Microsoft Copilot (Microsoft 365): Microsoft Graph APIs for App & Agent Inventory and Details.

🚨 The Signal: New Graph APIs provide programmatic access to Copilot app and agent inventory and details. This enables security teams to audit, manage, and govern AI agents and plugins at scale, enhancing visibility and control over autonomous AI within the tenant.

The Impact

Security teams and administrators are affected, gaining enhanced visibility and control over AI agents and plugins, reducing the risk of unmanaged AI deployments.

• Security teams: Reduced risk from unapproved or malicious AI agents.
• Administrators: Improved ability to audit and manage Copilot apps and agents.
• Compliance officers: Better data for attesting to AI governance controls.
• Developers: Programmatic access for integrating AI agent management into existing workflows.

The Action

1. Review Microsoft Graph API documentation for new Copilot app and agent endpoints.
2. Develop scripts or integrations to leverage Inventory API for tenant-wide AI agent auditing.
3. Implement automated workflows using Details API for lifecycle management of Copilot agents.
4. Integrate AI agent inventory data into existing security information and event management (SIEM) systems.
5. Define and enforce policies for Copilot app and agent deployment and usage based on new API capabilities.

Domain: Agentic-AI · Impact: high · Workload: Other · Essential Eight: Application Control, Restrict Administrative Privileges · ISM: ISM-0445, ISM-0843, ISM-1175, ISM-1380, ISM-1490, ISM-1507, ISM-1508, ISM-1509, ISM-1544, ISM-1582, ISM-1647, ISM-1648, ISM-1650, ISM-1656, ISM-1657, ISM-1658, ISM-1659, ISM-1660, ISM-1686, ISM-1688, ISM-1689, ISM-1870, ISM-1871, ISM-1883, ISM-1897, ISM-1898