Microsoft Purview | Insider risk management- Insider risk management for risky agents

Informational

Message ID

MC1200579
View in Admin Center

Roadmap ID

516032
View in Roadmap

Services

Microsoft Purview

Affected Platforms

Web

Summary

Microsoft Purview Insider Risk Management will extend to detect and manage risky AI agent activities in enterprise environments. Features include integration with Copilot Studio and Azure AI Foundry, AI-specific risk policies, and governance of agent workflows. Public preview starts December 2025; general availability by December 2026.

Details

Introduction

As AI agents become deeply embedded in enterprise ecosystems, they are evolving beyond simple tools or workflows into an autonomous digital workforce. These agents can interpret user intent, access and manipulate enterprise data, execute actions on behalf of users, and even make real-time decisions. In many ways, they operate like human insiders only with machine-speed data processing capabilities.

To govern and protect these agents effectively, organizations require visibility into their activities, contextual understanding of their actions, and the ability to flag or block risky behavior. Now, Insider Risk Management can be extended to detect and remediate potentially risky agent activities.

Features:

  • Copilot Studio & Azure AI Foundry Integration: Detect potentially risky activities of agents hosted on Copilot Studio, Azure AI Foundry, and Agent 365 platforms
  • Risky AI Usage Policies: Define and enforce policies specific to AI agents accessing sensitive data or performing high-risk actions.
  • IRM for Agent Users: Extend IRM in Purview to govern agent-driven workflows and protect organizational data.

This message is associated with Microsoft 365 Roadmap ID 516032.

When this will happen:

  • Public Preview: We will begin rolling out early December 2025 and expect to complete by mid-January 2026.
  • General Availability (Worldwide): We will begin rolling out early December 2026 and expect to complete by late December 2026.

How this affects your organization:

On the Overview page in the Insider Risk Management solution, you will be able to access the overall risk profile of agents deployed in your organization.

user settings

The Risky Agents policy will be automatically deployed for all agents hosted on Copilot Studio and Azure AI Foundry across your organization. Alerts from this policy will be generated when an agent’s activity exceeds the thresholds configured in this automatically deployed Risky Agents policy. These alerts can be found under Agents > Alerts on the left pane.

user settings

What you can do to prepare:

  • Review the public facing documentation to learn more about this exciting new offering: Learn about Insider Risk Management policy templates | Microsoft Learn
  • Review the new Insider Risk Management interface in the Microsoft Purview portal, which now includes separate sections for Users and Agents.
  • Review and tune the Risky Agents policy based on your organization’s requirements.
  • If you don’t wish to track agent activities, you can delete the automatically deployed Risky Agents policy. 

Learn more: