AI and Identity in 2026: A Defender's Field Guide to Agents, Copilot, and Governance

In 2026, many enterprise tenants are using AI agents that most identity teams have not yet tracked. Security operations centers are beginning to rely on AI help, but few organizations have set up proper oversight. Attackers are also changing their tactics. In just 18 months, the landscape has shifted, and most identity programs are still figuring out where to begin.

This 50-minute session is meant to give you an overview, not an in-depth analysis. The aim is to provide a clear map of where AI fits into your identity program, what the main components are, and which questions you should discuss with your team this quarter. We will cover three main topics, keeping each focused. First, we will look at the AI assets already in your tenant, such as Microsoft Entra Agent ID as a new type of identity, the Sponsor, Blueprint, and Runtime structure that every agent uses, and a brief overview of the OWASP LLM Top 10 and MITRE ATLAS taxonomies you should know. Second, we will discuss the defender's perspective, including what Microsoft Security Copilot does during an identity investigation and why you need to ensure reliable output before using Copilot in production triage. Third, we will talk about governance, including Microsoft's operational tools, Microsoft Agent 365 as the management platform for agents at scale, and the key regulations (NIST AI RMF, the EU AI Act, ISO/IEC 42001) your audit and risk teams will ask about. We will make sure to distinguish between Entra Agent ID (the identity object) and Agent 365 (the management product), since mixing them up is a common mistake.

We will briefly cover attacker-side AI with a few examples, rather than going into detail. The session will mention AI-assisted lure creation and the consent-grant attack pattern as it appears with AI plug-ins. More in-depth discussion of AiTM and consent abuse will be saved for the longer course.

By the end of the session, you should have a better understanding of the key components, the important products and frameworks to review, and a few questions to bring back to your own organization.

Who Should Attend

• Security architects and identity leads whose programs are starting to overlap with enterprise AI deployments
• SOC managers and detection engineers weighing up Microsoft Security Copilot
• Governance, risk, and compliance professionals beginning to operationalize NIST AI RMF, the EU AI Act, or ISO/IEC 42001
• Microsoft 365 administrators evaluating Agent 365 for agent lifecycle management
• CISOs and security managers who want a working orientation to the AI-and-identity intersection before the next audit cycle

Learning Objectives

• Recognize Microsoft Entra Agent ID and the Sponsor, Blueprint, and Runtime identity triad at a high level
• Distinguish Entra Agent ID (the identity object) from Microsoft Agent 365 (the management product), and explain where each fits in an agent governance program
• Name the OWASP LLM Top 10 and MITRE ATLAS as the frameworks to start with, and identify one or two entries that touch identity directly
• Describe, at a high level, what Microsoft Security Copilot does and doesn't decide in an identity investigation
• Recognize that AI-assisted output needs a verification discipline, with one or two example failure modes drawn from identity work
• Identify the regulatory anchors (NIST AI RMF, EU AI Act, ISO/IEC 42001) that govern enterprise AI use, and how they relate to operational tooling like Agent 365
• Walk away with a short list of questions to bring back to your security and governance teams

This session supports concepts from SEC559: Cloud and Hybrid Identity Security. To learn more, explore upcoming course runs, and access your free course preview, visit www.sans.org/sec559