Microsoft opens up Entra Agent ID preview with new AI features

Microsoft says agentic AI has helped identity and network access teams spot more than 200% more missing baseline policies – so now it's widening the public preview of its Entra Agent ID to keep tabs on agents and other new risks to zero trust strategies.

Microsoft first unveiled a preview of Entra Agent ID in May, and Joy Chik, president of identity and network access at the tech giant, said it quickly became clear that few companies were aware how many agents were active in their environment.

"Before you can securely manage, protect, and govern this new type of identity, you need visibility," Chik said in a blogpost.

"Then you need the right controls, because agent sprawl can quickly lead to excessive permissions, orphaned accounts, and increased risk."

Chik cited a recent Microsoft study that found admins using its Conditional Access Optimization Agent in Microsoft Entra finished key tasks 43% faster and with 48% more accuracy. Alongside that, she reported a 204% improvement in spotting missing baseline policies.

New AI tools for access

Microsoft has now added new tools to its existing Entra solution, which manages identity and network access, to help manage and govern agents, secure access to AI resources for the workforce, and strengthen security via multi-layer access controls.

Chik added that the wider Microsoft Entra Suite is getting new AI powered features.

"First, we’re expanding Microsoft Entra Internet Access to secure access to and usage of generative AI (GenAI) at the network level," she said.

"Our Secure Web Gateway (SWG) is now a Secure Web and AI Gateway. It allows you to secure, govern, and monitor access to any AI or agent from any provider, running on any platform."

What to expect with Entra Agent ID

Entra Agent ID allows companies to use the same tools for workforce identification as it does for AI agents, Chik said. That includes maintaining an inventory of an agent fleet, regulating access to resources and data, and governing them via corporate policies.

"Lifecycle management and IT-defined guardrails, for both agents and the people who create and manage them, keep your agent fleet under control," she added.

The Public Preview of Entra Agent ID also now features AI-powered tools including prompt injection protection, network file filtering, and blocking unsanctioned access to Model Context Protocols (MCP), which allow AI agents access.

Plus, Entra Agent ID now detects shadow AI, helping security teams spot unsanctioned AI tools and letting them monitor usage trends and block risky apps.

"With these controls, you can accelerate GenAI adoption while maintaining compliance and reducing risk, so employees can experiment with new AI tools safely," Chik added.

Beyond those tools, the public preview also includes user-centric access reviews, risk-based approval in entitlement management, threat intelligence and URL filtering, and guest access.

Safer access for AI agents

Microsoft Entra Agent ID can also manage access to Microsoft Agent 365, the dashboard for AI agents unveiled at Microsoft's Ignite conference.

"It takes the same infrastructure that you trust to manage and secure your people and extends it to agents, equipping frontier organizations with leading Microsoft security, productivity, and collaboration solutions," Chik added.

The launch marks the latest in a string of product announcements at the tech giant’s annual conference in San Francisco, which naturally has had a sharp focus on agentic AI.

Microsoft introduced its own MCP Server for enterprise at the event. Entra can be used to manage access, with Agent ID handling authentication and least-privilege access controls.

Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.

MORE FROM ITPRO

• Microsoft: get used to working with AI-powered "digital colleagues"
• Microsoft expects 1.3 billion AI agents to be in operation by 2028 – here’s how it plans to get them working together
• Microsoft quietly launched an AI agent that can detect and reverse engineer malware