Sign up to save your podcasts
Or
Share Agent 365 | Security Operations in Defender
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Agent 365 | Security Operations in Defender
Surface every AI agent in your tenant and expose the ones throwing security signals — across both the IT and SOC view. Triage high-severity alerts as IT in the Microsoft 365 admin center, then pivot into the full incident graph as a SOC analyst in Microsoft Defender. Block malicious tool invocations the instant they fire and catch jailbreak attempts on Copilot Studio agents before they take hold.
Trace a compromised user back to suspicious agent activity, then trigger Microsoft Entra conditional access to revoke the session and force a password reset straight from the incident. Hunt overpermissioned agents with pre-built advanced hunting templates — including one that exposes every agent running MCP tools on the maker's standing credentials — and pull risky builds from the Agent Store using the Agent Registry.
Spencer Berg, AI & Security Product Manager, shares how to turn agent risk signals into coordinated remediation across Defender, Entra, and the Microsoft 365 admin center.
► QUICK LINKS:
00:00 - Stay in control with Agent 365
00:40 - Gain visibility with unified control plane
01:48 - Unified IT & SOC agent view
02:54 - Real-time blocking and jailbreak detection
04:08 - Auto-revoke via Entra conditional access
04:32 - Prevent future incidents
05:28 - Advanced hunting for AI agents
06:43 - Block risky agents
07:15 - Wrap up
► Link References
Check out https://aka.ms/Agent365SecOps
► Unfamiliar with Microsoft Mechanics?
As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.
• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries
• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog
• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast
► Keep getting this insider knowledge, join us on social:
• Follow us on Twitter: https://twitter.com/MSFTMechanics
• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/
• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/
• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
View all episodes
By Microsoft Mechanics
4.2
2020 ratings
Surface every AI agent in your tenant and expose the ones throwing security signals — across both the IT and SOC view. Triage high-severity alerts as IT in the Microsoft 365 admin center, then pivot into the full incident graph as a SOC analyst in Microsoft Defender. Block malicious tool invocations the instant they fire and catch jailbreak attempts on Copilot Studio agents before they take hold.
Trace a compromised user back to suspicious agent activity, then trigger Microsoft Entra conditional access to revoke the session and force a password reset straight from the incident. Hunt overpermissioned agents with pre-built advanced hunting templates — including one that exposes every agent running MCP tools on the maker's standing credentials — and pull risky builds from the Agent Store using the Agent Registry.
Spencer Berg, AI & Security Product Manager, shares how to turn agent risk signals into coordinated remediation across Defender, Entra, and the Microsoft 365 admin center.
► QUICK LINKS:
00:00 - Stay in control with Agent 365
00:40 - Gain visibility with unified control plane
01:48 - Unified IT & SOC agent view
02:54 - Real-time blocking and jailbreak detection
04:08 - Auto-revoke via Entra conditional access
04:32 - Prevent future incidents
05:28 - Advanced hunting for AI agents
06:43 - Block risky agents
07:15 - Wrap up
► Link References
Check out https://aka.ms/Agent365SecOps
► Unfamiliar with Microsoft Mechanics?
As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.
• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries
• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog
• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast
► Keep getting this insider knowledge, join us on social:
• Follow us on Twitter: https://twitter.com/MSFTMechanics
• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/
• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/
• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
More shows like Microsoft Mechanics Podcast
View all
WSJ What’s News
4,353 Listeners
Hanselminutes with Scott Hanselman
380 Listeners
This Week in Tech (Audio)
3,062 Listeners
Security Now (Audio)
2,007 Listeners
Windows Weekly (Audio)
887 Listeners
Microsoft Cloud IT Pro Podcast
65 Listeners
Tech Brew Ride Home
963 Listeners
Cybersecurity Today
179 Listeners
CISO Series Podcast
192 Listeners
Practical AI
213 Listeners
Big Technology Podcast
507 Listeners
This Day in AI Podcast
227 Listeners
The AI Daily Brief: Artificial Intelligence News and Analysis
693 Listeners
AI For Humans: Weekly AI News, Tools & Trends
283 Listeners
Prof G Markets
1,486 Listeners