Protect AI apps with Microsoft Defender

4 snips

Apr 29, 2025

Rob Lefferts, Microsoft Security CVP, dives into the challenges of securing AI applications and cloud services. He discusses how Microsoft Defender enables organizations to identify and manage both sanctioned and shadow AI tools. Rob shares insights on leveraging Defender XDR for visibility into complex attack paths and real-time threat alerts. He emphasizes strategies for safeguarding sensitive data in AI applications, alongside showcasing effective controls in Azure AI Foundry. Tune in for practical measures to fortify your AI-powered environment!

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Risks of Generative AI Apps

Generative AI apps carry distinct risks, especially free consumer apps that may use uploaded data for training.
Unintended data exposure can occur without proactive oversight and controls.

ADVICE

Discover and Control AI Apps

Use Microsoft Defender for Cloud Apps to discover what AI cloud apps employees use and evaluate their risk.
Set policies to automatically block risky AI apps based on risk scores to avoid manual enforcement.

ANECDOTE

Internal App Prompt Injection Example

An internal employee app helps manage sensitive info like payroll and benefits, highlighting the importance of AI risk controls.
System prompts tried to block info leaks but failed under prompt injection attack attempts.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Stay in control with Microsoft Defender. You can identify which AI apps and cloud services are in use across your environment, evaluate their risk levels, and allow or block them as needed—all from one place. Whether it's a sanctioned tool or a shadow AI app, you're equipped to set the right policies and respond fast to emerging threats.

Defender XDR gives you the visibility to track complex attack paths—linking signals across endpoints, identities, and cloud apps. Investigate real-time alerts, protect sensitive data from misuse in AI tools like Copilot, and enforce controls even for in-house developed apps using system prompts and Azure AI Foundry.

Rob Lefferts, Microsoft Security CVP, joins Jeremy Chapman to share how you can safeguard your AI-powered environment with a unified security approach.

► QUICK LINKS:

00:00 - Stay in control with Microsoft Defender

00:39 - Identify and protect AI apps

02:04 - View cloud apps and website in use

04:14 - Allow or block cloud apps

07:14 - Address security risks of internally developed apps

08:44 - Example in-house developed app

09:40 - System prompt

10:39 - Controls in Azure AI Foundry

12:28 - Defender XDR

14:19 - Wrap up

► Link References

Get started at https://aka.ms/ProtectAIapps

► Unfamiliar with Microsoft Mechanics?

As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics