Microsoft Ignite 2025: Securing Copilot

Written By Nathan Atkins

The security landscape is undergoing a fundamental transformation. As organizations rapidly adopt AI agents and expand their cloud footprint, the attack surface grows more complex by the day. At Microsoft Ignite 2025, Microsoft unveiled a comprehensive vision for security in the age of agentic AI, one that spans the entire application lifecycle, protects autonomous agents, and empowers security teams with AI-powered capabilities.

The Challenge: Security at the Speed of AI

Today's security teams face an unprecedented challenge. They're managing risk across sprawling hybrid and multicloud environments while grappling with the emergence of AI agents that can act autonomously, access sensitive data, and execute tasks without human oversight. Traditional security tools weren't designed for this reality, creating fragmented visibility, siloed workflows, and gaps in protection.

Microsoft's Ignite announcements address these challenges head-on with a unified approach that brings together posture management, threat protection, and governance across the modern digital estatefrom code to runtime, from cloud infrastructure to AI agents.

Defender for Cloud: From Code to Runtime Protection

Microsoft Defender for Cloud is expanding its capabilities to provide comprehensive protection across the entire application lifecycle. The native integration with GitHub Advanced Security represents a significant leap forward in addressing software supply chain attacks.

This integration introduces runtime context as the critical measure for prioritizing security risk. Security teams can now trace vulnerabilities from code to runtime, understanding exactly which issues pose real-world threats to running applications. When a critical vulnerability is discovered, teams can open GitHub issues directly from Defender for Cloud, request remediation through security campaigns, and track status, all while AI-powered Copilot Autofix generates suggested fixes to accelerate resolution.

For organizations embracing serverless architectures, Defender for Cloud is extending posture management to serverless resources including Azure Functions, Azure Web Apps, and AWS Lambda. This preview capability, arriving at the end of November, will help teams identify and visualize risk, analyze serverless attack paths, and continuously monitor for misconfigurations across their serverless estate.

Securing AI Agents: A New Security Paradigm

Perhaps the most significant theme across the Ignite announcements is the comprehensive approach to securing AI agents. As organizations deploy agents across pro-code, low-code, and no-code platforms through Microsoft Agent 365, the security implications are profound.

Unified Posture Management for AI Agents

Microsoft Defender now provides comprehensive visibility, posture management, and threat protection specifically designed for AI agents. This includes:

  • Complete agent inventory across all platforms to reduce shadow agents and agent sprawl

  • Proactive risk reduction through security recommendations and attack path analyses for agentic AI apps

  • Threat detection and response for AI-specific attacks including prompt injections, sensitive data exposure, and malicious tool misuse

What sets this approach apart is the build-to-runtime methodology and unified protection spanning AI models, agents, SaaS apps, and cloud infrastructure.

Microsoft Entra Agent ID: Identity for the Agentic Era

Microsoft Entra is introducing Agent ID, an enterprise-grade solution for managing and protecting AI agent identities. Now in preview through Microsoft Agent 365, Agent ID enables organizations to:

  • Register and manage agents through a complete fleet inventory

  • Govern agent identities with lifecycle management and IT-defined guardrails

  • Protect agent access with conditional access policies and traffic inspection

Agents developed in Microsoft Copilot Studio, Microsoft Foundry, and Security Copilot will have built-in Entra Agent ID features at preview. Developers can adopt Agent ID for custom agents through the Microsoft Agent Framework, Agent 365 SDK, or Agent ID SDK.

Data Protection for Autonomous Agents

Microsoft Purview is extending its industry-leading data security and compliance capabilities to protect all agents. Key capabilities include:

  • Agent observability and posture management through Data Security Posture Management (DSPM), providing inventory and risk assessment for all agents including third-party solutions

  • Inherited protection policies allowing agents to automatically inherit the same DLP, information protection, and compliance policies as users

  • Insider Risk Management for Agents with dedicated indicators and behavioral analytics to flag risky agent activities

  • Extended governance through Communication Compliance, Data Lifecycle Management, Audit, and eDiscovery tools

These capabilities ensure that as agents gain autonomy and access to sensitive data, they remain governed, auditable, and aligned with organizational security policies.

Empowering Security Teams with AI Agents

While securing AI agents is critical, Microsoft is also empowering security teams with their own AI-powered agents to automate high-volume tasks and accelerate response times.

Twelve new Security Copilot agents are now available in preview across Microsoft Defender, Entra, Intune, and Purview. These agents are embedded directly into workflows where security teams work:

For SOC Teams:

  • Automated alert triage and prioritization

  • Natural-language threat hunting through the new Threat-Hunting Agent

  • Dynamic threat detection to close visibility gaps

For Identity Teams:

  • Conditional Access Optimization Agent to ensure the right protections for the right users

  • Identity Risk Management Agent for investigating and remediating risky users

  • App Lifecycle Management Agent for automated app discovery, onboarding, and monitoring

  • Access Review Agent for streamlining permission reviews

For Data Security Teams:

  • Data Security Posture Agent for discovering sensitive content and assessing posture gaps

  • Data Security Alert Triage Agent for prioritizing and remediating critical alerts

For IT Teams:

  • Change Review Agent for analyzing change requests and checking for risks

  • Policy Configuration Agent for accelerating policy creation from natural language

  • Device Offboarding Agent for identifying and removing devices that should be offboarded

To accelerate adoption, Security Copilot will be available to all Microsoft 365 E5 customers, with rollout beginning immediately for Frontier Security Copilot customers.

Microsoft Defender: Proactive Defense and Unified Visibility

Microsoft Defender is introducing several innovations that shift security from reactive to proactive:

Predictive Shielding

As part of automatic attack disruption, Predictive Shielding anticipates attacker movement and proactively hardens pathways to critical assets. Once a compromised asset is contained, the system uses threat intelligence and graph insights to forecast where attackers are likely to pivot and applies targeted, just-in-time hardening actions. This coordinated response reduces tens of thousands of potential attack paths to just a handful.

