Agentic AI transformation is giving rise to the Frontier Firm—a new type of organization characterized by on-demand intelligence and a workforce where humans and agents work in tandem. According to Microsoft’s 2025 Work Trend Index, we expect every organization will be on their journey to becoming a Frontier Firm within the next two to five years. 

And as AI transforms every aspect of our lives and unlocks unprecedented possibilities, it must be grounded in security—starting with a Zero Trust foundation to protect the workforce and a new generation of Frontier Firms. 

Microsoft is committed to helping customers build a strong security foundation from the start. At Microsoft Build 2025, we’re taking important steps to secure the agentic workforce.

Secure and manage agent identities with Microsoft Entra

Security starts with identity. Identity-based cyberattacks have consistently been one of the top threat vectors since the cloud era. The number of password cyberattacks has increased to approximately 7,000 password attacks per second, and identity-based cyberattacks now account for nearly 80% of breaches.¹ Identity is the new perimeter and Microsoft Entra, with more than 900 million monthly active users today, plays a pivotal role in securing all identities in the agentic era. 

We are excited to introduce Microsoft Entra Agent ID, which extends identity management and access capabilities to AI agents. Now, AI agents created within Microsoft Copilot Studio and Azure AI Foundry are automatically assigned identities in a Microsoft Entra directory—analogous to etching a unique VIN into every new car and registering it before it leaves the factory—centralizing agent and user management in one solution. 

Agentic AI is gaining momentum for its ability to combine large language models with reasoning to deliver real outcomes. As we scale autonomous capabilities, identity becomes critical—robust authentication, access provisioning, fine-grained authorization, and governance are essential. Microsoft Entra Agent ID is a huge step in delivering industry thought leadership with a tangible solution. 

—Frank Dickson, Group Vice President of Security and Trust, IDC

Partnering with ServiceNow and Workday

And as AI agents increasingly join and reshape the workforce, it’s crucial that workforce systems tap into Microsoft Entra’s expanded identity capabilities for agents. That’s why we are excited to partner with leading providers like ServiceNow and Workday. As part of this, we’ll integrate Microsoft Entra Agent ID with the ServiceNow AI Platform and the Workday Agent System of Record. This will allow for automated provisioning of identities for future digital employees.

Secure data and compliance for AI agents with Microsoft Purview 

With the adoption of generative AI apps and models—and now agents—other types of risks beyond identity have emerged such as data oversharing and leaks, new AI-specific vulnerabilities and cyberthreats, and non-compliance with stringent regulatory requirements.  

To give organizations the tools needed to help secure and govern AI agents, Microsoft Purview data security and compliance controls is now extended to:

• Any custom-built AI app with the new Microsoft Purview software development kit (SDK).
• Enabled natively for AI agents built within Azure AI Foundry and Copilot Studio.

This means that AI agents can now inherently benefit from Microsoft Purview’s robust data security and compliance capabilities. Developers can leverage these controls to help reduce the risk of their AI applications oversharing or leaking data, and to support compliance efforts, while security teams gain visibility into AI risks and mitigations. This integration improves AI data security and streamlines compliance management for development and security teams.

Proactively secure agents with Microsoft Defender 

Finally, to help developers address critical AI risks, Microsoft Defender now integrates AI security posture management recommendations and runtime threat protection alerts directly into Azure AI Foundry. This integration reduces the tooling gap between security and development teams so developers can proactively mitigate AI application risks and vulnerabilities from within the development environment and more quickly reduce surface area risk—empowering developers to enhance the security of AI applications. 

These announcements underscore our commitment to providing comprehensive security and governance for AI, with technology built on the security lessons of the past and in line with our Secure Future Initiative principles. By embedding identity, security, and governance for agents into Microsoft’s agent-building spaces with seamless integration with Microsoft Entra, Microsoft Purview, and Defender, we are helping organizations innovate more securely with AI.  

More details can be found on Tech Community.

¹ Microsoft Digital Defense Report 

The post Microsoft extends Zero Trust to secure the agentic workforce appeared first on Microsoft Security Blog.