Category
stayInformed
Severity
normal
Major change
False
Last modified
2026-05-21 16:14:13
Summary source
Azure OpenAI (gpt-4.1)
Action by (Graph)
—
Action by (AI)
2026-05-01 00:00:00
Services
Microsoft Purview
Tags
Updated message, New feature, User impact, Admin impact
Master tags
Admin, Security
Roadmap IDs
516032
One-line summary
Microsoft Purview adds DSPM and Insider Risk Management for AI agents, enabling admins with E7 or Agent 365 to monitor, govern, and assess risks of AI agent activity, rolling out GA mid-June 2026.
Similar updates
More like thisMC1191257 (Updated) New Microsoft Purview data security posture management experience
(Updated) New Microsoft Purview data security posture management experience Purview DSPM evolves with unified AI-driven data security, enhanced reporting, intelligent Copilot agents, and 3rd-party integrations; classic experiences and policies remain unchanged. [Introduction] Microsoft is introducing a major evolution of Purview Data Security.
MC1182008 Microsoft Purview: Inline protection for sensitive data shared over the network with non-Microsoft SASE integrations
Microsoft Purview: Inline protection for sensitive data shared over the network with non-Microsoft SASE integrations Purview DLP integrates with iboss and Netskope SASE platforms to inspect and protect inline web traffic, extending DLP to unmanaged cloud apps and generative AI, starting mid-November 2025. Microsoft Purview Data Loss Prevention.
MC1041756 (Updated) Microsoft Purview: IRM RBAC Change (related to Data Security Investigations) Preview
(Updated) Microsoft Purview: IRM RBAC Change (related to Data Security Investigations) Preview A new Data Security Investigation Contributor role is added to Purview Insider Risk Management, enabling investigators to launch AI-powered data security investigations from IRM cases. Updated October 7, 2025: We have updated the timeline. Microsoft.
MC1187672 Get ready for security agents: Microsoft Security Copilot will be included in Microsoft 365 E5
Get ready for security agents: Microsoft Security Copilot will be included in Microsoft 365 E5 Security Copilot with new AI agents is now included at no extra cost for Microsoft 365 E5 customers, rolling out over the coming months across Defender, Entra, Intune, and Purview. Introduction: Microsoft Security Copilot agents are directly built into.
MC1173203 Microsoft Purview compliance portal: Insider Risk Management – Introduction of pay-as-you-go feature usage report
Microsoft Purview compliance portal: Insider Risk Management – Introduction of pay-as-you-go feature usage report A new pay-as-you-go usage report in Purview Insider Risk Management gives admins detailed billed processing unit insights to aid budget planning and policy optimization. [Introduction] We’re introducing a new pay-as-you-go feature.
MC791110 (Updated) Microsoft Purview | Data Lifecycle Management: New integration with Adaptive protection
(Updated) Microsoft Purview | Data Lifecycle Management: New integration with Adaptive protection Microsoft Purview integrates Adaptive protection with Data Lifecycle Management to auto-retain deleted items by elevated risk users; rollout starts June 2026. ... Coming soon for Microsoft Purview: We are announcing the public preview of the.
Details
RoadmapIds
516032
Summary
Microsoft Purview for agents, including DSPM – AI Observability and Insider Risk Management, will be generally available worldwide from mid-June to end of July 2026. It enables Microsoft 365 E7 or Agent 365 admins to monitor AI agent activity, assess risks, enforce governance, and manage insider risks with privacy controls.
Platforms
Web
Body (from Message Center)
Updated May 21, 2026: We have updated the timeline. Thank you for your patience.
[Introduction]
As organizations deploy AI agents that can access enterprise data and take action on behalf of users, governing and securing agent activity becomes critical. Microsoft Purview will extend its data security and compliance capabilities to include AI agents, helping organizations gain visibility into agent behavior, assess risk, and apply consistent governance controls.
Microsoft Purview for agents will introduce Data Security Posture Management (DSPM) – AI Observability and Insider Risk Management for agents. DSPM helps organizations understand where sensitive data is, assess data-related risk, and continuously improve their security and compliance posture.
This message is associated with Microsoft 365 Roadmap ID 516032.
[When this will happen]
- Public preview: Rollout started in December 2025 and is expected to complete in late April 2026.
- General availability (Worldwide): Rollout will begin in mid-June 2026 (previously early May) and is expected to complete by end of July 2026 (previously late May).
