Table of Contents
Summary
- Introduction of the Data Security Posture Agent in Microsoft Purview to enhance sensitive data discovery and risk assessment using LLMs.
- Admins managing data security in Microsoft Purview will access this new agent under the Explore Agent tab.
- The agent provides LLM-assisted searches for sensitive data, actionable recommendations, and GenAI-generated summaries.
- Requires admin setup; not enabled automatically for users.
- Communication of this change is essential for security and compliance teams within organizations.
Admin Impact: Medium
User Impact: Medium
Release Start: 15 Mar 2026
Release End: 31 Mar 2026
Services: M365 Copilot, Purview
Category: Stay informed
Tags: New Feature, Admin Action
History
1/13/2026 Item Added to Message Center
Microsoft Message
Introduction
We’re introducing the Data Security Posture Agent, available in public preview December 24, 2025. This agent helps data security admins proactively discover sensitive data across your organization’s data estate and assess associated risks. By leveraging large language models (LLMs), it goes beyond traditional keyword-based analysis to understand the purpose and context of content, enabling more accurate risk identification and actionable insights.
This message is associated with Roadmap ID 542188.
When this will happen
- Public Preview (Worldwide): Rollout begins mid-December 2025 and completes by late December 2026.
- General Availability (Worldwide): Rollout begins mid-March 2026 and completes by late March 2026.
How this affects your organization
Who is affected: Admins managing data security and compliance in Microsoft Purview.
What will happen:
A new Data Security Posture Agent will be available in Microsoft Purview under the Explore Agent tab.
The agent uses LLM-powered natural language discovery to:
- Search documents, emails, and messages for sensitive data.
- Assess risks based on context and intent, not just keywords.
Provides:
- GenAI-generated summaries.
- LLM-assisted job completion tasks.
- Actionable recommendations to improve security posture.
Default setting: The feature requires admin setup; it is not enabled automatically.
What you can do to prepare
- Set up the agent in Microsoft Purview > Explore Agent using the required admin roles.
- Review your organization’s data security policies and ensure admins have appropriate permissions.
- Communicate this change to your security and compliance teams.
Learn more:
Security Copilot Agents in Microsoft Purview overview (preview) | Microsoft Learn (will be updated before rollout)
Compliance considerations
Question: Does the change alter how existing customer data is processed, stored, or accessed?
Explanation: The agent analyzes documents, emails, and messages to identify sensitive data and assess risk.
Question: Does the change introduce or significantly modify AI/ML or agent capabilities that interact with or provide access to customer data?
Explanation: Introduces LLM-powered discovery and risk assessment.
Question: Does the change provide end users any new way of interacting with generative AI?
Explanation: Admins receive GenAI-generated summaries and LLM-assisted tasks.
Question: Does the change include an admin control and can it be controlled through Entra ID group membership?
Explanation: Setup requires admin roles in Microsoft Purview.