Particle.news
Download on the App Store
10 ARTICLES
·
2h ago

Microsoft Recasts Sentinel as an Agentic Security Platform With Data Lake GA and Graph, MCP Previews

The shift gives AI agents unified context to automate routine defense under human oversight.

Person sitting at a desk looking at a computer screen.
Image
Image
Image

Overview

  • Microsoft made the Sentinel data lake generally available to unify customer security telemetry for AI-driven analysis and response.
  • The company launched public preview of Sentinel Graph to map relationships across endpoints, identity, cloud, email, and SaaS with new graph views in Defender and Purview.
  • A managed Sentinel Model Context Protocol server entered public preview to expose data lake context to agents via an open standard with integration in VS Code and GitHub Copilot.
  • Customers can build Security Copilot agents through a no-code interface or pro-code workflows using vibe-coding, MCP tools, and a new Sentinel VS Code extension.
  • Microsoft opened the Microsoft Security Store with 30 partner-built agents and 50 partner SaaS solutions and emphasized guardrails, high-confidence actions, and planned Azure AI Foundry protections against prompt-injection risks.