Microsoft Security Community Blog
4 MIN READ
Today, we are proud to share that Microsoft has been recognized as an overall leader in the KuppingerCole Leadership Compass for Generative AI Defense (GAD), an independent report from a leading European analyst firm. This recognition reinforces the work we’ve been doing to deliver enterprise-ready Security and Governance capabilities for AI, and reflects our commitment to helping customers secure AI at scale.
Figure 1: KuppingerCole Generative AI Defense Leadership Compass chart highlighting Microsoft as the top Overall Leader, with other vendors including Palo Alto Networks, Cisco, F5, NeuralTrust, IBM, and others positioned as challengers or followers.
At Microsoft, our approach to Generative AI Defense is grounded in a simple principle: security is a core primitive which must be embedded everywhere – across AI apps, agents, platforms, and infrastructure. Microsoft delivers this through a comprehensive and integrated approach that provides visibility, protection, and governance across the full AI stack.
Our capabilities and controls help organizations address the most pressing challenges CISOs and security leaders face as AI adoption accelerates. We protect against agent sprawl and resource access with identity-first controls like Entra Agent ID and lifecycle governance, alongside network-layer controls that surface hidden shadow AI risks. We prevent sensitive data leaks with Microsoft Purview’s real-time data loss prevention, classification, and inference safeguards. We defend against new AI threats and vulnerabilities with Microsoft Defender’s runtime protection, posture management, and AI-driven red teaming. Finally, we help organizations stay in compliance with evolving AI regulations with built-in support for frameworks like the EU AI Act, NIST AI RMF, and ISO 42001, so teams can confidently innovate while meeting governance requirements. Foundational security is also built into Microsoft 365 Copilot and Microsoft Foundry, with identity controls, data safeguards, threat protection, and compliance integrated from the start.
Guidance for Security Leaders and CISOs
For CISOs enabling their organizations to accelerate their AI transformation journeys, the following priorities are essential to building a secure, governed, and scalable AI foundation. This guidance reflects a combination of key recommendations from KuppingerCole and Microsoft’s perspective on how we deliver on those recommendations:
|
CISO Guidance |
What It Means |
How Microsoft Delivers |
|
Map AI usage across the enterprise |
Establish full visibility into every AI tool, agent, and model in use to understand risk exposure and security requirements. |
Agent365 provides a unified registry for AI agents with full lifecycle governance. Foundry Control Plane gives developers full observability and governance of their entire AI fleet across clouds. And with integrated security signals and controls from signals from Microsoft Entra, Purview, and Defender, Security Dashboard for AI brings posture, configuration, and risk insights together into a single, comprehensive view of your AI estate. |
|
Adopt identity-first controls |
Manage agents and other identities with the same rigor as privileged accounts, enforcing strong authentication, least privilege, and continuous monitoring. |
Microsoft Entra Agent ID assigns secure, unique identities to agents, applies conditional access policies, and enforces lifecycle controls to prevent agent sprawl and eliminate over-permissioned access. |
|
Enforce data governance and DLP for AI interactions |
Protect sensitive information to both inputs and outputs, applying consistent policies that align with evolving regulatory and compliance requirements. |
Microsoft Purview delivers real-time DLP for AI prompts and outputs, preserves sensitivity label, applies insider risk controls for agents, and provides compliance templates aligned with the EU AI Act, NIST AI RMF, ISO 42001, and more. |
|
Build a layered GAD architecture |
Combine prompt security, model integrity monitoring, output filtering, and runtime protection instead of relying on any single control. |
Microsoft Defender provides runtime protection for agents, correlates threat signals, including those from Microsoft Foundry’s Prompt Shields, with threat intelligence, and strengthens security through posture management and attack path analysis for AI workloads. |
|
Prioritize integrated, enterprise-ready solutions |
Choose platforms that unify policy enforcement, monitoring, and compliance across environments to reduce operational complexity and improve security outcomes. |
Microsoft Security integrates capabilities across Microsoft Entra, Purview, and Defender, deeply integrated with Microsoft 365, Copilot Studio, and Foundry, providing centralized governance, consistent policy enforcement, and operationalized oversight across your AI ecosystem. |
What differentiates Microsoft is the comprehensive set of security capabilities woven into the Microsoft AI agents, apps, and platform. Shared capabilities across Microsoft Entra, Purview, and Defender deliver consistent protection for IT, developers, and security teams, while tools such as Microsoft Agent 365, Foundry Control Plane, and Security Dashboard for AI integrate security and observability directly where AI applications and agents are built, deployed, and governed. Together, these capabilities, including our latest capabilities from Ignite, help organizations deploy AI securely, reduce operational complexity, and strengthen trust across their environment.
Closing Thoughts
Agentic AI is transforming how organizations work, and with that shift comes a new security frontier. As AI becomes embedded across business processes, taking a proactive approach to defense-in-depth, governance, and integrated AI security is essential. Organizations that act early will be better positioned to innovate confidently and maintain trust.
At Microsoft, we recognize that securing AI requires purpose-built, enterprise-ready protection. With Microsoft Security for AI, organizations can safeguard sensitive data, protect against emerging AI threats, detect and remediate vulnerabilities, maintain compliance with evolving regulations, and strengthen trust as AI adoption accelerates. In this rapidly evolving landscape, AI defense is not optional, it is foundational to protecting innovation and ensuring enterprise readiness.
Explore more
- Read the full KuppingerCole Leadership Compass on Generative AI Defense (GAD)
- Learn more about Security for AI
- Read our latest Security for AI blog to learn more about our latest capabilities
- Visit the Microsoft Security site for the latest innovations.
Updated Dec 15, 2025
Version 1.0