← Back
Microsoft Purview: Inline protection for sensitive data shared over the network with non-Microsoft SASE integrations
MC1182008 · build prod-20251231-200323
Category
stayInformed
Severity
normal
Major change
False
Last modified
2025-10-31 23:26:26
Summary source
Azure OpenAI (gpt-4.1)
Action by (Graph)
Action by (AI)
Services
Microsoft Purview
Tags
New feature, User impact, Admin impact
Master tags
Security, Network
Roadmap IDs
522095

One-line summary

Purview DLP integrates with iboss and Netskope SASE platforms to inspect and protect inline web traffic, extending DLP to unmanaged cloud apps and generative AI, starting mid-November 2025.

Similar updates

More like this
MC1181769 Microsoft Purview: Integration with Entra GSA Internet Access to enable sensitive file filtering at the network layer
Microsoft Purview: Integration with Entra GSA Internet Access to enable sensitive file filtering at the network layer Public preview of Purview DLP integration with Entra Global Secure Access enables network-layer inspection and enforcement to protect sensitive files from being shared with unmanaged cloud apps. ...tion] To help organizations.
MC1191257 New Microsoft Purview data security posture management experience
New Microsoft Purview data security posture management experience Microsoft Purview DSPM is evolving with unified data and AI security, AI observability, Copilot automation, third-party integrations, and enhanced reporting; rollout starts December 2025. [Introduction] Microsoft is introducing a major evolution of Purview Data Security Posture.
MC1182689 (Updated) Microsoft Purview | New Copilot Security Controls in Microsoft Admin Center
(Updated) Microsoft Purview | New Copilot Security Controls in Microsoft Admin Center Microsoft Purview adds new DLP and security features in Admin Center to help admins monitor and control Copilot data sharing, with public preview starting mid-November 2025. Updated November 12, 2025: We have updated the content. [Introduction] To help.
MC1199763 Microsoft Purview | Data Security Investigations – Introducing new purge mitigation action
Microsoft Purview | Data Security Investigations – Introducing new purge mitigation action Microsoft Purview Data Security Investigations will add a new purge mitigation action by early 2026, allowing admins to delete sensitive or overshared content during investigations. Enabled by default, it respects exist. [Introduction] We’re introducing a.
MC1047912 (Updated) Microsoft Purview: New Purview Data Security Investigations (DSI) solution
(Updated) Microsoft Purview: New Purview Data Security Investigations (DSI) solution Microsoft Purview Data Security Investigations (DSI), an AI-powered tool for deep data security analysis and incident response, will reach general availability starting October 2025. Updated ... Microsoft Purview Data Security Investigations (DSI) is a new.
MC1162966 Microsoft Purview | Information Protection: Updates to Microsoft built-in Sensitive Information Types (SITs)
Microsoft Purview | Information Protection: Updates to Microsoft built-in Sensitive Information Types (SITs) Microsoft is updating five bundled EU Sensitive Information Types in Purview to improve detection accuracy; rollout completes by mid-October 2025 with no admin action required. [Introduction] To improve detection accuracy across EU.

Details

RoadmapIds
522095
Summary
Microsoft Purview DLP will integrate with iboss and Netskope SASE platforms by mid-November 2025 to enable inline network traffic inspection and protection of sensitive data across 35,000+ cloud apps. Admins must configure integration and manage alerts via Purview and Microsoft Defender.
Platforms
Web

Body (from Message Center)

Microsoft Purview Data Loss Prevention (DLP) is being extended to the network layer through integration with iboss Zero-Trust SASE Platform or Netskope One SASE Platform. This update will be generally available starting mid-November 2025. It enables organizations to intercept and inspect traffic inline and enforce actions based on Purview DLP policy conditions. This helps prevent sensitive data from being shared with untrusted cloud applications through browsers, apps, APIs, add-ins, and more—including generative AI platforms, cloud storage, and content-sharing services—while managing alerts and incidents through Purview and Microsoft Defender. If configured, these signals also inform user risk indicators in Insider Risk Management.

This message is associated with Microsoft 365 Roadmap ID 522095.

When this will happen:

General Availability (Worldwide): Rollout will begin in mid-November 2025 and is expected to complete by mid-December 2025.

How this affects your organization:
  • Who is affected: Admins managing Microsoft Purview DLP policies and organizations using iboss Zero-Trust SASE or Netskope One SASE platforms.
  • What will happen:
    • A new scenario-focused experience will be available for creating DLP policies.
    • Admins can select the Inline Web Traffic scenario to configure granular rules for detecting and protecting sensitive data.
    • Protection will extend to over 35,000 unmanaged cloud applications.
    • Alerts and incidents will be managed in Microsoft Purview and Microsoft Defender.
    • The feature will be available by default but requires integration setup to function.
What you can do to prepare: Compliance considerations:
QuestionAnswer
Does the change add integration to third-party software products?Yes. This change integrates with iboss Zero-Trust SASE Platform and Netskope One SASE Platform.
Does the change modify Data Loss Prevention (DLP) policies or enforcement?Yes. It introduces a new scenario-based DLP enforcement for inline web traffic.
Does the change alter how existing customer data is processed, stored, or accessed?Yes. It enables inline inspection and protection of sensitive data shared via network traffic.
Does the change introduce or significantly modify AI/ML capabilities that interact with customer data?Yes. It includes detection of sensitive data shared with generative AI platforms.
Does the change alter how admins can monitor, report on, or demonstrate compliance activities?Yes. Alerts and incidents will be managed through Microsoft Purview and Microsoft Defender.
Does the change include an admin control and can it be controlled through Entra ID group membership?Yes. The feature must be enabled and configured by a global administrator.

Raw JSON (for debugging)

Expand/collapse the full payload below.
Show/hide raw 
{
  "snapshot_item": {
    "action_required_by": null,
    "ai_action_required_by": null,
    "ai_actions": [
      "Enable and configure SASE integration",
      "Activate Purview pay-as-you-go",
      "Review DLP policy setup",
      "Update documentation",
      "Notify helpdesk"
    ],
    "ai_master_tags": [
      "Security",
      "Network"
    ],
    "ai_model": "gpt-4.1",
    "ai_summary": "Purview DLP integrates with iboss and Netskope SASE platforms to inspect and protect inline web traffic, extending DLP to unmanaged cloud apps and generative AI, starting mid-November 2025.",
    "ai_topics": [
      "Purview",
      "Defender"
    ],
    "category": "stayInformed",
    "details_map": {
      "Platforms": "Web",
      "RoadmapIds": "522095",
      "Summary": "Microsoft Purview DLP will integrate with iboss and Netskope SASE platforms by mid-November 2025 to enable inline network traffic inspection and protection of sensitive data across 35,000+ cloud apps. Admins must configure integration and manage alerts via Purview and Microsoft Defender."
    },
    "id": "MC1182008",
    "importance": 1,
    "is_major_change": false,
    "last_modified": "2025-10-31T23:26:26Z",
    "ms_products": [
      "Purview"
    ],
    "platforms": "Web",
    "roadmap_ids": [
      "522095"
    ],
    "services": [
      "Microsoft Purview"
    ],
    "severity": "normal",
    "tags": [
      "New feature",
      "User impact",
      "Admin impact"
    ],
    "title": "Microsoft Purview: Inline protection for sensitive data shared over the network with non-Microsoft SASE integrations"
  }
}