Microsoft Adds Entra Agent ID to Agent 365 and Expands Entra with AI Security Copilot and Network Protections

As Microsoft continues to guide companies towards becoming Frontier Firms, it is ramping up security innovations. Anticipating the growing role of AI agents in the enterprise, the company is updating Entra, its identity and access management solution. Entra’s Agent ID is now a central component of Microsoft’s new Agent 365 platform, and the software maker is introducing four security Copilot agents along with internet access protection for the generative AI era.

All of these are part of a host of announcements Microsoft is making as part of its Ignite conference.

Entra Powering Agent 365

“Agents are already changing how people work, and IDC predicts there will be 1.3 billion agents by 2028,” Jared Spataro, Microsoft’s chief marketing officer for AI at Work, writes in a blog post. “Agent 365 is the control plane for agents, extending the infrastructure you trust to manage your people to agents.”

To power the identification, Microsoft is integrating Entra’s Agent ID, a feature that debuted in May at the company’s Build conference. It provides IT teams with an LDAP-like framework for bots, enabling a Zero-Trust security approach and stronger protection against rogue or unauthorized virtual entities. When enabled, all AI agents can be inventoried, and new agents can be given an identity and governed by organizational policies. Organizations can use Entra Agent ID to restrict the resources that agents have access to, thereby minimizing the risk of breaches or other security concerns.

Currently, all bots developed in Microsoft Copilot Studio, Microsoft Foundry, and Security Copilot will have Entra Agent ID features baked in. Eventually, agents built through the Microsoft Agent Framework, Agent 365 SDK, or Agent ID SDK can adopt this technology.

New Security Agents

Besides this, Microsoft is releasing four AI-powered agents to assist organizations with security monitoring. The company believes that AI is better suited to handling time-intensive and administrative tasks related to identity and access security.

Here are the four new Security Copilot agents:

• Conditional Access Optimization: This agent ensures the proper protections are given to the right user. This includes identifying who the user or agent is (e.g., their role and risk level), where they’re signing in from, what they’re trying to access, and how they’re authenticating. Microsoft says this bot is now generally available, though new features are only in preview.
• Identity Risk Management: This agent utilizes intelligent insights and recommendations to probe and remediate risky users. It could automatically detect anomalies with sign-ins from unfamiliar locations, the use of leaked or stolen credentials, or access by an unusual agent or workload activity. A scoring level might assess each risk, and the evaluation could dictate any response. This is currently in preview.
• App Lifecycle Management: This agent automates discovery, onboarding, monitoring, and remediation of apps. IT teams are doing more than tracking AI agents—they’re responsible for monitoring the apps enterprise workers use. Microsoft is betting that this security agent can take some of the heavy lifting and oversee SaaS tools, internal apps, and shadow IT software (i.e., apps being used without approval) to ensure there are no dangers. This tool is available as a preview.
• Access Review Agent: This last agent streamlines user access and permission reviews by utilizing AI-generated insights to act on recommendations. Microsoft says it’s also in preview.

New Gen AI Network Protection

Microsoft is also enhancing Entra Internet Access, its solution for protecting access to all internet and SaaS applications and resources, using an identity-centric secure web gateway. Available as a preview today are several capabilities to secure generative AI applications:

• Real-time protection of enterprise-sanctioned, unsanctioned, and custom apps from prompt injection attacks.
• Greater visibility into network traffic to unmask unsanctioned AI usage, including from custom apps.
• An integration with Microsoft Purview—the company’s data governance solution, and another component of Agent 365, of network file filtering to discover and block sensitive file content sent to gen AI and SaaS apps.

Lastly, Microsoft is adding new features to Entra’s core, claiming these updates will bolster identity protection and reduce the risk of phishing and impersonation attacks. Available as a preview are support for synced passkeys from Apple, Google, and other third-party providers, improved risk remediation and detection to help admins respond faster, and the introduction of a secure, self-service account recovery option for those to regain access using Verified ID Face Check and a government-issued ID if their device is lost or stolen.

Featured Image: An AI-generated image depicting a lock in cyberspace. Credit: Adobe Firefly