On Monday, Microsoft introduced a new feature for its Edge for Business browser called inline data protection, specifically designed for enterprise use.
This native data security control aims to prevent employees from inadvertently sharing sensitive company-related data with consumer-based generative artificial intelligence (GenAI) applications, including OpenAI ChatGPT, Google Gemini, and DeepSeek, with plans to expand the list to include other genAI, email, collaboration, and social media apps in the future.
According to Microsoft, “The new inline protection capability for Edge for Business prevents data leakage across various user interactions with sensitive data in the browser, including typing text directly into a web application or generative AI prompt.”
Microsoft Purview’s browser data loss prevention (DLP) controls have been introduced alongside the General Availability of collaboration security for Microsoft Teams, aiming to combat phishing attacks targeting users of the enterprise communication app.
In recent months, threat actors like Storm-1674 and Storm-1811 have exploited Microsoft Teams to trick users into downloading malicious software or granting remote access for subsequent ransomware deployment.
The latest features provide new controls that enable an organization’s security team to dictate which tenants, domains, and users can communicate with employees, offering better protection against malicious links or attachments in real-time and improved reporting of suspicious messages to administrators.
Microsoft explained that “Suspicious files and URLs are automatically executed in a secure, isolated environment — a sandbox — to determine if they exhibit any malicious behavior. This process, known as real-time detonation, ensures that harmful content is identified and neutralized before end-users can access it.”
Concurrently with these announcements, Microsoft is expanding Security Copilot with 11 new agentic solutions, including five from outside partners, to analyze data breaches, prioritize critical alerts, perform root cause analysis, and enhance compliance.
The Microsoft-developed Security Copilot agents, available for preview next month, will triage phishing alerts, data loss prevention and insider risk notifications, monitor vulnerabilities and remediation, and curate threat intelligence based on an organization’s threat exposure.
Vasu Jakkal, corporate vice president at Microsoft Security, stated, “The relentless pace and complexity of cyber attacks have surpassed human capacity, and establishing AI agents is a necessity for modern security.”
“The volume of these attacks overwhelms security teams relying on manual processes and fragmented defenses, making it difficult to both triage malicious messages promptly and leverage data-driven insights for broader cyber risk management.”
“The phishing triage agent in Security Copilot can handle routine phishing alerts and attacks, freeing up human defenders to focus on more complex threats and proactive security measures.”
