Empowering defenders in the era of agentic AI with Microsoft Sentinel

Microsoft unveils a new wave of security innovation—delivering an agentic platform to protect organizations at scale

We are living through a turning point in how organizations work and defend themselves. Across industries, “Frontier Firms” are emerging; these are businesses where humans and AI agents collaborate in real time to solve problems, innovate, and build resilient organizations.

For security teams, this shift brings new opportunities and challenges. The complexity and speed of modern cyberthreats demand solutions that go beyond traditional tools. To address these needs, Microsoft is introducing new agentic security capabilities to empower defenders to innovate boldly and safely in this new AI era.

Microsoft Sentinel: The security platform for the agentic era

Defenders need to protect AI end-to-end and for that they need a platform that brings together data, context, automation, and intelligent agents, enabling them to defend and adapt at AI speed. That platform is Microsoft Sentinel.

Sentinel started as a cloud-native security information and event management (SIEM) and expanded to also include a unified security data lake in July. Today, it is expanding into an agentic platform with the general availability of Sentinel data lake, and the public preview of Sentinel graph and Sentinel Model Context Protocol (MCP) server. With graph-based context, semantic access, and agentic orchestration, Sentinel gives defenders a single platform to ingest signals, correlate across domains, and empower AI agents built in Security Copilot, VS Code using GitHub Copilot, or other developer platforms.

Sentinel ingests signals, either structured or semi-structured, and builds a rich, contextual understanding of your digital estate through vectorized security data and graph-based relationships. By integrating these insights with Microsoft Defender and Microsoft Purview, Sentinel brings graph-powered context to the tools security teams already use, helping defenders trace attack paths, understand impact, and prioritize response—all within familiar workflows.

With Microsoft Security and Sentinel data lake, we’ve unified silos, scaled operations, automated processes, and expanded coverage—transforming how we detect patterns and prepare for the future with a unified, agile security posture.

—Bernard Knaapen, Chief Product Owner, Monitoring and Incident Response, ABN AMRO

Sentinel also organizes and enriches your security data, making it ready for AI agents to detect issues faster, investigate with more clarity, and respond automatically when needed. And Sentinel’s graph-based approach powers Security Copilot agents to reason over your environment with precision and speed, thanks to the built-in MCP server, which uses open standards for easy agent access and action. For advanced teams, Sentinel MCP server enables extensibility for predefined and custom agents, allowing AI-powered reasoning over unified data. This shifts security from reactive to predictive, helping teams anticipate threats and automate response at scale.

Sentinel is open and extensible, so partners can build their own agents and solutions. And with the new Microsoft Security Store, finding and deploying these agents is simple. We’re already collaborating with Accenture, ServiceNow, and Zscaler to strengthen the security ecosystem together.

Sentinel is an industry-leading SIEM and the scalable backbone defenders need in the age of AI.¹ Together, Sentinel and Security Copilot give security teams the visibility, automation, and scale they need to stay ahead of cyberthreats.

Security Copilot: Build your own agents—no code required

Security Copilot was created to help security teams tackle the toughest challenges—endless alerts, siloed tools, and constant pressure to do more with less. But no one understands your environment and unique needs like you do. Now you can build your own Security Copilot agents. The Security Copilot portal features a no-code agent builder that lets you describe what you need in natural language and create, optimize, and publish agents tailored to your workflows in minutes.

You can also build agents in a Sentinel MCP server-enabled coding platform, such as VS Code using GitHub Copilot. Once built, you can refine and deploy agents to your Security Copilot workspace while keeping the process within the familiar development platform.

Security Copilot agents are designed to integrate into daily tools and workflows—whether embedded in the Microsoft Security products you already use, partner-built, or custom-built for your environment. Since launching Security Copilot agents in March 2025, we’ve delivered more than a dozen agents for scenarios such as phish triage and conditional access optimization. We continue to add embedded agents such as the Access Review Agent in Microsoft Entra. Microsoft and partner-created Security Copilot agents are available to discover, buy, and deploy in the Security Store today.

Building on Sentinel’s graph-based context, Security Copilot agents can now reason more effectively across your environment—correlating alerts, enriching context with relationships, prioritizing by impact, and automating common actions. This enables fewer false positives, faster triage, and lower mean time to resolution (MTTR). Work shifts from manual triage to agent-led workflows: agents orchestrate and automate routine tasks, while analysts review and approve outcomes—focusing their time on strategic decisions and proactive threat hunts.

Secure and govern your AI comprehensively

As organizations embrace AI, Microsoft continues to invest in tools that help security teams secure and govern their AI platforms, apps, and agents across the enterprise.

Over the past few months, we’ve expanded our Security for AI capabilities, including Entra Agent ID to help discover and manage your agent estate, controls to prevent data oversharing in custom-built AI apps and agents, risk discovery tools for AI model providers and MCP servers, and advanced detection for prompt injection attacks.

At Microsoft Build 2025, we announced new enhancements to Azure AI Foundry that provide more protection for AI agents across their lifecycle. These will be available soon and include:

1. Agent task adherence control to help keep agents aligned with tasks in real time
2. Personally identifiable information (PII) guardrail
3. Spotlighting capability in prompt shields to enhance protection against cross-prompt injection attacks

Together, these innovations help you secure and govern your AI apps and agents in Microsoft 365 Copilot, Copilot Studio, and Azure AI Foundry—helping you build on the trusted tools your teams already use and offering you more natively built protections for your Microsoft AI platforms.

Upcoming security events

Deep dive into these innovations at Microsoft Secure on Sep 30, Oct 1, or on demand. Then, join us at Microsoft Ignite, Nov, 17–21 in San Francisco, CA or online—for more innovations, hands-on labs, and expert connections. 

Security is a team sport

We are entering a new era: security is adaptive, intelligent, and acts at the speed of thought. The advances announced today are the building blocks for a new generation of defense.

I firmly believe that security is a team sport. That team includes all of us— innovating together, learning together, and defending together.

Together, we’re not just imagining the future. We’re securing it.

Learn more with Microsoft Security

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹Microsoft is again named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management​​, Microsoft Security Blog. May 13, 2024.