Zero Trust security for AI agents

Zero Trust security for AI agents

Apply Zero Trust controls to every AI agent in your environment across identity, tool usage, and data access. Extend Conditional Access in Microsoft Entra to evaluate every agent authorization request in real time against the same risk signals as human users. Assign each agent its own managed identity with Entra Agent ID and scope permissions with Access Packages. Govern your MCP catalog as a software supply chain — unapproved tools don't run, and approved servers lock behind Azure API Management.

Log every agent tool call, API access, and data lookup into Microsoft Sentinel for continuous anomaly detection. Purview Insider Risk Management auto-assigns risk levels so you can investigate fast or revoke access entirely. DLP and sensitivity labels in Microsoft Purview restrict what agents can reach and auto-inherit to everything they generate, and Data Access Governance maps exactly what each agent can access before a prompt fires.

Jeremy Chapman, Microsoft 365 Director, shares how to put these controls into practice across every managed, self-hosted, and shadow agent in your estate.

► QUICK LINKS:

00:00 - How AI changes Zero Trust

01:20 - Zero Trust principles

02:27 - How to apply Zero Trust principles

03:40 - Conditional Access for Agent Identities

04:59 - Entra Agent ID + Access Packages

06:07 - Runtime Observability

06:58 - DLP, Sensitivity Labels + Data Access Governance

07:47 - MCP catalog

08:36 - AI apps & experiences

09:24 - Wrap up

► Link References

Watch the rest of this series at https://aka.ms/ZTMechanics

For additional resources, check out https://aka.ms/GoZeroTrust

► Unfamiliar with Microsoft Mechanics?

As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(100)

Secure containers from code to runtime | Microsoft Defender

Secure containers from code to runtime | Microsoft Defender

Secure containerized apps end-to-end using Microsoft Defender for Cloud. Correlate cross-cloud attacks into a single incident, catch runtime threats that image scanning misses, and block vulnerable im...

29 Kesä 9min

Find and fix app issues - Azure Copilot Observability Agent

Find and fix app issues - Azure Copilot Observability Agent

Cut through alert noise and move from detection to root cause using the Azure Copilot Observability Agent. It autonomously investigates incidents, correlates signals across logs, metrics, alerts, appl...

25 Kesä 8min

Build Agent Architecture using AI Landing Zones

Build Agent Architecture using AI Landing Zones

Build enterprise-ready AI agents that scale without sacrificing security or control using Microsoft Azure. Establish a shared Governance Hub to centralize model access, MCP catalogs, and policy enforc...

25 Kesä 15min

New Security Controls in Edge for Business

New Security Controls in Edge for Business

Enforce your existing Microsoft security policies directly in the browser, where your users actually work, using Microsoft Edge for Business. Extend Conditional Access, Purview DLP, and Defender contr...

25 Kesä 10min

Rayfin | Go from prompt to production backend

Rayfin | Go from prompt to production backend

Build production-ready enterprise apps in hours, not months. Describe the app you want using Rayfin's open-source SDK with GitHub Copilot, and generate your full backend in code — schemas, relationshi...

18 Kesä 8min

Agent 365 | Identity & Access Controls in Entra

Agent 365 | Identity & Access Controls in Entra

Take control of every AI agent, managed or not, running in your environment using Agent 365 and Microsoft Entra. Surface agents across AWS Bedrock, Google Vertex, Databricks, and Salesforce in one reg...

9 Kesä 8min

Introducing Azure HorizonDB - PostgreSQL

Introducing Azure HorizonDB - PostgreSQL

Run enterprise Postgres workloads on Azure HorizonDB with around 3x the throughput of self-managed deployments — zone-resilient by default, no architectural trade-offs. Call AI models directly from SQ...

3 Kesä 13min

Suosittua kategoriassa Politiikka ja uutiset

aikalisa
uutiscast
ootsa-kuullut-tasta-2
rss-ootsa-kuullut-tasta
rss-podme-livebox
rss-vaalirankkurit-podcast
tervo-halme
otetaan-yhdet
rss-asiastudio
politiikan-puskaradio
aihe
rss-girls-finish-f1rst
the-ulkopolitist
rss-kaikki-uusiksi
rss-ulkopoditiikkaa
rikosmyytit
rss-mina-ukkola
rss-aijat-hopottaa-podcast
rss-kuka-mina-olen
rss-raha-talous-ja-politiikka