AI-Driven Security Agents Now in Microsoft 365 E5: Security Copilot Integration and Expansion

Dorothy Li introduces the expanded integration of Microsoft Security Copilot with Microsoft 365 E5. This announcement highlights the rollout of AI-based security agents, providing security teams with advanced cyber defense, automation, and proactive threat management features within the familiar Microsoft security ecosystem.

AI-Driven Security Agents Now in Microsoft 365 E5

By Dorothy Li

Overview

At Microsoft Ignite 2025, Microsoft announced new advancements in cybersecurity: the integration of Security Copilot and a growing portfolio of AI-driven security agents—now included with all Microsoft 365 E5 subscriptions. This move enables security teams to shift from reactive responses towards proactive, automated security strategies.

Why AI-Powered Security Agents?

• Demand Gap: With over four million unfilled cybersecurity positions, traditional approaches can’t meet today’s threats.
• Automation Imperative: Attackers use AI for rapid, large-scale operations—defenders must leverage intelligent agents for parity and advantage.

Key Features and Announcements

• Security Copilot Availability: Now included for Microsoft 365 E5 customers; initial rollout for existing Security Copilot customers, followed by organization-wide deployment.
• Integrated Agents: Agents are embedded within core Microsoft security tools:
  • Microsoft Defender: SIEM, threat triage, and phishing detection
  • Microsoft Entra: Identity and access management, risky user mitigation, Zero Trust policy optimization
  • Microsoft Intune: Endpoint device management, compliance, and security assessment
  • Microsoft Purview: Data security, risk analysis, and automated remediation
• Expansion of Agent Ecosystem:
  • 40+ new agents launched, expanding from 37 to over 77 total
  • Includes 12 new Microsoft-built agents and 30+ partner-built agents extending security automation capabilities
  • Agents automate triage, threat hunting, access review, and policy optimization
• Interactive Agent Experience: Scoped chat, dynamic workflows, and enterprise knowledge integration to tailor operations to specific organization environments
• Developer Flexibility: Organizations can build custom agents to fit unique security use cases, with hundreds already created

Operational Impact

• Increased Speed: Security analysts detect and mitigate threats faster (e.g., phishing identification up to 550% quicker)
• Improved Accuracy: Tools like the Conditional Access Optimization Agent yield up to 204% better results in enforcing Zero Trust policies
• Proactive Defense: Agents designed to automate routine tasks and surface critical actionable insights

Resources and Getting Started

• Rollout Information: E5 customers get 400 Security Compute Units (SCUs) per 1,000 users monthly; further scalability available soon
• Partner Ecosystem: Explore Microsoft and third-party agents in the Microsoft Security Store
• Documentation: Learn about activation and eligibility at aka.ms/scpinclusioninfo
• Learn More: Visit Microsoft Security Blog and follow Microsoft Security

Industry Events

• Ignite 2025 Sessions featuring security leaders discuss large-scale AI security deployments and frontier organizational strategies

Conclusion

Microsoft’s unified AI and security solution, now standard with Microsoft 365 E5, offers an extensive and growing agent ecosystem, empowering security professionals with automation, intelligence, and flexibility to meet rising cyber threats.

This post appeared first on “Microsoft Security Blog”. Read the entire article here