Edit

Enable security for AI agents using Microsoft Defender

Microsoft Defender integrates with Microsoft Agent 365 to secure the AI agents in your organization. After you onboard to Agent 365, enable security for AI agents to discover, protect, and respond to threats targeting agents in your tenant. For an overview of the agent security capabilities, see Protect AI agents using Microsoft Defender.

Onboarding includes enabling data collection, connecting the Microsoft 365 app connector, and onboarding Copilot Studio for real-time protection.

Prerequisites

Before you start, make sure you have:

Connect data sources

To configure the data sources that Microsoft Defender uses to surface, investigate, and protect AI agents in your tenant:

  1. Sign in to the Microsoft Defender portal.

  2. Go to Settings > Security for AI > Get started.

    When you onboard to Agent 365, security for AI agents is enabled automatically, including AI agent discovery, security posture assessment, and threat detection. The Enable toggle is on by default. To stop collecting data for AI agents, switch it to Off.

    A setup checklist shows the status of required and optional data sources. Agent 365 provides unified visibility into AI agents and is marked as Done automatically.

    Screenshot of the Security for AI setup checklist showing Agent 365 marked Done, the Microsoft 365 connector marked Connected, Copilot Studio marked Not connected, and a list of identified Power Platform admins.

  3. Enable the Microsoft 365 connector to get investigation and advanced hunting capabilities for AI agent activity:

    1. In the Get started page, select the Microsoft 365 connector step.

    2. On the Select Microsoft 365 components step, select at least the two components required for AI agent monitoring:

      • Microsoft Entra ID Management events: audit admin activities performed in Microsoft Entra ID.
      • Microsoft 365 activities: audit activities performed by users in your Microsoft 365 apps.

      Microsoft Entra Users and groups is a prerequisite for all monitoring capabilities and is selected by default.

    3. Select Connect Microsoft 365 to complete the connector setup.

      Screenshot of the Select Microsoft 365 components step with Microsoft Entra ID Management events, Sign-in events, Apps, and Microsoft 365 activities selected.

    When the connector is active, its status shows as Connected.

    Note

    For Copilot Studio agents, if the Microsoft 365 connector isn't connected, real-time protection continues to block suspicious activity during runtime, but alerts and incidents related to these actions don't appear in the Microsoft Defender portal.

  4. Connect Copilot Studio to enable real-time protection for Copilot Studio agents:

    1. In the Get started page, select the Copilot Studio step. The Copilot Studio real-time protection pane opens.

    2. Toggle Real-time protection to on.

      This integration allows Microsoft Defender to scan agent tool invocations in real time, detect security risks (suspicious behavior or cross-prompt injection attacks), and block malicious actions. If suspicious behavior is detected, the response is blocked and an alert is triggered in the Microsoft Defender alerts and incidents queues.

      Screenshot of the Copilot Studio real-time protection pane in the Microsoft Defender portal with the Real-time protection toggle on.

    3. Under Enable Power Platform Integration, copy the URL provided and share it with your Power Platform administrator.

    4. Work with your Power Platform administrator to complete the onboarding steps in Power Platform. For detailed instructions, see Enable external threat detection and protection for Copilot Studio custom agents.

      Make sure that the Power Platform administrator uses the same App ID as the App ID used in the Microsoft Entra ID application.

    5. Get the App ID from the Power Platform administrator, paste it into the App ID field in the Defender portal, then select Save.

    Note

    If you recently changed the App ID in Power Platform, it can take up to one minute for the update to propagate. If you encounter a validation error when saving the updated value, wait a short time and try again.

    When the Power Platform administrator completes the onboarding steps, the Copilot Studio step shows a Connected status in the Get started page.

    The Get started page also shows a list of Identified Power Platform Admins who have permission to complete the setup in Power Platform.

Next steps

After onboarding is complete, explore these capabilities: