Artificial IntelligenceGovernance & CompliancePress Release

BlueVoyant Launches First Dedicated AI Agent Security Service for Microsoft Environments

The first security service built to govern AI agent identities, permissions, and behaviour before they become a liability

BlueVoyant, a leading cybersecurity company, has announced the availability of its Microsoft Agent 365 Security Deployment Service, the first professional services program to help enterprises discover, govern, and secure the AI agents running across their Microsoft environment. The service launches as organisations worldwide race to adopt AI agents faster than their security teams can govern them.

Enterprises are integrating AI agents (including Microsoft 365 Copilot, Copilot Studio, Azure AI Foundry, and third-party agents) into critical business workflows at an unprecedented pace. But these agents represent a fundamentally new class of non-human identity. These agents can read sensitive data, call external tools and MCP servers, and act autonomously on behalf of users and organisations. Most enterprises have no inventory of which agents exist, no identity or access policies applied to them, and limited ability to detect or respond to agent-related threats.

“AI agents are the fastest-growing attack surface that most security teams aren’t watching,” said John Hernandez, CEO at BlueVoyant. “The question isn’t whether enterprises are running agents. They are. The question is whether those agents are governed. Right now, for most organisations, the answer is no.”

A Control Plane for the Agentic Enterprise

The BlueVoyant Microsoft Agent 365 Security Deployment Service addresses this gap by establishing Microsoft Agent 365 as a centralised control plane for AI agent governance. The engagement configures Agent 365 alongside the Microsoft security stack (Microsoft Entra, Microsoft Defender for AI, and Microsoft Purview) so that AI agents are governed with the same rigour as any other identity in the enterprise.

Over the course of a guided, approximately 90-day engagement, BlueVoyant’s experts work directly within the client’s Microsoft tenant to deliver:

  • Agent inventory and registry: A view into which agents exist, who owns them, what data they can access, and what tools they can invoke — including shadow AI detection for agents deployed without IT knowledge.
  • Identity and access controls: Agent Conditional Access and Identity Protection policies configured in Microsoft Entra, treating agent authentication with the same scrutiny as human user authentication.
  • Threat detection and response: Microsoft Defender Security for AI enabled and integrated with Defender XDR, providing detection and response capabilities specific to agent-related threats.
  • Data protection policies: Microsoft Purview DLP and Insider Risk Management extended to AI agents, reducing exposure from data oversharing and unauthorised access.
  • Client-owned configuration: All configuration lives within the client’s tenant. BlueVoyant delivers the expertise and the blueprint; the client retains full ownership at engagement close.

Addressing a Market Gap with Microsoft

The service is designed to attach directly to Microsoft 365 E7 and Agent 365 deployments and is aligned with AI Cloud Partner Program incentives. It positions BlueVoyant as one of the first security partners with a defined, repeatable AI-agent security offer — a strategic advantage as the agentic AI market matures.

“At the conclusion of the engagement, clients will have clear answers to the foundational questions every security leader should be asking today: What AI agents do we have? Who owns them? How are they governed? And what happens when one is compromised” said Sebastian Sobolev, Chief Product Officer at BlueVoyant.

The Microsoft Agent 365 Security Deployment Service is available immediately. Clients must have Microsoft E5 or E7 licensing with the Agent 365 add-on to be eligible.

CSA Editorial

Launched in Jan 2018, in partnership with Cyber Security Malaysia (an agency under MOSTI). CSA is a news and content platform focusing on key issues in cybersecurity in the region. CSA is targeted to serve the needs of cybersecurity professionals, IT professionals, Risk professionals and C-Levels who have an obligation to understand the impact of cyber threats.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *