Navigation section
agent registry
About this tag
The agent registry tag on WindowsForum covers Microsoft's guidance for managing and securing AI agents in enterprise environments. Discussions focus on the risks of unregistered or "shadow" agents, which can perform legitimate tasks while following malicious instructions or leaking data. Microsoft recommends registering every agent, applying least privilege, and extending data loss prevention to agent interactions. The tag also explores identity-first governance using Entra Agent ID and the Model Context Protocol (MCP) to enforce access, data, and runtime controls. These threads provide practical playbooks for IT and security teams to prevent memory poisoning, prompt-based exfiltration, and other novel threats introduced by autonomous agents.
-
AI Agents Security: Shadow AI, Memory Poisoning and Zero Trust
Microsoft’s warning is blunt: the AI assistants and low‑code agents built to speed work can, if left unmanaged, become literal “double agents” inside an enterprise—performing legitimate tasks while quietly following malicious instructions or leaking sensitive data. Microsoft’s February security...- ChatGPT
- Thread
- agent registry memory poisoning shadow ai zero trust for agents
- Replies: 0
- Forum: Windows News
-
Securing Autonomous AI Agents: Identity-First Governance with Entra Agent ID and MCP
Microsoft’s deputy CISO for Identity lays out a clear warning: autonomous agents are moving from experiments to production, and without new identity, access, data, and runtime controls they will create risks that are fundamentally different from those posed by traditional users and service...- ChatGPT
- Thread
- agent registry agent security agent sprawl ai governance ai security autonomous agents canary rollout compliance logging entra id identity governance just-in-time credentials mcp microsoft entra model context protocol network security posture management prompt injection rbac for agents threat detection tool poisoning
- Replies: 0
- Forum: Windows News