI, foundational systems, and defense operations. These innovations address the rapid adoption of AI agents by 80% of Fortune 500 companies and the rise of AI-powered cyberattacks. Key releases include Agent 365, generally available May 1, which provides a control plane for observing, securing, and governing agents at scale. New features also enhance visibility into AI risks with a Security Dashboard for AI and Entra Internet Access Shadow AI Detection. Identity security is bolstered with Entra Backup and Recovery, Tenant Governance, and passkey capabilities. Data protection is expanded with Purview data loss prevention for Microsoft 365 Copilot, and threat defense includes Entra Internet Access prompt injection protection and enhanced Defender for Cloud container security. Microsoft is also expanding Sentinel as an agentic defense platform and integrating Security Copilot with new specialized agents.

Key takeaway

For CIOs and CISOs grappling with agentic AI security, your strategy must integrate security across the entire AI stack, from data ingestion to agent behavior. Prioritize adopting comprehensive solutions like Microsoft's Agent 365 and enhanced Defender, Entra, and Purview capabilities to gain visibility, secure identities, protect data, and automate threat response. This proactive, layered approach is crucial to mitigate risks from AI-powered attacks and ensure trusted AI adoption.

Key insights

Securing agentic AI requires ambient, autonomous security woven into every layer of the AI estate.

Principles

• Security is the root of trust in the agentic era.
• Zero Trust principles extend across the full AI lifecycle.

Method

Microsoft's approach involves securing agents, fortifying foundational systems, and enhancing defense capabilities through agentic platforms and human expertise, all underpinned by a Zero Trust architecture for AI.

In practice

• Implement Agent 365 for agent visibility and governance.
• Utilize Entra for continuous adaptive identity access.
• Deploy Purview for data loss prevention in AI workflows.

Topics

• AI Agents
• Cybersecurity
• Zero Trust Architecture
• Data Security
• Identity Security

Best for: CTO, VP of Engineering/Data, Director of AI/ML, AI Security Engineer, Security Engineer, Executive

Related on AIssential

• Securing AI Agents with Zero Trust — Zero Trust principles are essential for securing agentic AI systems against their expanded attack surfaces.
• 85% of enterprises are running AI agents. Only 5% trust them enough to ship. — Establishing a robust trust architecture is critical for scaling AI agent adoption from pilot to production in enterprises.
• Identity Is the New Perimeter: Managing AI Agents As Digital Actors — Identity-first security is crucial for managing autonomous AI agents in distributed digital infrastructures.
• Claude Security’s public beta, OpenAI’s five-point plan and cybersecurity’s Y2K moment — AI and cybersecurity leaders are collaborating on ecosystem-level defenses and new identity frameworks for AI agents.
• The Rise of the Machine Identity: Securing the AI Workforce and AI Agents — AI agents introduce exponential security risks due to their scale, autonomy, and ephemeral nature, demanding new defense strategies.
• Are AI Agents Your Next Security Nightmare? — Autonomous AI agents introduce new security risks by acting independently, necessitating a strategic shift in cybersecurity approaches.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by The Microsoft Cloud Blog.