Loading...

Zero Trust security for AI agents

Zero Trust security for AI agents

Apply Zero Trust controls to every AI agent in your environment across identity, tool usage, and data access. Extend Conditional Access in Microsoft Entra to evaluate every agent authorization request in real time against the same risk signals as human users. Assign each agent its own managed identity with Entra Agent ID and scope permissions with Access Packages. Govern your MCP catalog as a software supply chain — unapproved tools don't run, and approved servers lock behind Azure API Management.

Log every agent tool call, API access, and data lookup into Microsoft Sentinel for continuous anomaly detection. Purview Insider Risk Management auto-assigns risk levels so you can investigate fast or revoke access entirely. DLP and sensitivity labels in Microsoft Purview restrict what agents can reach and auto-inherit to everything they generate, and Data Access Governance maps exactly what each agent can access before a prompt fires. 

Jeremy Chapman, Microsoft 365 Director, shares how to put these controls into practice across every managed, self-hosted, and shadow agent in your estate.

► QUICK LINKS:

00:00 - How AI changes Zero Trust

01:20 - Zero Trust principles

02:27 - How to apply Zero Trust principles

03:40 - Conditional Access for Agent Identities

04:59 - Entra Agent ID + Access Packages

06:07 - Runtime Observability

06:58 - DLP, Sensitivity Labels + Data Access Governance

07:47 - MCP catalog

08:36 - AI apps & experiences

09:24 - Wrap up

► Link References 

Watch the rest of this series at https://aka.ms/ZTMechanics

For additional resources, check out https://aka.ms/GoZeroTrust

► Unfamiliar with Microsoft Mechanics?

As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Published on:

Learn more
Microsoft Mechanics Podcast
Microsoft Mechanics Podcast

Made for tech enthusiasts and IT professionals. Expanded coverage of your favorite technologies across Microsoft; including Office, Azure, Windows and Data Platforms. We'll even bring you broader topics such as device innovation with Surface, machine learning, and predictive analytics.

Share post:

Related posts

Stay up to date with latest Microsoft Dynamics 365 and Power Platform news!
* Yes, I agree to the privacy policy