As agents transition from technical novelty to mainstream digital employees handling high-value tasks across organizations, security and governance measures have to keep pace.

In this session, we walk through advanced capabilities from Entra and Defender that help defend against attacks on mission-critical agents by incorporating capabilities like web content filtering and threat intelligence with Entra GSA and runtime protection with Defender for Cloud Apps. We also explain why privilege escalation is a real risk to consider and why you need to carefully consider which identities agents use to access resources through connectors.

Finally, we take a look at security considerations related to conversation transcripts which Copilot Studio agents store in Dataverse. Transcripts can contain sensitive data ranging from PII to confidential business plans which means you now need to take Dataverse access management and auditing seriously.

This advanced session takes aims to help you get a realistic grip on cutting edge security capabilities for agents. You will take home a clear idea on when to look at adding an additional layer of security to your agent, as well as an understanding of the pre-requisites and mitigated risks.

The session is well-suited for those working with agents and/or security, as well as anyone looking to get an update on the cutting edge of agentic security.

Key Takeaways from this Session:

• You can mitigate XPIA attacks on agents with Entra GSA.
• Defender can play a role in providing real-time protection for high-value agents.
• For critical agents, you need to carefully consider which identities agents use with connectors and who can access conversation transcripts.