[How this affects your organization]
Who is affected
- Microsoft 365 administrators responsible for security, compliance, and governance
- Organizations using or planning to deploy AI agents
- Tenants with Microsoft 365 E7 or Agent 365 subscriptions
What will happen
- DSPM – AI Observability and Insider Risk Management for agents will move from preview to general availability. Learn more about activation.
- With Microsoft 365 E7 or Agent 365 subscriptions, admins will be able to:
- Monitor and analyze AI agent activity across enterprise environments
- Identify potentially risky or non-compliant agent behavior
- Apply governance policies aligned with organizational requirements
Insider Risk Management for agents
- Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations.
- Admins will be able to create policies based on their own internal policies, governance, and organizational requirements.
- The solution is built with privacy by design:
- Users are pseudonymized by default.
- Role-based access controls and audit logs help ensure user-level privacy.
- These capabilities will not be available without Microsoft 365 E7 or Agent 365 subscriptions.
- There will be no user impact unless AI agents are deployed and governed by admins.
[What you can do to prepare]
- Review whether your organization currently uses or plans to deploy AI agents that access enterprise data.
- Activate your Microsoft 365 E7 or Agent 365 subscription if you plan to use DSPM – AI Observability and Insider Risk Management for agents.
- Review and update internal security, compliance, and AI governance policies.
- Inform security and compliance stakeholders about this upcoming capability.
Learn more: Overview of Microsoft Agent 365 | Microsoft Agent 365 | Microsoft Learn
[Compliance considerations]
| Question | Answer |
| Does the change introduce or significantly modify AI, ML, or agent capabilities that interact with or provide access to customer data? | Yes. This change will move DSPM – AI Observability and Insider Risk Management for agents to general availability, enabling monitoring and risk analysis of AI agent activity that can access and act on enterprise data. |
| Does the change alter how admins can monitor, report on, or demonstrate compliance activities? | Yes. Admins will be able to use Microsoft Purview to monitor AI agent behavior, correlate risk signals, and apply governance and Insider Risk Management policies for agents. |
| Does the change modify, interrupt, or disable audit logging capabilities? | Yes. Audit logs will be used as part of Insider Risk Management signal correlation for AI agent activity, supporting investigation and compliance workflows. |
| Does the change include an admin control? | Yes. Access to DSPM – AI Observability and Insider Risk Management for agents will be controlled through Microsoft 365 E7 or Agent 365 subscriptions and managed in Microsoft Purview. |
| Does the change alter how existing customer data is processed, stored, or accessed? | Yes. The change will introduce new observability and analysis of how AI agents access and act on existing customer data, without changing where the data is stored. |
Raw JSON (for debugging)
Expand/collapse the full payload below.
Show/hide raw
{
"snapshot_item": {
"action_required_by": null,
"ai_action_required_by": "2026-05-01T00:00:00Z",
"ai_actions": [
"Review AI agent deployment plans",
"Activate E7 or Agent 365 subscription if required",
"Update governance and compliance policies",
"Inform security stakeholders"
],
"ai_master_tags": [
"Admin",
"Security"
],
"ai_model": "gpt-4.1",
"ai_summary": "Microsoft Purview adds DSPM and Insider Risk Management for AI agents, enabling admins with E7 or Agent 365 to monitor, govern, and assess risks of AI agent activity, rolling out GA mid-June 2026.",
"ai_topics": [
"Purview",
"Microsoft 365"
],
"category": "stayInformed",
"details_map": {
"Platforms": "Web",
"RoadmapIds": "516032",
"Summary": "Microsoft Purview for agents, including DSPM \u2013 AI Observability and Insider Risk Management, will be generally available worldwide from mid-June to end of July 2026. It enables Microsoft 365 E7 or Agent 365 admins to monitor AI agent activity, assess risks, enforce governance, and manage insider risks with privacy controls."
},
"id": "MC1280556",
"importance": 4,
"is_major_change": false,
"last_modified": "2026-05-21T16:14:13Z",
"ms_products": [
"Purview"
],
"platforms": "Web",
"roadmap_ids": [
"516032"
],
"services": [
"Microsoft Purview"
],
"severity": "normal",
"tags": [
"Updated message",
"New feature",
"User impact",
"Admin impact"
],
"title": "(Updated) Microsoft Purview for agents: AI observability and insider risk management now generally available"
}
}