The Alert Triage Agents in Microsoft Purview prioritize data loss prevention and insider risk incidents, while the Conditional Access Optimization Agent in Microsoft Entra identifies security gaps in identity protection policies. Additional Microsoft agents include the Vulnerability Remediation Agent in Microsoft Intune, which prioritizes and expedites patch management, and the Threat Intelligence Briefing Agent, which curates relevant threat data based on an organization’s unique security profile. Microsoft Defender has extended AI security posture management beyond Azure and AWS to include Google VertexAI and all models in the Azure AI Foundry catalog, including Gemini, Gemma, Meta Llama, and Mistral models. To combat “shadow AI,” Microsoft is introducing AI web category filters in Microsoft Entra internet access and Microsoft Purview browser data loss prevention controls in Edge for Business, preventing sensitive data from being entered into unauthorized AI applications like ChatGPT and Google Gemini. The Microsoft-built agents include the Phishing Triage Agent in Microsoft Defender, which autonomously evaluates phishing alerts to distinguish between genuine threats and false positives. Additional partner agents include Aviatrix’s Network Supervisor Agent, BlueVoyant’s SecOps Tooling Agent, Tanium’s Alert Triage Agent, and Fletch’s Task Optimizer Agent. Microsoft is expanding Security Copilot with six proprietary AI agents and five partner-built agents, all scheduled for preview in April 2025.
This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 25 Mar 2025 13:20:06 +0000