New Agents in Microsoft Purview
Keeping up with data risks in AI environments can feel unmanageable. This video introduces the new Data Security Triage Agent and Data Security Posture Agent in Purview. Watch how these agents simplify incident management and reduce false positives.
What are the new agents in Microsoft Purview?
The new agents in Microsoft Purview are AI-powered helpers designed to streamline your daily data security work so you can focus on real risks instead of chasing noise. They’re powered by Security Copilot and currently include:
1. **Data Security Triage Agent** – Helps you manage and prioritize Insider Risk and Data Loss Prevention (DLP) alerts.
2. **Data Security Posture Agent** – Helps you uncover hidden data security risks and improve your overall data security posture.
In practice, these agents sit inside your existing Purview experience and:
- Cut down alert overload so you can see which incidents actually need attention.
- Provide clear, contextual reasoning behind alerts so you understand the “why,” not just the “what.”
- Let you take action directly from insights, such as applying labels or triggering security policies.
The goal is to reimagine how you manage data security: less time sorting through alerts, more time addressing the issues that matter.
How does the Data Security Triage Agent reduce alert overload?
The **Data Security Triage Agent** is built to help you manage the constant stream of Insider Risk and DLP alerts without getting buried in them.
Here’s how it helps:
- **Cuts through alert overload:** It analyzes incoming alerts and surfaces the ones that are most likely to represent real risk, so you don’t spend time on low-value or duplicate signals.
- **Eliminates many false positives:** By using context and AI-driven analysis, it filters out alerts that are unlikely to be true issues, reducing the noise your team has to review manually.
- **Explains the reasoning:** For each alert it highlights, it provides clear, contextual reasoning so you can quickly understand why it matters and what’s driving the risk.
- **Automates user outreach:** It can help you stay in control by supporting automated communication with users involved in incidents, so you can follow up faster and more consistently.
The net effect is a more focused triage process: your analysts spend less time sorting alerts and more time investigating and resolving the incidents that actually impact your organization.
What does the Data Security Posture Agent do beyond basic alerting?
The **Data Security Posture Agent** is designed to help you proactively improve your data security posture, not just react to alerts.
Key capabilities include:
- **Natural-language risk discovery:** You can use everyday language to ask questions like “Where are we exposed to potential data loss in our collaboration tools?” The agent interprets these queries and surfaces relevant risks that might be hard to spot with traditional filters.
- **Context-aware insights:** It looks beyond simple rule matches to understand the context around data usage and access, helping you uncover risks that might otherwise stay hidden.
- **Direct action from insights:** When the agent identifies an issue, you can apply sensitivity labels or trigger security policies directly from the insight, without jumping between multiple tools.
Instead of only responding when alerts fire, the Data Security Posture Agent helps you rethink your approach by continuously looking for weak spots and giving you a straightforward way to address them before they turn into incidents.
New Agents in Microsoft Purview
published by Definitive Solutions
Definitive Solutions was founded in 1999 by Peter Meade who has over 30 years in the IT industry. We deliver IT managed services, cloud and security solutions to our SMB and Enterprise clients throughout Ireland and Internationally.
We are not just another MSP; our technical skill is given, but our success has been built on the ethos of trust and our focus is always on building strong relationships. Our approach is to really understand our clients’ business challenges and goals, and implement bespoke technology products and services which meet their unique business requirements.
As an independent private company, you can trust us to give impartial advice. We stand over every product and service we recommend and will only offer the right solutions for our clients. There is no such thing as ‘one size fits all’.
Our focus on professional trust and relationships does not just apply to our long-established clients; it continues within our dedicated team, evidenced by one of the strongest retention rates in the industry, and with our partners.
All of the growth and success our business has enjoyed is a result of our outstanding team of people and we all share a passion for providing the best customer experience.
Our clients range across all industry verticals including financial services, public sector, distribution, pharma and charities. Many of our clients operate within highly regulated industries, and adhere to strict compliance and regulation standards and we work closely with them to ensure their technology strategy is aligned with their compliance responsibilities.
Sign in with LinkedIn