Microsoft says agentic AI has helped identity and network access teams spot more than 200% more missing baseline policies – so now it's widening the public preview of its Entra Agent ID to keep tabs on agents and other new risks to zero trust strategies.
Microsoft first unveiled a preview of Entra Agent ID in May, and Joy Chik, president of identity and network access at the tech giant, said it quickly became clear that few companies were aware how many agents were active in their environment.
"Before you can securely manage, protect, and govern this new type of identity, you need visibility," Chik said in a blogpost.
"Then you need the right controls, because agent sprawl can quickly lead to excessive permissions, orphaned accounts, and increased risk."
Chik cited a recent Microsoft study that found admins using its Conditional Access Optimization Agent in Microsoft Entra finished key tasks 43% faster and with 48% more accuracy. Alongside that, she reported a 204% improvement in spotting missing baseline policies.
New AI tools for access
Microsoft has now added new tools to its existing Entra solution, which manages identity and network access, to help manage and govern agents, secure access to AI resources for the workforce, and strengthen security via multi-layer access controls.
Chik added that the wider Microsoft Entra Suite is getting new AI powered features.
"First, we’re expanding Microsoft Entra Internet Access to secure access to and usage of generative AI (GenAI) at the network level," she said.
"Our Secure Web Gateway (SWG) is now a Secure Web and AI Gateway. It allows you to secure, govern, and monitor access to any AI or agent from any provider, running on any platform."
What to expect with Entra Agent ID
Entra Agent ID allows companies to use the same tools for workforce identification as it does for AI agents, Chik said. That includes maintaining an inventory of an agent fleet, regulating access to resources and data, and governing them via corporate policies.
"Lifecycle management and IT-defined guardrails, for both agents and the people who create and manage them, keep your agent fleet under control," she added.
The Public Preview of Entra Agent ID also now features AI-powered tools including prompt injection protection, network file filtering, and blocking unsanctioned access to Model Context Protocols (MCP), which allow AI agents access.
Plus, Entra Agent ID now detects shadow AI, helping security teams spot unsanctioned AI tools and letting them monitor usage trends and block risky apps.
"With these controls, you can accelerate GenAI adoption while maintaining compliance and reducing risk, so employees can experiment with new AI tools safely," Chik added.
Beyond those tools, the public preview also includes user-centric access reviews, risk-based approval in entitlement management, threat intelligence and URL filtering, and guest access.
Safer access for AI agents
Microsoft Entra Agent ID can also manage access to Microsoft Agent 365, the dashboard for AI agents unveiled at Microsoft's Ignite conference.
"It takes the same infrastructure that you trust to manage and secure your people and extends it to agents, equipping frontier organizations with leading Microsoft security, productivity, and collaboration solutions," Chik added.
The launch marks the latest in a string of product announcements at the tech giant’s annual conference in San Francisco, which naturally has had a sharp focus on agentic AI.
Microsoft introduced its own MCP Server for enterprise at the event. Entra can be used to manage access, with Agent ID handling authentication and least-privilege access controls.
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
- Microsoft: get used to working with AI-powered "digital colleagues"
- Microsoft expects 1.3 billion AI agents to be in operation by 2028 – here’s how it plans to get them working together
- Microsoft quietly launched an AI agent that can detect and reverse engineer malware
-
Microsoft's new Agent 365 platform is a one-stop shop for deploying, securing, and keeping tabs on AI agentsNews The new platform looks to shore up visibility and security for enterprises using AI agents
-
Pax8 and Microsoft are teaming up to supercharge MSP growthNews The new agreement includes integration between Pax8 and Microsoft Marketplace alongside a new OneCloud Guided Growth enablement initiative
-
GitHub is awash with leaked AI company secrets – API keys, tokens, and credentials were all found out in the openNews Wiz research suggests AI leaders need to clean up their act when it comes to secrets leaking
-
A notorious ransomware group is spreading fake Microsoft Teams ads to snare victimsNews The Rhysida ransomware group is leveraging Trusted Signing from Microsoft to lend plausibility to its activities
-
CISA just published crucial new guidance on keeping Microsoft Exchange servers secureNews With a spate of attacks against Microsoft Exchange in recent years, CISA and the NSA have published crucial new guidance for organizations to shore up defenses.
-
CISA issues alert after botched Windows Server patch exposes critical flawNews A critical remote code execution flaw in Windows Server is being exploited in the wild, despite a previous 'fix'
-
Microsoft issues warning over “opportunistic” cyber criminals targeting big businessNews Microsoft has called on governments to do more to support organizations
-
Generative AI attacks are accelerating at an alarming rateNews Two new reports from Gartner highlight the new AI-related pressures companies face, and the tools they are using to counter them
-
A terrifying Microsoft flaw could’ve allowed hackers to compromise ‘every Entra ID tenant in the world’News The Entra ID vulnerability could have allowed full access to virtually all Azure customer accounts
-
Microsoft and Cloudflare just took down a major phishing operationNews RaccoonO365’s phishing as a service platform has risen to prominence via Telegram
