Assess your organization's AI risk with Microsoft Security Dashboard for AI (Preview)

Microsoft Security Dashboard for AI is a unified security dashboard that helps security leaders understand and address the AI risk in their organization. The dashboard equips leadership with a governance tool that provides clear and comprehensive AI security insights and answers the most pressing questions about AI risk, including:

• Which AI assets exist in our environment?
• What’s their current security posture?
• Where must we take action?

This article explains the core capabilities of the Security Dashboard for AI and how to use the dashboard to manage AI security across your enterprise.

End-to-end AI security visibility and management

Security Dashboard for AI provides a real-time view of AI security posture and risk across Microsoft Security solutions - including Microsoft Entra, Microsoft Purview, and Microsoft Defender - enabling proactive governance and reactive threat protection. This lets security teams keep using the tools they trust while empowering security leaders to govern and collaborate seamlessly.

The dashboard provides:

• Real-time visibility of AI risk: Aggregated insights across Microsoft Entra, Defender, and Purview.
• Comprehensive inventory of AI assets: The dashboard covers Microsoft AI solutions - including Microsoft 365 Copilot, Microsoft Copilot Studio agents, and Microsoft Foundry apps and agents - as well as third-party AI models, applications, and agents such as Google Gemini, OpenAI ChatGPT, and MCP servers.
• Recommendations and remediation paths: Direct integration with Microsoft productivity tools and practitioner portals.
• AI-powered insights: Microsoft Security Copilot provides suggested prompts that help you drill down to key insights, and quickly access intelligent risk assessments, summaries, and recommendations.
• Executive reporting: Board-ready analytics and compliance insights.

How Security Dashboard for AI works

Security Dashboard for AI doesn't require any special licensing beyond the underlying Microsoft Security products. It's available to all customers to support secure, and govern AI deployments.

Microsoft Security and partner products provide the sensors and signals the dashboard uses. If you haven't deployed a required service, the dashboard guides you on which capabilities are missing and how to strengthen your AI security.

Supported products:

Product	Key capabilities and dashboard insights
Microsoft Entra	Identity management: Centralized user and application identity governance Conditional access: Risk-based access controls for AI applications Privileged identity management: Elevated access monitoring and control For more information, see What is Microsoft agent identity platform.
Microsoft Defender	Threat protection: Real-time monitoring of AI workloads and endpoints Cloud security posture: Infrastructure vulnerability assessment App security: SaaS AI application risk evaluation For more information, see Microsoft Defender AI security posture management.
Microsoft Purview	Data classification: Automated labeling and protection of AI-accessible data Data loss prevention: Prevent sensitive information exposure through AI Insider risk management: Detect anomalous AI usage patterns For more information, see Microsoft Purview data security and compliance protections for generative AI apps.
Microsoft Security Copilot	Prompt-based exploration: Explore AI risks, agent activity, and security recommendations via prompts Enhanced AI risk insights: Aggregate signals across Microsoft and partner security solutions for deeper analysis Enhanced agent discovery and categorization: Improve identification of managed, unmanaged, and shadow AI agents to strengthen your AI security posture For more information, see What is Microsoft Security Copilot?

Permissions

By default, only Global Administrators have access to all dashboard data. The tables in this section outline the data access levels for Microsoft Entra built-in roles. For more information about Microsoft Entra roles, see Microsoft Entra built-in roles.

Overview page permissions

These roles can view data on the summary cards on the Overview page.

Summary card	Global Administrator	AI Administrator	Compliance Administrator	Security Administrator	Global Reader	Agent ID Administrator	Agent Registry Administrator
AI inventory	✅	✅	✅	✅	✅	❌	❌
AI risk: Misconfigurations and attack paths	✅	❌	❌	✅	✅	❌	❌
AI risk: Agents with sensitive interactions	✅	✅	✅	✅	✅	❌	❌

These roles can all view instructions and delegate tasks on the Overview page, as described in Review and delegate security recommendations, but cannot view the status of the recommendation unless specified below:

Recommendation category	Global Administrator	AI Administrator	Compliance Administrator	Security Administrator	Global Reader	Agent ID Administrator	Agent Registry Administrator
Prevent agent sprawl and unauthorized access (Microsoft Entra)	✅	✅	✅	✅ Except Configure global collection in Entra agent registry	✅	❌	❌
Prevent data leaks and oversharing (Microsoft Purview)	✅	✅ Except Enable Microsoft Purview audit	✅	✅ Except Enable Microsoft Purview audit	✅	✅ Only Turn on Communication Compliance, Insider Risk Management, and Data Lifecycle Management	✅ Only Turn on Communication Compliance, Insider Risk Management, and Data Lifecycle Management
Address AI risk and vulnerability (Microsoft Defender)	✅	✅	✅	✅ Except Enable app governance	✅	❌	❌

AI inventory page permissions

These roles can view data on the AI inventory page, as described in Explore AI assets and manage asset security risks.

