Building Secure AI Agents with Microsoft’s Security Stack

Microsoft Events hosts an Ignite session featuring Neta Haiby, Harmony Mabrey, and Alyssa Ofstein, focused on building secure AI agents using Microsoft’s security tools and principles.

Building Secure AI Agents with Microsoft’s Stack

Speakers: Neta Haiby, Harmony Mabrey, Alyssa Ofstein
Event: Microsoft Ignite 2025 (Session BRK261)

Session Overview

This advanced session covers how Microsoft approaches securing agentic AI systems throughout the lifecycle. Key topics include:

• Defining Agentic AI and Autonomy Design: Understand what agentic AI is and the importance of making intentional autonomy-related design choices.
• Emerging Threats: Assess the latest risks such as AI-augmented cyberattacks and the potential for user manipulation by agents.
• Threat Modeling: See a real-world example of agent threat modeling via an employee expense scenario.
• Memory Poisoning & Data Leakage: Explore risks around memory poisoning and leakage of sensitive data from agentic systems.
• Attack Surface & Latency: Learn how to identify, manage, and reduce agent attack surfaces and latency-related vulnerabilities.
• Agent Schema & Role Boundaries: Design explicit agent schemas and clear role boundaries for safer agent operation.
• Data Sanitization & Guardrails: Apply data sanitization, guardrail filtering, and input validation to mitigate security risks.
• Observability & Preparedness: Integrate robust logging and monitoring to prepare your AI systems for attacks and enable focused governance.

Microsoft Security Tools and Foundry

• Tools Highlighted:
  • Microsoft Security (suites applicable to AI/agent security)
  • Microsoft Foundry for AI development and resilience
  • Secure Future Initiative governance principles

Best Practices Outlined

• Use threat modeling in every agent scenario
• Implement defense-in-depth with Microsoft Security platforms
• Build governance and audit readiness from the start
• Continuously monitor AI agent behavior and attack surfaces
• Apply explicit schemas and boundaries to restrict agent actions

Resources

• Microsoft Ignite Sessions
• Securing AI, Protect, Govern, Defend

---

By applying these design and governance practices, developers and architects can lead the way in creating secure, resilient AI agents leveraging the full suite of Microsoft security solutions.