Microsoft Uses AI to Enhance Security in Purview Entra and Cloud Services
Microsoft is boosting its security tools with AI features in Purview Data Security Investigations, Entra access controls, and Defender improvements to help businesses quickly detect and address data risks.
Microsoft is integrating AI-driven enhancements into its security portfolio, focusing on Purview Data Security Investigations, Entra access controls, and Defender for AI services. These updates aim to help enterprises detect, investigate, and mitigate security threats more efficiently.
Purview Data Security Investigations
Microsoft's Purview Data Security Investigations, now in public preview, uses AI to analyze large-scale data and accelerate post-breach investigations. Rudra Mitra, Corporate VP of Microsoft Purview, demonstrated how the tool can process over 50,000 events and isolate risks by category (e.g., credentials and access). Admins can launch investigations with a single click, generating automated reports that summarize risks, mitigation steps, and assessment methodology.
Combating Shadow AI with Entra and Purview
Microsoft revealed that 78% of employees use unsanctioned AI tools, posing security risks. To counter this, Entra now includes a web filter for AI app access policies, allowing role-based controls (e.g., stricter rules for finance teams). Meanwhile, Purview introduces real-time data leak prevention in Microsoft Edge for Business, blocking sensitive data uploads to unauthorized AI apps.
Defender for AI Services
Microsoft is extending Defender’s AI Security Posture Management to protect cloud-hosted AI services. New support includes Google Vertex AI (coming in May) and models in the Azure AI catalog (e.g., Meta Llama, Mistral, DeepSeek). This provides unified risk management across multi-cloud environments.
Customer Proof Point: Security Copilot
St. Luke’s University Health Network highlighted Microsoft Security Copilot as a game-changer, streamlining incident response by aggregating data from Defender and Sentinel. Krista Arndt, Associate CISO, praised its contextual alerts, while CISO David Finkelstein likened it to "an extra person" for security teams.
For more on AI-driven security, check the AI Agent & Copilot Summit.
Related News
Dona Sarkar Advocates Locally Developed AI Agents Tailored for Korea
Dona Sarkar of Microsoft emphasizes AI agents in Korea must be built by Korean developers using local data and culture to ensure trust and accuracy.
AI Agents Fuel Identity Debt Risks Across APAC
Organizations must adopt secure authorization flows for AI environments rather than relying on outdated authentication methods to mitigate identity debt and stay ahead of attackers.
About the Author
Dr. Emily Wang
AI Product Strategy Expert
Former Google AI Product Manager with 10 years of experience in AI product development and strategy formulation. Led multiple successful AI products from 0 to 1 development process, now provides product strategy consulting for AI startups while writing AI product analysis articles for various tech media outlets.