Asset type	Global Administrator	AI Administrator	Compliance Administrator	Security Administrator	Global Reader	Agent ID Administrator	Agent Registry Administrator
AI agents	✅	✅	✅	✅	✅	❌	❌
AI models	✅	❌	❌	✅	✅	❌	❌
MCP servers	✅	❌	✅	✅	✅	❌	❌
Other AI apps	✅	❌	✅	✅	✅	❌	❌

AI risk page permissions

These roles can view data on the AI risk page, as described in View and prioritize AI security risks across your organization.

Risk category	Global Administrator	AI Administrator	Compliance Administrator	Security Administrator	Global Reader	Agent ID Administrator	Agent Registry Administrator
Identity and access risk	✅	✅	✅	✅	✅	❌	❌
Data security risk	✅	✅	✅	✅	✅	❌	❌
Cloud security risk	✅	❌	✅	✅	✅	❌	❌
Misconfigurations and attack paths	✅	❌	❌	✅	✅	❌	❌
Agents with sensitive interactions	✅	✅	✅	✅	✅	❌	❌

Review and delegate security recommendations

The Overview page of the dashboard provides key insights about your AI assets and related security risks. It also assesses your organization's implementation of Microsoft security for AI capabilities and provides recommendations for improving your organization's AI security posture. To delegate the implementation of these recommendations to a specific group or user:

1. Select a recommendation on the Overview page.

   

2. On the recommendation details page, select Delegate.

   

3. On the Delegate to page, select a user or group to assign the recommendation to and click Select.

4. Select the Microsoft Outlook or Microsoft Teams icons to notify the assignee of the delegated recommendation. Select the ellipsis (...) next to the icons to remove or change the delegation.

Explore AI assets and manage asset security risks

The AI inventory page of the dashboard provides detailed views to help you discover AI assets, assess risks, and implement remediation actions across all of the AI agents, AI models, and MCP servers, and AI applications in your organization.

To discover and manage AI asset security risks:

1. Select AI Inventory review the complete list of discovered AI applications and agents.
2. Apply filters to focus on specific asset types or risk levels.
3. Select any AI asset to view detailed information, review security configuration and compliance status, and analyze user access patterns and data interactions.
4. Select Export to export filtered views for targeted analysis and reporting.

AI agents

The AI agents tab of the AI inventory page presents all of the AI agents operating in your environment and provides key insights from the Microsoft Entra Agent Registry and Microsoft Purview Data Security Posture Management (DSPM) for AI.

Select an AI agent to:

• View agent details and activities. Select View all activities to open the Activity Explorer in DSPM for AI and review agent activity related to content that contains sensitive information or has labels applied.

  

• Review and apply security recommendations for protecting sensitive data in agent activities.

  

AI models

The AI models tab of the AI inventory page presents all of the AI models in use across your organization. Select Show more in Defender to open the Microsoft Defender cloud asset inventory for detailed information and risk mitigation.

MCP servers and other AI applications

View and manage the security of all AI models in use across your organization. Select Show more in Defender to open the Microsoft Defender for Cloud Apps applications inventoryfor detailed information and risk mitigation.

View and prioritize AI security risks across your organization

The AI risk page of the dashboard provides a consolidated view of AI-related security risks, enabling you to prioritize and address threats effectively. Each risk category links directly to the relevant Microsoft Security product for remediation.

To investigate and remediate AI security risks:

1. Review risk summary cards for immediate priorities, examine trend charts to identify emerging threats, and use Microsoft Security Copilot's suggested prompts to explore complex risk scenarios.
2. Select View in Microsoft Purview or View in Microsoft Defender to navigate to the relevant Microsoft Security product for detailed risk analysis and remediation.