Third-Party Attack Disruption

Automatic attack disruption is expanding beyond Microsoft solutions to include AWS, Proofpoint, and Okta when signals are ingested via Microsoft Sentinel. This enables real-time detection and containment of threats like phishing and identity compromise across federated accounts and cloud boundaries.

Unified Cloud Security

Unified security posture management, now in preview for existing Defender for Cloud customers, deeply integrates MDC into the Defender portal. This native integration eliminates silos with:

  • A cloud security dashboard bringing together posture management and threat protection

  • Unified cloud posture capabilities within Exposure Management

  • Centralized asset inventory across Azure, AWS, and Google Cloud Platform

  • Granular role-based access control to reduce operational risk

Microsoft Intune: AI-Powered Endpoint Management

Microsoft Intune is introducing capabilities that help IT teams secure, manage, and recover endpoints more efficiently:

  • Remote Windows recovery at scale, an industry first, enabling IT admins to recover Windows devices remotely even if the device can't boot or the user isn't present

  • Admin tasks providing a centralized, prioritized task list for vulnerability remediation

  • Maintenance windows for scheduling and orchestrating updates (preview expected January 2026)

  • Enhanced Copilot support unlocking Autopilot, Endpoint Privilege Management, and Advanced Analytics data for natural language exploration

Microsoft Purview: AI-Powered Data Security at Scale

Beyond agent protection, Microsoft Purview is introducing significant enhancements to address persistent data security challenges:

Enhanced Data Security Posture Management

The new centralized, AI-powered DSPM experience combines the depth of Microsoft Purview visibility with the breadth of external signals and agentic activities, all powered by Security Copilot. This provides a strong, proactive approach to data security posture management.

DLP for Microsoft 365 Copilot

Real-time DLP control for Microsoft 365 Copilot will prevent the service from returning responses when prompts contain sensitive data. It will also prevent agents from using that sensitive data for grounding in Microsoft 365 and the web, helping organizations mitigate data leakage and oversharing risks.

Microsoft Entra: Securing Access in the AI Era

Beyond Agent ID, Microsoft Entra is introducing several capabilities to strengthen identity protection:

Enhanced Internet Access Protection

Microsoft Entra Internet Access has new AI-centric capabilities including:

  • Real-time protection against prompt injection attacks across all generative AI apps

  • Expanded visibility into network traffic to uncover unsanctioned AI usage

  • Integration with Microsoft Purview for network file filtering to discover and block sensitive content sent to AI and SaaS apps

Passwordless Authentication Expansion

New features in preview include support for synced passkeys from Apple, Google, and other third-party providers, along with secure self-service account recovery using Verified ID Face Check and government-issued ID.

Security Dashboard for AI: Unified Risk Visibility

For CISOs and AI risk leaders, Microsoft is introducing the Security Dashboard for AI, a unified dashboard in preview that aggregates real-time AI posture and risk insights across Microsoft Security solutions.

This experience enables:

  • Complete discovery and observability by aggregating risk signals from Defender, Purview, and Entra

  • Consolidated AI risk profiles connecting security and data posture insights

  • Accelerated AI risk mitigation with AI-powered recommendations and Security Copilot skills

Microsoft Sentinel: An AI-Ready Platform

Microsoft Sentinel is evolving beyond SIEM into an AI-ready platform with updated capabilities to the data lake, graph, and model complex protocol (MCP) server. These updates expand use cases across first- and third-party security scenarios, supporting tasks like creating custom graphs, adding threat intelligence to the data lake, and searching data on the MCP server.

Microsoft Security Store: Discover, Purchase, Deploy

The Microsoft Security Store is now generally available with powerful enhancements:

  • Embedded integration built into Microsoft Defender and Microsoft Entra

  • Expanded catalog with more than 100 third-party solutions including fraud prevention, forensic analysis, and threat intelligence agents

  • Security services with partners now able to list managed detection and response and threat hunting services

The Path Forward: Secure by Design, AI-Powered

The announcements from Microsoft Ignite 2025 paint a clear picture of the security landscape ahead. As organizations embrace AI agents and expand across multicloud environments, security must be:

  1. Unified: Breaking down silos between posture management, threat protection, and governance

  2. Proactive: Anticipating attacks and hardening systems before threats materialize

  3. AI-Powered: Leveraging AI agents to automate high-volume tasks and accelerate response

  4. Comprehensive: Protecting from code to runtime, from infrastructure to agents

  5. Governed: Ensuring AI agents operate within organizational policies with full auditability

For security leaders, the message is clear: the tools to secure the age of agentic AI are here. The challenge now is adoption and integrating these capabilities into existing workflows, training teams on new paradigms, and building security programs that can keep pace with the speed of AI innovation.

Taking Action

Organizations looking to leverage these capabilities should consider:

  1. Evaluate your AI agent footprint: Understand where agents are being deployed and the risks they introduce

  2. Pilot Security Copilot agents: Start with high-impact use cases like alert triage or policy optimization

  3. Extend protection to agents: Ensure your DLP, information protection, and compliance policies cover autonomous agents

  4. Unify your security operations: Consolidate visibility across cloud, identity, endpoint, and data security

  5. Invest in training: Prepare your security teams for AI-powered workflows and agent-based threats

The age of agentic AI demands a new approach to security, one that's unified, proactive, and powered by AI itself. Microsoft's Ignite announcements provide the blueprint for building that security foundation.

Nathan Atkins
Previous

Microsoft Ignite 2025: MSP Wrap Up
Next

Microsoft Ignite 2025: The Dawn of Agentic Enterprise Computing