Microsoft made several announcements on Tuesday at its annual Ignite conference for developers and IT professionals, unveiling security enhancements in products such as Defender, Sentinel, Copilot, Intune, Purview, and Entra.
A majority of the security announcements from Microsoft Ignite 2025 are related to the company’s Defender product.
New Defender capabilities designed to improve the ability to detect and thwart attacks include Predictive Shielding, an automatic attack disruption component that can anticipate an attacker’s movements and proactively block potential attack pathways, and a Threat Hunting Agent that can be used to orchestrate threat hunting through the use of natural language.
In addition, Microsoft announced third-party attack disruption capabilities based on data collected through the Microsoft Sentinel SIEM solution from AWS, Okta, and Proofpoint products.
The tech giant has introduced an integration of Microsoft Defender for Cloud and GitHub Advanced Security, enabling users to protect cloud-native apps across their full lifecycle.
Microsoft also informed customers that Microsoft Defender for Cloud is extending posture management to serverless resources, providing users greater visibility into serverless environments and application platforms.
As part of Microsoft Agent 365, the company announced unified posture management, risk reduction, and threat protection for AI agents in Microsoft Defender.
In addition, Microsoft Defender for Cloud (MDC) customers will soon also benefit from unified security posture management.
For Entra, Microsoft unveiled the Agent ID solution for preventing agent sprawl and protecting AI agent identities, AI-powered Security Copilot agents for automating identity and access security tasks, new Internet Access capabilities for securing access and usage of generative AI, and new Entra ID features to strengthen identity protection and reduce the risk of phishing.
New Intune features include Security Copilot agents for change reviews, policy configurations, and device offboarding, as well as a feature for the remote management of Windows Recovery Environment (WinRE).
For Purview, the company unveiled AI-powered data security, governance, and compliance capabilities, including enhanced data security posture management, visibility and controls improvements, and new Copilot agents.
Security Copilot is getting 12 new agents for Defender, Entra, Intune, and Purview, as well as 30 new agents from Microsoft’s partners. The new agents are designed for SOC, identity, data security, and IT teams.
Microsoft has also announced Security Dashboard for AI, a unified dashboard for CISOs and AI risk leaders that aggregates real-time AI posture and risk insights.
For its Sentinel solution, Microsoft introduced updated SIEM and platform capabilities.
A vast majority of the security enhancements announced by Microsoft are now or will soon be available in preview.
Microsoft announced that the previously unveiled Security Store, which helps organizations find the right security solutions, is generally available.
Related: Microsoft Patches Actively Exploited Windows Kernel Zero-Day
Related: Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks
