Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
As No code/Low code platforms become increasingly accessible, organizations face new types of security risks. These platforms empower non-technical users to build and deploy custom agents without centralized security review or controls in place. Attackers can attempt to manipulate these agents by:
- Injecting malicious prompts
- Triggering unintended tool executions
- Exploiting data sources to escalate privileges or exfiltrate data.
AI agent protection features
Microsoft Defender addresses critical security gaps with comprehensive AI agent protection that includes proactive exposure, threat hunting, real time protection, and alerts. With AI agent protection, Microsoft Defender:
- Detects all of your custom AI agents created with Microsoft Copilot Studio, and integrates their data into advanced hunting for proactive threat detection. You can use this data to create custom queries and hunt for potential threats. See Copilot Studio AI agent inventory (Preview) to learn how to set up and make use of the AI agent inventory.
- Collects audit logs for your custom AI agents created with Copilot Studio, continuously monitors the agents for suspicious activity, and enables detections and alerts. To enable this monitoring, make sure that you:
- Provides real-time protection to block suspicious or harmful actions initiated by your AI agents, and triggers an informative alert integrated into the XDR incidents and alerts environment. See Enable real-time protection for Microsoft Copilot Studio Agents to learn how to set up real-time protection.