AZ-Security - Securing AI Apps and Agents - Jan 2026

I recently appeared on Dinant Paardenkooper's AZ-Security podcast which has just been published where I did a hands-on demo on securing AI agents and AI apps across the Microsoft ecosystem 🎙️🤖

We went straight into real scenarios I keep seeing in customer environments, including:
- How a user can build their own AI agent even without Copilot licences
- Why data can still be exfiltrated even when Microsoft Purview DLP is in place
- Where self-service apps, user-owned services and AI settings quietly introduce risk
- How data can leave your tenant or data boundary if AI controls aren’t aligned

A big part of the session is also about safe AI adoption - enabling the business to use AI at speed without blocking innovation or losing control of data. This means understanding where AI features light up by default and putting the right guardrails in place early.
The session walks through practical controls across Microsoft 365, Purview, Defender for Cloud Apps, and Power Platform showing how they actually work together (and where gaps usually appear). No theory - just demos and configuration you can apply.

If you’re responsible for AI security, Microsoft 365 security, Purview, DLP, or AI governance, this is worth a watch.