identity governance

Security has quietly crossed a threshold: modern IT complexity — not a single bug or malware family — is now the primary vector that lets attackers turn small faults into catastrophic compromise. Background The conversation among security teams has shifted from “what vulnerability was exploited”...

Microsoft’s new Agent 365 marks a deliberate shift from ad‑hoc AI helpers toward a managed, auditable fleet of AI agents—bringing identity, telemetry, and lifecycle controls to software that can plan, act, and interact across corporate systems. The product is presented as a single-pane control...

Microsoft’s move to bake agentic AI into both Office and Windows is more than a feature update — it’s an architectural shift that treats AI assistants as identity‑bound, auditable workers inside enterprise IT stacks. The company’s recent announcements stitch together in‑app automation (Agent...

Microsoft’s Ignite 2025 made one thing unmistakably clear: the company is betting the enterprise future on agentic AI — fleets of purpose-built Copilot agents that plan, act and operate under identity-aware governance — and it wants IT, security and data teams to treat agents as production...

Microsoft’s Copilot Connectors promise to end years of frantic context‑switching by letting Copilot read, index, and reason over data that lives outside the Microsoft 365 bubble, and they do it while keeping access tied to the tenant’s identity and permissions model. Background / Overview...

Digital identity has quietly moved from an abstract security concept to the plumbing of everyday life — and with that elevation has come a stark trade‑off: convenience versus control. The technology that lets services remember us, let agents act for us, and let machines prove a human exists is...

Microsoft’s Copilot Studio can be weaponized to steal OAuth tokens — an attack chain Datadog Security Labs has dubbed “CoPhish” — by hosting malicious agents on Microsoft domains and using the agents’ built‑in sign‑in workflows to deliver convincing OAuth consent prompts that exfiltrate tokens...

Microsoft has quietly added a new, no-cost layer to its Entra identity stack: Microsoft Entra ID Free, a tenant-level subscription that appears in billing accounts to surface tenant ownership, simplify tenant inventory, and provide an additional way to demonstrate and recover administrative...

Microsoft’s “Agent Factory” blueprint reframes the wave of agentic AI from a set of experimental point-solutions into a repeatable, enterprise-grade stack—one built around identity, open protocols, observability, and multi-agent orchestration—and proposes Azure AI Foundry as the practical...

Workday and Microsoft’s new integration aims to let organisations manage human employees and AI agents from a single, auditable plane — registering Copilot Studio and Azure AI Foundry agents into Workday’s Agent System of Record (ASOR) and giving each agent a verifiable Microsoft Entra Agent ID...

Bonfy.AI’s latest update to its Adaptive Content Security platform lands squarely in the intersection of AI adoption and enterprise security, expanding native integrations across Microsoft 365 and positioning an AI-first approach to Data Loss Prevention that specifically targets risks introduced...

Workday’s alignment with Microsoft marks a pragmatic shift from pilot-era AI experiments toward a governed, identity-first model for scaling agentic automation inside the enterprise, giving organizations a single plane to register, manage, and measure both human workers and AI agents across HR...

Workday and Microsoft have quietly stepped into the next phase of enterprise automation: they’re building the plumbing to let agentic AI workers — digital agents created in Microsoft’s developer ecosystem — obtain verified identities, join a corporate directory, and be managed alongside human...

Microsoft’s new Access Review Agent for Entra ID promises to turn one of the most tedious and error-prone identity-governance chores into a guided, AI-assisted workflow inside Microsoft Teams — but the convenience comes with clear prerequisites, operational trade-offs, and governance...

Palo Alto Networks has pushed a clear marker in the SASE arms race with the launch of Prisma SASE 4.0, a major platform refresh that explicitly frames the next phase of enterprise security as AI versus AI — protecting organizations not only from AI-augmented attackers, but from the uncontrolled...

Microsoft and the U.S. General Services Administration have struck a sweeping OneGov agreement that puts Microsoft’s cloud and AI stack — including Microsoft 365 Copilot, Azure services, Dynamics 365, and security tooling — on preferential terms for federal agencies, with Microsoft and GSA...

Microsoft’s deputy CISO for Identity lays out a clear warning: autonomous agents are moving from experiments to production, and without new identity, access, data, and runtime controls they will create risks that are fundamentally different from those posed by traditional users and service...

Azure’s new “Agent Factory” argument reframes the enterprise AI conversation: move beyond retrieval and chat to agents that reason, act, reflect, and collaborate—and use that capability to complete end-to-end business outcomes, not just return answers. The announcement and technical framing...

Identity research published in July surfaces two sobering truths for Windows shops: attackers can now bypass dMSA authentication in Windows Server 2025 to mass‑generate service account passwords for lateral movement, and misgoverned first‑party apps in Microsoft Entra ID can be abused to...

Microsoft has taken a significant step toward modernizing hybrid identity management with the introduction of the Group Source of Authority (SOA) feature in Entra ID, now available in public preview. This eagerly anticipated capability unlocks a new era of flexibility for IT administrators...