Silverfort Enhances AI Security with Microsoft Copilot Studio Integration
Severity: Low (Score: 39.9)
Sources: Scworld, Letsdatascience
Published: · Updated:
Keywords: silverfort, identity, controls, copilot, studio, agents, microsoft
Severity indicators: ot, rat
Summary
Silverfort has launched an integration that applies its identity and access controls to Microsoft Copilot Studio agents. This integration evaluates access requests in real time, preventing unauthorized access and privilege escalation. It ties agent actions back to human users and machine identities, adapting policies based on contextual risk. The integration is part of Silverfort's strategy to enhance AI security, especially following its acquisition of Fabrix Security Ltd. The solution is currently available through an early access program. This initiative comes amid rising concerns over unsanctioned AI agent usage in workplaces, with 29% of employees reportedly using them. The integration aims to provide a unified control plane across various agent types, enhancing visibility and enforcement. Key Points: • Silverfort integrates identity controls with Microsoft Copilot Studio agents. • The integration evaluates access requests in real time to prevent unauthorized actions. • 29% of employees use unsanctioned AI agents, highlighting the need for enhanced security.
Detailed Analysis
**Impact** The integration affects organizations deploying Microsoft Copilot Studio agents, notably over 80% of Fortune 500 companies using low-code/no-code AI agents and 29% of employees employing unsanctioned AI agents at work. The solution targets risks related to unauthorized access, privilege escalation, and anomalous AI agent behavior, potentially impacting sectors reliant on AI-driven workflows across multiple geographies. Data at risk includes corporate resources accessed by AI agents, with implications for identity integrity and auditability. **Technical Details** The integration enforces identity and access controls at runtime by evaluating every Copilot agent access request in real time and returning allow/deny decisions before action execution. It ties agent actions to human and machine identities, limits privilege elevation, blocks anomalous access attempts, and adapts policies based on contextual risk. No specific malware, CVEs, or IOCs are mentioned. The solution operates primarily at the access control and execution stages of the kill chain. **Recommended Response** Security teams should monitor the integration’s maturity with enterprise identity providers, assess latency and false-positive rates of real-time decisions, and verify logging and audit compatibility with governance frameworks. Organizations deploying Copilot Studio agents should ensure policies cover multiple agent runtimes and third-party agents. No specific patches or IOCs are provided; defenders should focus on validating runtime identity enforcement and anomaly detection capabilities.
Source articles (2)
- Silverfort Integrates Runtime Identity Controls into Copilot Studio Agents | Let's Data Science — Letsdatascience · 2026-06-08
According to SiliconANGLE, identity-security company Silverfort launched an integration that applies its identity and access controls to agents built in Microsoft Copilot Studio, enforcing policy at t… - Silverfort integrates identity controls with Microsoft Copilot Studio agents | brief — Scworld · 2026-06-09
According to Silicon Angle, Silverfort Inc. has launched an integration that applies its identity and access controls to artificial intelligence agents within Microsoft Corp.’s Copilot Studio, aiming…
Timeline
- 2026-06-08 — Silverfort announces integration with Copilot Studio: Silverfort launched an integration for identity controls in Microsoft Copilot Studio, enhancing AI security.
- 2026-06-09 — Integration details published: The integration evaluates access requests in real time and adapts policies based on contextual risk.